Yes, sorry - I'm on the road at the moment, and wrote that in a rush. Part of the problem is that there's not much users can do at this stage. The ecosystem of companies that use and abuse UDIDs is fragmented, and each service that relies on UDIDs for identification or authentication can have its own unique problems. I guess it would be possible to start aggressively releasing a list of services that users should close their accounts on, but that would also be a shopping list for bad guys out to take advantage of this situation.