Leaked documents from the U.S.-based National Security Agency (NSA) published in a German weekly have shown that data from the famously malware-resistant iPhone can be accessed even when the device itself has not been compromised.
The documents detailing ways employed by the British GCHQ to track targets through their phones revealed that when an iPhone syncs with a compromised computer, any data on the phone can be pulled out, reported The Verge.
Other techniques used by GCHQ researchers to surveil targets included, following a device's UDID across different services.
By watching for the target's UDID number, the GCHQ could follow the device as it synced with a compromised machine, browsed the web (exposing it to the agency's Safari exploit), or sent data to a broader tracking system like AdMob.
In each case, the device's UDID would be revealed to the researchers, allowing them to identify the person using it.
Apple has already recognized the potential dangers of UDID and has made the shift to more privacy-friendly methods.
