The answer to this question is complicated. Way back in Lion, Apple began to offer optional API's to software developers that would make it easier for applications to manipulate different versions of saved documents. The most noticable repurcussion of these updated APIs was the replacement of the Save As..
menu item by Duplicate
and Rename...
menu items. For those interested in the details, the best guide is the relevant section of John Siracusa's masterful Lion review. However, use of these new APIs was optional, and the old functionality is still supported in Lion, Mountain Lion, and Mavericks.
Most non-Apple software still uses the old Save As
menu for now, but in Mavericks some of the Apple applications have migrated to the new Duplicate
menu. As far as I know, Apple has not announced any plans to make the Duplicate
model mandatory in the future, so this inconsistency is likely to stick around for a while.
Bottom line: In Mavericks, most applications still have the Save As...
menu item.
Photoshop in Mavericks, using the familiar Save As...
menu item:
Textedit in Mavericks, using the new Duplicate
menu item:
Can they, yes.
Do they any/every time you sign in to the App Store, I think not.
Apple would probably be able to collate your device's anonymous and unique ID with your Apple ID if you opt in or agree explicitly to a question that informs you that the serial number will be checked to verify eligibility for a specific product.
You might capture the serial number to iCloud if you are opting into trusted devices, two-factor authentication or find my iPhone / find my Mac. It's debatable whether Apple actually links that serial number to your account though, since they could stored in the way that let's you retrieve your serial number from all the possible ones as opposed to just storing it directly in the database.
Also, your question is extremely broad due to the fact that Apple ID can be used windows, on web browser sessions, on iOS devices, Mac devices, on airport devices, and on AppleTV space (currently). Furthermore, AppleID can be used with far more services than just the App Store so as you see with iCloud, it can get more complicated than yes/no.
On operating systems, Apple provides a security and privacy preference that allows you to opt in to sharing diagnostic information which could under some circumstances include serial number. More recent OS include a randomly generated GUID to help anonymize reports. You also can regenerate that ID on-demand on IOS to further enhance your privacy.
Apple has clearly stated many times on the record that they wish to collect as little customer data as possible, and retain that data for short periods only. Apple appears to minimize even further personally identifying information and that the consumer should clearly opt into these collections.
From where I sit, Apple has delivered on those promises in the software they design and ship. I also think your question is an extremely valid one, we all should be thinking so clearly as you are about the information we routinely provide to large corporations and how it either allows them or prevents them from invading our privacy and selling us out to the highest bidder.
Best Answer
I don't think we need a deep dive into the privacy concers of what
trustd
does and how it does it. If we just look at four points in Jeffery Paul's blog (referenced in the first link - Jacopo Jannone - supplied by bmike's answer) we can see where the privacy issues stem from:What does this tell us?
There is a log of what application you used, when you used it and where hosted by a company that has their own privacy policy and procedures.
This information can be be easily obtained through a simple man-in-the-middle attack, or by the ISP (of the coffee shop you're hanging out in) simply sniffing the traffic as it passes through their network. Even the coffee shop itself could potentially sniff this traffic!
PRISM access is essentially based on the "honor system" that the government "cannot" access info on Americans without first obtaining a warrant. However, recent history tells us otherwise.
A knee-jerk reaction to these points would point you down a path leading to "conspiracy theory." It's not that. It's that this information paints a picture of you and your activities and this information is not protected nor is it held on Apple's own servers - a company that loves to promote their stance on "privacy."
Using
trustd
to validate certificates of apps is one thing, but the fact that a log is created and maintained of not only a users activity on their computer they supposedly own, using software they supposedly and allegedly have full rights to use but also where and when they use it is concerning. IMO, this information shouldn't even exist in the first place. The fact that it exists on the servers of a company users didn't directly and explicitly contract with to share this data with is beyond troubling.To whom does this computer belong to anyway? Apple, or the user?