Hacker Newsnew | comments | show | ask | jobs | submit login

I doubt that they are a single app's data. Look at the repeat of certain Device names (try "Abo Mossa") and check their UDIDs - those UDIDs show an incremental pattern in their first 3 digits. This tells me: (a) those devices were bought in bulk and (b) those devices were never sold to one person - since the Device names were unchanged [assumption is that a regular customer cannot own so many devices]. I just don't see how one app (not pre-installed) could be on all the devices bought in bulk by one person and dump all its data to FBI.



The UDID is a SHA1 of a few fields (including a couple MAC addresses): we actually know the exact algorithm; if you are seeing patterns in them it is either a trick your brain is playing on you or a trick the user is playing on you (some people modify their UDID occasionally to keep themselves from being tracked by apps).

-----


How do you modify the UDID? Does it depend on the model?

-----


At some point, the UDID is being processed by code, so you don't really need to permanently modify anything: you just edit the code that generates it and make that return something different. These kinds of changes are very simple using Substrate, the library we all use (that I developed) for changing code at runtime. For the UDID, the obvious candidates are "edit every app so [UIDrvice uniqueIdentifier] returns fake" and "edit lockdownd so it calculates the wrong value every time it is generated".

-----


you're right. the pattern is weird. and it shows up a lot (see Admin's iPad, Ahmed's iPhone etc...)

EDIT: unless... is it just a side effect of how the data was exported? Sorted on Username, then on UDID

Ya, the more I look at it, the more I think it's just secondary sorting on UDID

-----




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: