Two digital security researchers have identified a new personal data security flaw at Apple. While the company shows its credentials in the security of its users’ data, researchers have revealed that the company is able to identify each iCloud user through a unique code that is assigned to their account.
“New discovery: Apple’s data statistics contain an identifier called ‘dsId’. We were able to verify that ‘dsId’ stands for ‘Directory Services Identifier’, a unique identifier that authenticates an iCloud account. This means that Apple can personally identify you ,” say the researchers.
live tracking
While it is possible to refrain from storing information in your iCloud account, it is impossible to use an iPhone without signing in at least once, as a security measure. The system highlighted by the researchers seems active at least in iOS 14 (available from iPhone 6S to iPhone 12 Pro Max). The researchers are trying to prove that it also works on the latest version of the iPhone operating system, iOS 16.
In addition to this unique identifier, other information may be transmitted to Apple. Among them, the interactions with the App Store, the Apple application store: the searches carried out, the actions carried out on the keyboard of the smartphone in the App Store, the applications consulted and for how long, and finally the advertisements displayed. A practice similar to those used by Meta or TikTok to track users.
However, there is no indication that Apple actually uses this data, either for statistical or marketing purposes. But the practice has the defect of going against the public discourse of the company. In fact, in April 2021, Apple implemented App Tracking Transparency, a feature that allows you to opt out of being tracked on the iPhone by third-party apps.
This device, which had notably aroused discontent on Facebook, does not seem to apply to the company itself. Contacted by the researchers, Apple did not comment on this issue.
Source: BFM TV
