[zmb_]

Not really. The UDID itself is not a "horrible, insecure system", it's just a unique identifier. It's the app developers who came up with the horrible, insecure systems due to how they used the UDID.

The problem is that the developers do not understand how to engineer secure systems. Take away the UDID and their systems will still be broken, just in a different way.

[mistercow]

That said, it does pose an interesting question as to what Apple could have done to prevent this eventuality. One possibility would have been not to expose a global device ID to developers, but instead to generate a per-app (or maybe per-developer-key) ID. That would have made such a leak extremely difficult, and would have isolated the damage to whatever vulnerabilities were present in a single app.

You're right that these developers would have made something broken regardless of whether this problem existed, but Apple should try not to give them enough rope to hang themselves. What's fascinating is that "globally visible unique identifier" turns out to be just enough rope.