14 DAY TRIAL // The iPhone’s Unique Device Identifier or UDID is reportedly very similar to the Pentium 3’s Processor Serial Number (PSN) which “elicited a storm of outrage from privacy rights groups over the inherent risks associated with the sharing of such information with third parties,” according to an IT expert. This person acknowledges that “no such concerns have been raised up to this point regarding the iPhone UDID.”
However, such concerns should be raised, Bucknell University network admin Eric Smith believes.
In a blog post, he writes: “Much like the Pentium 3, devices running the Apple iPhone operating system (IOS), including Apple iPhones, iPads, and iPod Touches, feature a software-readable serial number – a ‘Unique Device Identifier’, or UDID.”
Smith and his colleagues decided to look at a number of iPhone apps from the “Most Popular” and “Top Free” categories in Apple’s App Store to determine whether or not the privacy fears surrounding the Pentium 3 have manifested themselves on the iPhone platform as well.
The team collected and analyzed the data being transmitted between installed applications and remote servers using several open source tools, according to Smith.
“We found that 68% of these applications were transmitting UDIDs to servers under the application vendor’s control each time the application is launched,” he shockingly reveals.
“Furthermore, 18% of the applications tested encrypted their communications such that it was not clear what type of data was being shared.”
According to the network admin, only 14% of the tested apps appeared to be clean, while some applications are actually able to link the UDID to the user’s identity in the real world.
“As UDIDs can be readily linked to personally-identifiable information, the ‘Big Brother’ concerns from the Pentium 3 era should be a concern for today’s iPhone users as well,” Smith concludes.
The full survey findings can be found in the PDF report here.