iPhone Apps Sending Out Devices' Serial Numbers, Log-In Data
The majority of the most popular applications available for iPhones use the devices' serial numbers to track users, a professor at Bucknell University says in a new research paper.
For the report, assistant director of information security and networking Eric Smith examined 57 of the most popular iPhone apps and found that 68% of them transmitted the devices' unique serial numbers to remote servers owned by either the developer or an advertiser. Furthermore, many applications -- including Amazon, Facebook and Twitter -- also collected users' log-in data.
Smith says in his paper that users have little control over the use of their devices' serial numbers for tracking purposes. "There is no ability to block the visibility of the iPhone's UDID (Unique Device ID) to any installed applications, nor is there a mechanism to prevent the transmission of the UDID to third parties in the current version of Apple's IOS, the operating system," he says in the paper, "iPhone Applications & Privacy Issues."
He adds that while computer users can opt out of online tracking through their machines' browsers, mobile users don't have that ability. "Safari's mobile version, the only web browser available, does not include any privacy features: no 'Private Browsing' functionality, no ability to block or clear application cookies, and no access to the local browser cache."
Smith criticizes the developers' practices in his report, saying that users "should be alarmed" by the possibility that their information might be shared by vendors with others. "Is there any reason why the developer of a video game should know your home address?" he asks.