US Security Agency tracks IPhone users

[siljaline]

BlueToad admits Apple UDIDs were rifled from its servers – not an FBI laptop.

Quote:

The mystery over the origin of 12 million Apple UDIDs (unique device identifiers) – uploaded to Pastebin by AntiSec, a hacktivist group – has been solved, as a US software company called BlueToad has revealed that its servers have been hacked.

As reported last week, AntiSec claimed that the data came from the laptop of FBI special agent Christopher Stangl of the agency’s New York office – who was alleged to have had a spreadsheet with the UDID information on his machine – and which included the user names, name of device, type of device, Apple push notification service tokens, zip codes, mobile phone numbers and addresses.

[siljaline]

Many Android and other mobile phones that employ third party apps can have the device IMEI datamined by third party ad networks such as AdMob. An ad network detector like Lookout's Ad Detector, helps in the detection of these and allows a user to at least scan for third party bits that spy on you without your consent.

[TheWindBringeth]

Quote:

Originally Posted by siljaline

An ad network detector like Lookout's Ad Detector, helps in the detection of these and allows a user to at least scan for third party bits that spy on you without your consent.

What do you mean by "at least scan for"? Does it only inform you of the apps that pass information to ad networks or does it also allow you to block the communications? It seems to me that you'd want to lock down your mobile platform in a way similar if not better than the way you lock down your browser. Which is to say, tightly control who each app can communicate with and block all apps from communicating with known ad networks. Is that possible or are the mobile platforms and apps more difficult to control?

[Noob]

Oh well, one of the drawbacks of technology . . . privacy.

[siljaline]

Quote:

What do you mean by "at least scan for"? Does it only inform you of the apps that pass information to ad networks...

Correct. It does not lock down the phone like a Browser. Apps permissions are a completely different venue of mobile security. See the link I posted to see what the app does.
Users of Lookout have this as well.

[TheWindBringeth]

Quote:

Originally Posted by siljaline

Correct. It does not lock down the phone like a Browser. Apps permissions are a completely different venue of mobile security. See the link I posted to see what the app does.

I did take a quick look at it but wanted to make sure I wasn't overlooking something. Having just found https://www.mylookout.com/resources/...-ad-guidelines the picture seems a bit clearer to me. Publish guidelines then warn about apps that don't follow those guidelines?

I don't know what app platforms actually provide in terms of fine grained control over app permissions, but they *should* provide quite a bit of control including the ability to selectively disable/block communications with remote sites like ad network servers. For all apps and/or specific ones. If that is possible, I'd say that is the way to go. Try to block those paths over which your device identifiers might leak.