Smith wrote that "Most application vendors are collecting and remotely storing UDID data, and some of these vendors also have the ability to correlate UDID to a real-world identity." Some applications which transmit this personal data are from Amazon, Chase Bank, Target, and Sam's Club. The CBS News app goes even further, sending the user's device name, which further enables hackers to deduce your identity.
Smith likened the situation to the Processor Serial Number on the Pentium 3 chip, which sparked privacy concerns over similar user identification. Perhaps we are now more complacent about our e-security, or perhaps we trust companies like Apple to handle the situation.
Apple has attempted to safeguard privacy by requiring user approval to operate GPS or access the users' contacts. What is truly concerning is what less regulated apps are doing with our private information. If an app market like Apple's is so pervasively 'compromised', then what of other less stringent markets?
source: Engadget via AppleInsider