toggle

AAPL Stock: 530.38 ( 0 )

Apple secretly tracking iPhone IMEI numbers? [U]

updated 09:35 am EST, Mon November 19, 2007

Apple tracking iPhones?


(Updated with link to debunking claims)

Apple is keeping abnormal watch on the identity of iPhones making use of online services, some hackers suggest. Buried within the binaries for the Stocks and Weather widgets is code that hands over a user's IMEI number -- the unique identifier for each phone. While IMEI numbers are common to all GSM cellphones, and are regularly used to authorize presence on a network, they are normally unneeded for accessing individual web services. Furthermore, it is impossible to modify the binaries' URLs to omit IMEI data and still retrieve any data from the widgets.

Why the information would be needed is unknown, but proposed reasons include the likes of targeted advertising, consumer research, or guarding against unauthorized devices. It is reportedly very easy to spoof an IMEI number however, by using a hex editor to replace the variables in the URLs with any two-digit number, such as 00.

Unusually, a similar URL appears in code for iPod touch applications, and even the Mac OS X Leopard version of Calculator. Neither platform has an IMEI number to transmit, which suggests that Apple is sharing the same general code base between all recent versions of Mac OS. Those concerned about tracking desktop OS connections can reportedly keep watch with programs such as Little Snitch.

Update: A German publication now says that privacy concerns are unfounded.



by MacNN Staff

print
email
(14)

TAGS :

 Apple

Related Articles

Recent Articles

toggle

Comments

  1. Kenneth

    Addicted to MacNN

    Joined: Mar 1999

    0
    11/19, 10:03am | report spam | Reply |

    secretly?

    Well, I don't have a problem with that. Just because 'hackers' are more interested on the iPhone than other phones, they try hard to dig deeper into the iPhone software.

    I'm sure other phones and/or providers are doing the same thing.

  1. tomodachi

    Fresh-Faced Recruit

    Joined: Apr 2002

    0
    11/19, 10:34am | report spam | Reply |

    /

    >>kenneth

    But you wouldn't be saying that about Microsoft phoning home innocuous data with Windows, would you?

    If the iPhone is really phoning home (hardy har), then Apple should make it clear and/or allow the user to turn it off.

    What kind of info they'd be getting from the weather widget is just beyond me, though.

  1. glowingcactus

    Fresh-Faced Recruit

    Joined: Nov 2001

    0
    11/19, 10:37am | report spam | Reply |

    I would guess false alarm

    You can find this exact same string in the Calculator on my Tiger OS on my PowerBook G4. I think the "imei" is just an unfortunate coincidence.

    Use a hex editor to search for text string http in Applications/Calculator/Contents/MacOS/Calculator

  1. copland98

    Fresh-Faced Recruit

    Joined: Nov 2007

    0
    11/19, 10:52am | report spam | Reply |

    False alarm

    IMEI is used by many application from every handset manufacture. Its used primary as authentication (identification) to a website, you one don't have to sign in. IMSI is a subscriber ID on the handset, and THIS should be never sent, but IMEI..can be, as it is a variable used to enhance the customer experience when presenting data. ( other option is you can sign into yahoo and get your data). I would rather have one click access.

  1. Feathers

    Grizzled Veteran

    Joined: Oct 1999

    0
    11/19, 11:01am | report spam | Reply |

    phoning home...

    all phones that are turned on and connected to a network are broadcasting their IMEI on a regular basis, otherwise you wouldn't stay connected to a specific carrier. In Apple's case the info provided by the finance widget is funded somehow, and I'm guessing that whatever deal exists between Apple and this provider is intended to be exclusive to Apple product users and not every tom, d*** and harry. Would you prefer to have to pay a subscription for the widget data?

  1. das

    Fresh-Faced Recruit

    Joined: Jan 2001

    0
    11/19, 11:20am | report spam | Reply |

    Wrong, wrong, wrong

    This sums it up quite nicely:

    http://slashdot.org/comments.pl?sid=364825&cid=21407515

    "There's a substantial difference between receiving information and tracking people. Do the land-line phone companies "track" the calls you make? Sure, they use it to send you a bill, but most people don't seem to think it's a privacy violation. The author does not, as he claims, have "proof" that Apple track iPhone users, simply that they have the wherewithal to collate information about the services used by people if they could be bothered.

    The IMEI number is there to facilitate identifying mobile devices to the Public Land Mobile Network (PLMN) for the purpose of charging for services. Your IMEI goes out every time you connect to the EDGE network or any GPRS service anywhere in the world, and is (and always has been) logged by the phone company, irrespective of what brand of phone you have. It's always been possible for the phone company, or anyone with the right data sharing relationship with the phone company (e.g. Apple), or the police with a court order, or the CIA/FBI/KBG/MI6, to link this to the IP address assigned to the mobile device, and from there to server logs. People who worry about this shouldn't just be wearing tin-foil hats, they should be putting tin foil around their phones too."

    In short, this is a hardware device serial number, nothing more. What a stupid story. I'm sure it will cause a lot of outcry, though.

  1. Roehlstation

    Fresh-Faced Recruit

    Joined: Aug 2001

    0
    11/19, 11:33am | report spam | Reply |

    THE SKY IS FALLING

    eeeeek

  1. ViktorCode

    Fresh-Faced Recruit

    Joined: Jan 2006

    0
    11/19, 12:12pm | report spam | Reply |

    hackers

    Hackers have to earn their bread. If there's no threat, there will be suspicious activity. Of course, hacker could dig deeper and uncover what glowingcactus here uncovered, but then he wouldn't have a chance to grab headlines with his nonsense, right?

  1. MacOS

    Junior Member

    Joined: Aug 2002

    0
    11/19, 12:29pm | report spam | Reply |

    Thank you das!

    I like to add that in today’s society its nearly impossible not to leave a digital fingerprint. Remember the parents in Florida who had their kid implanted with a chip? The time is here and they will sell you on the idea and you’ll wonder how lived without it. :) Sound familiar?

    I can see the keynote now. “Super Implant Ti Pro, the only implant that acts like a credit card, cash, pay tolls, boarding pass, house key, car key, work id, web and email password, computer login, birth control and cell phone.” h*** I want one.

    Uh Oh, time for my meds. c***, where did I put that foil? . . .

  1. OtisWild

    Junior Member

    Joined: Feb 2005

    0
    11/19, 12:43pm | report spam | Reply |

    IMEI spoofin?

    So could roaming on an unencrypted wifi network mean that finding IMEI numbers to spoof is as easy as running Ethereal on a wifi laptop?

Show More Comments

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

iHome iW2 AirPlay speaker

iHome generally isn't known as a luxury brand when it comes to audio, but it is prolific -- the company's docks and speakers are every ...

Logitech Ultrathin Keyboard Cover

One of the iPad's main weaknesses has always been productivity. It's not a question of apps; while it has taken a little time for a na ...

Logitech UE Air Speaker

If maybe a little more slowly than Apple would like, AirPlay is becoming a staple of the wireless speaker market for iOS devices. The ...

toggle

Most Commented

 

Popular News