Unauthorized iOS Apps Leak Private Data Less Than Approved Ones 179
Sparrowvsrevolution writes "In the wake of news that the iPhone app Path uploads users' entire contact lists without permission, Forbes dug up a study from a group of researchers at the University of California at Santa Barbara and the International Security Systems Lab that aimed to analyze how and where iPhone apps transmit users' private data. Not only did the researchers find that one in five of the free apps in Apple's app store upload private data back to the apps' creators that could potentially identify users and allow profiles to be built of their activities; they also discovered that programs in Cydia, the most popular platform for unauthorized apps that run only on 'jailbroken' iPhones, tend to leak private data far less frequently than Apple's approved apps. The researchers ran their analysis on 1,407 free apps (PDF) on the two platforms. Of those tested apps, 21 percent of official App Store apps uploaded the user's Unique Device Identifier, for instance, compared with only four percent of unauthorized apps."
Profit. (Score:5, Insightful)
In other words, applications developed by people interested in profit are more likely to steal your data.
Hopefully this does not come as a shock to most slashdotters.
Getting device identifier != "stealing your data" (Score:5, Insightful)
There are a large number of practical applications for the UDID, ranging from the more user friendly uses such as automatic backup of app-specific data (i.e. game save), to mutually beneficial things like incentivization schemes, to features less popular to the user but necessary to make free content financially viable, i.e. targeted advertising.
Whenever I rail against Apple around here, people always bring up the concept that most people just want their device to be an applicance, and don't want to care about the internals. This comes with said blissful ignorance. But those 20% of apps passing data back home aren't stealing anything -- they're just using another tool to profit in the modern mobile space. More than 99% of that 20% is sending no more than the UDID and data specific to the application itself. Stealing would be to somehow get the user's underlying iTunes account info and buying stuff with it. (though what Path was doing is a bit of a mess, heh...)
Re: (Score:3)
My biggest problem with it is that it isn't generally made clear to the user unless they go looking. It probably say something vague about sending some identifying data back deep in the EULA somewhere but IMHO companies should be much more up-front about what they are doing.
In particular instead of saying apps are "free" they should say "advertising supported" or "user tracking supported". As well as permission information the market/app store should say "tracks your device and app usage".
Re: (Score:2)
In particular instead of saying apps are "free" they should say "advertising supported" or "user tracking supported".
When it comes to mobile apps, I think that if you see the former, you should assume at least one of the latter.
Re: Unique device identifier (Score:2)
How about we rephrase it as "Getting your name"?
Maybe my betters know why it needs to be a Unique Device ID, but the privacy problems are growing because Unique ID Data all link to itself and it's only smoke and mirrors keeping it all from crashing in. Look at the mess the Social Security Number is in. "For your security, let's have the Last 4 of your Social and thanks to Facebook, your Mother's Maiden Name."
So somewhere either now or later, someone will have a database of phone Unique Device ID's to Names.
Re: (Score:3)
Allowing people to build huge databases of devices with unique IDs is not a good idea. This is just CPU ID all over again. It takes control over a user's privacy away from the user.
I'm fine with an API that assigns an app a unique ID on a particular phone, and which gives the user the ability to reset it to a new unique ID at any time, or force it to be a value of their own choosing. Oh, and two apps on the same phone get different IDs, and if you uninstall/reinstall the ID changes again. That makes the
Re: (Score:2)
This is just CPU ID all over again. It takes control over a user's privacy away from the user.
Yes. These are "free" apps. Not News: corporations aren't the only predatory entities out there. There's still individuals mugging and raping people all on their own.
Windows has viruses and trojans, iBaubles do the same thing in different ways 20% of the time. Who knew?!? :-O
Tell your friends: free is not necessarily equal to benign. Even FLOSS advocates learned that a long time ago. You go with your distro's software repository, not just random tarballs you stumble across and hope for the best.
Appare
Re: (Score:3)
You didn't read the PDF of the experiment, did you? In there they explained the risk of the capturing the UDID.
The identifier by itself does not say much. However, most of the companies offering the frameworks are either advertising brokers, or affiliated to them, which then use the captured identifiers to correlate them with additional personally identifying information captured through other applications and services in order to build a profile of the user.
They give as an example AdMob, which is owned b
Re: (Score:2)
Apple wouldn't allow apps which access the UDID onto their store.
Apple has removed UUID from the public API starting in iOS 5. The problem is that Apple has already allowed apps which use UUID into their store.
It's still possible to read the wireless MAC address, so identifying individual iPads and users is still possible.
Re: (Score:3)
Yep, not surprised one bit. This is part of the reason I use FOSS apps wherever possible.
And this is a big part of the motivation to "appify" everything - to break the inherent sandboxing ability of a browser, to get direct access to all your personal data.
Re: (Score:2)
How about Android apps ? (Score:5, Interesting)
Anyone has done any research on Android apps, on the same topic ?
Re:How about Android apps ? (Score:5, Informative)
Anyone has done any research on Android apps, on the same topic ?
Actually, very few leak details.
Android applications have to ask permissions to get access to the internet or your personal details.
Re:How about Android apps ? (Score:5, Insightful)
Anyone has done any research on Android apps, on the same topic ?
Actually, very few leak details.
Android applications have to ask permissions to get access to the internet or your personal details.
Which is all but the same as most tech-unaware users will dismiss the dialog. What they understand behind these dialog boxes is that if they click "No", the App won't work.
It's a bit like electing the president. It's nice to ask people for their opinion, but the overwhelming majority has no clue what's at stake, so it serves very little purpose.
Still, it's better than not asking. A little.
Re:How about Android apps ? (Score:5, Insightful)
Yes, I'd consider myself a 'tech-aware user', and even Google's own apps want such a laundry list of permissions, it turns into "fuck, whatever" and then you press OK.
Using Android was actually an interesting experiment for me, because I'd mulled over the possibilities of a capabilities-based permission system for many years. Then when I finally got one, I found it was realistically about as useful as an IE ActiveX dialog.
Re:How about Android apps ? (Score:5, Interesting)
Right now, you can at least see what outrageous demands an application is making; but it's a take-it-or-leave-it thing. You cannot, for instance, specify that an application that wants your contacts list for no reason useful to you installed such that any attempt to access the contacts list returns a false one, rather than the actual system-wide contacts.
It'd likely add some resource overhead; but you could theoretically have a per-app 'virtual' set of android.* interfaces: some could transparently map to the real ones, others could be defined by a filter against the real ones(for network access, a specific set of firewall rules, or android.location interface that is based on the genuine android.location data; but with resolution reduced or a fictitious offset introduced, for instance), and some could be based on pure fictions unrelated to the real interface.
The ability to lie would allow you to push back against the creeping trend to just demand all kinds of permissions without obvious reason; but still provide well-formed inputs where applications expect them, so that things will still work(alternative uses, such as polluting the databases of the various 'social' scum who treat hoovering up contacts as a business model, are left as an exercise to the reader); but the device owner's wishes will be preserved.
Re:How about Android apps ? (Score:5, Interesting)
Yup - I've been advocating the same thing. LBE Privacy Guard is the closest I've seen to it in implementation - I assume it actually works.
This was proposed as a feature for Cyanogenmod and shot down. CM now has the ability to revoke individual permissions, but it tends to lead to lots of force-close issues. Most likely they're just sending errors to applications, and not simply lying to them (which is less likely to cause a force-close - app designers already have to handle the case where a user has one contact named John Smith and they never leave Topeka with an IMEI of 12345678). When the app force closes CM tells the user it is their fault for revoking permissions and offers to let them unrevoke them.
Android puts far too much control in the hands of app developers. It is like Windows 3.1 - it works great until some app decides to misbehave. Users, and not app designers, should be the final word in whether an app can run a service all day, or use the GPS vs the network, or transmit x GB of data per day, or whatever. And that final word shouldn't simply be to use or not to use - that is a race for the bottom.
Re: (Score:2)
Re:How about Android apps ? (Score:5, Informative)
Read for yourself here. [cyanogenmod.com]
I think the issue is that many of the CM devs care about their reputation in the phone industry. They don't want to tick off vendors, or Google.
Re: (Score:3)
Ironically, a slightly more 'neutrally presented' permission and filter based per-app provider namespace security scheme could actually be something of a killer app for Android, as well as a valuable tool for the privacy enthusiasts and database-jammers of the world:
Consider the (vastly common, in my experience) 'dual use device' scenario where a single phone is used for both work and personal business(either a business phone that hasn't been given
Re: (Score:2)
That is a VERY good argument. If only I could mod it.
If you don't beat me to it I might just log it on the issues list as an AOSP enhancement request, assuming it isn't already there.
Re: (Score:2)
On Andoid : An app that wants too many permissions with no obvious reason does not get installed by me ....
on iPhone you don't know... so just have to trust Apple, apparently this trust is misplaced
Re: (Score:2)
There are ways around this. If you have a rooted Android device, there are two apps, Droidwall and LBE Privacy Guard which not just control access to the network, but even if an app has full permissions to read contacts/phone ID/etc, it can be denied that access, where it gets passed bogus values.
This way, if some game wants every permission under the sun, it can have it. Although in reality, it won't be able to touch the contact list, phone ID, GPS, or even get on the network.
Re: (Score:3)
> I also wish you could turn off specific permissions (so app developers would have to check that they have the permission before they used it, erroring - and asking for the permission - if that permission was required).
Yes. Or maybe an option to "Install with No Permissions" or something. It would be interesting to see which parts of the app required which permissions, then you could make an informed choice whether you wanted X feature enough to expose yourself in that specific way.
Re: (Score:3)
Then you have to get a Symbian S60 phone. They show dialogs request for permissions as the app needs them, not upfront. For example, I can launch Opera Mini and I have to give it network access, but I'm only asked for filesystem access (not with this name, of course) when I download some file.
Re: (Score:2)
There is an app called LBE security (or something simmilar, search for LBE), where you can give/take away permissions, and you can have the app prompt for some permissions ona per-use basis.
So, if angry birds wants location info, you get a pop-up, choose Don't allow (because it doesnt need it), mark 'remember', and continue playing.
The bigger question is, what data does the aplication itself send around, since it requires a rooted phone.
Re:How about Android apps ? (Score:4, Informative)
CyanogenMod does this (allowing specific permissions to be rescinded).
Re: (Score:2)
I'd still like the option to ask. Even better, make it so you can fine-tune which permissions you give at any time you like, allowing or disallowing when you feel. Give us the option.
And I feel differently than you do. If users don't want to be responsible, screw them. People have had years to follow the advice of proper security. The first rule is so simple and easy to follow and applies here: "dont blindly click!" If they don't want to learn, it's not my problem. And if they don't want to take the effort
Re: (Score:2)
You should go out more, and meet people that are not geeks. There are plenty out there and they represent the overwhelming majority in your country.
The thing is, learning all the intricacies of security (and thus the intricacy of technology) far outpace the intricacy of driving an automobile. It could take years or decades.
I understand your point of view, but it's a very selfish one. It lacks a full bucket of empathy.
Re: (Score:2)
I do want to precede with the fact that if you knew me in real life, you would know that I am the antithesis of needing "to go out more, and meet people that are not geeks." Myself, my friends, and people around me all have very full lives in very successful non-computer and non-geek related careers. Computers has just been a side hobby of mine for years.
My point however, is that it isn't necessary to be a security expert. All the work has been done for us and we've been told about what to do and what not t
Re: (Score:3)
Anyone has done any research on Android apps, on the same topic ?
Actually, very few leak details. Android applications have to ask permissions to get access to the internet or your personal details.
Nice try, what about all the apps that Google removed from the marketplace exactly because they leaked details to the developer (aka Trojans)? What about those in the open markets?
Re: (Score:2)
100% wrong and false. Don't spread FUD.
Every time I see an article with this, I laugh. Why? Because it's trojans found in 3rd part markets. NOT the official Android Market. It's hilarious because it's click spam. The title always includes malware without the 3rd party tag. You click on the article, then it's some BS market for devices in China.
I blame the media for half of it, and FUD spreaders like you for the other half.
Re:How about Android apps ? (Score:4)
So now you know what it's like whenever an Apple article is posted. A torrent of misinformation and frothing bias, mixed in with a little fact, often twisted around to ridiculous extremes.
Re:How about Android apps ? (Score:5, Informative)
There are also too many apps that demand an Internet connectivity where I ask myself why. Or I had to deinstall apps where the background process keeps downloading data all the time that I only need on a holiday, but not now; and I found no way of disabling the background process short of deinstallation (without rooting the phone, then means are available).
So I'd say, Android has it's similar share of problems.
Re:How about Android apps ? (Score:5, Interesting)
I've tried to discuss the permissions they require with some Android app makers but I've never gotten anywhere. It usually goes something like this:
I inquire as to why an article reading app would need permission to use my camera. They say the app has a function to take pictures and submit them. I say I don't currently have any interest in doing that - can't they have a base app which doesn't require that permission, and then for those who want to do something like that, have an add-on app which does require that permission? They tell me that Android permissions don't work that way. I tell them that I won't be installing their app.
or
I ask why a game wants access to my contact list and permission to make phone calls. They tell me it's just for a "friends" function, and they only want to read my phone's ID, they promise they would never do anything unwanted. I say I don't trust you that much yet, can't you have a version which doesn't require those permissions, and over time maybe I will come to trust you and then I can install the full version? They tell me that Android permissions don't work that way.
or
I ask why a streaming music app would need permission to "send email without my knowledge" or access my calendar. They say the app has the ability to share stations with my friends, "entirely under your (my) control", and display ads with a button which can add an event (concert presumably) to my calendar. I ask why then they would need to be able to do these things "*without my knowledge*". They say thank you, come again. I say I won't be installing your app then.
So I would say the permissions are nice in theory but in practice many app developers are not willing to finely tune them and either unwilling or unable because of (they claim) platform restrictions to provide variants of the app with different functionality and different permission requirements.
I have no experience with iOS so I can't say anything about that.
Re: (Score:2)
unwilling or unable because of (they claim) platform restrictions to provide variants of the app with different functionality and different permission requirements.
Then the number of listings in the store would have to increase to 2 to the power of the number of features that users want to choose to have or not to have. Say one user wants high score submission over the Internet ("full Internet access"), another user wants to scan barcodes to add levels from a magazine ("use camera"), another user wants both, and another user wants neither. Would you want to require the developer to submit "Game (with barcodes and high score submission)", "Game (with barcodes only)", "
Re: (Score:2)
Would you want to require the developer to submit "Game (with barcodes and high score submission)", "Game (with barcodes only)", "Game (with high score submission only)", and "Game (no extra features)" as separate apps?
Of course not, which is why Android should change to give user control over permissions, and the developer should handle all the different scenarios within their app.
Re: (Score:3)
Neither do the researches, and they still found it. Excuses, excuses.
Re: (Score:2)
IMO, the problem is that it's not specific enough though, you have to choose between allowing access to the Internet or not, it would be nice if it could request access to a few specific domains for instance, that way if the primary purpose of the app is to show me when the next train arrives for instance, I can be sure that it only ever contacts the transit provider and not some obscure server where it can upload any information it gains access to.
Re: (Score:2)
Re: (Score:2)
I'd love to know why so many apps require 'full network access' when, near as I can tell, their purpose requires no access.
Their purpose is to show ads (Score:2)
I'd love to know why so many apps require 'full network access' when, near as I can tell, their purpose requires no access.
Their purpose, from the developer's point of view, is to show advertisements to the user, and they need an Internet connection to download those ads. Any functionality is secondary.
Re: (Score:2)
Point. I forgot about ad pulls. Now I'm pondering 'sponsor this app' placement; once-per-month releases, highest bidder gets placement for that revision.
Benefit is that the app's users would know the app's target market and (to an extent) community, which is a particularly nice way to target ad spending.
Re:Profit. (Score:5, Insightful)
Don't be obtuse. Whatever your stance on obtaining a copy of a more or less freely available* item of media, it's completely different from obtaining data about an individual without their consent. One is a civil issue dependent on the current legal and moral standings of the notion of copyright (which is far from universal or constant), the other is a privacy issue.
*as in, available to anyone willing to pay
Re: (Score:2)
I completely agree, but I also think that obtaining data about an individual without their consent is completely different from theft, especially when that data comes in the form of a device ID, which is not really about an individual, but about a device that the individual owns.
Re: (Score:2)
"Device ID"? This discussion is about contact lists...
Re: (Score:2)
Why are we talking about contact lists? According to the article, very few App Store and Cydia apps leaked your address book. The only things more than 1% of apps "stole" were your device ID and your location. And WRT to the address book, the difference between the App Store and Cydia isn't statistically significant.
Re: (Score:3, Insightful)
Arguably, they're stealing your privacy -- or at least stripping you of it.
The same is not always true with a movie: I'm not depriving them of the movie, or even likely to spoil it for anyone else, and I'm not depriving them of profits they would otherwise have had I paid for the movie (simply because I will not buy a movie). (I do, however, go to many movies when they hit the cheap theater in town. Mostly I like the popcorn. That shit costs twice what the movie ticket costs, though.)
Re: (Score:3, Interesting)
and exactly what data do you have showing 1) that these groups are the same and 2) that people "claim that pirating movies isn't stealing"?
quit it with the troll bait.
what's really problematic is not whether there are legit uses for the data, but that the app developers aren't up front about data being shared at all.
Re:Profit. (Score:5, Insightful)
I couldn't decide whether to mod you 'Overrated' (because I think you might actually believe what you're saying and are therefore not a Troll or Flamebait) or 'Funny' (because I can't figure out how exactly you're equating the two and it may well be a joke).
So, instead, you get this reply.
Now, understand that this doesn't come from someone who "claim(s) that pirating movies isn't stealing," though I do believe in the right to privacy. Maybe because of that, I don't see your insight into the matter (but apparently as you don't believe both, maybe you don't either). But I'm curious about why you see these things as the same, and why you think that there is an apparently significant intersection between the group that considers downloading movies not to be stealing and the group interested in privacy.
You imply that a reproductions of the Mona Lisa and the details of your life, financial situation, activities, interests, online pseudonyms, and whereabouts are the same. Either you believe that I should be able to search for 'SiMac' on, say, the Pirate Bay and download this information same as I would a movie, or you don't. Which is it?
Because even though I don't think that people should 'pirate' movies and I think I should have a right to privacy - I wouldn't equate the two. Why do you?
Re: (Score:2, Flamebait)
I'm not trying to equate invasion of privacy with piracy. They aren't the same thing, and I don't think they are.
I'm asking why many people make the (correct, in my view) observation that piracy isn't stealing, but then make the same logical fallacy when it comes to privacy.
In particular, I think it's absurd that GP thinks that submitting the device ID, which isn't much more personally identifying than an IP address, is theft.
Re: (Score:2)
I agree.
Re: (Score:2)
Re: (Score:2)
no, in other words, iphones are gay.
Stop bad mouthing lesbians, you faggot.
Data wants to be free (Score:2)
Re:Data wants to be free (Score:4, Interesting)
Re: (Score:2)
Re:Data wants to be free (Score:4, Insightful)
And also completely defeating the purpose of the current system, disrupting the entire ecosystem. There's a chain, here: the app developers include these permissions so that they can profit from providing a free-to-download-app by serving ads, the ads paid for by those believing that they're targeting ads to those most likely to buy their product/service. If the users disrupt the data stream with 'dummy' data, the ad providers don't know how well they're targeting the ads, and the value to the ad purchasers diminishes.
Not that I don't agree (and use software which lets me do the same on an Android phone) but the implications, when applied globally, greatly change the landscape.
Re: (Score:2)
targeted ads yea right.
according to google I live in eastern europe. I live in teh USA.
If they can't even get my IP right for location then what the fuck are they targeting.
Re: (Score:2)
If the users disrupt the data stream with 'dummy' data, the ad providers don't know how well they're targeting the ads, and the value to the ad purchasers diminishes.
Yeah? Well !@#$ 'em. !@#$ you too for drinking the Koolaid. I do not surf the web in order to be presented with advertisements. I do it to communicate with like minds. Thank $deity for AdBlockPlus!!!111
I enjoyed the web before it was taken over by advertisers. I go waaaaayy out of my way to ignore their existence these days, and I resent having to expend the effort. Now, we have "advertisers" distributing malware as free software that compromises personal information. Holy !@#$ing yay, NOT!
YMMV, and
Re: (Score:2)
Magazines, radio stations, and TV stations have collected demographic information on their consumers since these media came around.
No, they've tried to. "Send us email, go to our Facebook page, watch our twitter feed, ..."
Now, they're distributing malware that sends your personal information back to the mother ship without your knowledge of it going, and it's being processed and parsed into an rdb that's cross-referenced with other rdbs, ...
You people are fools for putting up with this crap, especially if it's just to get a *free game*. Holy !@#$.
Re: (Score:2)
Indeed a shame.
All we have now is a system where you can either give freecell access to resources it doesn't need or not install freecell at all.
A system where you can block access to email but allow access to the resources it does need would be great.
Re: (Score:2)
To combine the ideas of two posters above, what is needed is:
Its a matter of who does the verification (Score:5, Insightful)
Cydia: No certification, people are more likely to look at what the app is doing(also because someone who uses Cydia has a higher probability of knowing how to look at it), app creators more careful to not get a bad reputation
Re: (Score:2)
Exactly.
"B-b-but but Apple stuff doesn't get viruses/malware/trojans!"
Make no mistake, this is what trojans are and what they do. I wonder how many of those take more than just the unique ID (see path silently stealing customer address books). There was an article a while mentioning the amount.
I'm surprised the "carefully curated" meme gets passed along here at slashdot with so many people who should know better. And I love to see those knocking Android saying it has malware. Ever notice that those articles
Re: (Score:2)
Not that I disagree with the UAC model that Android uses per se, but with your final sentence you're equating apps being able to send your UDID to the developer with a virus?
Let's ignore the fact that, assuming the comparisons were valid it would be a trojan and not a virus, I'm not sure you can logically make the argument that apps on the iOS app store using one of Apple's own APIs to identify the client handset is equivalent to those apps being classed as viruses and malware.
Malware would be an app that h
Re: (Score:2)
Let me first precede in that I do appreciate your well thought and detailed reply.
Not that I disagree with the UAC model that Android uses per se, but with your final sentence you're equating apps being able to send your UDID to the developer with a virus?
It states right in the article that in addition to the ID, location data is stolen and so is your contact list. You don't call that a trojan/virus/malware? In addition, it was found that 3 apps on the App Store even record ambient room audio without your knowledge (article a month or two back). That is the absolute utmost of vile malware.
Let's ignore the fact that, assuming the comparisons were valid it would be a trojan and not a virus, I'm not sure you can logically make the argument that apps on the iOS app store using one of Apple's own APIs to identify the client handset is equivalent to those apps being classed as viruses and malware.
See above. In addition, Apple's official policy flat out refuses apps to give out locatio
Methodology? (Score:3, Interesting)
Since iTunes does not support direct searches for free ap- plications, we rely on apptrakr.com [2] to provide a contin- uously updated list of popular, free iOS applications. Once a new application is added to their listings, our system au- tomatically downloads the application via iTunes and de- crypts it. Subsequently, the application is analyzed with PiOS.
I didn't see anything that described how they chose the Cydia apps however. I bring this up because there are numerous very popular Cydia apps that are simply iOS tweaks that adjust a piece of the interface or something similar. These apps would intuitively be less likely to require any sort of user information at all, so I'm not sure how much I trust these results.
Re: (Score:2)
Fair point, I guess the questions hinges on what constitutes an "app." To me, a UI modification or tweak isn't an app. Whether or not the 'researchers' believe the same is the question.
Re: (Score:2)
Malware vs. virii (Score:2, Insightful)
This reminds me a bit of the early days of spyware and malware when anti-virus companies were behind the curve and tried to write off that since malware was typically installed with user consent, they weren't responsible for scanning, detecting, and removing it. Apple is doing the same, but without even saying it's not their responsibility. Instead, they keep giving consumers the false belief in the safety of the walled / curated garden. An oddity to be noted as well is that the Apple store has actually
Re: (Score:2)
This isn't entirely accurate. Apple have taken responibilty for scann
Hmmm... So far so dodgy... (Score:3)
Re: (Score:2)
Can you elaborate? I am a programmer, and I read the PDF provided in the article. My conclusion is that they did a very clever job in creating a mechanism that could statically analyse the code and determine with some degree of certainty that some functions where accessing what they considered to be personal information; and then transmitted this over the wire. It is clever because, due to its complex and dynamic nature, the Objective-C runtime does not make static analysis easy or practical.
They also me
Data Privacy? What about that? (Score:5, Insightful)
So, in the subway/room... you enter your password to download an App, and someone may see and remember the credentials. It may happen, and? Gmail, for instance, allows you to get the list of the recent accesses to your account.
Apple App Store, MobileMe? Nothing. There is absolutely no way to determine if someone else accesses your account unless the other guy changes/order something. The only solution according to Apple is "Change your password". That case happened to a friend of mine who is not much in IT, and got suspicious after a few coincidences of interest. Considering the weight of iCloud and MobileMe, some more data protection is needed from Apple.
First thing.. (Score:5, Informative)
...I did after jailbreaking my iphone was to install a firewall. The experience was quite interesting, allowing me to see exactly which apps tried to contact remote sites and which sites they attempted to contact. And, to my knowledge, the only external sites contacted by unofficial apps I've seen were related to ad content.
Access to private data on outside of the apps (calendar, contacts, etc.) should be controllable on an per app basis, just like with location service. And each app accessing this data should be carefully reverse engineered and analyzed to ensure it is safe.
Re: (Score:3, Insightful)
Access to private data on outside of the apps (calendar, contacts, etc.) should be controllable on an per app basis, just like with location service.
You mean the way Android does it? By listing the permissions the application has asked for when you install it.
It wouldn't be the first thing they slavishly copied from Android (*cough*notification menu*cough*)
And each app accessing this data should be carefully reverse engineered and analyzed to ensure it is safe.
Good luck with that.
Companies will object to their proprietary code and secrets being examined, users will scream until they get their fart apps.
Re: (Score:2)
You mean the way Android does it? By listing the permissions the application has asked for when you install it.
It wouldn't be the first thing they slavishly copied from Android (*cough*notification menu*cough*)
First, I don't think it's anyway relevant who did it before. And if someone did it and it worked well, than I sure do hope so they will copy it.
I'm really getting tired to read comments like these parallel to comments against intellectual property, patent trolling, etc.
Companies will object to their proprietary code and secrets being examined, users will scream until they get their fart apps.
You don't have to have access to the code to reverse engineer a program. In fact, if you have access to the source code, I wouldn't call it reverse engineering at all. Reverse engineering what a program does, in the context of network communi
Re: (Score:2)
You mean the way Android does it? By listing the permissions the application has asked for when you install it.
The android solution is pretty lousy. If you want to use Facebook, then you have to use their app. So, Android just tells you how much they're raping you before they go ahead and do it. If you want to be out of touch you always have that option.
The solution is to let users opt out of individual permissions, and for it not to be possible for an app to detect that this is happening. The only effective solution I've seen for this is LBE Privacy Guard. Cyanogenmod grudingly added a similar feature, but it
Well, did you accept the EULA? (Score:5, Informative)
I actually read the EULA for the recent game "Civilization V", and it said they could take your contacts list, and share/sell it.
Fortunently Valve/Steam was nice enough to give a refund before I installed it when I complained about it "As a one-time courtesy" not as policy, I'm sad to say.
Particularly since the EULA wasn't available for viewing until after purchase.
http://forums.steampowered.com/forums/showthread.php?t=2109777 [steampowered.com]
Re: (Score:3)
Some PC games will scrape your browser history, such as NFS:Shift. They'll actually use it to adjust the in-game advertising.
Wait, what? (Score:2, Insightful)
The whole idea of the device UUID is to create a primary key for users without actually using any of their personal information. So what if someone is storing your UUID? That's the whole point!
If you give them your name and email and bank account information, and they tie that in with your UUID, then you have bigger problems than your UUID being "uploaded".
Bullshit (Score:2, Interesting)
"21 percent of official App Store apps uploaded the user's Unique Device Identifier"
In iOS 5.x it's impossible to read out the UDID.
Everybody still on 4.x should ask himself: Why?
Re: (Score:2)
Great analysis, terrible reporting (Score:2)
The analysis was great. They used some very clever techniques, and wrote it up thoroughly.
The reporting is absurdly overhyped, with statements like "one in five of the free apps in Apple's app store upload private data back to the apps' creators " Almost all of the "privacy leaking" was simply apps capturing device ID's (UDID), which is routine piece of data collected for issue resolution, and isn't "privacy" any more than a web server logging your IP address is violating your privacy. If you're worried abo
Re: (Score:2)
from another poster (Score:2)
I'm not so sure about UDID giving away no more privacy than IP.
IP doesn't identify a single device, thanks to NATs and dynamic pools and conversely same device isn't bound to single IP, it's many to many relation. To track someone specific you need more than his IP, like a cookie, for example. And many indeed disable browser cookies for this very reason, just as you propose.
UDID, on the other hand, is a strict one to one relation, it's unchangeable, linked to single device and can't be disabled. UDID is much better suitable for tracking and collating info across different sources. Add a little bit more, and you're tracking a user even after a new phone purchase.
Re: (Score:2)
I'm not so sure about UDID giving away no more privacy than IP.
IP doesn't identify a single device, thanks to NATs and dynamic pools and conversely same device isn't bound to single IP, it's many to many relation. To track someone specific you need more than his IP, like a cookie, for example. And many indeed disable browser cookies for this very reason, just as you propose.
UDID, on the other hand, is a strict one to one relation, it's unchangeable, linked to single device and can't be disabled. UDID is much better suitable for tracking and collating info across different sources. Add a little bit more, and you're tracking a user even after a new phone purchase.
If only a UDID is extracted, you are tracking a SERIAL NUMBER only - not a person.
Re: (Score:2)
if you track a 'serial number' of a device enough, you can easily map the tracked to particular persons after you amass a certain size of data. this is what websites are doing.
Re: (Score:2)
if you track a 'serial number' of a device enough, you can easily map the tracked to particular persons after you amass a certain size of data. this is what websites are doing.
Perhaps if the application is a web browser, that would mean something, but I can't imagine too many people using an alternate web browser. With any other app, you get the fact that they used your own app only - perhaps multiple apps if you make them. If no OTHER data is leaked, you get nothing else.
Re: (Score:2)
My Address Book information is personal data. This is less an Apple problem than an Evil Developer problem: they're the ones stealing contacts without asking.
Hell, why does Angry Birds need my Location Services info?
Re: (Score:2)
My Address Book information is personal data. This is less an Apple problem than an Evil Developer problem: they're the ones stealing contacts without asking.
Hell, why does Angry Birds need my Location Services info?
No shit your Address Book is personal data and any Dev stealing that is evil. My point was that the article says 21% "steal" the UDID, which is just a serial number, not personal data. My guess on Angry Birds is they have a geography-based leaderboard you can check out (I know an air-traffic controller game that does).
Local businesses (Score:2)
Hell, why does Angry Birds need my Location Services info?
If you're referring to ad-supported "free" games, I imagine that the app's sponsors want to show you ads for local businesses near your location, not on another continent.
Re: (Score:2)
Almost all of the "privacy leaking" was simply apps capturing device ID's (UDID), which is routine piece of data collected for issue resolution, and isn't "privacy" any more than a web server logging your IP address is violating your privacy.
Bad analogy, an IP only identifies a particular internet connection, and if you have a dynamic IP that doesn't even mean much. The iShiny's UUID is more like the mobo serial number on a PC.
Re: (Score:2)
Ok, its more like the MAC address. (yes, yes, I know you can change that on most network devices)
The point is the story is enormous overhype designed to make Apple look bad, since the classification of the UDID being "private data" inflates the numbers and the use of the term "leak" in the headline is grossly misleading, since there's an API for determining the UDID in iOS.
I might as well say my ip address is being "leaked" onto the internet when I go to "whatismyip.com".
The study *did* identify some actual
Re: (Score:2)
Apple's UDID is at least as permanent as a mobo serial, even a MAC address is much less personal and easy to change. It's device-unique and can't be changed, I'd say it's quite fair to call it personal info.
And see (Score:2)
how badly the european style privacy and 'forget me' laws were necessary.
Re: (Score:2)
I hate Apple as much as the next non-fanboy but I don't expect the official Android app store to be much better. They don't do code reviews or black-box testing either, they've only recently started doing AV scans.
Re: (Score:2)
I hate Apple as much as the next non-fanboy but I don't expect the official Android app store to be much better.
Both iPhone and Android users *ought* to be jailbreaking their devices, as a matter of course. This story proves it. Apps DLed from any "store" shouldn't be trusted out of the box to run as system services; IT 101. 20% are borderline malicious?!? Eeeew!
I trust Debian to not !@#$ me up the *&^. Google and Apple, not so much. They both have agendas/ulterior motives of their own which don't consider our interests are of much need of their consideration.
Caveat emptor, FFS.
Re: (Score:2)
I think the first tethering app disguised as a flashlight app did that, doesn't seem to have dissuaded the sheep.