I am a software engineer at Google on the Android project and the creator of the Java testing framework TestNG. When I'm not updating this weblog with various software-related posts or speaking at conferences, I am busy snowboarding, playing squash, tennis, golf or volleyball or scuba diving. Cedric is a DZone MVB and is not an employee of DZone and has posted 90 posts at DZone. You can read more from them at their website. View Full User Profile

John Gruber says iOS is an insecure platform

  • submit to reddit

Speaking about Apple’s upcoming deprecation of iOS’ UDID (the mechanism by which applications can identify users devices (I was wrong about that) uniquely), John Gruber has this to say:

My guess: Apple is doing this so they can further promote iOS as a secure and privacy-protecting platform.

Translation: All the versions of iOS released up until today are not secure and don’t protect privacy.

Gruber then can’t help some drive-by bashing:

What are the odds that Google would ever block Android developers from accessing unique device IDs?

100%, since Android has never allowed such unique user identification. Since version 1.0.

Published at DZone with permission of Cedric Beust, author and DZone MVB. (source)

(Note: Opinions expressed in this article and its replies are the opinions of their respective authors and not those of DZone, Inc.)



Sylvain Gamel replied on Thu, 2011/08/25 - 11:00am

Interesting but I consider that accessing MAC address of a device bring the very same issue.

That will be the new way to identify a device, a real usecase anyway. 

UDID is just a facility that was helpfull for some apps such as http://testflightapp.com/

I guess they will have to update and bring a less user-friendly way to provide UDID do developpers that need it to deploy adhoc packaged app.

Those who missused UDID will always get a way to identify devices. Android, iOS or any other.


Craig Doremus replied on Thu, 2011/08/25 - 12:48pm

I am no iOS fan, but nowhere in that post does John Gruber say that iOs is insecure, so the headline is bogus. It should be something like 'Centric infers that John Gruber thinks that iOS is insecure'. I am an Android fan (like Cedric, I assume), but misleading posts like this does nothing to improve Android's image.

Noah White replied on Thu, 2011/08/25 - 3:42pm

Cedric's logic here is flawed. Gruber (Apple fanboy numero uno) says, "further promote iOS as a secure and privacy-protecting platform". 'further' does not imply the previous version was insecure. 'further' implies the new version is more secure then before. Those are two different implications. Lets use this analogy to illustrate: I could add a 4th armed guard to ride in the back of an armored car which normally has 2 up front and one in the back. That would further promote my armored car as a secure method of transporting lots of cash, that would not mean the previous version of the armored car with 2 armed drivers and a 3rd in the back was insecure. TestNG rocks. Stick with that.

Jay Spring replied on Thu, 2011/08/25 - 7:56pm

Lol, so any Android security fixes by Cedric's first order logic imply that the current version of Android is quite insecure. Breaking news! How droll. Is there a reason this made it to the top of the news feed? Encouraging biased logic and misrepresentation of words?

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.