Snowden docs give new insight into how GCHQ tracked iPhone users

In the past, leaked documents have revealed that NSA was able to use a backdoor to spy on iPhone owners, whose knowledge was denied by Apple, but was fixed by the company in iOS 8. Now, new data published by Der Spigel shows that the British spy agency — Government Communications Headquarters (GCHQ) — was able pull any data from an iPhone, even if the device itself was not compromised.

The process did not attack the iPhone directly, but instead relied heavily on its UDID and the computer it was synced with. Once the iPhone was synced to a compromised computer, the GCHQ officials were easily able to extract data, including app data, from the backups.

GCHQ, an acronym for The Government Communications Headquarters, is a British intelligence and security organization responsible for providing signals intelligence and information assurance to the British government and armed forces.

GCHQ wrote in its November 2010 report, posted here by Der Spiegel as a PDF document, that UDIDs allowed the organization to “follow the same device as it synced with a compromised machine, browsed the web (exposing it to the agency’s Safari exploit) or sent data to a broader tracking system like AdMob.”

Thankfully, the method mentioned in the report dated November 2010 does not work anymore as Apple has long stopped using UDID in favor of other methods that are more secure. The company had started phasing out access to UDID to developers from iOS 5 and has since then stopped accepting apps in the App Store that request access to it.

Your device’s UDID is easily accessible in iTunes, when the device is connected, by clicking on the Serial Number field in the Info pane.

Because some developers and ad networks were misusing UDIDs, and responding to security concerns, Apple in the summer of 2012 started rolling out new tracking tools that permit developers to gather usage data on their apps without using UDIDs.



blog comments powered by Disqus
Octofinder Blog Catalog