iPhone Target Anaysis And Exploit With UDID

[AX338]

http://www.spiegel.de/media/media-35662.pdf

 

[Intell]

That rather dated paper is not longer very relevant as accessing the actual UUID is no longer possible with starting with iOS 7. Instead, apps are giving a generated UUID that is only valid until the device is reset or restored.

 

[roadbloc]

Old news. However knowing GCHQ, they'll have another way of bypassing iOS security.

 

[gnasher729]

http://www.spiegel.de/media/media-35662.pdf

You are posting an article from 2010. You _know_ you are posting an article from 2010. I must assume that this is just an attempt at scaremongering.

Applications haven't been able to use UDIDs for ages. Because improper use leads to privacy violations, and for legitimate uses, UDIDs are usually a very bad idea (imagine a game keeping track of high scores per device. You upgrade your phone, you lose your high score. Whoever buys your phone inherits your high score. Obviously a stupid idea). That's why Apple has removed the ability to access a UDID.

If you look at the PDF file which is full of scary jargon (these guys love a bit of scary jargon when they don't have much else), it is clear that they have nothing that touches an iPhone beyond iOS 4.0.2. We are at iOS 8.1 by now.

 

[Tech198]

So, Apple introduced the concept of UDID's, then when they found out developers could take advantage of them, Apple discontinued this...

I guess if u don't try, u never know, but seems Apple just opened the door on this one.