An unidentified user posted a document
to Pastebin on Monday that included links to around a million Apple unique device identifiers (UDIDs). The poster said the release was intended to highlight the FBI's alleged tracking of Apple customers, ZDNet writes
"We never liked the concept of UDIDs since the beginning indeed," the post read
. "Really bad decision from Apple. Fishy thingie."
Every device using Apple's iOS has a UDID. ZDnet explains
: "The number was put in place so developers and mobile advertising networks could track user behaviour. However, over the last year Apple has been phasing out apps' access to UDIDs, as the numbers were sometimes being transmitted to third parties without users' consent."
By themselves, UDIDs are somewhat innocent. "UDIDs do not contain information that allows a device’s owner to be identified," GigaOm writes
, "but when combined with other information, it can."
the incident "raises many questions, not only about the security of federal devices, but of why an agent might have (allegedly) been carrying a database of Apple UDIDs..."
the hackers said they were publishing 1,000,001 of the UDIDs as that was "enough to release." They said that they had stripped out the other personal data held in the file, noting that not all the listed devices have the same amount of personal data linked.
"the hackers may have nabbed the most high-profile prize of all — the unique string of code used to identify President Obama’s iPad," but the White House has yet to confirm the rumour.
Worried your UDID might be in that FBI hack? The Next Web has built a tool
that lets you check whether your UDID matches any of the one million that the hackers included in its data dump.