Risk
10/12/2012
09:02 AM
Connect Directly
RSS
E-Mail
50%
50%

iOS6 Ad Tracking: How To Opt Out

By default, iOS 6 tracks iPhone and iPad owners' browsing history to serve advertisements.

Apple One Year After Steve Jobs: Hits And Misses
Apple One Year After Steve Jobs: Hits And Misses
(click image for larger view and for slideshow)
Value your privacy? Listen up. Apple's iOS 6 platform, which ships on the iPhone 5 and can be installed on older iPhones and iPads, is tracking your browsing history. It's doing this to more effectively target you for advertising. This behavior isn't necessarily nefarious, but it might irk some iOS device owners.

Apple no longer allows app developers to use the UDID (unique device identifier) code to track devices and device behaviors. The UDIDs are permanent numbers that can be tied to a specific device and, ultimately, a person. The lack of anonymity in this system forced Apple to look for another way to give advertisers the information they need. Well, it found one.

BusinessInsider spoke to advertising executives in order to understand the inner workings of the new system, and this is what's going on.

iOS 6 now uses something called an IFA--or "identifier for advertisers." The IFA is an anonymous number assigned to devices and users at random. Thankfully, it is temporary and can even be blocked. As iOS device owners use their apps or surf the Web, those apps and Web pages serve ads. In order to do that, the app publisher or website owner scans the IFA and passes it to the ad server, which logs the device's behavior and serves an ad based on what that person is doing with his or her device. Creepy.

Keep in mind, the IFA does not give away your personal identification. It doesn't tie John Q. Public to a specific device and behavior pattern.

[ Consumer privacy: is it a joke? Advertisers' 'Do Not Track' Protests Fail Smell Test. ]

The key part of this system, reports BusinessInsider, is that the IFA can be tracked by the ad company all the way to something called "conversion." This typically means when an iOS users sees an ad, clicks the link for that ad, and downloads an app or other content associated with that ad.

This system is on and active by default. I confirmed this on my own iOS devices. Thankfully, it can be turned off. Here's how.

The ad tracking setting is found by following the Settings -> General -> About -> Advertising path. Under that setting, you'll see something called "Limit Ad Tracking." When you encounter it for the first time, the toggle is in the "off" position. This actually means that ad tracking is turned on. In other words, your behavior is being tracked if the Limit Ad Tracking feature is turned off. If you want to opt out of targeted advertising and stop advertisers from following your online moves, switch "Limit Ad Tracking" to the on position.

As mentioned, this system is anonymous doesn't identify anyone personally. Even so, if you care to opt out, follow the steps above and you can feel slightly better than you're sharing less info about yourself with advertisers.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0761
Published: 2014-08-27
The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows remote attackers to cause a denial of service (infinite loop or process crash) via a crafted TCP packet.

CVE-2014-0762
Published: 2014-08-27
The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows physically proximate attackers to cause a denial of service (infinite loop or process crash) via crafted input over a serial line.

CVE-2014-2380
Published: 2014-08-27
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file.

CVE-2014-2381
Published: 2014-08-27
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file.

CVE-2014-3344
Published: 2014-08-27
Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) 4.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuq31129, CSCuq3...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.