Did either of you read the article or the PDF? It's far far beyond just the UDID.
The apps (that they are referring to) have your real name, and your email, and your geo location from your iphone, as well as your browsing history, and a few other items. Hence this is a privacy concern.
Until Apple gives the users the power to shut this off and/or clear our own cookies/cache/tracking mechanisms, this is a big privacy concern.
Read the PDF...it's not that long.
-Eric
Sorry may I call *************
UDID is NOTHING PERSONAL.
For an app to get your GeoLocation, you must approve it...
As to the bolded part, you can clear cookies, and deleting an app clears any databases and all files with it. In the white paper, it states ABC's app creates a cookie for 20 years. Did Google Gmail, Yahoo, Amazon, MacRumors all create cookies for around 90 years. Why? Cookies can't have an unlimited time frame, so when a user selects remember me, they put in a ridiculously long amount of time so that they will never get logged out.
"Figure 8: The ABC News app stores the tracking cookie in its application directory,
not the Safari Cookies folder."
WTF?! is this ********. Who wrote this paper 5 monkeys and you? An app saved cookies to its app directory and not the safari cookie folder because its not allowed to. And how is saving a cookie ON YOUR PHONE dangerous? Its not even submitting that info. It's saving it for you NOT for them.
"By setting cookies that don’t expire for several years, companies are able to
continue to tracking individuals’ data for extended periods of time"
Last time I checked, cookies were a block of text, not a piece of executable code that can track your every move. This is ********, if this is true than Google is doing the same thing by planting 90 year cookies on your computer, and so can any website so why are you attacking apps.
"While there is no direct evidence that this data is[/B] being used to physically track iPhone users, it would be trivial to
implement such a system using a combination of UDIDs and time-stamped IP addresses. The correlation of this
data with a GeoIP library14 would allow an iPhone user’s approximate physical location to be tracked in real time.
The iPhone’s hard-wired preference for local wireless networks over cellular data enhances this tracking ability, as
the phone will only use the cell network for data when it has no wifi connectivity. While GeoIP lookups on cellular
phone networks generally do not often provide useful location data, lookups on Wifi hot spots are often remarkably
precise."
While there is no direct evidence the United States was involved in 9/11 many conspiracy theorists believe there is a direct correlation between it and the United State's obsession with war. Hmm... I read it in a white paper, IT MUST BE TRUE!!!
First of all no one would ever want to do this, and even they did want to do this, web pages can do the exact same thing can't they now? MacRumors takes your IP everytime you visit a page, meaning it could technically track you. IP tracking is crap, you can't find anyone with it unless you feel like searching around 5 blocks for the person your looking for and then realizing by the time you did it they would have moved somewhere else. And this also requires the app to be open. I don't know many people you keep a game, or an app (thats not GPS, Music, Movie related) open while on the move do you?
"Figure 11: Examples of applications requesting the iPhone's GPS coordinates during startup
Figure
Figure 12: The ABC News app transmits data back to remote servers. In this case, local content, such as
weather is returned."
Wow first they dare to ask me permission for my GPS location, and then those damn criminals return me relevant content about my community. Why haven't these people been locked up yet.
"Since Apple has not provided a tool for end-users to delete application cookies or to block the
visibility of the UDID to applications, iPhone owners are helpless to prevent their phones from leaking this
information."
You want to delete cookies which don't do anything, and aren't even submitted to the server? Go ahead there is a way, it is very simple actually, I can't believe this intelligent writer of this whitepaper couldn't figure it out. Delete the ******** app if you don't trust it enough to keep cookies.
Oh and aren't we helpless to stop them from reading random numbers from our phones.
- A Registered Apple App Developer (You sir, disappoint me)
