Data like location, Facebook profile, and other information could be correlated from multiple databases to piece together an individual's identity.
In 1998, Ask Ars was an early feature of the newly launched Ars Technica. Now, as then, it's all about your questions and our community's answers. We occasionally dig into our question bag, provide our own take, then tap the wisdom of our readers. To submit your own question, see our helpful tips page.
On Tuesday, an offshoot of Anonymous, called AntiSec, claimed to have purloined a list of 12 million iOS unique device identifiers, or UDIDs, along with various bits of user data connected to those UDIDs. While the revelation raised the specter of privacy violations, it became clear that users have plenty of questions about what kind of information can and cannot be gleaned from one's iPhone or iPad UDID. Here, we explain what exactly a UDID is, how it is used, why Apple deprecated its use by developers, and why the privacy fears aren't entirely unfounded.
What is a UDID?
A UDID is a 40 character string of letters and numbers, sort of like a serial number, and uniquely identifies a particular iOS device, including iPhones, iPads, and iPod touches. The alphanumeric code looks completely random to people, but it is actually based on various hardware characteristics. Like a serial number, each iOS device has a UDID that refers to only that specific device. You can see your own device's UDID by going into iTunes and clicking on your device's serial number on its sync screen.