New documents related to Edward Snowden that have been published by German newspaper Der Spiegel give an interesting insight into how the British Government’s GCHQ tracked iPhone users. Previous leaks by Snowden has revealed how NSA had special exploits to bypass iPhone security controls but these new documents describe a new method by which even if the iPhone had not been compromised itself, it could be tracked when it tries to sync with a compromised target computer. GCHQ researchers would use the UDID of iPhone for tracking it across different devices.
The report which has been mentioned is from the end of 2010 and that was the time before Apple stopped using UDID system and the document says how useful this UDID system was when it was still in use.
By following the UDID of iPhone, GCHQ will follow the device when it browsed internet and possibly the device was exposed to Safari exploit.
Once the UDID was exposed, it was possible to identify the person who was using that iPhone. Other methods from NSA have also been known for compromising the ad tracking cookies.
However, the iPhone users now are not at the risk because Apple had already deprecated the UDID because of the dangers associated with it.