Hacker News new | past | comments | ask | show | jobs | submit login

He probably downloaded 100k accounts (perhaps a range of IDs) and then grepped them for @apple.com accounts.



Maybe, but he writes that he still has those 100k data sets. So why didn't he delete them after grep ran through?


Because he's clearly not very experienced in this. Apparently his video (when it was up) had confidential information shown in it: https://twitter.com/ibrahimbalic/status/359347248473190402. Who the hell flouts confidential information in a public fashion? There's a interview with him with English subtitles here: http://video.ntvmsnbc.com/applei-sarsan-turk-yazilimci-ntvms..., where he says some interesting things near the end. It looks like he used a struts2 vulnerability, HN had a discussion about this 2 days ago: https://news.ycombinator.com/item?id=6080620, https://news.ycombinator.com/item?id=6082599. He basically did what Weeve did, except Weeve is in confinement now.


>He basically did what Weeve did, except Weeve is in confinement now.

Hopefully not for long... https://news.ycombinator.com/item?id=6093468

Don't get me wrong, I don't agree with what he did, but the whole case is baffling to me.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: