Just in case you thought that the iPhone tracking story ended with the year 2014: Edward Snowden is back with a new report, shared by Der Spiegel, detailing how the British GCHQ tracked targeted iPhones (via The Verge).
The exploit is based on the UDID (the iPhone’s Unique Device Identifier) system: every iPhone has a 40 character long hex string that is available to iOS developers and can be used to identify a given device. Apple has ultimately demanded that developers stop using UDID for device identification purposes.
However, this happened after November 2010, so there was a lengthy period when the surveillance tool developed by the GCHQ was operational and was used to follow a device (from iOS 3.0 to iOS 4.0.2). The developers — the Joint CNE/TECA Mobile Exploitation team have used an open source PDF vulnerability to deliver the “malware” to the targeted iPhone.
The infected iPhone then led the team to the computers its owner synced its device with, or sent web browsing data, or shared data to a broader tracking system like Admob, one of the biggest mobile advertising networks.
Although developers get their app banned from the App Store if they use the UDID system to identify a device, the report is nonetheless interesting reading on how national spy agencies find ways to track targeted users.