They just reverse-engineered the proprietary iCloud protocol and created a simple visualization tool. Everyone who thinks that proprietary protocols are a good way to improve security is an idiot.
In fact, Apple should have gone with an open protocol in the first place. This would allow others to create useful tools and integrate iCloud with devices, software and services not controlled by Apple. This is in fact the whole point of Cloud services such as Dropbox and Google Drive. They provide an open web-based API which is used by thousands of developers.
As for unencrypted data: It is always possible that your iPhone is lost or stolen. Somebody could then get all your data off your phone. Apps dealing with sensitive information (e.g. account data/passwords, documents, card numbers etc.) must encrypt their stuff anyway, otherwise it's entirely the App maker's fault if someone can get this information off your phone or iCloud.
----------
What are you talking about? The point was to limit iCloud access to phones, even new ones, as opposed to computers. But, as has been pointed out, it is easy to obtain a phone UDID and spoof a phone MAC address, so this is a completely useless approach.
Besides, iCloud is even supposed to work with computers (iCal, iPhoto etc.), so the original idea was flawed in just about every aspect.
In fact, Apple should have gone with an open protocol in the first place. This would allow others to create useful tools and integrate iCloud with devices, software and services not controlled by Apple. This is in fact the whole point of Cloud services such as Dropbox and Google Drive. They provide an open web-based API which is used by thousands of developers.
As for unencrypted data: It is always possible that your iPhone is lost or stolen. Somebody could then get all your data off your phone. Apps dealing with sensitive information (e.g. account data/passwords, documents, card numbers etc.) must encrypt their stuff anyway, otherwise it's entirely the App maker's fault if someone can get this information off your phone or iCloud.
----------
Without access to your computer or iPhone it's quite hard to get your UDID.
What are you talking about? The point was to limit iCloud access to phones, even new ones, as opposed to computers. But, as has been pointed out, it is easy to obtain a phone UDID and spoof a phone MAC address, so this is a completely useless approach.
Besides, iCloud is even supposed to work with computers (iCal, iPhoto etc.), so the original idea was flawed in just about every aspect.