What do some popular iOS apps to with your Contact data? Do they grab it without permission, transmit it without protection, and store it without regard to privacy? Or do they treat it right, with respect and responsibility? That’s the question both Dieter Bohn of The Verge and Matthew Panzarino of The Next Web sought to answer today.
The reason for the sudden interest — in a years old problem — is because a popular app, Path, was discovered taking users Contact data without asking, and uploading it in an insecure way to their servers. It wasn’t nefarious; as with other apps that do likewise, they were trying to provide a service — match users with friends who are also users. They just coded first, asked questions never.
For more background, and the solution iMore would like Apple to implement, see our recent editorial: iOS 6 and privacy: How Apple should draw inspiration from Android for better app permissions
The Verge spent the day packet sniffing popular apps, basically running their own man-in-the-middle attack, to see if any Contact data was being transmitted and if so, how it was being handled. The Next Web received an assist from Tweetbot developer Paul Haddad, who ran his own, similar tests.
Of the apps found to be on the naughty list, or in the gray-zone, it sounds like the publicity will be causing swift updates.
Hit the links below to see the results.