Snowden documents published today by Der Spiegel give new insight into the British GCHQ's efforts to track targets through their iPhones. Previous leaks have revealed specific NSA exploits used to compromise the famously malware-resistant iPhone software controls, but the new documents show that even when the device itself hasn't been compromised, any data on the phone can be pulled when the phone syncs with a compromised computer. Other techniques allow GCHQ researchers to surveil targets by following a device's UDID across different services.
The report is dated to November of 2010, before Apple began deprecating the UDID system, but the documents show how useful the system was for surveillance while it was still operational. By watching for the target's UDID number, the GCHQ could follow the same device as it synced with a compromised machine, browsed the web (exposing it to the agency's Safari exploit), or sent data to a broader tracking system like AdMob. In each case, the device's UDID would be exposed, allowing researchers to identify the person using it. Previous leaks have shown the NSA using similar tactics, compromising ad cookie networks as a way of tracking users across the web, effectively coopting any user-identification method as a surveillance tool. Luckily for iPhone users, Apple has already recognized the potential dangers of UDID and moved towards more privacy-friendly methods.