Apple is now rejecting apps that collect UDID without permission
Apple let it be known back in August of 2011 that they'd be deprecating developer access to UDID ( Universal Device Identifier), they've now taken the next step and begun actively rejecting App Store apps that use it. The fine developers of Tweetbot (opens in new tab) have reported that one of their latest updates was rejected from Apple for collecting UDID information without getting user consent first. What does this mean for apps like Tweetbot?
The UDID is 40 characters that are unique to your iPhone and iPad, used most generally by developers to provision pre-release apps through the App Store. Now developers will need to create their own unique ID within the app and store it in iCloud.
Ultimately, it's good news that Apple is making sure that developers aren't easily getting a hold on potentially sensitive data like UDIDs; iOS users are a little on edge about privacy after that Path incident.
This might also explain the speed with which Apple went from deprecating the UDID collection to outright rejecting apps. Typically something deprecated in one iOS version will be removed in a later version, giving developers time and an expectation for when they need to have an alternative approach in place. This has led some developers, including
Source: Tapbots, Subfurther
Get the best of iMore in your inbox, every day!
Editor-at-very-large at Mobile Nations, gamer, giant.
The proper way to deprecate (or change the usage of) APIs is to indicate they are going to be removed, and then provide a release version and target date where they will be no longer usable. Anything less, and you force developers to guess when it will take effect, and it is very difficult to prioritize your own effort/money in the face of that much uncertainty. I have no doubt Apple is doing this faster than they wanted to after Path and pressure from Congresscritters, but that just makes the problem worse. Now, Apple is forcing developers not only to read Cupertino's mind, but to guess how third parties (governments) are going to react to Cupertino's decisions, and how in turn Apple will react to them. An honest, specific roadmap of the type every platform/library provider has -- even Apple with OSX -- would have solved the problem completely. Something like:
1) August, announce that UDID collection will be deprecated.
2) Either in August, or in the next SDK release, specify it will be removed as of future version X, with a target release date of Y
3) Developers like Path, and like Tweetbot now know exactly when they to have this finished, and they can prioritize it against other features and bugfixes. Developers appreciate this. Developers need this.
4) When Congress comes a-calling, Apple can soberly tell Senators that they understand the importance of privacy, and have already taken proactive steps to address the issue by Y. To Congressional pressure for alacrity, Apple can respond that they are moving as quickly as possible without costing job loss among a portion of the tens of thousands of developers whose livelihood depends on the App Store. Apple looks balanced, and legislators on all sides then have their talking points. Congresscritters appreciate this.
This sort of transparency is a win-win; the only thing it costs Apple is the ability to knee-jerk respond to outside pressure, something which a platform provider should not aspire to have.
Are all apps using cocos2d going to get rejected? I can't believe that is the case.