If you've been exposed take some time to help us identify who gave this UDID's to the FBI. (Already working with 3 exposed device owners)
http://news.ycombinator.com/item?id=4473833
Sorry, I don't think this strategy is workable. Consider - 74% of apps I tested sent the UDID to one or more upstream servers. Furthermore, Flurry alone received UDIDs from 15% of apps I tested. That's just one aggregator, and they surely have nearly 100% of UDIDs on file. The APNS tokens narrow it down somewhat, but not too much. It's also not at at all clear that there is a single source involved - this could be an amalgamation of a number of sources.
