Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

iPhone UDID- What information can be gained from it?

G

Gofre

macrumors regular
Original poster
Feb 7, 2011
180
1
Hi all,

Apologies if this is the wrong section, I figured this would be the most relevant.

As the title says, what information can be gained from my iPhone's UDID? An internet acquaintance of mine is iPhone developer and is offering to authorise my iPhone using the phone's UDID and install iOS 5 on it (Yay =D). However while I'm entirely sure he wouldn't abuse it, I was just wondering what information can be gained from the UDID, if any at all? Any help would be greatly appreciated [=
 
So are the issues simply privacy related, rather than security related? I already have the guy on Facebook, so finding out who I am isn't an issue. I was just worried that it may have some link to my iTunes account?
 
i take it you want to give some random guy your UDID so you can get the ios beta.


*facepalm*
EDIT: theres no need, google around, theres a bug that lets you get the beta activated without the need for a developer account
 
macsrcool1234 said:
i take it you want to give some random guy your UDID so you can get the ios beta.


*facepalm*
EDIT: theres no need, google around, theres a bug that lets you get the beta activated without the need for a developer account
Click to expand...

A) He's not a random guy. I didn't just use "acquaintance" in an attempt to make myself sound more intelligent. He's somebody I've known for several months online and have consulted on numerous things. He's entirely trustworthy, but I don't give information that could potentially expose my bank details to anybody, regardless of where I met them or how long I have known them.
B) I'd rather go down a proper route than exploit a bug.
 
Here's a quick article I found:

iOS UDID ID Code Can Reveal Identity of iPhone, iPad Owners

By design, the UDID mechanism scheme that Apple employs for iOS hardware is a unique string of letters and numbers, much like a device’s unique serial number, that is used to anonymously identify iPhone, iPod Touch, and iPad. However, security researcher Aldo Cortesi discovered a flaw that can link an iOS device’s unique UDID back to the owner, making the UDID non-anonymous and potentially exposing a user’s identity.

Cortesi found that some apps can link the UDID to a user’s Facebook profile, for example, which can expose the user’s image, and if a Facebook profile isn’t marked as private additional information can also be revealed.

Wired writes that Cortesi says that the UDID is “like a permanent, unalterable tracking cookie that can’t be changed and that the user is not aware of.”

By default, the UDID is supposed to be anonymous and is used to only identify the device. However, according to last year’s Wall Street Journal report, 56 of the 101 apps examined had transmitted the device’s UDID to other companies without the knowledge of the user.

While this flaw isn’t by itself a huge security concern, it does raise a few eyebrows about privacy.

In the past, before developer trial codes, Apple had integrated UDID into iOS to allow developers to test out apps on a limited number of hardware without having to submit the app for mass market distribution on the App Store. In doing so, Apple may have opened the doors for others to misuse or try to collect additional information related to device UDIDs.

Link: http://www.gottabemobile.com/2011/05/10/ios-udid-id-code-can-reveal-identity-of-iphone-ipad-owners/
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back