Updated Statement from BlueToad Inc. – clarifying media reports

Posted on September 11, 2012 by

written by Paul DeHart, CEO and President

During the last 24 hours, the cyber attack of our system has garnered significant media coverage.

Many of our publishers have reached out to us for clarification, so we wanted to take a moment to clear up any misconceptions that may have arisen from the media coverage.

  • The use of UDIDs was a reasonable industry practice and Apple itself has stated that they are still allowing UDIDs to be used in code bases.
  • We do not handle credit card information, social security numbers, medical information or other highly sensitive information.
  • We believe we have followed reasonable practices in how we have handled our collection of UDIDs, names, emails and similar information. Contrary to some of the information that has been reported, BlueToad believes that you will not be harmed as a result of the UDID information posted on the Internet.  We do not suggest that you remove apps from your device or that you purchase a new device as a result of this incident.
  • We have updated our code base in March to no longer use UDID information.  We are in the process of upgrading all of our apps to this new code set. In addition, we have discontinued storing any UDID information sent to our servers by apps that have not been upgraded.
  • We have never used UDID information in an improper or ill-advised manner.  We did not store UDID information along with any other personally identifiable information – like names, emails, passwords, addresses, etc…
  • We have never used UDIDs as an authentication token or password, to track user location or to tie a user’s device ID to other information.
  •  We are unaware of any Apple policies requiring UDID information to be encrypted.  In fact, research has shown that many developers send UDID information without encryption protection.  We believe we were operating within reasonable industry standards in transmitting this information, particularly given our limited use of the information.
  • Some media reports incorrectly suggest that the token associated with the device allows the app to send push notifications to a user’s device.  There are certificates that are required prior to sending the notification. As a security measure, we promptly expired all push certificates on our apps to ensure that notifications could not be sent.
  • While there has been a recent movement toward characterizing UDIDs as sensitive information, it is simply a result of how this information has been used by other app developers (primarily as a form of authentication and in connection with much more valuable information), which BlueToad does not do and has never done.

At BlueToad, we have always made information security and consumer privacy a top priority.  Given this incident, we are taking even greater steps to evaluate our current security measures and will continue to make changes where needed or appropriate.

Thank you for your understanding.

Paul

About BlueToad Inc.

BlueToad, Inc. is a software company providing digital content solutions and apps to publishers and content creators worldwide. BlueToad supports thousands of titles and hundreds of apps and is easily one of the largest digital software providers in the world.
This entry was posted in Apps, BlueToad Updates, iOS, iPad, iPhone. Bookmark the permalink.

7 Responses to Updated Statement from BlueToad Inc. – clarifying media reports

  1. easy video suite says:
    January 19, 2013 at 12:16 PM

    Hi to every one, the contents present at this web page are really remarkable for people
    knowledge, well, keep up the good work fellows.

    Reply
  2. janineharrisonphotography.wordpress.com says:
    February 20, 2013 at 4:56 AM

    Link exchange is nothing else but it is only placing the other person’s web site link on your page at appropriate place and other person will also do same for you.

    Reply
  3. hcg diet for weight loss says:
    February 22, 2013 at 7:17 AM

    It’s actually very complex in this busy life to listen news on TV, therefore I simply use internet for that reason, and obtain the most recent information.

    Reply
  4. http://mistyching.newsvine.com says:
    March 22, 2013 at 4:25 AM

    If some one desires to be updated with latest technologies
    afterward he must be visit this web site and be up to date
    all the time.

    Reply
  5. hcg diet shots says:
    May 30, 2013 at 5:02 AM

    Does your site have a contact page? I’m having trouble locating it but, I’d like to send you an e-mail.
    I’ve got some suggestions for your blog you might be interested in hearing. Either way, great site and I look forward to seeing it develop over time.

    Reply
  6. weight loss says:
    June 6, 2013 at 5:06 PM

    Hey there! I understand this is kind of off-topic
    however I needed to ask. Does operating a well-established blog such
    as yours require a large amount of work? I am brand new to operating
    a blog however I do write in my diary on a daily basis. I’d like to start a blog so I can easily share my own experience and views online. Please let me know if you have any kind of ideas or tips for brand new aspiring blog owners. Thankyou!

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s