Android's approach is terrible. It consists of showing a cryptic list of entitlements to the user all at once at the time of downloading. The user can either accept all of them or not use the app at all.
With iOS (At least with location services and notifications right now) the user is asked about a specific permission while using the app. This is much better, because it does a couple things:
1. The user will usually know the reason why an app is requesting the specific permission. On Android you haven't even downloaded the app yet, so you have no clue what you are allowing. If an app requests something right when you open it that you weren't expecting...then you know it is suspect.
2. The user can use an app even if they deny specific permissions (No location, no notifications, soon no address book and maybe others.) Some apps may use location to find local things. If a user just wants to search manually they still can even after denying location services. On Android you would have to disable your GPS in settings to use the app without it, as you have already granted location permissions.
3. Messages about what an app is doing can be more clear, as they aren't in a list with 5 other permissions.
Android's method is more secure "on paper", but the reality is that the majority of android users just click allow on every app they download without really reading through the text, as it becomes meaningless to them after doing it so many times.
Obviously it is better in terms of your address book in this case, but once Apple implements similar controls for it then it will be much better than Android's implementation.
Absolutely. Like I said, at some point you have to trust the developer. If they are found to do something like this, they should suffer the consequences.
What I don't understand is why people are outraged that Apple hasn't done something to prevent this situation sooner.
Serious question, what is there to "protect" in your address book? The name/number of your bookie? Your favorite escort service? Seriously, I really want to know what can be so scandalous in a phone book that you wouldn't want people seeing? And if there is something there, wouldn't it have been a good idea to not have it there in the first place?
The trust is with Apple, more so than the developer, as a direct result of the walled-garden approach that Apple polices so vigilantly. They have alleviated me, the user, from caring so much about the quality & integrity of iOS apps -- because they have strict guidelines & requirements from developers that must be adhered to & passed (supposedly). If an app is in the app store then, hey, it must be trustworthy. Right? I, as the user, don't even need to know what permissions the app needs because, after all, it passed the strict submission process. The "outrage", I think, comes from when this trust -- and the trust I have with Apple is greater than the trust I have with any XYZ Developer -- is, well, violated. Apple made a rule (that perhaps only ever took the form of a contract between itself and XYZ Developer) that wasn't enforced (contracts are breached all the time) & the price paid is end-user data effectively being stolen.
Apple are obligated to protect our privacy at all costs since we, the iOS end-users, have no power other than choosing to not install an app
what's in my phonebook that I don't want other people to know?
- my GF's contact info (we get already enough mail/email/phone calls from nutcases and stalkers that we have a dummy phone that we ignore)
- friends contact info that are CEO's and such who have public and private contact infos. they would be mightily pissed if their private info goes out.
- business partners contact info
- my lawyer
- my physicians contact info
- my shrink (I'm kidding but it is actually serious. you don't want other people to know that you see a shrink)
Honestly, can't you imagine that a person doesn't want their entire list of business clients uploaded to the servers of five different developers?
Can't you imagine that I'm worried that several of my physicians own iPhones and that developers know who their patients are? Including the birthdates, adresses and family members of those patients?
Ok, I'll give you some of those points. Business contacts could lead to a disadvantage when considering new projects etc, and the personal info for people that want to keep their private and public information separate I also understand.
Everything else, not buying it. The massive flood if information on the Internet makes it unlikely that anyone could even possibly connect the dots for relationships based solely on contact info. Heck a major problem with social networks is that there is TOO much information that they can't find easy patterns of behavior, motivation, etc.
As for not wanting people to know who your contacts are (as in who your lawyer is, your doctor) don't put that information in your address book to begin with (since why do you need it there? As a reminder who they are?) Since Facebook really took off, people (mostly younger people) have learned how to not put up specific information yet still stay involved. We know what to do and not do, and while our parents felt they needed to remind us over and over again not to tell a stranger where you live, we sorta knew that one already.
There's a tendency on the Internet to give out more information than you really need to. If someone asks you "do you know the time," the common answer is "it's 4:52" when what they were asking required only a "yes" answer. Same with technology.
And also, who thinks their importnt enough that someone would try and look through their phone book for the names of doctors or lawyers or shrinks to somehow get a leg up? Get over yourself.
As for not wanting people to know who your contacts are (as in who your lawyer is, your doctor) don't put that information in your address book to begin with (since why do you need it there? As a reminder who they are?)
Any app that is "social" in nature usually requires data from the users address book.
How is the app to find your friends ?. From your address book.
How does a chat app know who you're chatting with ?. From your address book.
How is a cooking app supposed to know who your friends are that are cooking something ?. From your address book.
The list goes on and on.
Any social app uses some aspect of the users address book whether the user knows it or not. On any OS that is using any person in your address book.
Okay, but...
This is the same power we have had for decades on Windows and Mac and Linux.
Apple found an area to improve our control of our private data based on this discovery and is going to implement it. The app that started this controversy (Path) quickly apologized for their actions and followed through with an appropriate response. This is how it is supposed to work. All is well.
To say that Apple obviously should have done this earlier is to ignore the security costs to yet another permission dialog. The more there are, the less people pay attention before they click okay. See the Android permission notice and Windows Vista as the poster children.
End-users have no auditing power on iOS -- with the single sole exception of being able choose what apps to install or not install. And on what do we base this choice? Reviews? Trust with an unknown developer? We don't have much to go on because the system is so dramatically dumbed down (from end-user perspective)
They can have my address books... I'm staying on 5.0.1 with my Jailbreak.
EDIT: I have nothing to hide, so I don't care if they get my addresses. I assume Apple has access to all my data anyways, and AT&T to anything I send OTA.
What about your boss getting contacted with contextual ads based on the other information the system is scraping from you?EDIT: I have nothing to hide, so I don't care if they get my addresses. I assume Apple has access to all my data anyways, and AT&T to anything I send OTA.
Because originally there was trust (a lot LESS trust than Android, mind you). Where an app developer might want to use your contact information to, for example, allow you to play a game of scrabble with a friend by showing the friends names.
Now app developers aren't using the information for proper uses, but instead nefarious uses. Which is why Apple is stepping in and restricting the use of these APIs, just like they restricted Location services.
Android is much worse in this regard. There is a lot less security in the OS. Which makes some people happy because they can do 'more' with Android, but it also opens the whole OS up to bad apps. For example, in Android, it's possible for an app to send text messages in a background process while the user is unaware that it is happening, and thus charging their phone bill for text messages. iOS restricts what can be done in a background thread.
Your wrong actually, Android was much stricter about info apps to can access from other apps. Unless that app is given permission to do so or runs in root privileges, it cannot access those things.
Your wrong actually, Android was much stricter about info apps to can access from other apps. Unless that app is given permission to do so or runs in root privileges, it cannot access those things.
"Apps that collect or transmit a user's contact data without their prior permission are in violation of our guidelines," Apple spokesman Tom Neumayr told AllThingsD
It's called people's names, phone numbers, emails, and address.Serious question, what is there to "protect" in your address book? The name/number of your bookie? Your favorite escort service? Seriously, I really want to know what can be so scandalous in a phone book that you wouldn't want people seeing? And if there is something there, wouldn't it have been a good idea to not have it there in the first place?
Ah, yet another reason to put off buying an i-Device a little while longer until you guys are finished getting all the "privacy bugs" worked out.So what about all the apps that uploaded the address books already? Do they have to give it up (lots of luck with that)? How do we know they are not selling the info to 3rd parties?
Serious question, what is there to "protect" in your address book? The name/number of your bookie? Your favorite escort service? Seriously, I really want to know what can be so scandalous in a phone book that you wouldn't want people seeing? And if there is something there, wouldn't it have been a good idea to not have it there in the first place?