This Week's Sponsor:

Kolide

Ensures that if a device isn’t secure it can’t access your apps.  It’s Device Trust for Okta.

All YOUR UDID ARE BELONG TO US…

Ahh, the most famous ‘hacker’ meme on the planet. If you don’t know what this refers to, wikipedia can explain it.

Anyone running Apple’s iOS has a software-readable serial number – a “Unique Device Identifier,” or UDID. Eric Smith, a Bucknell University network admin, studied iPhone apps from the “Most Popular” and “Top Free” categories in Apple’s App Store and collected and analyzed the data being transmitted between installed apps and remote servers using open source tools. They found that 68% of the applications were transmitting UDIDs to servers under the application vendor’s control each time the application is launched. 18% of the applications tested encrypted their communications so that it was not clear what type of data was being shared. Only 14% of the tested applications appeared to be clean. They confirmed that some applications are able to link the UDID to a real-world identity. Scary, I know.

The iPhone’s UDID is eerily similar to the Pentium 3’s Processor Serial Number (PSN).  While the Pentium 3 PSN elicited a storm of outrage from privacy rights groups over the inherent risks associated with the sharing of such information with third parties, no such concerns have been raised up to this point regarding the iPhone UDID.  As UDIDs can be readily linked to personally-identifiable information, the “Big Brother” concerns from the Pentium 3 era should be a concern for today’s iPhone users as well.

Here’s a 19 page PDF link of the full report if you want to read it.

[via PSKL]

Join

Unlock More with Club MacStories

Founded in 2015, Club MacStories has delivered exclusive content every week for over six years.

In that time, members have enjoyed nearly 400 weekly and monthly newsletters packed with more of your favorite MacStories writing as well as Club-only podcasts, eBooks, discounts on apps, icons, and services. Join today, and you’ll get everything new that we publish every week, plus access to our entire archive of back issues and downloadable perks.

The Club expanded in 2021 with Club MacStories+ and Club Premier. Club MacStories+ members enjoy even more exclusive stories, a vibrant Discord community, a rotating roster of app discounts, and more. And, with Club Premier, you get everything we offer at every Club level plus an extended, ad-free version of our podcast AppStories that is delivered early each week in high-bitrate audio.

Choose the Club plan that’s right for you:

  • Club MacStories: Weekly and monthly newsletters via email and the web that are brimming with app collections, tips, automation workflows, longform writing, a Club-only podcast, periodic giveaways, and more;
  • Club MacStories+: Everything that Club MacStories offers, plus exclusive content like Federico’s Automation Academy and John’s Macintosh Desktop Experience, a powerful web app for searching and exploring over 6 years of content and creating custom RSS feeds of Club content, an active Discord community, and a rotating collection of discounts, and more;
  • Club Premier: Everything in from our other plans and AppStories+, an extended version of our flagship podcast that’s delivered early, ad-free, and in high-bitrate audio.

Vector & pixel trafficker for Seymour Midwest LLC, regular MacStories contributor, Hip-Hop junkie all day long; Apple addict circa 1976.

chris@macstories.net