What's new

Third-Party Apps Could Be Transmitting Private Data

Maura

iPhoneForums.Net News Team
Staff member
Joined
Jun 18, 2010
Messages
4,891
Reaction score
1,050
iPhone4-1-2.jpg

Engadget has a worrying report today about the possibility of third-party iPhone apps transmitting information that links your device to your name and possibly even your location, according to Bucknell University network admin Eric Smith, a two-time DefCon wardriving champion, who has studied 57 top applications in the iTunes App Store to see what sort of data they send out. Through his research, Smith discovered that some third-party apps actually sent out the iPhone’s UDID and personal details in plaintext, including apps for Amazon, Chase Bank, Target and Sam’s Club, although some of these were secured with SSL. Engadget says that although UDIDs are often used by apps to store personal data and combat piracy, Smith is concerned that a database could be created linking the UDIDs to GPS coordinates or GeoIP, thereby confirming your location to possibly unsavoury people or companies. Engadget points out, however, that transmitting the UDID and account information together publicly is forbidden. Smith concludes his research report by likening Apple’s UDID to the unique identifier of Intel’s Pentium III processor, which raised privacy issues several years ago, resulting in government enquiries, which resulted in Intel providing a software fix that enabled individuals to manually disable the chip’s ID, prior to Intel removing the chip from all future CPUs.

Source: Engadget
 
I read an article 'bout this awhile ago,....most apps send pretty generic stuff,...age, gender, etc...and avoid naming a person directly.
 
Top