iPhone UDID- What information can be gained from it?

Discussion in 'iPhone' started by Gofre, Jun 7, 2011.

  1. Gofre macrumors regular

    Feb 7, 2011
    Hi all,

    Apologies if this is the wrong section, I figured this would be the most relevant.

    As the title says, what information can be gained from my iPhone's UDID? An internet acquaintance of mine is iPhone developer and is offering to authorise my iPhone using the phone's UDID and install iOS 5 on it (Yay =D). However while I'm entirely sure he wouldn't abuse it, I was just wondering what information can be gained from the UDID, if any at all? Any help would be greatly appreciated [=
  2. Gofre thread starter macrumors regular

    Feb 7, 2011
    So are the issues simply privacy related, rather than security related? I already have the guy on Facebook, so finding out who I am isn't an issue. I was just worried that it may have some link to my iTunes account?
  3. Gofre thread starter macrumors regular

    Feb 7, 2011
  4. macsrcool1234 macrumors 65816

    Oct 7, 2010
    i take it you want to give some random guy your UDID so you can get the ios beta.

    EDIT: theres no need, google around, theres a bug that lets you get the beta activated without the need for a developer account
  5. Defender2010 macrumors 68030


    Jun 6, 2010
    This is a non issue....your identity is everywhere already if you are on Facebook
  6. Gofre thread starter macrumors regular

    Feb 7, 2011
    A) He's not a random guy. I didn't just use "acquaintance" in an attempt to make myself sound more intelligent. He's somebody I've known for several months online and have consulted on numerous things. He's entirely trustworthy, but I don't give information that could potentially expose my bank details to anybody, regardless of where I met them or how long I have known them.
    B) I'd rather go down a proper route than exploit a bug.
  7. California King macrumors 65816

    Sep 20, 2007
    Here's a quick article I found:

    iOS UDID ID Code Can Reveal Identity of iPhone, iPad Owners

    By design, the UDID mechanism scheme that Apple employs for iOS hardware is a unique string of letters and numbers, much like a device’s unique serial number, that is used to anonymously identify iPhone, iPod Touch, and iPad. However, security researcher Aldo Cortesi discovered a flaw that can link an iOS device’s unique UDID back to the owner, making the UDID non-anonymous and potentially exposing a user’s identity.

    Cortesi found that some apps can link the UDID to a user’s Facebook profile, for example, which can expose the user’s image, and if a Facebook profile isn’t marked as private additional information can also be revealed.

    Wired writes that Cortesi says that the UDID is “like a permanent, unalterable tracking cookie that can’t be changed and that the user is not aware of.”

    By default, the UDID is supposed to be anonymous and is used to only identify the device. However, according to last year’s Wall Street Journal report, 56 of the 101 apps examined had transmitted the device’s UDID to other companies without the knowledge of the user.

    While this flaw isn’t by itself a huge security concern, it does raise a few eyebrows about privacy.

    In the past, before developer trial codes, Apple had integrated UDID into iOS to allow developers to test out apps on a limited number of hardware without having to submit the app for mass market distribution on the App Store. In doing so, Apple may have opened the doors for others to misuse or try to collect additional information related to device UDIDs.

    Link: http://www.gottabemobile.com/2011/05/10/ios-udid-id-code-can-reveal-identity-of-iphone-ipad-owners/

Share This Page