What are the differences between Apple's advertisingIdentifier and the mac address? Can it replace the mac address? Can Routers read it? e.g. advertisingIdentifier is in the application layer of the stack.
From the Apple documentation on this topic:
Unlike the identifierForVendor property of the UIDevice, the same value is returned to all vendors. This identifier may change—for example, if the user erases the device—so you should not cache it.
If the identifier can change, then there are little chances to be equivalent of the mac address of your device.
If the value is nil, wait and get the value again later. This happens, for example, after the device has been restarted but before the user has unlocked the device.
So Apple computes this value when iOS starts, it might use the mac address when computing the identifier (among other info), however this doesn't guarantee the two are the same.
Routers might see it as part of the network traffic (if you're not using SSL) but they can't know that thats an advertisingIdentifier.
Related
I've searched everywhere for the answer to this and have yet to find a definitive answer... Please help...
I have created an app that connects and bonds to a BLE device which requires a pin. The pin is pragmatically created and displayed to the user before the iOS bluetooth bonding dialog is triggered. So far, so good. If the user correctly enters the pin into the bonding dialog the phone and the BLE device are now bonded and everyone is happy.
Now the user closes the app and terminates the bluetooth connection.
When the app starts up again and the BLE device is discovered, is there any way to know that the bonding has already taken place? Basically, I don't want to re-display a pin to the user if the device has already bonded.
I'm currently saving the identifier of the BLE device and calling RetrievePeripheralsWithIdentifiers to see if the device has been connected before. This works but if the user goes to the bluetooth listing and selects "Forget this device", RetrievePeripheralsWithIdentifiers still returns ther peripheral. I've tried restarting the phone, uninstalling and reinstalling the app. Nothing seems to make iOS forget that at some point in the past, that identifier was connected...
Help!
iOS has no API whatsoever for pairing or bonding. iOS will only prompt a pairing dialog upon request from the other device or when it reads a characteristic that requires security. Your app won't even know that the pairing dialog is being shown, when pairing is complete, or when/if the current link is encrypted.
If the device is already bonded and the LTK that iOS has stored during a previous pairing process can be used (the slave also has it), then the link will automatically be encrypted and therefore no new pairing dialog will be shown.
The list about previously connected devices has nothing to do with bonded devices. It's just a list of previously known devices.
I think you are mixing up concepts a bit. Bonding essentially means "having the same Long Term Key".
So if you have two devices, and you want them to open up an encrypted connection, both devices simply check if they have a key associated with the corresponding device, and try to use this key to encrypt the messages.
This is why a device can't really check if the bond still exists. Each device can check if its own key still exists, but how would it know if the other device still has the key? As soon as one side has forgotten the key, the bond is lost.
I don't have much experience with iOS, but I assume their should be a function to get the stored Long Term Keys to check if there is an LTK associated with a Bluetooth address. Alternatively, it should be possible to
use external storage so that instead of the stack doing it for you, you can define a file where all keys are stored, and provide the stack with the key when needed. (At least, this works with other implementations.) In this case, you could directly look in the file to check if the devices have been bonded.
Note that entering the pin corresponds to the process of "pairing". The successful conduction of this procedure and the subsequent encryption of the connection does not prove that the devices are bonded. After disconnection, the pairing information is lost and the devices need to pair again - except if you have stored the key, which makes the pair a bond.
I faced a similar problem in my app, where if the user selected "Forget this device" from the settings then my app wouldn't know.
You can use retrieveConnectedPeripherals(withServices: [CBUUID]) to check if your device is connected to the OS. If yes then proceed with your other functions, else show PIN again(or whatever you want).
retrievePeripherals(withIdentifiers:) will return the device if it was connected to your OS previously.
I am doing this in my app. Hope this helps.
I wrote a program which checks for updates on my server, but I want every request to be logged on the server.
Therefore I want to see which request belongs to which computer, I want to use the MAC address for this task.
Now my question, if my program sends its MAC address to the server and it's logged there, would this be a violation of privacy? I mean is it allowed that my application reads out the MAC address (from an external computer which is not mine) and sends it to my server?
With a MAC address you can uniquely identify a device as, from factory, every network interface has a unique MAC address. Of course, there are especial cases where you can modify the MAC address in a device but this is not for the normal user.
Said this, it is your call if you want to send and keep this data or not. I'd recommend not doing it unless you have explicit opt-in from the user.
I read a few threads and it seems like the UDID is deprecated. I also checked out CFUUIDCreate() but that's not really what I'm looking for.
I'm planning to do give aways in my app, so the only information I need from the user is the email address and a unique identifier of the device. I don't want the user to be able to simply reinstall the app and re-register for the give away. The easiest way would be to send some kind of device identifier together with the email address.
Any suggestions?
EDIT: Can I use the MAC address for this purpose? Any other ideas?
EDIT2: Nevermind, that's deprecated aswell...
EDIT3: I think I found something: How to generate unique identifier which should work in all iOS versions?
EDIT4: I'm using the solution in the link above, it works great!
Apple no longer allowes access to UDID from public APIs.
Perhaps you can use a web service to tell the device by it's IP, etc. Although there may be a way to mislead it, it will be better than using nothing.
Another solution would be using iCloud, only a few users would actually make the effort to make a new account.
Whatever you do, remember to make sure you don't break Apple's AppStore guidelines:
https://developer.apple.com/appstore/resources/approval/guidelines.html
(see "20. Contests, sweepstakes, lotteries, raffles, and gambling")
See a list of possible identifications below. Only the CFUUID provides you an unique identifier, but when you reinstall the app the ID is regenerated.
You may save the mail address of the user who received a giveaway in a separate online db.
UDID
unique and permanent device identification
(deprecated)
CFUUID / NSUUID
Random-ID, which is not bound to the device
is for each installed app different
only persistent till you delete the app
Advertising Identifier
for all apps identically
can be changed by the user
can be globally turned off
Identifier for Vendor (IDFV)
identically for all apps of one developer
MAC adress
cannot be used
no identification of a device, because the API returns the same MAC address for all devices
It's not a duplicate of any questions.
I'm creating an app which uses bluetooth to find other users using my app who are near you.
With android it's all right. But if I use iOS, is not possible, because as I've read here in stackoverflow, it's not possible to identify a device via bluetooth scan with something which shall be unique, (and if it exists please let me know!!!!) but let me give you an example of what i'm searching:
If two different people are registered in my app (respectively Robin1 and Robin2) and they have the same name in their bluetooth (for example "Robin's iphone"), there is a way to let me know in my app that the first "Robin's iphone" is "Robin1" (his nickname in my app) and the second "Robin's iphone" is "Robin2"?
The only thing I need is the bluetooth scanning 'cause my app is based of users really near you and GPS is not precise... not yet.
I hope this example is written good :/
Thank you
Strategies for identifying devices have been widely discussed on the bluetooth-dev mailing list and in many Stack Overflow questions as well. For example, check out this discussion: http://lists.apple.com/archives/bluetooth-dev/2013/Nov/msg00071.html
For simplicity here are two options:
Set the user name to be advertised by the CBAdvertisementDataLocalNameKey in the startAdvertising: call. Though, this is a very brittle solution.
More robust is to connect to the discovered peripheral and read a characteristic that your application includes to expose the user identifier.
Note that you cannot rely on using the CBPeripheral.identifier for identification as it is going to be a different random value on every device that discovers the peripheral. Also note that if you plan on using backgrounded operation, then that will require special care as many restrictions kick in when the app goes to background.
Hi I would like to generate an unique id for an iOS device using any of the device hardware parameters. I do not want to use the MAC address because there is a chance that the MAC address can also be changed. So can you please let me know if there is any other unique hardware parameter with which I can generate an unique ID.
I believe something along the lines of this is the generally accepted replacement for UUID.
In short, you need to create a CFUUID, and then store it in the Keychain on the iOS device, which persists even if you uninstall the app. Having written my own implementation along those lines (not the one I've linked to, obviously), I've yet to come across any real problems with this. It can even be accessed in your other apps that you make, so long as you access it with the same security parameters in aloof your apps.