Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Is Apple Tracking iPhone Users Through IMEI?

CmdrTaco posted more than 6 years ago | from the putting-on-the-foil-hats dept.

Cellphones 218

ariefwn writes ""As I sit here applying a new layer of Reynolds tin foil to my international hat of conspiracy, its been proven that Apple tracks iPhone usage and tracks IMEI numbers of all their iPhones worldwide. Hidden in the code of the 'Stocks' and 'Weather' widgets is a string that sends the IMEI of your phone to a specialized URL that Apple collects. I wonder if there will be any implications to owners of hacked iPhones..."

Sorry! There are no comments related to the filter you selected.

Yes, and the problem is? (5, Informative)

LiquidCoooled (634315) | more than 6 years ago | (#21407033)

You signed an agreement when you bought the device.

When you interact with Apple, we may collect personal information relevant to the situation, such as your name, mailing address, phone number, email address, and contact preferences; your credit card information and information about the Apple products you own, such as their serial numbers and date of purchase; and information relating to a support or service issue.

However people will expect this to be at manual support time and not all the time.

Re:Yes, and the problem is? (1)

TheSpoom (715771) | more than 6 years ago | (#21407097)

And if someone got it off eBay?

Re:Yes, and the problem is? (5, Funny)

wattrlz (1162603) | more than 6 years ago | (#21407257)

And if someone got it off eBay?
In that case they can probably afford to sue.

Re:Yes, and the problem is? (1)

Barny (103770) | more than 6 years ago | (#21407275)

Then sue the person who sold it to you, duh.

Same sort of problem as if a computer OEM doesn't give you the Microsoft EULA to peruse before running the pc for the first time.

Btw OEM can actually bypass all that and just present the box ready to roll, they just have to put a sticker with about 20 lines of legalese on the invoice and get you to sign it (stating that you will read the EULA prior to operation), but I am guessing said e-tailer didn't do anything remotely like this.

*sigh* another reason to love my nokia :)

Re:Yes, and the problem is? (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#21408167)

*sigh* another reason to love my nokia :)

Offtopic, but um. Exactly what is loveable about nokia?
I had a nokia and it was a total piece of junk.
Stupid user interface, etc.

Re:Yes, and the problem is? (1)

abaddononion (1004472) | more than 6 years ago | (#21407117)

Well, the EULA I signed when I got Windows also says they'll monitor whatever information they want out of me. So, it's good to know that all of these companies monitoring all of my information is *completely* okay, and nothing to worry about!

Of course, I dont use Windows anymore because of the EULAs. So Ill *also* continue not buying an iPhone, and everything will be fine.

Re:Yes, and the problem is? (0)

Anonymous Coward | more than 6 years ago | (#21407263)

I run a pirated version of XP, and didn't sign any EULA :)

Re:Yes, and the problem is? (3, Insightful)

cadeon (977561) | more than 6 years ago | (#21407851)

But you're still contributing to Microsoft's installed base, which isn't helping to fix the problem.

Re:Yes, and the problem is? (0)

Slashidiot (1179447) | more than 6 years ago | (#21407149)

But, c'mon! Who cared about who signed what? I just wanted the iPhone, it's so cool!! Who reads what they sign anyway?? Apple is supposed to be good, no matter what we agreed on!

Re:Yes, and the problem is? (2)

jamar0303 (896820) | more than 6 years ago | (#21407657)

Who said anyone signed anything? I know that my local reseller doesn't make me sign an agreement or anything- hand over the cash, put in the SIM, run Installer.app (iPhone comes pre-jailbroken for the user's convenience; I'll never buy Apple stuff anywhere else) to install what I want, and I'm good to go.

One of the many upsides to buying an iPhone in China.

Re:Yes, and the problem is? (0)

Anonymous Coward | more than 6 years ago | (#21407219)

hmmm that gives me an idea for wifi connection hand off between base stations using a browser add on.

Re:Yes, and the problem is? (0, Insightful)

Anonymous Coward | more than 6 years ago | (#21407267)

Also worth noting that all mobile providers track the usage of devices. All phones beacon with their unique identification info. Also most mobile service offed from third parties can / do collect unique identification information on the devices using their service.

As pointed out earlier apple clearly states that they can \ will collect such info from any apple device . An ipod sends its info to apple every time is is synced on a new account.

This is not new this is not news that matters. Move on nothing to see here at least nothing that we do not already know.

Re:Yes, and the problem is? (1)

Thanshin (1188877) | more than 6 years ago | (#21407597)

Don't you have laws about abusing EULAs?

I suppose something like "At any time you have your phone connected, we may use your signal to target a space war laser that will disintegrate you, and all other Apple products you might have on you at that moment." wouldn't fly in court.

"The prolonged use of this phone may have adverse effects on your health, such as death."

Just a few more minutes... (5, Funny)

mattgreen (701203) | more than 6 years ago | (#21407051)

I'm waiting for someone to respond with an eight page analysis of why this isn't really a big deal, complete with immaculate formatting and excellent grammar. Then everyone simply looks at the length of the post and says, "aha! see, it ISN'T a problem! Not that I read it all, but I'm with *this* guy!"

Don't let me down.

Re:Just a few more minutes... (2, Insightful)

Sparr0 (451780) | more than 6 years ago | (#21407141)

Well, not 8 pages but...

Has anyone verified that the IMEI is actually inserted into that field in the URL when the widget runs? The author says he tried to not send the IMEI, but maybe it just sends a placeholder value, or nothing at all, by default? I want to see traffic logs of the actual request including the IMEI before I get angry and [continue to] not buy an iPhone.

Re:Just a few more minutes... (3, Insightful)

ThirdPrize (938147) | more than 6 years ago | (#21407425)

It is probably just to make sure that only iPhones use that service. Or registered iPhones at least.

Re:Just a few more minutes... (1)

mattgreen (701203) | more than 6 years ago | (#21407445)

Sort of a "user-agent" field, if you will?

Ahem.

Re:Just a few more minutes... (1)

ThirdPrize (938147) | more than 6 years ago | (#21407553)

Yes, but I would guess user-agent is the same for all iPhones. The IMEI [wikipedia.org] isn't. I then refer you back to my original post.

Re:Just a few more minutes... (1)

nacturation (646836) | more than 6 years ago | (#21408219)

Yes, but I would guess user-agent is the same for all iPhones. The IMEI [wikipedia.org] isn't. I then refer you back to my original post...
... which appears to claim that requiring a string on a URL is impossible to duplicate on non-iPhones, thus providing an excellent security measure.
 

Re:Just a few more minutes... (1)

ThirdPrize (938147) | more than 6 years ago | (#21408359)

I am just saying that things like up to date stock info cost money and Apple is is giving it away as a free feature of the iPhone. Yes, you could quite easily take the URL used by YOUR iPhone and use it to get the data back in some other browser/app. Yes, you could pass the URL onto your friends and I bet that eventually Apple would eventually twig and ban it. A pirated IMEI would return the same as no IMEI. Nothing.

Re:Just a few more minutes... (2, Informative)

bolo1729 (759710) | more than 6 years ago | (#21408315)

Has anyone verified that the IMEI is actually inserted into that field in the URL when the widget runs?

From the article: Any attempts to modify the URL to exclude the IMEI information will not allow you to retrieve any information in the "Stocks" and "Weather" apps.

It seems that the author did...

Re:Just a few more minutes... (1)

gEvil (beta) (945888) | more than 6 years ago | (#21407145)

daveschroeder is putting the finishing touches on his message. He'll post it shortly. : p

Re:Just a few more minutes... (4, Funny)

ironwill96 (736883) | more than 6 years ago | (#21407157)

Ok here goes.

This

isn't

really

that

big

of

a

deal.

I'm feeling better already, what about you?

While you're waiting... (2, Informative)

Huntr (951770) | more than 6 years ago | (#21407291)

You could just read all the comments [slashdot.org] about Blizzard's Warden program for WoW, as they will likely be strikingly similar.

Re:Just a few more minutes... (1)

jdc180 (125863) | more than 6 years ago | (#21407357)

And it shall be called roughlydrafted.

Re:Just a few more minutes... (1)

morgan_greywolf (835522) | more than 6 years ago | (#21407453)

Here you go:

I'm a strong advocate of privacy myself, but I don't see Apple's actions as being particularly unreasonable. You aren't being compelled to buy an iPhone, and it's up to each individual to decide how much they trust Apple with this. If you don't trust them, don't buy an iPhone. It's quite common for people to be asked to reveal personal information in a voluntary exchange (like when you apply for a job or a bank account) and there is always the possibility that this information could be misused or abused, or that the power you give another person to access such information could be misused or abused. But these types of transactions are always voluntary, and it's really a case of caveat emptor. If you don't trust the company, then don't give them your money and your privacy will remain intact.

Having said that, people like the author of TFA are free to object to Apple's policy and to attempt to persuade them to change it. If it annoys enough iPhone customers, then it will go.

Re:Just a few more minutes... (0)

Tony Hoyle (11698) | more than 6 years ago | (#21408337)

The problem is the IMEI allows for SIM cloning, which is why you should *never* give it out.. it's unique to your SIM and used for billing etc.

So iphone broadcasts it unencrypted via wi-fi.. and you're not bothered?

Re:Just a few more minutes... (2, Informative)

daveschroeder (516195) | more than 6 years ago | (#21407875)

Sorry, the idea of what is essentially a hardware device serial number being used to "track" anything at all, other than perhaps the fact the device is actually an iPhone, was to stupid for even me to grace with a response. ;-)

This post [slashdot.org] sums it up quite nicely, though.

Re:Just a few more minutes... (4, Funny)

mattgreen (701203) | more than 6 years ago | (#21408101)

You, sir, win, by not only failing to bite at my semi-troll, but actually having a laugh yourself.

Well-played.

Re:Just a few more minutes... (0, Troll)

nine-times (778537) | more than 6 years ago | (#21408109)

I'm just waiting for someone to post the standard:

Why is everyone going so easy on Apple for this? If Microsoft had done this, everyone would be screaming bloody murder! I mean, come on, it's been obvious for several years now that Apple is the source of all computing problems. They sell 1 button mice, for chrissakes. If they weren't evil, they'd just use Windows since it's the standard operating system!

What the hell, first post. (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#21407057)

See subject.

Well... (5, Funny)

abaddononion (1004472) | more than 6 years ago | (#21407059)

At least it's Apple tracking you, not AT&T?

Wait...

Maybe this discussion will be better than Diggs (1)

tgd (2822) | more than 6 years ago | (#21407309)

I'd hope there are more people on here who know what an IMEI is, what its used for, when it is used on ANY GSM phone and how it relates to the IMSI...

This is /., I expect the flamefest to be shorter...

Re:Well... (2, Funny)

Typoboy (61087) | more than 6 years ago | (#21407497)

Right, AT&T has no possible way of tracking you, where you are, which cell tower you are talking to, etc.. oh wait </sarcasm>

Tracking what? (2, Insightful)

Anonymous Coward | more than 6 years ago | (#21407065)

Exactly what are they tracking though? My location, my history, my music? What?!

Re:Tracking what? (4, Informative)

tgd (2822) | more than 6 years ago | (#21407345)

Nothing, its a device serial number... not associated with your SIM and therefore not with your account. It proves its an iPhone to the webservice. Not much more.

Bet I get modded down for saying it though :)

Re:Tracking what? (1)

slashflood (697891) | more than 6 years ago | (#21407663)

Nothing, its a device serial number... not associated with your SIM and therefore not with your account.
But what about the credit card policy [google.com] ?

Re:Tracking what? (2)

dave420 (699308) | more than 6 years ago | (#21407731)

Well, they know who bought the handset, so they do know who owns the IMEI in question. And, unlike sim cards, you can't change your IMEI easily (or possibly at all - it's a crime to do so in some countries). So if they wanted to, they could trace pretty much everything you did. But then AT&T can do that (and much more), so people worrying about this when AT&T is poised to rape their data seems a bit silly :)

Re:Tracking what? (1)

rucs_hack (784150) | more than 6 years ago | (#21407787)

Odd isn't it, how people oiver react to such trivial events.
Mobile phones communicate with telco's. Satellite boxes communicate with satellite tv providers. PC's bought from pc manufacturers like Dell and HP routinely monitor the software that they installed on your machine and keep it updated.

There will be many such connections, most innocent. People who install my software from download.com, if they don't deselect 'download source code' get that code downloaded from my own server, thus recording their download, and city of origin for me. Am I a bad person? Do I use this for marketing? Nope (well, it's open source and free, what marketing..), but it's handy to monitor how many people use my code, and where they are from.

Re:Tracking what? (1)

jimicus (737525) | more than 6 years ago | (#21408033)

And you don't think they register which phone was sold to which customer at the point of purchase?

Re:Tracking what? (0, Flamebait)

Achromatic1978 (916097) | more than 6 years ago | (#21408143)

You SHOULD be modded down, because you have very little ideal of what it is you're talking about:

That whole registration passes your IMEI back to Apple and AT&T, so you can (amongst other things) have your handset disabled if stolen/lost.

It proves its an iPhone to the webservice.

Bzzt. Another wrong answer. IMEI is a unique mobile equipment identifier. Now, while these numbers are handed out in blocks to manufacturers, much like MAC addresses, the database is certainly not something easily (or perhaps even at all) accessible to the public. If you think Apple, or any other site is identifying your iPhone via IMEI, not UserAgent, you're utterly, laughably wrong.

So you should get modded down, for sheer Apple-defending smug self righteousness.

Re:Tracking what? (0)

Anonymous Coward | more than 6 years ago | (#21408349)

If you think Apple, or any other site is identifying your iPhone via IMEI, not UserAgent, you're utterly, laughably wrong.

They may or may not be using it to identify devices, but certainly *Apple* could determine if it's one of their own IMEI numbers.

Re:Tracking what? (1)

That's Unpossible! (722232) | more than 6 years ago | (#21408375)

these numbers are handed out in blocks to manufacturers, much like MAC addresses

and then you said

If you think Apple, or any other site is identifying your iPhone via IMEI, not UserAgent, you're utterly, laughably wrong.

I'm curious why exactly Apple would NOT know what IMEI numbers it has used on iPhones? They made the devices and were assigned the blocks of numbers as you stated above.

Re:Tracking what? (1)

kybred (795293) | more than 6 years ago | (#21407711)

Saying that they are 'tracking' you implies that they know where you are or how much you are using your phone. Certainly, AT&T (or whatever carrier you use) tracks you; they know what cell tower(s) you are near and they track your usage (re: the mega-page bills some iPhone users got initially).

But sending the IMEI is not 'proof' of Apple tracking you or tracking your usage. OK, they know when you run the Stocks or Weather widget, but that's hardly 'usage'. And there is not evidence that they send any info about your location, either.

Another poster mentioned that this is probably so the server can show you the stocks you've selected previously in the absence of cookies. That seems logical to me.

In Soviet Russia, Weather Widgets Track You! (1)

Gary W. Longsine (124661) | more than 6 years ago | (#21407745)

They are tracking how many times you check the weather. It's probably to gather data to test the viability of using iPhone to proactively provide mental health services. People who suddenly begin displaying obsessive compulsive tendencies by checking the weather over and over will be offered the new service.

iPod Touch (4, Funny)

jolyonr (560227) | more than 6 years ago | (#21407073)

Of course, if I happened to be running the Stocks and Weather applications on my iPod Touch it wouldn't have an IMEI number to send, would it? Not that I am running those applications on my ipod, because that of course isn't allowed.

Jolyon

Re:iPod Touch (2, Funny)

rvw (755107) | more than 6 years ago | (#21407215)

Of course, if I happened to be running the Stocks and Weather applications on my iPod Touch it wouldn't have an IMEI number to send, would it? Not that I am running those applications on my ipod, because that of course isn't allowed.
Well it could send the serial number instead of the IMEI.

Re:iPod Touch (2, Funny)

sumdumass (711423) | more than 6 years ago | (#21407255)

I don't know if it is an IMEI but when you sort things like stocks you want to watch or personalized weather as well as weather local to your direct vicinity, it has to send something to identify who your are and likely the your location. So I guess the question is, does this information need to identify the person, is there any way around that and does apple in fact store it? If so for how long and why?

I'm not even sure this is a bad thing. It all depends on the stuff we don't know yet. To some, anything is a bad thing. But then again everyone is out to get them.

Re:iPod Touch (2)

Culture20 (968837) | more than 6 years ago | (#21407729)

The weather sites and Stock site preferences could easily be set in your phone's preferences, or your phone could request a "local weather" forecast by sending the local zipcode (perhaps gleaned from the Cell-towers). There is no reason why they would need to know "User XYZ is in denver, and wants to know what the weather looks like" or "User ABC is in Hawaii, and wants to know his current stocks".

Re:iPod Touch (1)

sumdumass (711423) | more than 6 years ago | (#21408275)

But you see, there is no reason not to know if the information is being deleted after it serves it's purpose.

It isn't preferable to do things this way but it isn't automatically bad or evil. There is too much information that is just unknown to make any determination at this point.

Re:iPod Touch (2, Interesting)

jacksonj04 (800021) | more than 6 years ago | (#21408047)

Stocks and weather (Along with Maps) don't self-localise, you need to tell them what you want. In addition, it'd be far easier for the phone to send its base station number(s) as position info, since sending the IMEI involves the application server contacting the network provider to ask where the phone is, rather than just looking up the base station number in a local table.

well (1)

TheDrewbert (914334) | more than 6 years ago | (#21407111)

I, for one, welcome Steve Jobs as our new overlord.

Re:well (1)

15Bit (940730) | more than 6 years ago | (#21407179)

Well I, for another, do not.

Re:well (2, Funny)

Chyeld (713439) | more than 6 years ago | (#21407727)

I, for one, welcome Steve Jobs as our new overlord.

New? When did he stop?

Is this a problem? (1)

DrXym (126579) | more than 6 years ago | (#21407155)

Most closed devices (e.g. consoles that have online stores), or phones, or pay-per-view boxes would be quite within their rights to send a device identifier with the request. In the case of a phone, that would be the IMEI.

The moral here, is perhaps not to buy songs from Apple in the first place if it bothers you. Amazon.com sells music in MP3 format and you can use it any way and in any device you please.

Re:Is this a problem? (1)

betterunixthanunix (980855) | more than 6 years ago | (#21407501)

Or just don't by anything from Apple. Overpriced was always my opinion, and the whole TPM thing didn't seem to concern a lot of non-FSF people...but covert tracking? How many more things will Apple get away with before people stop acting like Apple is a perfect angel company?

Why go through all that trouble? (1)

rickb928 (945187) | more than 6 years ago | (#21407163)

AT&T could send Apple whatever they wanted to know about usage and location.

What else is there to know about your iPhone? Oh yeah, software version, but that's trivial to find out.

Just when I'm looking to replace T-Mobile as my GSM provider, I'm pretty well stuck with the competition that is eager to drop their shorts and give whatever is asked for to whoever asks for it. Except me, of course.

Well, time to go 'negotiate' with T-Mobile. Bleagh.

Re:Why go through all that trouble? (1)

LiquidCoooled (634315) | more than 6 years ago | (#21407319)

How would AT&T tell Apple you were connected to the web using wifi?

Using the information on requests apple can easily mine the number of people who go over AT&T EDGE and who use wifi.
Also, if they do not ever want to block the URL from working with none iphone devices they can do it based on the IMEI and not on some if(!ipOwnedBy("AT&T")) code.

Re:Why go through all that trouble? (1)

rickb928 (945187) | more than 6 years ago | (#21407521)

Ah, my mistake. Assuming Apple would necessarily ask for or receive info from only one source.

Guess they would have to use the IMEI after all. No conspiracy required.

I suppose most any device could do this, if it ran apps and bothered.

You know, when you put it that way, it made AT&T look good. That's interesting.

Re:Why go through all that trouble? (1)

ThirdPrize (938147) | more than 6 years ago | (#21407383)

I hear that the iPhone also takes secret photos of your ear when you are making phone calls and mails them back to Apple. Just so they can see what you are listening to.

That's not IMEI... (2, Funny)

Rastignac (1014569) | more than 6 years ago | (#21407175)

That's iMEI !
Like all others Apple iThings.

apple the broker? (3, Interesting)

erikkemperman (252014) | more than 6 years ago | (#21407223)

While I'm not an economist or stockbroker, it seems to me that if apple knows which shares iphoners are most interested in, at a given time, this is extremely valuable information, e.g. to spot trends. Can't be bothered to read the user-agreement (have no iphone) but curious to know whether it gives apple the right to sell this data on to large brokers or even act upon the intel themselves?

Re:apple the broker? (0)

Anonymous Coward | more than 6 years ago | (#21407429)

And how would this data be better than the data everyone collects when people actually purchase and sell shares? Stock interest is reflected better in the price of futures, derivatives, and actual share price then it is a bunch of iphone users.

Re:apple the broker? (2, Insightful)

bleh-of-the-huns (17740) | more than 6 years ago | (#21407513)

I am pretty sure that would be illegal, and probably falls under laws that prohibit pump and dump stock scams....

Re:apple the broker? (0)

Anonymous Coward | more than 6 years ago | (#21407565)

How do you think Google is making a good chunk of its money?

Nowadays any prospect info is good info (1)

Serpentegena (991730) | more than 6 years ago | (#21407725)

Sad story - for 3 non-consecutive years, I volunteered in a fund-raiser for the symphony orchestra here in my home town(I was in music school at the time). They had my name, email addy and phone number.
Last month, I received a call from their sales department where a very polite man tried to sell me subscriptions to the next season.
I got rightfully insulted, because the least they could call me with is a job...Then, having worked as desk monkey for an IT sales organization, I chalked it up to overzealous merchants and moved on, albeit rather dissapointed in the cultural stature of said symphony orchestra.
Moral of the story: when a company is out to make money(and they often are), any prospecting info is good info.

Re:apple the broker? (1)

Culture20 (968837) | more than 6 years ago | (#21407807)

Are you accusing Apple of colluding with others to topple the stock market?

more benign? (4, Interesting)

datapharmer (1099455) | more than 6 years ago | (#21407259)

Ever think maybe there was a more benign reason for this? Like to perhaps help in the retrieval of a stolen phone? Granted, it is probably not great for privacy, but if explicitly disclosed a savvy phone stealer could just disable or modify the apps. *This by no means excuses apple's privacy violations.

Re:more benign? (2, Insightful)

jdc180 (125863) | more than 6 years ago | (#21407395)

IIRC the carriers in the US could care less about retrieving a stolen phone. They could use GSM to lockout stolen phones, but don't. I'm sure apple doesn't either.

Re:more benign? (2)

jimicus (737525) | more than 6 years ago | (#21408071)

Maybe not in the US, but they certainly do in the UK. Stolen IMEIs are put on a blacklist and the blacklist is checked when the phone attempts to register with the network. The same blacklist is shared amongst all the network operators.

There was talk about extending this blacklist to other countries, but I don't know how far it is down the line.

Re:more benign? (1)

theantipop (803016) | more than 6 years ago | (#21408149)

My sister recently had her phone stolen. She called Verizon and had the phone marked as stolen so when the thief went to reactivate it they simply confiscated the phone and notified her.

Re:more benign? (1)

cadeon (977561) | more than 6 years ago | (#21408025)

I tend to bet on ignorance over malice any day. I bet this is a way to verify that the request is actually coming from an iPhone, and the original dev team didn't even consider that it could be an invasion of privacy.

Fast post (0)

Anonymous Coward | more than 6 years ago | (#21407281)

ÑÑÑÑÑÑÑ zap

This is the first post on this article coequal with Congress and monkey-spanking. ÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑ

Tinfoil... (2, Funny)

Notquitecajun (1073646) | more than 6 years ago | (#21407289)

So, should people start wrapping their iPhones in tinfoil?

Is something similar being used on the iPod Touch? (1)

8127972 (73495) | more than 6 years ago | (#21407329)

After all, they do share the same code base. So it won't shock me if Apple is doing something similar there via the MAC address of the WiFi chipset.

Re:Is something similar being used on the iPod Tou (1)

cadeon (977561) | more than 6 years ago | (#21408085)

This is likely the differentiator between an iPhone and iPod Touch. If there's no IMEI, then it's not an iPhone, and the app doesn't work.

Get your facts straight... (4, Funny)

LWATCDR (28044) | more than 6 years ago | (#21407337)

"As I sit here applying a new layer of Reynolds tin foil to my international hat of conspiracy,"
Reynolds doesn't make tin foil. They make aluminum foil! There is a big difference between Tin and Aluminum!

Re:Get your facts straight... (0, Flamebait)

Anonymous Coward | more than 6 years ago | (#21407543)

Yes. The main difference between them being that "aluminum" is actually "aluminium".

Re:Get your facts straight... (0)

Anonymous Coward | more than 6 years ago | (#21407753)

It is a UK vs. US spelling issue. See wikipedia.

Re:Get your facts straight... (1)

Daimanta (1140543) | more than 6 years ago | (#21408011)

So THAT is why I am dreaming about alien world domination!

Argent's Variant to Hanlon's Razor, and solution (1)

argent (18001) | more than 6 years ago | (#21407385)

This is more likely explained by a variant of Hanlon's Razor, to wit "never attribute to malice what could be explained by laziness".

Since they know there's only one instance of the browser running on the phone, this is an easier way to maintain session information than using cookies. It's cheap, cheesy, and lazy.

On to the solution: it shouldn't be hard to create a Mach/Cocoa overrider (using any of the various tricks to patch running apps, like APE does) to change the IMEI seen by widgets if you really want to hide which phone you are.

Play It Off (1)

pyr3 (678354) | more than 6 years ago | (#21407417)

Apple might be able to 'play off' the fact that they are gathering info on you through the Weather applet (though I find it unacceptable). But the Stocks applet? So now every request for stock information sent to Apple contains identifying information about myself? I

'm sorry but which stocks I own/watch is my own business. Even when the PR machine spins up, "we're not doing anything with the information" is not good enough to me. Maybe that explanation would be good enough if it was just the Weather widget, because that info is somewhat irrelevant, but someone's financial information is different.

Re:Play It Off (1)

dave420 (699308) | more than 6 years ago | (#21407559)

Even if Apple weren't collecting this information, AT&T has access to it. And stock quotes are hardly "financial information" :)

Re:Play It Off (2, Interesting)

pyr3 (678354) | more than 6 years ago | (#21408087)

Ah, but which quotes I'm looking at is another can of worms. It implies that I either own stock in that company, or plan to. I realize that I could just be watching the stock "for fun," but aggregating this type of information to have the "big picture" is the problem.

Localized services (1)

Fzz (153115) | more than 6 years ago | (#21407423)

Sure the conspiracy theorists will have a field day, but there is a basic conflict between providing localized services and privacy of location. I don't know what Apple really use this information for, but I'm sure that (like just about everyone else) Apple would like to provide locally-relevant information to you as you travel. Weather is an obvious one - the nicest simplest to use UI would obviously want to be able to tell you what the weather will be tomorrow wherever you happen to be today.

Of course the phone company already knows where you are, and can provide this sort of service, but then you have to use the phone company's UI. Apple can provide you with a nice elegant unified user interface, and that's what most users want.

Now, once they've got this information, they can misuse it for all sorts of purposes. It needs consumer pressure (or in Europe, there's data protection legislation) to keep such companies honest. But expecting them not to need to have this information is rather strange - they do have a need if they want to present the best localized UI possible.

And no, I don't have an iPhone. I do have a Blackberry, and I know Research in Motion know where I am all the time, because most of my traffic traverses one of their proxies. Most other smart phones do something similar. Apple really doesn't seem half as bad in comparison.

Re:Localized services (1)

betterunixthanunix (980855) | more than 6 years ago | (#21407943)

This is not really a question of what Apple does with the information, Apple is not out to harm its customers. It is more a question of what someone who is out to get you might be able to do with that sort of data. The FBI has been known to send agents to meetings of anti-war groups, who attempt to get group members to talk about actively fighting to government (e.g., with explosives); information about how members of such a group are using their cell phone could aide the FBI in this sort of activity. If you think that a company would put up a fight against a government request for such information...well, just a few days ago, Slashdot ran a story about Hushmail turning over decrypted copies of member email to the US government.

OK, that is a bit tin-foil-ey. Less conspiracy theory oriented is the possibility of a person with a vendetta, who might be able to use that information to hunt you down. It isn't as contrived as you might think; there have been cases of people being actively stalked by ex-lovers or angry neighbors, and even of people being signed up for thousands of things they don't want by a person who is out to get them. Imagine what a stalker could do with information about what locality you are in, or what stocks you are tracking?

There are plenty of legitimate reasons to be worried about this form of tracking. Privacy is more than a right, privacy is a freedom. Once we lose privacy, we start to lose our freedoms -- the freedom to protest the government, the freedom to speak our minds, the freedom to love who we chose, etc. It is unfortunate that the next generation has no respect for privacy, and no understanding of its importance; the "I have nothing to hide" attitude is like a mantra. When told that by using GPG for email and OTR with Pidgin for their IMs they can keep their conversations private, they just shrug, because the effort of configuring a plugin that protects their privacy is too much effort for something that is not important enough. If the government mandated that RSA private keys must be surrendered to the Police upon request, they wouldn't even blink an eye, not for lack of understanding, but for simple apathy about who reads their email or IMs. A lot has been written about this new phenomenon, and the best summary I've seen is this: The next generation expects someone to be watching them at all times.

the wrong way (1)

BBird (664014) | more than 6 years ago | (#21407487)

they are definetly going the wrong way here
(as they did so many times), and will pay
a dear price.

Tracking? (4, Informative)

nickovs (115935) | more than 6 years ago | (#21407515)

There's a substantial difference between receiving information and tracking people. Do the land-line phone companies "track" the calls you make? Sure, they use it to send you a bill, but most people don't seem to think it's a privacy violation. The author does not, as he claims, have "proof" that Apple track iPhone users, simply that they have the wherewithal to collate information about the services used by people if they could be bothered.

The IMEI number is there to facilitate identifying mobile devices to the Public Land Mobile Network (PLMN) for the purpose of charging for services. Your IMEI goes out every time you connect to the EDGE network or any GPRS service anywhere in the world, and is (and always has been) logged by the phone company, irrespective of what brand of phone you have. It's always been possible for the phone company, or anyone with the right data sharing relationship with the phone company (e.g. Apple), or the police with a court order, or the CIA/FBI/KBG/MI6, to link this to the IP address assigned to the mobile device, and from there to server logs. People who worry about this shouldn't just be wearing tin-foil hats, they should be putting tin foil around their phones too.

Re:Tracking? (5, Informative)

kybred (795293) | more than 6 years ago | (#21407949)

The IMEI number is there to facilitate identifying mobile devices to the Public Land Mobile Network (PLMN) for the purpose of charging for services.

No, that would be the IMSI [wikipedia.org] . The IMEI [wikipedia.org] just identifies what equipment you are using.

I want rid of Stocks and YouTube! (1)

PhillC (84728) | more than 6 years ago | (#21407581)

I just wrote some first impressions [slashdot.org] regarding my new iPhone. The inability to remove both the YouTube and Stocks icons is my biggest annoyance so far. Now I have even more reason to be rid of Stocks! Guess I'm going to have to void my warranty after all....

simple solution (4, Funny)

eck011219 (851729) | more than 6 years ago | (#21407583)

Just use your phone in a Faraday cage, and they can't track you at all.

Just change it... (4, Interesting)

javab0y (708376) | more than 6 years ago | (#21407693)

The Apple IMEI is TEA encrytped according to the phone's hardware ID and NOR ID. Both of these numbers can be found with a few tools found at iphone-elite.org. The IMEI lives at 0xA003FAB00 address. All you need to do is write out your seczone (0xA003FA000), TEA encrypt a nice Motorola RAZR IMEI number at offset 0xB00, and write it back to your NOR...and voila...your iPhone now looks like a Motorola RAZR.

Re:Just change it... (4, Informative)

dave420 (699308) | more than 6 years ago | (#21407913)

... and go to jail! It's illegal to change your IMEI in the UK, fyi, so this isn't the best advice for anyone in the UK.

Re:Just change it... (2, Interesting)

kybred (795293) | more than 6 years ago | (#21408001)

All you need to do is write out your seczone (0xA003FA000), TEA encrypt a nice Motorola RAZR IMEI number at offset 0xB00, and write it back to your NOR...and voila...your iPhone now looks like a Motorola RAZR.

Would you try that and let us know if your visual voicemail and widgets still work? Thanks!

(That seems like a really bad idea. Maybe substitute a fake iPhone IMEI, but not a RAZR one).

Re:Just change it... (2, Informative)

javab0y (708376) | more than 6 years ago | (#21408193)

Yep...they work peachy. The service is off your SIM, not the IMEI. As for illegality...yep...I live in the USA...so no laws preventing it here. Yes...those who do this should probably examine their own countries' laws.

do you think just maybe it's not all bad news (2, Interesting)

Locutus (9039) | more than 6 years ago | (#21407811)

Maybe they just mesh the IMEI number with location data provided by the GPS and/or AT&T to give you weather information based on where you are located at the time. Ever seen the ad where Google is used to find local eating joints? Don't know about you but I did not see any kind of location information getting entered and so some kind of location info is getting used.

And you know that every ISP keeps records on what phones ping what cell towers and your ISP( AT&T ) already is known to have been very willing to hand out cell records.

So get a pre-paid phone at Walmart if you want to limit your track-ability. After all, getting a "smart" phone from Apple with all the locked down and tied to Apple features isn't a clue that they just might track things? I hope you don't touch anything running Microsoft code.

LoB

Re:do you think just maybe it's not all bad news (1)

JasterBobaMereel (1102861) | more than 6 years ago | (#21408127)

Yes this is the kind of thing that is done all the time, this is why I get adverts targeted at me for where my ISP is (I am over 100 miles from the registered address of my ISP)

Your mobiles position is tracked all the time, it would not work if it wasn't! A surprising large number of people already have or can get access to this information already and if used properly can be used to track you (or at least your mobile) very closely (by triangulation).

But note this only tracks your mobile, not you... If your car is stolen, with your mobile, and credit cards in it, then I'd be surprised if the Police tried to prove you were speeding, buying goods, and using premium rate lines, all hundreds of miles apart all at the same time...

If you don't want to be tracked don't own a mobile .... (or turn it off)

just great....not! (1)

PhiberOptix (182584) | more than 6 years ago | (#21407933)

the iphone *needs* to access the site http://iphone-wu.apple.com/ [apple.com] with your imei in order to update the weather.app. After i blocked the url in my proxy server, the weather app would no longer update.
What is weird is that it either is sending a wrong imei number, or it is a hashed value...

Reynolds? (1, Funny)

Anonymous Coward | more than 6 years ago | (#21407983)

I'm sorry, but Reynolds tin foil isn't really an option anymore, because they use aluminum alloy [alcoa.com] (look at the bottom of the FAQ). It isn't even pure aluminum anymore! It's getting harder and harder to find a genuine tin foil manufacturer. It's a conspiracy, I tell you!

Instead of over reacting.... (1)

Enzo1977 (112600) | more than 6 years ago | (#21408365)

Has anyone thought that maybe the applications like weather and stocks are transmitting the IMEI number to Apple so that they are only providing service for their widgets on their own product?

What if I took a Nokia Symbian phone and hacked together a widget that queried Apple for an update on stocks and weather? I would think Apple would be mildly upset that I were exploiting their service. The sensible action would be to have the server query the IMEI number and verify it is transmitting data to a allowed recipient.

But that's just me using common sense and my extreemly rudimentary knowledge of technology. Sorry I forgot this is SlashDot. I now patiently await the attacks on my grammar, spelling, poor knowledge of mobile phone platforms and even worse knowledge of how the internets works. Because it's really just all a series of tubes. Wireless tubes without locks or valves.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?