Open Radar

 
Summary:
--------

Uniquely identifying and re-identifying a device is essential for many apps.

The solution up to iOS 5 - using UDID - is now deprecated for understandable privacy concerns.

The Apple suggested workaround, creating a random GUID and storing it in NSUserDefaults, is seriously flawed, as such an ID does not survive re-installation of an app or fresh setup of an user's device.

My suggestion is that the iOS SDK should provide a AUDID (App specific unique device identifier), consisting of a hash (SHA for example) over the bundle identifier of the app AND the UDID.
This would provide a stable ID for any app/device combination, but without any possibility to track devices outside of that narrow single app context.

To support app groups, a keychain access group specific ID would be a welcome addition to this.

Regression:
-----------

Deprecation of the UDID in iOS 5 with no equally stable alternative is a regression in reliability and data integrity for most apps connected to a internet service. 

Notes:
------

The concept of an app specific device ID was implemented by Microsoft in Windows Mobile 5 SDK in 2005, see http://msdn.microsoft.com/en-us/library/aa908781.aspx. The only difference to my AUDID suggestion is that they allow the developer to provide an arbitrary string of 8 chars length minimally for identifying the app. Enforcing use of the bundle identifier or keychain access group would securely limit the tracking domain to a specific developer.