AAPL Stock: 118.03 ( -0.85 )

Printed from

Apple secretly tracking iPhone IMEI numbers? [U]

updated 09:35 am EST, Mon November 19, 2007

Apple tracking iPhones?

(Updated with link to debunking claims)

Apple is keeping abnormal watch on the identity of iPhones making use of online services, some hackers suggest. Buried within the binaries for the Stocks and Weather widgets is code that hands over a user's IMEI number -- the unique identifier for each phone. While IMEI numbers are common to all GSM cellphones, and are regularly used to authorize presence on a network, they are normally unneeded for accessing individual web services. Furthermore, it is impossible to modify the binaries' URLs to omit IMEI data and still retrieve any data from the widgets.

Why the information would be needed is unknown, but proposed reasons include the likes of targeted advertising, consumer research, or guarding against unauthorized devices. It is reportedly very easy to spoof an IMEI number however, by using a hex editor to replace the variables in the URLs with any two-digit number, such as 00.

Unusually, a similar URL appears in code for iPod touch applications, and even the Mac OS X Leopard version of Calculator. Neither platform has an IMEI number to transmit, which suggests that Apple is sharing the same general code base between all recent versions of Mac OS. Those concerned about tracking desktop OS connections can reportedly keep watch with programs such as Little Snitch.

Update: A German publication now says that privacy concerns are unfounded.

by MacNN Staff




  1. Kenneth

    Joined: Dec 1969



    Well, I don't have a problem with that. Just because 'hackers' are more interested on the iPhone than other phones, they try hard to dig deeper into the iPhone software.

    I'm sure other phones and/or providers are doing the same thing.

  1. tomodachi

    Joined: Dec 1969




    But you wouldn't be saying that about Microsoft phoning home innocuous data with Windows, would you?

    If the iPhone is really phoning home (hardy har), then Apple should make it clear and/or allow the user to turn it off.

    What kind of info they'd be getting from the weather widget is just beyond me, though.

  1. glowingcactus

    Joined: Dec 1969


    I would guess false alarm

    You can find this exact same string in the Calculator on my Tiger OS on my PowerBook G4. I think the "imei" is just an unfortunate coincidence.

    Use a hex editor to search for text string http in Applications/Calculator/Contents/MacOS/Calculator

  1. copland98

    Joined: Dec 1969


    False alarm

    IMEI is used by many application from every handset manufacture. Its used primary as authentication (identification) to a website, you one don't have to sign in. IMSI is a subscriber ID on the handset, and THIS should be never sent, but IMEI..can be, as it is a variable used to enhance the customer experience when presenting data. ( other option is you can sign into yahoo and get your data). I would rather have one click access.

  1. Feathers

    Joined: Dec 1969


    phoning home...

    all phones that are turned on and connected to a network are broadcasting their IMEI on a regular basis, otherwise you wouldn't stay connected to a specific carrier. In Apple's case the info provided by the finance widget is funded somehow, and I'm guessing that whatever deal exists between Apple and this provider is intended to be exclusive to Apple product users and not every tom, d*** and harry. Would you prefer to have to pay a subscription for the widget data?

  1. das

    Joined: Dec 1969


    Wrong, wrong, wrong

    This sums it up quite nicely:

    "There's a substantial difference between receiving information and tracking people. Do the land-line phone companies "track" the calls you make? Sure, they use it to send you a bill, but most people don't seem to think it's a privacy violation. The author does not, as he claims, have "proof" that Apple track iPhone users, simply that they have the wherewithal to collate information about the services used by people if they could be bothered.

    The IMEI number is there to facilitate identifying mobile devices to the Public Land Mobile Network (PLMN) for the purpose of charging for services. Your IMEI goes out every time you connect to the EDGE network or any GPRS service anywhere in the world, and is (and always has been) logged by the phone company, irrespective of what brand of phone you have. It's always been possible for the phone company, or anyone with the right data sharing relationship with the phone company (e.g. Apple), or the police with a court order, or the CIA/FBI/KBG/MI6, to link this to the IP address assigned to the mobile device, and from there to server logs. People who worry about this shouldn't just be wearing tin-foil hats, they should be putting tin foil around their phones too."

    In short, this is a hardware device serial number, nothing more. What a stupid story. I'm sure it will cause a lot of outcry, though.

  1. Roehlstation

    Joined: Dec 1969




  1. ViktorCode

    Joined: Dec 1969



    Hackers have to earn their bread. If there's no threat, there will be suspicious activity. Of course, hacker could dig deeper and uncover what glowingcactus here uncovered, but then he wouldn't have a chance to grab headlines with his nonsense, right?

  1. MacOS

    Joined: Dec 1969


    Thank you das!

    I like to add that in today’s society its nearly impossible not to leave a digital fingerprint. Remember the parents in Florida who had their kid implanted with a chip? The time is here and they will sell you on the idea and you’ll wonder how lived without it. :) Sound familiar?

    I can see the keynote now. “Super Implant Ti Pro, the only implant that acts like a credit card, cash, pay tolls, boarding pass, house key, car key, work id, web and email password, computer login, birth control and cell phone.” h*** I want one.

    Uh Oh, time for my meds. c***, where did I put that foil? . . .

  1. OtisWild

    Joined: Dec 1969


    IMEI spoofin?

    So could roaming on an unencrypted wifi network mean that finding IMEI numbers to spoof is as easy as running Ethereal on a wifi laptop?

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented