Apple reportedly rejecting apps that access UDIDs

1356789

Comments

  • Reply 41 of 178
    isaidsoisaidso Posts: 750member
    Quote:
    Originally Posted by alienzed View Post


    I'm not sure I see the difference between using a MAC address and a supposed UDID, I mean, neither one specifically identifies a person, just the device itself right? Are they just trying to get the developpers to have people 'sign up'? Otherwise I don't see the point in this move.



    Seems like there would be some difference (?) Otherwise, why wouldn't they have been using MAC addresses, just as any technology interests have for many years, already?
  • Reply 42 of 178
    jlanddjlandd Posts: 873member
    "We?re trying to be proactive and we?ve already moved to an alternative scheme"



    Perfect choice of words.
  • Reply 43 of 178
    isaidsoisaidso Posts: 750member
    Quote:
    Originally Posted by I am a Zither Zather Zuzz View Post


    That's what they all say...



  • Reply 44 of 178
    tallest skiltallest skil Posts: 43,388member
    Quote:
    Originally Posted by Radjin View Post


    UDID + your location most of the time (your home) + cookies and sites you may have visited + any information you might have shared = A unique identifier for you. Gay/Straight, Old/young, Male/Female, and so on. Soon they have a complete database about you and then sell it to advertisers to target you.



    Who spend tens of thousands of dollars collectively on crap shoved in my face that I either simply block outright or completely and utterly ignore if I can't.



    Seriously, do people actually buy from ads? They must, otherwise they wouldn't still be around. And that's just sort of sad when you really think about what that implies.



    You don't buy based on ads, you buy based on quality, history, and utility tailored to you. If a product being advertised isn't one for you, you don't buy it. The most I've ever used an ad for is a window into a new market. "Oh, hey, they make these now?" And then I go look up what one is actually the best.



    Now if you'll excuse me, I've had a sudden urge to go sign up a new contract with AT&T and grab one of their neat Samsung phones?



  • Reply 45 of 178
    monstrositymonstrosity Posts: 2,234member
    Quote:
    Originally Posted by hezetation View Post


    Apple wants to take some of the legal scrutiny off themselves. Developers were warned, iOS 5.1 is now here, Apple has been plenty lenient with this.



    Apple has learned over the years you can't wait for everyone to catch up, some developers won't even begin addressing this until they have no other choice.



    No, I mean't 'opt-in' for the consumer.
  • Reply 46 of 178
    monstrositymonstrosity Posts: 2,234member
    Quote:
    Originally Posted by Tallest Skil View Post


    Why? Why do they need access to my UDIDs?



    I worked on a voucher app. Tying vouchers to the phone using UDID was the best solution for our needs. A legitimate use.
  • Reply 47 of 178
    tallest skiltallest skil Posts: 43,388member
    Quote:
    Originally Posted by monstrosity View Post


    I worked on a voucher app. Tying vouchers to the phone using UDID was the best solution for our needs. A legitimate use.



    Do apps not have access to the MAC address of the device? Or would tying the vouchers to a specific account be possible, or is that not narrow enough for that use?
  • Reply 48 of 178
    monstrositymonstrosity Posts: 2,234member
    Quote:
    Originally Posted by Tallest Skil View Post


    Seriously, do people actually buy from ads?



    I can honestly say I know exactly how many adverts I have clicked since practically the beginning of the web, and that's 2! I have clicked twice in over 20 years. Nobody got rich in the ad world from me that's for sure.
  • Reply 49 of 178
    mstonemstone Posts: 11,510member
    Quote:
    Originally Posted by SolipsismX View Post


    I don't get it either.



    I'm not a network engineer but I thought that the MAC address is embedded in the wifi hardware. When you are on the cell network you are using different network hardware. I'm not sure how it can read the MAC address embedded in a separate component. The UDID is unique to the entire system.
  • Reply 50 of 178
    monstrositymonstrosity Posts: 2,234member
    Quote:
    Originally Posted by Tallest Skil View Post


    Do apps not have access to the MAC address of the device? Or would tying the vouchers to a specific account be possible, or is that not narrow enough for that use?



    It's been a while since I worked on the app, but I believe comparative ease of spoofing MAC address was the reasoning at the time.
  • Reply 51 of 178
    Quote:
    Originally Posted by asdasd View Post


    Lol. Ok, you are right. External devs can't track where you are without requesting permission. Apple and the carriers can.



    But you gave Apple and the carriers permission. It's in the terms of usage.

    Don't like it? Don't use it.
  • Reply 52 of 178
    tallest skiltallest skil Posts: 43,388member
    Quote:
    Originally Posted by mstone View Post


    I'm not a network engineer but I thought that the MAC address is embedded in the wifi hardware. When you are on the cell network you are using different network hardware. I'm not sure how it can read the MAC address embedded in a separate component. The UDID is unique to the entire system.



    But each MAC address is unique to each device that can access the Internet. The only time you'd have a different identifier is on a full-blown Mac where you'd have an Ethernet ID, too (or a Mac Pro where you could have all three), and that's outside the use case here.
  • Reply 53 of 178
    solipsismxsolipsismx Posts: 19,566member
    Quote:
    Originally Posted by mstone View Post


    I'm not a network engineer but I thought that the MAC address is embedded in the wifi hardware. When you are on the cell network you are using different network hardware. I'm not sure how it can read the MAC address embedded in a separate component. The UDID is unique to the entire system.



    MAC addresses are the logical representation of the BIA (Burned-In Address) for IEEE 802 technologies, such as WiFi and ethernet. As you say, when you are on a mobile network you are being identified in a different way.



    However, it's my understanding that apps can easily pull any one of these unique identifiers since they are installed locally so my confusion is why does it matter what "virtually unique" identifier is used to register the device to the developer's servers?
  • Reply 54 of 178
    orlandoorlando Posts: 601member
    Quote:
    Originally Posted by monstrosity View Post


    I can honestly say I know exactly how many adverts I have clicked since practically the beginning of the web, and that's 2! I have clicked twice in over 20 years. Nobody got rich in the ad world from me that's for sure.



    Isn't that an argument for targeted ads? If they can show ads that are relevant to you then ads become more useful to you as they will be for things you are interested in. This results in increasing ad revenue for developers as you are more likely to click on the ad.



    There was an interesting example recently where it was revealed the Target can tell if a woman is pregnant and what her due date is by changes in what she buys each week. Target then mails vouchers for things like diapers. Big retailers do even more tracking than online ad companies.



    Of course there is also the creepy side where Target knew a teenage girl was pregnant before her own father.
  • Reply 55 of 178
    cpsrocpsro Posts: 3,189member
    Random number generators are free and easy.

    Credit card numbers are widely available.

    MAC addresses have been around for an eternity.



    But people generally don't seem to want to be tracked without their permission, UDIDs included.

    Why do mobile ad agencies think otherwise?

    Why do developers think they should get special treatment (allowing them to grab UDIDs and share them with ad agencies without permission)?
  • Reply 56 of 178
    solipsismxsolipsismx Posts: 19,566member
    Quote:
    Originally Posted by monstrosity View Post


    It's been a while since I worked on the app, but I believe comparative ease of spoofing MAC address was the reasoning at the time.



    As far as I know you can spoof the MAC address, UDID, IMEI and ICCID and serial number. Anything that is represented logically can technically be spoofed.
  • Reply 57 of 178
    jeffdmjeffdm Posts: 12,951member
    Quote:
    Originally Posted by ascii View Post


    Good. I would be quite happy if all apps on the App Store were paid-for software (or just free) with no ad-supported ones.



    That wouldn't be such a bad system.



    Quote:
    Originally Posted by asdasd View Post


    Bad move. Pissing about 90% of devs off.



    In itself, not much of an argument. Also, no verifiable number.



    Quote:
    Originally Posted by Automaticftp View Post


    For more targeted advertising.



    Often not a selling point for the user.



    Quote:
    Originally Posted by aBeliefSystem View Post


    The deal with free apps is advertising.



    This simply means developers will find it harder to make money and it is likely Apple are using this opportunity to gain more monetary control.



    Quote:
    Originally Posted by asdasd View Post


    Apple - who are probably using the UDID all the time in iOS for their own purposes.



    Maybe, but if there's no proof, not much of an argument. If it's easy for third parties to analyze code for UDID use, whether the code is by Apple or a third party doesn't matter, it would be possible to figure out how it's being used. I'm a lot more comfortable with just the handset maker and the carrier accessing it (two companies), and they have a clearly more legitimate need to have that data in order to properly operate on the network, among other things. The possibility of every dev having access to it, possibly hundreds, is not something I am comfortable with.



    Quote:

    They certainly do it in the profiles.



    What profiles do you mean?



    Quote:

    They also allow access to your contacts list without a confirmation, a far greater security risk.



    They are fixing that too, aren't they? I don't think addressing that issue means this issue can't be addressed too.



    Quote:
    Originally Posted by mstone View Post


    I'm not a network engineer but I thought that the MAC address is embedded in the wifi hardware. When you are on the cell network you are using different network hardware. I'm not sure how it can read the MAC address embedded in a separate component. The UDID is unique to the entire system.



    The MAC address is probably as accessible to the software as a UDID. It might be a different call, but I don't see it being more difficult to get.
  • Reply 58 of 178
    mstonemstone Posts: 11,510member
    Quote:
    Originally Posted by Tallest Skil View Post


    But each MAC address is unique to each device that can access the Internet. The only time you'd have a different identifier is on a full-blown Mac where you'd have an Ethernet ID, too (or a Mac Pro where you could have all three), and that's outside the use case here.



    Sorry that just sounds like layman speculation and vague nomenclature. Where exactly is the MAC address? Perhaps the OS reads it saves it in memory where it becomes accessible but I would rather have a technical explanation than an abstract speculation. I have also been told that in a device such as a Mac Pro where you have two Ethernet ports, the MAC address that the machine reports is the card in the first slot even though technically there are two separate MAC addresses.



    What happens when you turn wifi off.
  • Reply 59 of 178
    monstrositymonstrosity Posts: 2,234member
    Quote:
    Originally Posted by SolipsismX View Post


    As far as I know you can spoof the MAC address, UDID, IMEI and ICCID and serial number. Anything that is represented logically can technically be spoofed.



    Sure but, "comparative" ease, for your average joe. Comparative lack of results on google for 'UDID spoof' does add a level of security, security by obscurity. Granted not the biggest of deterrents.
  • Reply 60 of 178
    mechanicmechanic Posts: 805member
    I have read almost all the posts here and it seems that some of the argument is that apple will be able to use UDIDs all by themselves while cutting the developers out, which in my mind is a poor idea for reasoning that developers should be able to use them too. Cell networks identify your ID through the UDID on the network and have to for obvious reason to be attached to the cell network.

    Developers do not need to use UDID to track. As was said in the article one of the developers said they were already working around the issue by building there own tracking code.



    It seems to me that the biggest problem here is the fact that developers are wanting to use something that is already there without having to build there own. Less work for them and I can't blame them for wanting to use it. It saves them money and time.



    But the alternative is far worse. Apple is being investigated heavily by congress and is being told right now that if they don't do something about this that they (congress) will and make it legislated law. I don't know about you but I would rather have Apple be proactive about this and take care of it on there own than have the idiots on capitol hill decide it for us. They legislate too much of our lives already and have done a piss poor job of it already. Just look at social security for one example of how well they have done.



    Also google and microsoft will go through and are going through the same process right now. Google specifically is being investigated by the DOJ right now for privacy violations and the in EU too.



    As for the MAC address vs UDID argument both are unique to the device but MAC is not used by the carriers to track like UDID is. It could be but it is not. Your ID on a cell is not attached to the MAC address, it is attached to the UDID.

    My nephew works for Verizon as a network engineer and tells my that MAC addresses are not attached to a name UDID's are.
Sign In or Register to comment.