Kinda old article, but this is still pending resolution: http://www.wired.com/threatlevel/2010/09/html5-safari-exploit/ Are there any devs on this forum who might be able to answer this question for me: HOW can a webpage end up with access to your unique device ID (of your iphone)? I understand how *apps* do it. There's an API call that your apps can access to see your device ID. But that article, and others, seem to imply that the Safari HTML5 cookies, like RLDGUID, have access to your device ID and so even deleted them doesn't help because the next time you visit a RLDGUID-using site (never mind installing an app!), it grabs your device ID again and recreates the same "cookie". If this device ID *is* possible to access through HTML5, this seems unacceptable and an undefeatable individual-person tracking tool.