John Gruber this morning wrote a of the NY Times piece accusing Uber of some pretty horrid stuff. good analysis Gruber goes onto say that one technique could have been using private API. [UPDATE 2: and found them using private APIs to use IOKit to pull the device serial number from the device registry. There might be more, but this alone is a blatant violation of App Store policy. that the technique Uber was using no longer works in iOS 10.] Will Strafach examined a 2014 build of the Uber iOS app Strafach confirms However, from reading between the lines, I suspect an additional technique uses was probably a fairly common technique used by analytics, ads and most companies out there. shows a how to**,** although I’m unsure if it persisted between factory resets, I’d safely assume so. The trick is to have the device generate a unique ID and save to the iOS keychain. The iOS keychain, until 10.3 , persisted between re-installs. This article I’d even go as far as to say that Uber probably caused this loophole to be prioritized and patched by Apple Engineers. Personally, I’m glad this technique will no longer work, and subsequently will provide iOS users with a bit more privacy. As for Uber… ¯\_(ツ)_/¯ … the market will decide what happens to them. As points out, Apple backed out and didn’t actually make the above change in 10.3. Just great, Apple. Update: Will is how hackers start their afternoons. We’re a part of the family. We are now and happy to opportunities. Hacker Noon @AMI accepting submissions discuss advertising & sponsorship To learn more, , , or simply, read our about page like/message us on Facebook tweet/DM @HackerNoon. If you enjoyed this story, we recommend reading our and . Until next time, don’t take the realities of the world for granted! latest tech stories trending tech stories
