Analysing Mobile Me
Mon 4th July 11
This post is an analysis of the data found by my Mobile Me Finder app and a comparison of the data with that found in Amazon's Buckets with my Bucket Finder.
I ran two word lists through this time, the first is the same list as I used with the Bucket Finder, the 2268 common name list from Packet Storm. For the second, I figured that a lot of security people are now using Macs and wondered how many of those would have accounts and then share data from them so I harvested a list of all my Twitter followers and used that. Some will be spamers and bots but I figured that a good chunk of the 3373 accounts would be usable as names.
Accounts
| Type | Amazon | Mobile Me Common Names | Mobile Me Twitter Names |
|---|---|---|---|
| Don't Exist | 1206 | 1186 | 3209 |
| Private | 848 | 241 | 39 |
| Public | 131 | 841 | 125 |
For the common name list, as with the results from Amazon, most names don't exist however the ratio of public to private is the opposite, most accounts found to exist in Mobile Me have some public content. For the Twitter names very few of them exist but again, for those that do the higher percentage have public content.
Files
There doesn't appear to be the ability to have a private file in a public folder so all files found are public as far as I know.
| Type | Amazon | Mobile Me Common Names | Mobile Me Twitter Names |
|---|---|---|---|
| Private | 6016 | 0 | 0 |
| Public | 9683 | 20995 | 1108 |
| Total | 15699 | 20995 | 1108 |
Thats nearly 21,000 files for just 841 accounts, almost 25 files per account. If there isn't something juicy in that lot then I'd be very surprised.
A breakdown of the files found in public folders. Due to the file types I've found I've had to add a few new categories:
| Type | Extensions | Amazon | Mobile Me Common Names | Mobile Me Twitter Names |
|---|---|---|---|---|
| Images | jpg|png|gif|tiff|psd|bmp | 7086 | 8333 | 593 |
| Web | html|css|js | 1377 | 296 | 1 |
| Videos and Music | mp3|mp4|flv|mov|avi|wmv|m4v|aa|mpg | 436 | 2470 | 92 |
| Documents | pdf|doc|xls|ppt | 80 | 1921 | 246 |
| Archives | rar|zip|gz | 57 | 970 | 95 |
| SQL | sql | 1 | 3 | 0 |
| Mac Packages | dmg | n/a | 241 | 1 |
| Trash Cans * | .Trashes | n/a | 7319 | 1 |
| DS Store | .DS_Store | n/a | 890 | 46 |
| Other | 646 | 5871 | 34 | |
| Total | 9683 | 20995 | 1108 |
* - The trash cans are directories so won't be counted in the total files
And some pretty pie charts to show it as well:
As with Amazon, most people were storing images however the next in order were video/music and documents rather than web. This is expected as one use for Amazon S3 is as storage for files used with its EC2 system where as Mobile Me is designed to be an extension of users desktops. The large number of archives could mean a potential extra treasure trove of information for anyone who had the time to extract them.
I haven't had much time to go through the content of the files but one of the main things I found when I was running my first tests was a set of tax returns. I grepped through the list of filenames for interesting sounding names, things such as sex, private, password etc but didn't find anything interesting (Apart from some Derick and Clive videos).
As with Amazon, there is a lot of interesting information out there for anyone who is good at analysing things, I'm not. If anyone wants to talk to me about extending the app to include other data or to do different things to help analysis then please get in touch. Similarly, if you find anything good please share, but do it responsibly.
