by Huy Nguyen
The article I chose relating to chapter 4.1 was titled,”Ipad Email Hackers Claim they haven’t Broken the Law” by Gregg Keizer. In this article, hackers from the group Goatse Security collected about 11400 Apple Ipad owner’s email addresses. They justified their actions as being “ethical” because nothing illegal was done. The group found a loop hole in the way that the Ipad exposed the owners ICC-ID number that can easily be associated to email addresses on the AT&T server using a publicly accessible function. AT&T quickly disabled the feature to prevent this from further happening. Goatse waited until AT&T fixed the problem before it gave the information to a third party company. They claimed that they were acting on the public’s interest to disclose this information. Goatse claimed that no breach, penetration or intrusion was performed. It was by accident that they stumbled upon the discovery.
This relates to chapter 4.1 in that although nothing done was illegal, acting ethically and legally are not always the same. Chapter 4.1 spoke about the importance of public privacy. Goatse although did nothing illegal, they pried into a confidential area and sold the information to others. Goatse said that consumers had the right to know and they didn’t want to go directly to AT&T with the information so the third party company was informed. Whether or not Goatse benefited from leaking the information is unknown.
Gregg Keizer, June 11, 2010. “Ipad Email Hackers Clain They Haven’t Broke the Law” posted June 11, 2010.
Baltzan & Phillips, Business Driven Information Systems, 2nd Edition, McGraw-Hill, Inc. 2009