Apple reportedly rejecting apps that access UDIDs - Page 3

IOW, you were too lazy to come up with your own method.

There's absolutely no reason you couldn't have come up with a system that was equally transparent for the user.

To be honest, I don't see the difference between devs using UDID or their own system. The end result is still them being able to track users. Unless Apple is forbidding tracking in general, I don't really see the point in this.

Also, does it say anywhere whether Apple or iAds is also not allowed to track using UDID?

No, but I would expect a NY Times reporter to be savvier than to basically say "research" is the reason. The reporter does allude to customer surveys and such. Target might well have to have more than mere (anonymous) credit card transactions.

How many of us know what information is gathered about us and how it is used?
How many of us know how this information may be used against us now or in the future?
Why is there no informed consent requirement for gathering and sharing this information?

I don't appreciate your attitude, welcome to my ignore list.

I believe the privacy issues arise when UDIDs are used not just internally by a developer but are shared with others for tracking. iOS apps each operate in a sandbox, so a custom built solution can't be accessed by another app to allow tracking, but UDIDs have been universally accessible.

That 90% figure was just pulled out of someone's ... imagination. I suspect 90%+ of the apps in the App Store don't do this (I have 4, 2 free & 2 not, and none does). Count me among the un-pissed-off/unaffected super majority.

There are some superb, high value-added, non-ad-based free apps out there, including mine.

I am missing out on very little that interests me. I am quite happy paying a couple of bucks to get what I want without the intrusion. I rarely download "free" anymore, unless they come with no strings/intrusiveness attached.

Indeed, with the remarkable things Apple has achieved in this space -- thousands and thousands of fabulous pieces of software of just about every kind for under $5 that I buy once and use in multiple devices, with updates painlessly received -- I almost feel like its my duty to support the ecosystem with purchases (rather than rely on free).

A MAC address isn't specifically linked to WiFi. It's a network address. When you browse any website, it can get your MAC address. That's from any device that can browse. It's also used in Bluetooth. As I said, everything that is involved in any kind of networking.

That's right.

Actually, I would expect Target to be at least as savvy as --more likely, savvier than -- a New York Times reporter.

Other than enabling some hypothesis testing and algorithm refinement, surveys do nothing to help with predictive analytics tailored to the indivdual.

MAc addresses are used whenever any network connectivity is involved or not.Does not matter if it is Cellular(GSM),GPRS,Wifi or bluetooth.

the reason is as follows:
When you first connect to a network,the device will request for a IP.Now the network router allocates an IP from a pool of Free IP to your device.From thereon it refers to ur device using that IP(till it expires wherein a fresh polling occurs or network disconects depending on the Network Nomenclature),
the router maintains a MAc address to IP Address mapping.
That is also the reason why you can also see the MAc address in airplane mode.Without a MAC address the device is incapable of registering itself to the network.

Hope I have not managed to mess the explanation up.

He clearly stated it was NOT because it was easier to code but because it made the user's experience better. I guess you could say that isn't truthful but I don't see how one could argue against that.

Plus, when they made their decision to use the UDID was it something that was clearly taboo or is that something that is only now being regulated by Apple? If anything it seems that it was a bad choice if you consider that Apple had suggested it not be used and they were taking a risk that Apple would reject or remove their app in the future but that is a risk thy collectively took and nothing about it strikes me as lazy.

In fact, while the article was being worked on, Target removed access to that person.

Sure. There are reasons that make sense to me, as a user, and reasons that make sense to the developer.

If they want info that relates to app performance and possible problems, I'm likely to allow it. But I'm not always going to give them access just for the purpose of tracking me when they don't have that need for the purpose of helping ME. Frankly, I'm less concerned about their metrics. They can learn how many apps have been downloaded from Apple.

Yes, MAC addresses are used to request an IP address for a network but do cellular connections use a MAC address or some other logical address pulled from the HW? It's my understanding that is what the IMEI is for.

• http://en.wikipedia.org/wiki/Interna...pment_Identity

Also, GPRS is the packet service atop GSM which would have already completed the handshake and authenticated you on the network.

I've got almost 400 apps for my iPad, and almost 200 for the phone. Some of the free ones have Ads. I don't understand your blind aversion to them. I'm using that term because you say you don't even look at apps that have Ads. While I've got a number of free apps without them, I've got a number of free apps with them. Despite what you say, you don't know whether some free/Ad apps would be of interest if you won't even consider them.

It's as though you're telling developers that if they won't charge for their apps, they have no right to try to make money from them at all. I don't think that's right. I evaluate each app on its own.

Your app might be superb, but without knowing what it is, I can't say.

It's my understanding that ONLY Apple uses the UDID. That they invented the UDID. I think what you're talking about is the IMEI, which is the unique HW identifier used by MNOs just as the MAC address is used by IEEE 802 networks. I'd be surprised if Verizon is using the UDID and wonder why they need it.


Right, but that's a completely different situation. If we're talking about how the device talks to the MNO then it would only relay the info associated with the mobile HW, just as your WiFi router won't know your IMEI, only your MAC address, and only the MAC address for the WiFi HW trying to connect to the router.

When you're talking about a locally installed app then even a Verizon app could grab that information and more, so long as it's installed on the device.

Ooh, gosh, yes, Target is so-o-o-o amazingly, stupendously savvy... but that's off topic. We were discussing the quality of reporting--or lack thereof.


Wrong. Surveys are often tied to a sales receipt, which can then link the individual's identity to their purchase(s).

Good for you that you have, and derive value from, so many free apps! (I say that honestly).

As to the fact that you don't "understand" my preferences, why should that be surprising in the least? You're not me.

If you go back and reread what I wrote, you'll see that I support the Apple developer community very substantially. In proportional terms, perhaps more than you do.

.....

Do you have a link to this site and some steps to follow. I'd like to delve deeper into this. Like, what do the carriers do to get other vendors equivalent to the UDID or is the UDID not something unique to Apple?

I've dealt with many New York Times (and other similar-quality) reporters that write business-related stories. And with dozens and dozens of companies like Target (I am not talking about their retail establishments -- I am talking about their management). I am basing my comment on my experience. I assume yours are similarly based on yours.


What proportion of consumers fill out sales receipt surveys? I'll bet it's very low. Certainly lower than would make predictive analytics a worthwhile strategy for companies like Target. Also, if someone wants to link customer identity to purchase, I would imagine that credit card info is a much better and more comprehensive source?

Teeribly sorry. I got the ICCID and the UDID confused.

Great job - you can't refute anything I say, so you simply put me on the ignore list?

Figures.


And, as I pointed out, that was just an excuse. He could easily have gotten the same user experience if he had coded something in his own app. Lazy people always rationalize their actions (or inaction as the case may be).

In one case, it takes a whopping two lines of code to create a unique ID:
http://developer.webtrends.com/commu...id-deprecation


IIRC, Apple never wanted people using UDID, but didn't enforce that before.
http://www.macrumors.com/2011/08/19/...dids-in-ios-5/

Apple has given them the whole Game Center thing. So it's not like they have to set up their own system. They just have to actually use the tools Apple wrote for them (preferably fulling using them not just slapping it on there and then setting up their own thing for any real functions)

As for the rejecting Apps thing, they have been at that for almost a year now. They warned developers to switch it and now they are forcing the issue rather like they did with the whole App Store payment thing

Same here. The customer probably has to see a clear benefit to filling out a survey, such as getting a freebie the next time they come in.
So where does a major (generalized) risk from surveys come in, if surveys don't seem to be completed?


Only if the c.c. number is available (both technically and legally) to the merchant. The customer's name, phone number, and address are yet other matters.

How much of the NY Times article is potential/theoretical and how much does Target actually use individualized information?

I agree with much of your sentiment on privacy and the need to be pragmatic about sharing certain details to gain benefits. No need to throw plainly dishonest FUD into the argument to make Apple look better as tho they've done something wrong. Google already does enough "Huh?" stuff to legitimately question without making up things to accuse them of and no one has claimed that Apple is doing anything nefarious with your gathered info anyway. Why would you post untruths about a competitor to have others less knowledgeable repeat them as true?

I don't get the complaining on behalf of developers. You don't want to use Game Center (completely understandable), so don't, do something else. Apple is saying you can't use the UDID, so use something else. Apple is being a bastard then write only for other OS's. The whole thing is unfair because certain hooks aren't being made available to you for identification purposes? Figure something else out. If that's too much trouble publish the app without automatic user identification that happens without their opting in. Not a fair option? Then consider construction work or selling shoes or running a restaurant or waitering.

I just don't get where one side feels something is unfair because what was easy now becomes more difficult. I don't get Apple's obligation to developers here.

I'm not a developer but it seems to me a randomly generated ID wouldn't be a solution to monstrosity's needs since they need to prevent multiple accounts from the same device.

Would generating new ID based off the UDID but being acceptable? If you know the equation you could still get the UDID but Apple wouldn't know they have it unless they see the app is calling it.

Where exactly does Apple take issue with the UDID? Sending it over a network or calling it at all to create a unique ID?

And? Do they make less money if the ads aren't targeted. Probably not. And does the actual app not work if the ads aren't targeted or the UDID can't be accessed. Again, probably not.

The only thing that the developers might have to do is change up the code to add something like Game Center for scoring or permission to use Location Services if the user wants ads to be targeted (with an explanation that that is what is happening). Annoying perhaps but serious developers will make the change if they didn't when they were warned some six months or so ago that they had to.

Frankly on the game side I wish Apple had just forced everyone to use Game Center even if they want to use another network also with the same functionality in both so we can choose what we as users want to use to sign in.

That unlike Apple they have no idea who half these companies are and what they are doing with the info. It might be local ads, it might be tracking the actual devices.

Remember last fall when it was revealed that several malls were planning to track mobile phones in their mall all the way down to what stores folks went into, what path etc. No way to opt out other than turning off your cell phone before you walked into the mall. One thought of how they were going to pull it off was reading the UDID on the devices as well as the GPS and logging it. Folks were livid. Especially because they were told to suck it up or turn off their phones and because they had no idea the people behind the 'survey' and what they were going to do with the data afterwards.

This is a repeat of those types of stunts. Or rather Apple trying to block a repeat of those types of stunts. Which for users is never bad

Apple has already been proactive about this. They started months ago. just like how they started working on conditions at Foxconn etc well before the New York Times, Mike Daisey etc started up.

Great to see Andy Yang bringing more of his InstantAction magic and foresight to Playhaven...

It's more a potential privacy invasion issue and certainly a legal headache, which Apple was sued over back in 2010.
http://venturebeat.com/2010/12/28/ap...g-mobile-apps/
"According to the suit, “Some apps are also selling additional information to ad networks, including users’ location, age, gender, income, ethnicity, sexual orientation and political views.”

The news follows an investigation by the Wall Street Journal that revealed the extent to which many popular mobile apps share private user data. Named in the suit are popular apps like Pandora, Paper Toss, and the Weather Channel, which were singled out by the WSJ for the data they shared with advertisers."

AI had more to say about this back in August:
"A security review last year (2010) showed that 68% of top iPhone apps transmit unencrypted UDIDs that can be used to track user behaviors unique to a device, while another 18 percent transmit encrypted data that may include the UDID...

...This summer, Apple was sued by a man in New York over iPhone location data tracking issue, with Apple’s inability to provide a method to “delete or restrict access” to a device’s UDID being one of the main points of the lawsuit."

The earlier AI article explaining UDID issues is here:
http://www.appleinsider.com/articles...s_to_udid.html

Sorry but as a user and a developer I don't buy that. If you had wanted to come up with another system you could have. And you could have made it easy for customers. You didn't want to bother with doing the work so you didn't. Now you will have no choice if you want to keep the app going.



That is really mature. Now I am really going to be certain not to download any voucher apps or any other app made by a company that also made a voucher app just so I can avoid whatever you created.

Oh and yeah I know, I'm on your ignore list too. Happily. Just as you and your immaturity are going on mine.

So I'm not really following here. Is the problem that devs are reading the UDID (even if they create their own unique ID from it), transmitting the UDID, transmitting the UDID unencrypted, or using any ID tied to the device to record and track any statistical data?

Agree 100%.

The good name of "free" has been hopelessly ruined by the "freemium" app. IMO, things should either be free (you know, "really" free), or the developers should charge for them.

I also agree that you aren't missing out on much by eschewing the "freemium" apps. They are mostly junk games. At the most you might lose out on playing the odd rare, popular game that's produced that way, but big deal. Games come and go, they are all mostly the same, and all the really good ones cost money.

The thing that bothers me about "freemium" the most is just the moral bankruptcy of the whole approach. When I download a game that's advertised as "free" and find I have to pay money for all the stuff inside it necessary to play the game, I feel cheated and quite rightly so.

This development model is a dodge, a scam by any other name. The developer is using it because he knows he can make more money out of you that way and that more people will be fooled into paying him. It's inherently dishonest.

You can dress it up all you want, but it's still at root, a trick/deception.

Android is hardly a good example though, given the platforms reputation for heavy piracy and other forms of cheapskatery.


Does Apple allow that? I thought they didn't, at least at one time, they required the app to be paid if you offer app add-ons within the software.

Well, not all of those are free. In fact well under half are. I don't know how you support the developer community more than I do. That's just a statement from you here. I don't know how you reference "support". But you haven't answered the implied question of how you can say that an Ad supported app would have nothing, or little of value to you, when you say that you don't even look at them to see.

No FUD there. It's exactly what Google does. They have our info, and they sell that to other Ad agencies, and companies that find that data useful. No need to pretend otherwise. It's called data mining. The problem is that unlike most other companies, the data they're mining isn't their own, it's ours. This is one reason why both our government and the EU, along with some others are investigating Google for various privacy offenses. And by that, I don't mean a few Congressmen asking for information, as they've asked Apple.

When a company's sales and profits almost entirely rely on advertising, information about their users is the most valuable resourse they've got. It's why, after you remove a mail or message from G-Mail, you can't see it any more, but it's still on their servers. It's why Google+ is here; to make it easier for them to concatenate all of your usage in all of their services with one password, linked to your real name. Don't say that you haven't read about the problems in privacy that this is causing. So much so that the EU told them not to go ahead with it until they investigated the fallout. But they went ahead anyway.

I've also wondered why they have Streetview. An interesting, but not particularly useful service. Use it one or twice, and the thrill is gone. Well, as we know, they were harvesting passwords and other information from people as their car went by. Of course, at first they denied it, then had to admit it. So it was an error, they said. How could a car designed to only get pictures of where it's going, and correlate that with GPS coordinates also download data from people's networks? That makes no sense. There would be no need to do that, and how would they do that anyway?

Well, as it turns out, they wrote, and patented software that does that very thing. When that was found out, they tried to blame one engineer. What? Why would this guy install that kind of software in a car that just supposed to look at the scenery and geolocate where it is?

He wouldn't! Of course, Google was doing that intentially. They would have to be. When the German government told them to destroy that data, they protested that they shouldn't have to. This was all in the news, and is one reason why they are being investigated. If this was in error, shouldn't they have volunteered to destroy all of that information instead?

No. I believe that Streetview was just a way to get cars driving about to get that very information that they did get, with the software that Google wrote for that purpose.

Conspiracy theory? Sure, but it does explain it better than any other theory does, and it goes along with everything else Google is doing, or trying to do. Don't forget Schmitt's words, when he said that soon, Google would know more about you than you did about yourself, and that it would do something for you before you knew you wanted to do it. As they call the things he says; creepy.

I know you'll try to wriggle out of all this, but it's all public knowledge, so you can't realistically deny any of it. I suppose you can try to assign better motives to it, but I can't find any that fit.