A UDID is the unique device identifier for all Apple products. It’s used to attach a device to a service (e.g. Siri), or more commonly, to an account (e.g. developer account). Now, AntiSec (the anti-security, open-world technology advocates spawned from the hacker community) have leaked 1,000,001 from an FBI laptop.
You can see the AntiSec document on pastebin.
What does this mean?
Well, first off, if you’re on the list you’re most likely American, as this list was gleamed from an FBI file. Second, if you’re on the list & American, there’s no reason to think you were in trouble. More worryingly is that an app was probably logging your UDID and sending it somewhere.
This probably means nothing to the average consumers, but might actually end up being good. If you look at the Siri use-case, Apple block iPhone 4 users from using Siri via UDID. If hackers work around that API call and brute force the API to work with iPhone 4 devices, then there’s a good chance Apple will give in because it’s a fight not worth fighting for.
The real issue is why this data was on an FBI file. Moreover, why was it there in an unencrypted format? If the Irish government can lock down hard drives in a useless department handling only internal data, surely the FBI can figure that out? The result is supposed to be, from AntiSec’s perspective, a rally cry to an open Internet. It’s a noble idea and ideally, a noble cause. Much in the same vein as V for Vendetta (which, I assume, they’re going for). However there’s a chance that this, rather than make things more open and nicer for hackers, make things more closed down and walled-garden-ish.
Average users won’t notice, of course. Most people don’t know what a UDID is, but for some people (devs in particular), more restrictiveness might cause issues in the long run. AntiSec may have shot the dev community in the foot while trying to help everyone reach a common, open goal.