Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
iOS Photo and Video Privacy Issues Highlighted with New Test Application
- Thread starter MacRumors
- Start date
- Sort by reaction score
This also hurts legitimate app developers -- especially indie developers who have no reputation to stand on yet -- who need to request location access for the operation of their app. Now that location permission dialog is tainted in the eyes of many customers until Apple fixes the permissions issue.
This problem reminds me of automotive racing ... there's a set of rules that everyone's expected to follow, but teams seek out loopholes which bring them some advantage...things that used to be innocuous only become a clear problem after someone has found an exploit.
The current motivation for "misbehavior-ware" has only recently come about because of the revenue potential gained from having peoples' data. Some of these are clearly illegal (ie, identity theft), but there's also a lot of interpretational grey areas ... for example, if I give an App permission to access my photos, did they also trick me into giving them a free & perpetual license to my copyright works, including a right for them to resell it to a third parties? It makes all of those fine print paragraphs all the more important.
Where the NY Time's Journalism has problems in its failure to point out that this problem isn't unique to just the iOS system...for them to infer that it is only iOS issue is incorrect and an Ethics of Journalism concern.
A better question is if it can ever be made granular enough? Afterall, even if a curated approach were to literally review every line of source code, all data sent off the device is beyond that ability to review what is done with it next.
Except that motivations have changed and the idea of a programmer hiding a subroutine that systematically scrapes your data is what didn't exist. The broader issue that the NY Times misses is that all OSs are currently vulnerable to this type of attack.
Exactly. The real news is the growth in software that contains deception.
From there, the bigger question is if technology can ever solve that problem.
-hh
I would like to see a list of the core personal data access required being listed in the App store alongside the app. I'd like to know whether it remains local access (i.e. it is never sent from the phone). It is a critical part of my decision as to whether to get and app or not.
Yes, exactly. This privacy violation stuff is just getting out of hand. I'm not that concerned, at the moment. But, what will developers and corporations get away with in the future? I think some kind of precedent needs to be set for what's acceptable and what's not.
Again, I think you are missing the point. Knowing whether or not an app is accessing your contacts is not the problem. What an app actually DOES with that access is the crux of the matter. And that is something that no permissions system can handle. It can only be done with a curation process. You have to actually test the app and/or view the code.
What's wrong with the location permissions? They protect location data (which can be embedded in photos.)
Would be great if simple toggles were available to allow for sharing or not sharing video, photos, address book, etc with these apps. Serious privacy issue it is.
shame on them for believing in the good of people.
they learned their lesson and they are working to rewrite the rules to require that you ask for every little thing. Since they can't trust developers.
----------
Location data allows for tracking. and that service can be a bit of a battery hog. two very good reasons for said rule
----------
Apple set a policy saying that apps needed to let folks know what info was being used, uploaded etc. They believed they could trust developers not to be asshats. They were wrong. But that's no reason to blast them for being jerks about the issue. If anything, from a honest developer's point of view, I'm glad that they were willing to trust us and it's the asshats that ruined it that are the problem.
----------
It's all good. Gizmodo was getting lonely. Now they won't be.
Short of Apple reading the source code of all apps (apps would take months to review, cost a fortune, not to mention the liability of giving Apple proprietary source code) it's not possible to know what data remains local or goes to servers. Most good developers encrypt the data they transmit.
It's the same for all platforms, you can limit access to data but you'll never be able to control the data once it's in the app.
I think the best is what's coming already: have developers state a privacy policy shown alongside the app and make them legally responsible for keeping their word.
That right there is why I will never get anything Android. I shouldn't have to root my phone to put in privacy protection. That's just backwards
----------
But the government listens to those. They listen to everything. They have this machine that records everything about us. It's on this island that is kept hidden with alien cloaking technology they stole from the Roswell crash. and every 108 minutes someone pushes a button
----------
Many folks just say no. Because they are given that choice. What would be nice is if the apps said why they want permission. Many folks don't know that the Camera app wants to record where you are for sorting photos later (the Places in iPhoto and such). so they say no and then they are mad cause they just came back from a trip around Europe and can't remember where they were for half the photos. An explanation in the pop up would be nice
I think it's safe to say that while Apple "vets" the apps to some degree - it's been shown often that the job they are doing isn't foolproof. Not even by a longshot.
You realize that Carrier IQ was on the iPhone until recently?
Couldn't have been any more clear.
To repeat myself, which I don't enjoy doing, they should have developed an app that does not ask user permission, and was submitted to and approved by Apple.
Then, their example, would be the same, as their claims.
Did I spell it out enough?
Nobody claimed they are perfect. They don't need to be for their strategy to work.
And you do realize the significant difference between requiring opt in and not having the ability to opt out.
"Update: The Verge reports that "sources familiar with the situation" have indicated the photo and video access is a bug and that a fix is in the works."
I find that amusing. It isn't a bug. The ALAssetsLibrary framework that causes the initial prompt is designed to allow the extra access. This long winded blog, Confusing iOS Location Services Prompt, describes why the message can be misleading too. Apps that cause the prompt don't necessarily use location data.
Although the app I'm working on currently doesn't use location information, the prompt still appears, in iOS 5. On iOS 4.3, the prompt does not appear and in fact under the Location Services menu, the permission is automatically set to YES. That is a bug. It will be interesting if Apple releases a fix for that.
I find that amusing. It isn't a bug. The ALAssetsLibrary framework that causes the initial prompt is designed to allow the extra access. This long winded blog, Confusing iOS Location Services Prompt, describes why the message can be misleading too. Apps that cause the prompt don't necessarily use location data.
Although the app I'm working on currently doesn't use location information, the prompt still appears, in iOS 5. On iOS 4.3, the prompt does not appear and in fact under the Location Services menu, the permission is automatically set to YES. That is a bug. It will be interesting if Apple releases a fix for that.
Last edited:
Exactly. Nonetheless, exactly even though if that's sarcasm.
Developers/humans are the same who end up terrorising the world OR hack governments. You're not supposed to open your systems to anyone.
How about explicit permission to use each data type and for that data to be set to servers?
Not exactly. It's more like a side-effect.
There is no specific "photo library permission". But, since photos might contain geotags, (by default, photos taken on iPhones are geotagged) the application needs location permission to access the photo library.
----------
There is no way. The OS couldn't possibly inspect what is being sent and definatively determine what it is. All it can determine is what data is being ACCESSED by the app.
Data could be encrypted with SSL and if the built-in SSL implementation is used, then, yes, data could be inspected. If the app has it's own SSL implementation, no. And if the app encrypts using some other means, no. And there are non-encrypted encodings that might make it difficult to identify inspected content.
The problem that we are discussing here is that an app asks for permission to access your location (nothing more) but then also gains the capability to 'copy [your] entire photo library, without any further notification or warning'. That is the problem we are discussing. Sure, if a user were able to knowingly give an app permission to access all their photos, and then the app did something naughty with them, like delete them, or upload them to a server, you might have a point. But that really isn't the issue you and I were discussing.
Did you notice the update to the article by the way…?
So it seems some good does come from people holding Apple to a higher standard than you seem willing to.
Last edited:
I'm not sure what your point is. iOS already does more than any other operating system to protect your photos. It appears that they are planning to do even more to confirm access to this information on an app by app basis. What are you suggesting?
Oh gosh, this discussion is like a merry-go-round! I don't care about 'other operating systems', and I'm not 'suggesting' anything. I'm stating openly that this issue is a serious one. A request to the user for permission should be precise and explicit. Perhaps someone else said it better than me here:
Amen to that. Now it appears Apple is going to fix it. Enough said.
Oh gosh, this discussion is like a merry-go-round! I don't care about 'other operating systems', and I'm not 'suggesting' anything. I'm stating openly that this issue is a serious one. A request to the user for permission should be precise and explicit. Perhaps someone else said it better than me here:
Amen to that. Now it appears Apple is going to fix it. Enough said.
Now I understand. You don't understand what is actually happening. The location warning is precise and explicit. It is there to protect location data. Which happens to be embedded in photos.
Actually, the iOS SDK does allow developers to put a message in that popup, but no one even notices them because at a quick glance it looks like every other message. People have become trained to just click No.
I think this is a big UX issue with Apple's use of modal popups for requests. People hate modal popups because they block interaction with the software, and so they instinctively try to get rid of them as quickly as possible to get on with their task (just like they do with software license agreements). As Apple moves to a more fine-grained permissions structure, I hope that Apple just does away with the modal popup completely and moves to something like a full-page screen that clearly denotes what is being used and why. It would be better if these requirements would also be listed on the app store page, where I think people are more likely to read. But once they get the app installed, they just want to use it.