Hacker News new | comments | show | ask | jobs | submit login

UDID has been deprecated because iOS 5 supports a general purpose credential store. Instead of reading a UDID, an App drops an identifier. Very similar to how a web app would drop a cookie.

The token can be shared across Apps using oAuth. This is how Twitter integration works.

So, for Apps that use Flurry, Flurry would drop an identifier into the credential store. Then Apps would access this identifier using an oAuth token and token secret.

If you have access to the iOS 5 docs take a look at ACAccount, ACAccountStore, ACAccountCredential.

While that may functionally be a replacement for UDIDs, that is not the intended purpose for those classes. They're supposed to do a lot more.

I can imagine OAuth being used to allow Twitter integration, but it doesn't really make a lot of sense as a mechanism to lock down identifiers on a single device.

The point of OAuth is to give a new web app access to data in an existing web app without giving up your password -- instead you enter your password into the original app and the new app is given a token with which to retrieve your data.

It makes complete sense for Twitter integration: you provide your Twitter password to Twitter and the iPhone ends up with a token it can use to access/post Twitter information.

I'm not sure what OAuth would be protecting when you've got multiple apps on a single device: would a user have a Flurry password that they'd enter into the Flurry app to provide access to the Flurry identifier to XYZ.app? Why would you want to do that?

Applications are open for YC Winter 2018

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact