Here’s an interesting tidbit for you: whenever an iOS device connects to a Wi-Fi network, it automatically makes a connection back to the mothership. While the URL looks harmless, the potential for abuse is staggering. Of course, is anyone really surprised that Apple wants to check up on you whenever you use one of their devices?
Now to be completely fair, the security expert that found this little nugget has dismissed it as not really being a privacy issue. I question this since I have fundamental issues whenever someone causes something I’ve purchased to contact them without my permission. The potential for attack is definitely there – what if a malcontent manages to hijack that URL, and put a iOS specific virus out into the wild.
So while no personally identifiable information is sent, there’s really no privacy leak here. The problem is that it’s a simple HTTP request, so it really wouldn’t be that hard to redirect it to somewhere less wholesome, and potentially damaging.