Apple to stop approving apps that use UDIDs or don’t support iPhone 5

By Cody Lee on Mar 21, 2013

After more than a year of warnings, it looks like Apple’s finally putting the kibosh on the use of Unique Device Identifiers. An announcement was posted to the iOS developer portal this afternoon that starting May 1, apps using UDIDs will not be approved.

But that’s not all. In addition to the UDID deadline, Apple has also informed developers that after May 1, all new apps and app updates must be built for iOS devices with Retina displays and iPhone apps must support the 4-inch display on iPhone 5… Read More

 

Apple opposes iPhone tracking class-action bid as ‘desperate’

By Ed Sutherland on Mar 1, 2013

Apple is once again in U.S. District Court, attempting to derail a lawsuit claiming apps for the iPhone and iPad collected location data and other personal information without explicit permission from users. Responding Thursday to an effort by plaintiffs’ attorneys to classify the lawsuit a class action, Apple’s legal team argued no harm was suffered and suggested the call for class action status is a “desperate attempt” to collect legal fees… Read More

 

Apple explains new UDID replacement in iOS 6

By Cody Lee on Sep 13, 2012

Apple took a lot of heat over their UDID system earlier this year when it was discovered that some developers were misusing the information. And the criticism amplified a few weeks ago when hackers published a list of over a million device IDs.

In response to the hack, Apple released a statement saying that it was going to be replacing the UDID in iOS 6, and was banning the future use of the data. That replacement is called Advertising Identifier, and Apple introduces it in iOS 6 GM… Read More

 

Publishing firm Blue Toad says it’s to blame for leaked UDID list

By Cody Lee on Sep 10, 2012

So this is kind of interesting. Remember that list of 1 million Apple device IDs that the hacking group AntiSec claims it stole from the FBI and then leaked online? Well it may not have actually come from the FBI.

According to a new report, the UDIDs in the list matched up with data from Blue Toad, a digital publisher that specializes in bringing hard copy content to the internet. And the company is taking full responsibility… Read More

 

Apple says it had nothing to do with leaked UDIDs

By Cody Lee on Sep 5, 2012

A few nights ago, a group of hackers known as AntiSec published a list of over 1 million Apple device IDs. The group says it obtained the UDIDs, and tons of other information, from the laptop of an FBI agent.

Yesterday, the FBI released a statement, saying that there was no evidence indicating that an FBI laptop was compromised, or that its agents collected the data. And today, Apple commented on the situation… Read More

 

Predictably, FBI denies involvement in UDID scare

By Christian Zibreg on Sep 4, 2012

If you’ve been anywhere near an electrical outlet today, you already know about the latest privacy scare reportedly involving the hacking group AntiSec publishing a million UDIDs they allegedly lifted from a laptop belonging to an FBI agent. It’s been all over the news and concerned citizens jumped to the rescue by writing a web app to check if your device identifier has been compromised (though I wouldn’t be typing in my UDID into some web form if I were you).

Well, the Federal Bureau of Investigation, also known under the widely popular FBI moniker, issued a public statement related to the scandal. No, the Bureau absolutely had nothing to do with collecting Apple UDIDs. Its agent wasn’t carrying around a file with a whopping twelve million device identifiers, thanks for your question. And of course they refuted the story and denied any wrongdoing. Sometimes, it’s easier to believe in God than to trust the Government, isn’t it? Read More

 

Check if your iOS device has been compromised by the FBI breach

By Christian Zibreg on Sep 4, 2012

Yesterday, news broke that the hacking group AntiSec published a million UDIDs from an alleged trove of twelve million device IDs claimed to have been stolen from a laptop belonging to an FBI agent. Even though the hackers had removed some of the identifiable information from the list, your UDID might be exposed out in the wild, along with 999,999 other IDs posted on the web.

And why would you want to know if your UDID is out there for everyone to see? Good question. Your UDID uniquely identifies your device and expert hackers could use it to glean all sorts of information from other data associated with your UDID.

Yeah, it’s a privacy catastrophe, one that might potentially even lead to identity theft. Perhaps even more important than that, wouldn’t you like to know if your device is on the FBI’s watch list? Read More

 

Hacker group leaks 1 million Apple device IDs from FBI breach

By Cody Lee on Sep 4, 2012

Earlier this year, Apple started rejecting applications that called on unique device identifiers (or UDIDs). The move came amidst privacy and security concerns, as several apps were found to be misusing the information.

Tonight, those concerns multiplied as the hacking group known as AntiSec announced that it had acquired more than 12 million device IDs from a recent FBI hack. And they’ve just released a million of them… Read More

 

Is Apple stepping up fight against IAP exploit with UDIDs?

By Christian Zibreg on Jul 18, 2012

A flaw in the in-app purchasing mechanism in iOS that a Russian hacker exposed last week by leveraging a proxy server which enabled $30,000+ in sales of extra content may soon become a thing of the past as Apple is reportedly looking to contain the exploit by issuing a unique identifier in validation receipts.

This identifier apparently includes the Unique Device Identifier (UDID) for the device making the in-app purchase. The development is indicative remembering that the company recently began rejecting third-party apps over use of UDIDs. Apple was also thought to be readying tools for developers to let apps figure out users without resorting to UDIDs… Read More

 

Apple begins taking down sites that sell UDID activations

By Christian Zibreg on Jul 8, 2012

Apple has begun cracking down on unofficial sites that sell UDID activations to folks who aren’t registered Apple developers, letting them download and install iOS and OS X betas on their devices, a strict violation of Apple’s agreement with developers.

In fact, a developer’s $99 a year membership in the iOS Developer Program can be terminated if pre-release software is provided to non-authorized folks. Apple isn’t just revoking access to developers that sell UDIDs, it’s now going after sites that advertise UDID activations, filing DMCA requests to hosting firms.

As you can imagine, financial incentives outweigh risks and punishment involved. Savvy “entrepreneurs” have found the business of selling unauthorized access to iOS betas worth tens of thousands of dollars. You don’t need an office, staff, a telephone line or even a business name – just a small upfront investment, a web page advertising your “service” and spare time on your hands to get the word out… Read More

 

Apple readying tracking tools for app developers that won’t require UDIDs

By Christian Zibreg on Jun 8, 2012

In addition to allegedly working on a brand new app to enable on-the-go payments on iOS devices, called Organize, Apple is said to appease to developers by rolling out new tracking tools that will strengthen developers’ privacy by not requiring UDIDs to gather usage data on their apps… Read More

 

Tweetbot developer confirms Apple is now rejecting apps over use of UDIDs

By Christian Zibreg on Mar 29, 2012

A report on Monday alleged Apple began rejecting third-party iOS apps that make use of Unique Device Identifiers (UDIDs). Today, developer Paul Haddad confirms that a new build of his Tweetbot app failed to pass Apple’s requirements due to its use of UDIDs. Haddad received an email from the company that cites section 17.1 of the App Store Review Guidelines.

It states “apps cannot transmit data about a user without obtaining the user’s prior permission and providing the user with access to information about how and where the data will be used”.

With this app rejection, I think we can safely conclude that developers are now wise to drop UDIDs from their apps. Better late than never, if you ask me… Read More