Apple's iOS Devices Call Back To The Mothership
Now to be completely fair, the security expert that found this little nugget has dismissed it as not really being a privacy issue. I question this since I have fundamental issues whenever someone causes something I’ve purchased to contact them without my permission. The potential for attack is definitely there – what if a malcontent manages to hijack that URL, and put a iOS specific virus out into the wild.
So while no personally identifiable information is sent, there’s really no privacy leak here. The problem is that it’s a simple HTTP request, so it really wouldn’t be that hard to redirect it to somewhere less wholesome, and potentially damaging.