If an app uploads my complete address book to their servers, which is absolutely no ****ing business of theirs, then Apple should refund the money to all purchasers, remove the app permanently, and ban the developer. There is just no excuse in the world for that.
No. Sandboxing isn't about asking permission, it is about being able to do something or not. An app can request the ability to access your address book or not. If it requests it, it can. If it doesn't, it can't. They idea is that when deciding to accept the app or not, Apple will check whether the app has requested the ability, and if the app has any good reason to do so.
Another thing is that Apple can eventually provide sandboxed code to do things. For example, some code that lets the user choose a name from the address book and send an email to that person. That code would live in its little sandbox with access to address book and email. However, the rest of the application wouldn't be able to access the address book. So a game could allow you to send a picture to a friend that way, without itself being able to read your address book.
Really? What about Google and the Government themselves?
Google has a complete record of people's emails, voicemails, websurfing habits (remember, with the new "privacy policy" they are indexing your entire web existence if you use their 8.8.8.8 DNS), Google+ friends and interactions, the list is almost endless.
The iOS address book security needs to be address, but it's definitely the low hanging fruit for a much larger privacy issue.
BTW, does anyone know what address book security comes stock in an Android phone?
Slight difference I believe. If I'm using someone's services for my email and contact information - I can pretty much assume - since they are HOSTING that info - they have access to it.
However - this is completely differerent. A private device with personal data which is then being unknowingly uploaded to 3rd parties without consent.
If you don't see the difference, well....
Every application you install on Android gives a full list of permissions before installing it (as does Windows Phone 7).
If you don't want to give a third party access to that info, you simply cancel the installation.
Because they have sent how many of these letters in the past 12 months? Why can't they concern themselves with true privacy issues like the FCRA and the credit agencies that sell our private information legally when someone pulls your credit. Ever wonder why you get calls from unknown's after you apply for financing? Google "Trigger Leads".... Why can't they focus on this REAL issue that has been around for 7 years now. This is a real privacy issue... selling your personal information legally @ pennies.
The company that F'd this up apologized, removed the data, and tried to make amends. I do not condone this as to be OK, but I am sick of all these media driven congressmen with a hard on lately when there are far worse privacy issues out there that need addressing.
This whole fisaco is why I like to see a list of permissions before installing an app, ala WP7/Android.
Flashlight app wants full internet access, location and contacts? No install for you!
Example:
Image
If you're on CM, you can also choose which permissions certain apps are allowed.
Yeah, because people really pay attention to the fine print.
Most every app is going to ask for some access to some kind of resource on your phone, so this "warning" route is ridiculously stupid. It may seem nice but the reality is it's next to useless. You'd never install anything.
The problem wasn't really that Path was accessing the address book data, is that is was uploading it to their servers and storing it there. That is the big issue and that's what all the hysterical whining is ignoring.
Your Windows app example doesn't address this. It just says the app wants to access something. Well, then, what's it going to do with it? It doesn't say. That's why it's useless. And that's why people will end up saying, "Okay." Just like they do for virus software.
Yeah, because people really pay attention to the fine print.
Most every app is going to ask for some access to some kind of resource on your phone, so this "warning" route is ridiculously stupid. It may seem nice but the reality is it's next to useless. You'd never install anything.
The problem wasn't really that Path was accessing the address book data, is that is was uploading it to their servers and storing it there. That is the big issue and that's what all the hysterical whining is ignoring.
Your Windows app example doesn't address this. It just says the app wants to access something. Well, then, what's it going to do with it? It doesn't say. That's why it's useless. And that's why people will end up saying, "Okay." Just like they do for virus software.
If an app uploads my complete address book to their servers, which is absolutely no ****ing business of theirs, then Apple should refund the money to all purchasers, remove the app permanently, and ban the developer. There is just no excuse in the world for that.
Android's way may not be ideal but it's probably the only possible one. Besides, your depiction of the situation is totally wrong. Most applications do not really need that many privileges (games etc.). And for those few that do need the privileges you have to do dew diligence ad make sure that you deal with a reputable vendor.
I think what Congress intends to do is make the "free market" fix its problems with the attention and threat of legislation.
Just leaving the "free market" to fix things was tried and is still tried. Certain things are not fixable by the free market. Adam Smith said as much in The Wealth of Nations. I realize it's politically incorrect to suggest laissez faire capitalism was not handed to us by God, but ... rivers aren't supposed to burn.
Yeah, because people really pay attention to the fine print.
Most every app is going to ask for some access to some kind of resource on your phone, so this "warning" route is ridiculously stupid.
Apps cannot transmit data about a user without obtaining the users prior permission and providing the user with access to information about how and where the data will be used.
It's all or nothing, though, right?Every application you install on Android gives a full list of permissions before installing it (as does Windows Phone 7).
If you don't want to give a third party access to that info, you simply cancel the installation.
Read section 17.1 of the iOS guidelines:
"Warning" users is the current solution by obtaining permission before obtaining data to some extent. In Path's case, they were in breech of the guidelines by not doing it.
Had path added a popup with what they intended to do with your contacts with an accept/deny button, things would be fine.
Read section 17.1 of the iOS guidelines:
"Warning" users is the current solution by obtaining permission before obtaining data to some extent. In Path's case, they were in breech of the guidelines by not doing it.
Had path added a popup with what they intended to do with your contacts with an accept/deny button, things would be fine.