Uber broke Apple’s iOS privacy rules and Tim Cook wasn’t happy about it

Uber broke Apple’s privacy rules in its iOS app in an effort to catch Chinese fraudsters, resulting in chief executive Travis Kalanick being hauled in to Cupertino for a personal dressing down from Tim Cook, it has been revealed.

Apple prevents developers from identifying specific iPhones for privacy reasons, arguing that a phone that is completely wiped and resold should have no links to its previous owner; to that end, in 2012, the company stopped allowing apps on its App Store to access information like the “Unique Device Identifier” (UDID) and similar identifying information.

But in an effort to prevent a particular type of fraud in China, where scammers load up stolen credit cards to make fake rides before wiping the phone and repeating the process, Uber broke Apple’s rules, according to a New York Times profile of Kalanick.

The company even went to the effort of adding code to its app so that any user opening it inside Apple’s Cupertino headquarters wouldn’t see the rule-breaking code.

That didn’t prevent Apple from discovering the subterfuge. In the meeting, Cook reportedly told Kalanick, “I’ve heard you’ve been breaking some of our rules,” and threatened to pull Uber’s app from the App Store if the company didn’t remove the fingerprinting feature.

According to security researcher Will Strafach, who analysed a version of Uber’s app from 2014 in response to the story, the company was using a chunk of code normally exclusive to Apple itself to pull iPhone serial numbers out of the device’s operating system. Those serial numbers remain the same, even if the entire rest of the device is wiped and reinstalled with a new user account. Even if Uber hadn’t been spotted by Apple, the technique no longer works: as of the most recent version of iOS, apps cannot discover the serial number this way.

In a statement, Uber said “this is a typical way to prevent fraudsters from loading Uber onto a stolen phone, putting in a stolen credit card, taking an expensive ride and then wiping the phone – over and over again. Similar techniques are also used for detecting and blocking suspicious logins to protect our users’ accounts. Being able to recognise known bad actors when they try to get back onto our network is an important security measure for both Uber and our users.”

In: theguardian

Dimensions by Carl Sagan

Do you think you live in an organized world?, Chaos is not part of your mind?, Do you think that your existence have a purpose?, Do you believe in parallel universes? Are you a relativist? Let me tell you: Our existence is just a sweet or bitter coincidence in this universe, you are always living in an illusion among constant chaos and Carl Sagan suggests this in this awesome old video. Enjoy it!

Liu Wang: La primera astronauta en la historia china

Liu Wang es una veterana piloto de 34 años con casi 1.700 horas de vuelo. Este sábado partió al espacio a bordo de la nave Shenzhou 9, que estará en órbita más de 10 días a 343 kilómetros sobre la superficie terrestre. Pekín ha lanzado esta nave tripulada para realizar el primer acople manual a un módulo espacial, un nuevo paso en su plan para tener una estación permanente antes de 2020. Recordemos que el término utilizado para este tipo de labor es “Taikonauta”.

 

1 2 3