Top iPhone Apps Transmitting UDIDs according to Security Review

Oct 052010
 

A recent review that was published a report on iPhone security revealed an important note. Most of the third-party software available for iOS-based devices transmits an accompanying unencrypted unique device identifier, and this could offer chances to retrieve personal information of the phone user.

The security review also mentioned that the top free and most popular categories on the iPhone App store were observed to be having chance to transmit UDIDs from device. Almost 68% of the mentions apps are currently having this chance of security issue. Another important this is that the 18% of apps encrypted their communications, so it could not be determined what kind of data is being shared.

The security review was published last week by Eric Smith, network administrator with Bucknell University and two-time DefCon wardriving champion.

The review was conducted on 57 apps that are available for iPhone and determined that the personal information was sent out in plain text, posing a potential security concern.

Here, this UDID is a unique identifier and this will be assigned to each iOS device and this includes iPhone, iPad and iPod Touches. In fact, this number is derived to control piracy with software available on the App Store.

The security review conducted by Smith compared UDID assigned to iOS to the controversial processor serial number that Intel attached to its Pentium 3 chips. The observations revealed that the Pentium 3 PSN “elicited storm of outrage from privacy groups”, and this is questioning why those concerns have not been expressed with the iPhone.

These privacy issues were witnessed with few of the popular apps as Amazon, Chase Bank, Target, and Sam Club. Here, The CBS News app gone little further and transmitting the UDID along with the user-assigned name for the iPhone, which typically includes the owner’s real name.

Smith wrote in his review as “Most iPhone application vendors are collecting and remotely storing UDID data, and some of these vendors also have the ability to correlate UDID to a real-world identity. For example, Amazon’s application communicates the logged-in user’s real name in plain text, along with the UDID, permitting both Amazon.com and network eavesdropper to easily match a phone’s UDID with the name of the phone’s owner”.

Here, we should remember that Apple has been very up front with security on iOS, requiring that users approve when applications access information like GPS or the phone’s address book. In addition, the company has also allowed user to opt out of data collection with services like iAds.

The company even called out one mobile analytics firm, after data about the iPad was obtained from devices in testing on Apple’s Cupertino, Calif, Campus without the company knowing. The incident prompted Apple to revise some of the rules in its iPhone Developers Agreement.

Via Appleinsider

Google Voice now Available at the Apple’s App Store

Sep 182010
 

Apple has recently changed its policies and this was created a great path for third-party application at the App store. A third-party Google Voice app called GV Connect is in the App Store and this is after a 14 months duration Apple to approve Google’s application in their store. Earlier Apple refused and removed (14 months back) all third-party Google Voice apps.

GV connect is currently priced at $2.99 and a no-brainer for all the Google Voice users: Through this Google Voice can be easily used for all the outgoing calls and also this will enable Google Voice voicemails, SMSes too. This facility is more comfortable over the web-based stopgap that Google itself released back in January.

Earlier this Google Voice facility was created huge domination for Android phones over the iPhone and through this initiation from Apple, iPhone can stabilize its foot-hold to a major extent.

Via Technologizer

Gadget Touch Screen Details for all

Sep 062010
 

Real buttons are started to replace virtual through touch screen and this trend was started three years back from Apple iPhone arrival. This had brought major changes to the entire gadget manufacturing and took it by storm. Today this trend is increased to maximum extent through Apple’s multitouch devices. Present day every marketer is targeting and attracting their prospective customers through these touch screens. A gadget is automatically reaching to a new generation device category through adorning touch screen. But, everyone should know that this touch screen not alone a prerequisite to become a new generation device.

Touch screen is an ability to initiate a function just through simple touch, but technology doesn’t culminate at this part. In fact, it should have MPG (multitouch, physics and gesture) together as an integrated user interface experience. This is what exactly an iOS offering behind to the iPhone and iPad of today. This combination was only termed as MAGICAL through Steve Jobs in recent press release. Practically speaking it is an illusion and a pure optical illusion.

Through combing multitouch with physics and gesture, a MPG device can able to create optical illusion. This illusion is capable enough to make this virtual stuff on touch screen as quite physical. A user mind very well responds to this kind of physicality of the nonphysical on screen objects and creates a feel of power and control. This kind of feel and control is always an addictive thing for every user. This is the reason users are drawn more towards the touch screens.

In fact, there is a lot difference between MPG touch screen interface and old traditional touch screen interface. The entire MPG touch screen experience truly invigorating for a user and takes him into a new world of gadget usage. A user’s deepest intuition about how the physical world should work can be very well satiated through this. This is the main reason why the touch screens are gaining more mileage today. Today we can see basic touch screen device being history and MPG device being favorites and trend for all.

via Computerworld