Add to del.icio.us     Digg this

June 10, 2010

AT&T confirms that it has repaired a critical security flaw that has allowed hackers to access the e-mail addresses of more than 100,000 iPad 3G owners.

A hacker group used a vulnerability on AT&T's website to harvest the e-mail addresses iPad buyers provided to activate their devices, which went on sale about a month ago.

AT&T rapidly took action in repairing the security flaw, but without commenting on the rather large scope of the attacks.

This isn't the first time there's been a security incident with the iPad. On April 8, using a variation of the iPhone method and demonstrating just how much the two devices have in common, some hackers were able to exploit some serious security holes in the iPad.

Not only that, but the attacks were completed in less than 24 hours after the iPad was launched Saturday with much fanfare. Apple managed to sell 300,000 iPads on its launch date.

The security hole that was discovered enables the potential hacker to install everything from Wi-Fi scanners to porn (pornography is prohibited by Apple) although for the moment it just allows a remote terminal connection. But some Internet security observers say it's rather simple to cause more damage if the hacker is more knowledgeable.

Worse, the iPad security hole that was discovered even allows Palm OS applications to run on it.

For now, it still seems that few iPad owners are rushing out to buy newspaper subscriptions. PaidContent reports that the newspaper and magazine subscriptions through which the iPad was supposed to change the world, are curiously absent from the lists of most popular paid applications.

Some suspect this could be caused by early adopters being used to getting content for free.

So far, more than 140,000 mobile apps have been developed for the iPhone, and the number is growing rapidly. And since Google and Microsoft have now entered the mobile phone market as well with the Android and Windows Mobile 7, there’s just no telling how much faster the number of mobile apps will grow to.

With all these new apps, wireless carriers will need to adopt an approach that takes into account the fact that data will also be the primary driver of revenue in this market for the foreseeable future.

One of the most heated debates at this year’s Mobile World Congress in Barcelona was around the role of the wireless carrier in an app store world, and it’s a conversation that isn’t likely to go away soon. Gartner earlier this year forecasted that consumers across the globe will download approximately 4.51 billion mobile apps in the coming year, up approximately 2 billion from 2009’s numbers.

On June 7, AT&T was informed by a business customer about the possible exposure of their iPad ICC IDs, a unique identification number used to link devices with their owners.

"This issue was rapidly escalated to the highest levels of the company and was corrected by the next day," AT&T spokesman Mark Siegel said in a prepared statement.

"We have essentially turned off the feature that provided the e-mail addresses," Siegel added.

He said email addresses were the only information that could have been exposed as a result of the security hole. Siegel added that AT&T is continuing to investigate the issue and will inform all of its customers who may have been affected.

"There's still is no evidence that any other customer information was shared," Siegel said.

Apple, which sold more than two million iPads since the device debuted on April 3, didn't immediately respond to a request for comment.

Add to del.icio.us     Digg this

Source: AT&T.