Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

iOS certificate installed by website allowing linking device UUID to session

I would like to be able to read a device UUID from an iOS device in a webpage. I understand it is not possible using JavaScript for obvious security issues but I use testflight every day and I can see that they do have access to devices uuid.

It looks like they do so by installing a kind of provisioning profile on your iPhone when you register your device.

What kind of certificate/ provisioning profile should I use to do something similar ?

I would then be able to link a device UUID to a webpage session. I understand that this requires acknowledgement from the users which is completely ok for me.. I am not trying to find a way around the fact that we cannot access device uuid from code, I am asking this because I know testflight is doing this

like image 707
rpechayr Avatar asked Mar 10 '12 14:03

rpechayr


1 Answers

Ok! I think I get it now.

You're right, the UDID is, of course, not sent by the browser. I was convinced too it was getted by a security flaw of Safari, or something like that, because testflightapp adds an unique ID similar to UDID, but no.

What they actually do, is generate a new DeviceID (not related with UDID). Then, to register the device, they generate a profile specifically made to this DeviceID, that contains an Enrollment Payload that enrolls the device against an URL that contains this DeviceID generated by testflightapp.

In this enrollment process, the device is asked by the profile, to send the UDID (plus other data). This is the info the profile asks for:

<array>
    <string>UDID</string>
    <string>IMEI</string>
    <string>ICCID</string>
    <string>VERSION</string>
    <string>PRODUCT</string>
    <string>MODEL</string>
    <string>DEVICE_NAME</string>
</array>

So, when the device asks to the testflightapp server to enroll this device, they're able to relate that DeviceID stored in the profile, with the actual UDID of the current device. That's how they show in the browser that the process is completed and keep the UDID.

But, this doesn't complete the answer, because I've don't solved (yet) how they actually relate this web session with the UDID, even when the session deads, and the DeviceID goes orphaned. The answer seems to be (not confirmed, but 99% sure!) that the enrollment process allows to define a WebClip to be inserted in your Springboard menu. This WebClip has in the URL written the UDID of the device, so any time you get into the testflightapp through this WebClip, you're refreshing to the session your UDID number, so doesn't matter if the session dies.

Hope my post helps now! Sorry again for the uncomplete-misinformed previous one.

like image 137
Gonzalo Larralde Avatar answered Oct 20 '22 04:10

Gonzalo Larralde