فـاروق
11-20-2007, 11:00 AM
Is Apple Spying On iPhone Users?
Posted by Stephen Wellman ([email protected]), Nov 19, 2007 09:55 AM http://i.cmpnet.com/infoweek/authors/blog/6544.jpg
http://i.cmpnet.com/infoweek/spacer.gif
http://i.cmpnet.com/infoweek/spacer.gif
Just when you thought the security risks of the iPhone (http://www.informationweek.com/blog/main/archives/2007/11/iphone_is_a_big.html;jsessionid=J13 QLZNTAXUHEQSNDLPCKHSCJUNN2JVN)could n't get any worse, we discover this (http://www.hackint0sh.org/forum/showthread.php?t=16125%3Cbr%20/%3E). According to one member of the Hackint0sh forum, Apple is using the iPhone to spy on its users.
Here is a look at the unconfirmed claim (http://gizmodo.com/gadgets/iphone-spies-on-users/apple-spies-on-iphone-users-hackers-claim-324238.php) from Gizmodo:
The evidence in the code shows that the Stocks and Weather applications send your IMEI number—the unique number which identifies your iPhone and is tied to your personal information—to Apple, along with the nature of the information you are looking at (http://gizmodo.com/assets/resources/2007/11/picture4um0.png)
http://gizmodo.com/assets/resources/2007/11/picture4um0.png.
While there's no evidence that Apple actually uses this information for any purpose, good or evil, the code shows that every time you try to access a detailed information on whatever stock, your IMEI will be sent embedded in the URL. This could be cross-referenced with IP location and the information in Apple or its partner's databases to gather extremely valuable data for marketing purposes.
Is this something we should we concerned about? No doubt the privacy advocates will be up in arms. But for those of us who've been online for over 14 years, the notion of online "privacy" is tenuous at best. Web portals like Yahoo have been tracking users with cookies since the late 1990s. Everyone knows that Google tracks its users through search and its hosted applications, like Gmail, and uses this data to serve contextual ads (as well as a way to track its applications and improve them). Not that many users seem to care.
Mobile, however, may be different. People place far more personal attachment to their mobile phones than they do to their PCs or laptops. Now that more people are using devices like the iPhone to surf the Web and run Web apps, will they feel violated once they know their mobile online information is as transparent as their online behavior on the desktop?
Also, the technique that Apple is using here, connecting IMEI and browsing information, is a little different than the techniques described above:
Tying IMEI and browsing information is also different to cookies: when you access a web site anonymously and they store a cookie in your browser, this is not tied to any personal information. Moreover, you can delete the cookie in your computer or avoid them using your browser privacy options. The IMEI, however, is a solid unique personal identifier, which makes the whole thing a little bit disturbing. More importantly, there's no op-out and Apple covers its back with the iPhone's license, as readers have pointed already in the comments.
What do you think? Is Apple's tracking mechanism here over the line? Does this go too far? Or is this no different than other online behavioral targeting system?
Posted by Stephen Wellman ([email protected]), Nov 19, 2007 09:55 AM http://i.cmpnet.com/infoweek/authors/blog/6544.jpg
http://i.cmpnet.com/infoweek/spacer.gif
http://i.cmpnet.com/infoweek/spacer.gif
Just when you thought the security risks of the iPhone (http://www.informationweek.com/blog/main/archives/2007/11/iphone_is_a_big.html;jsessionid=J13 QLZNTAXUHEQSNDLPCKHSCJUNN2JVN)could n't get any worse, we discover this (http://www.hackint0sh.org/forum/showthread.php?t=16125%3Cbr%20/%3E). According to one member of the Hackint0sh forum, Apple is using the iPhone to spy on its users.
Here is a look at the unconfirmed claim (http://gizmodo.com/gadgets/iphone-spies-on-users/apple-spies-on-iphone-users-hackers-claim-324238.php) from Gizmodo:
The evidence in the code shows that the Stocks and Weather applications send your IMEI number—the unique number which identifies your iPhone and is tied to your personal information—to Apple, along with the nature of the information you are looking at (http://gizmodo.com/assets/resources/2007/11/picture4um0.png)
http://gizmodo.com/assets/resources/2007/11/picture4um0.png.
While there's no evidence that Apple actually uses this information for any purpose, good or evil, the code shows that every time you try to access a detailed information on whatever stock, your IMEI will be sent embedded in the URL. This could be cross-referenced with IP location and the information in Apple or its partner's databases to gather extremely valuable data for marketing purposes.
Is this something we should we concerned about? No doubt the privacy advocates will be up in arms. But for those of us who've been online for over 14 years, the notion of online "privacy" is tenuous at best. Web portals like Yahoo have been tracking users with cookies since the late 1990s. Everyone knows that Google tracks its users through search and its hosted applications, like Gmail, and uses this data to serve contextual ads (as well as a way to track its applications and improve them). Not that many users seem to care.
Mobile, however, may be different. People place far more personal attachment to their mobile phones than they do to their PCs or laptops. Now that more people are using devices like the iPhone to surf the Web and run Web apps, will they feel violated once they know their mobile online information is as transparent as their online behavior on the desktop?
Also, the technique that Apple is using here, connecting IMEI and browsing information, is a little different than the techniques described above:
Tying IMEI and browsing information is also different to cookies: when you access a web site anonymously and they store a cookie in your browser, this is not tied to any personal information. Moreover, you can delete the cookie in your computer or avoid them using your browser privacy options. The IMEI, however, is a solid unique personal identifier, which makes the whole thing a little bit disturbing. More importantly, there's no op-out and Apple covers its back with the iPhone's license, as readers have pointed already in the comments.
What do you think? Is Apple's tracking mechanism here over the line? Does this go too far? Or is this no different than other online behavioral targeting system?