[HIB]Enough blame to go around in iPad security breach

The leader of a security research firm and AT&T traded angry words Monday in the wake of last week's data breach that exposed the e-mail addresses of 114,000 iPad 3G users. The carrier called the behavior of Goatse Security "malicious," while the security firm countered that AT&T was "being dishonest about the potential for harm." But both sides have plenty to answer for in how they've handled this security situation.Last week, Gawker published an article describing how Goatse--named after one of the Web's most infamous Websites--had been able to extract the e-mail addresses of some 114,000 iPad users by piggybacking on a Web-based service provided by AT&T.Designed to simplify the sign-up process for adding a 3G data plan to an iPad, the service accepted the unique ID associated with the SIM card in a iPad Wi-Fi + 3G and returned the e-mail address of the corresponding customer (presumably based on data collected at activation). By guessing a large number of IDs, Goatse was able to capture the e-mails addresses of tens of thousands of users, including celebrities and high-ranking political and military officials.

**Hidden Content: To see this hidden content your post count must be 1 or greater.**