Clicky

iOS UDID ID Code Can Reveal Identity of iPhone, iPad Owners

By  |  5 Comments

By design, the UDID mechanism scheme that Apple employs for iOS hardware is a unique string of letters and numbers, much like a device’s unique serial number, that is used to anonymously identify iPhone, iPod Touch, and iPad. However, security researcher Aldo Cortesi discovered a flaw that can link an iOS device’s unique UDID back to the owner, making the UDID non-anonymous and potentially exposing a user’s identity.

Cortesi found that some apps can link the UDID to a user’s Facebook profile, for example, which can expose the user’s image, and if a Facebook profile isn’t marked as private additional information can also be revealed.

Wired writes that Cortesi says that the UDID is “like a permanent, unalterable tracking cookie that can’t be changed and that the user is not aware of.”

By default, the UDID is supposed to be anonymous and is used to only identify the device. However, according to last year’s Wall Street Journal report, 56 of the 101 apps examined had transmitted the device’s UDID to other companies without the knowledge of the user.

While this flaw isn’t by itself a huge security concern, it does raise a few eyebrows about privacy.

In the past, before developer trial codes, Apple had integrated UDID into iOS to allow developers to test out apps on a limited number of hardware without having to submit the app for mass market distribution on the App Store. In doing so, Apple may have opened the doors for others to misuse or try to collect additional information related to device UDIDs.

Tech enthusiast in Silicon Valley enjoying the possibilities of ubiquitous connectivity, information sharing, and collaboration enabled by mobile broadband. You can contact Chuong on Twitter @chuongvision or search +chuongvision on Google+.

5 Comments

  1. Linux Hosting

    05/10/2011 at 12:48 pm

    Thanks for sharing some useful info!!..

  2. Apple Drunk

    06/14/2011 at 4:21 pm

    We can register your UDID for iOS 5! Lots of satisfied customers. You’ll normally be activated within a few minutes. Just read the positive comments for yourself.

    http://appledrunk.com/udid-activations-ios/

  3. J Tobin

    06/19/2011 at 8:56 pm

    We can register your UDID for iOS 5! Lots of satisfied customers. You’ll normally be activated within a few minutes. 
    http://www.iphoneudidactivations.com

  4. Apple Hardcore

    07/08/2011 at 2:11 am

    We always have slots available for UDID activations for iOS 5 beta. Go to http://www.applehardcore.com and you’ll be activated within minutes. You can also try our sister site http://www.ios5udidactivations.com

  5. Ios Udid

    08/04/2011 at 3:19 pm

    visit here  for  cheap n fast udid activation    activation less then 30 minutes..  and only $3   http://iso5udid.com/

Leave a Reply