[gregorylkelly]

Permission loophole gives developers access to iOS photo library and location history

Earlier this month it was revealed that the popular social networking app Path was uploading entire iPhone address books to the company�s servers without first gaining permission. The data uploaded included full names, phone numbers and email addresses. Path quickly confirmed the report and issued an update to allow users to opt-in or out. The New York Times reported on Tuesday that a user�s address book isn�t the only information vulnerable on iOS devices, however. The publications claims photos can also be accessed by third-party app developers. Read on for more.

�After a user allows an application on an iPhone, iPad or iPod Touch to have access to location information, the app can copy the user�s entire photo library, without any further notification or warning,� app developers confirmed to the Times. After an application gains permission to access location services, it can then gain access to photo and video files, which typically include the coordinates of the location at which they were taken.

�Conceivably, an app with access to location data could put together a history of where the user has been based on photo location,� co-founder of Curio, David E. Chen said. �The location history, as well as your photos and videos, could be uploaded to a server. Once the data is off of the iOS device, Apple has virtually no ability to monitor or limit its use.�

In an effort to make photo apps more efficient, Apple first permitted access to the photo library in 2010 when the company released the fourth version of iOS. Developers have often questioned why Apple would allow permission to access location data of photos, however. �It�s very strange, because Apple is asking for location permission, but really what it is doing is accessing your entire photo library,� John Casasanta, owner of app development studio Tap Tap Tap, told the Times. �The message the user is being presented with is very, very unclear.�

With the help of an anonymous developer, The New York Times created a test application that requested location data and then confirming the report. While the application, PhotoSpy, was not submitted to the App Store, it did successfully access photos and their location data with the ability to export everything to a remote server.

�We�ve seen celebrities and famous people have pictures leaked and disclosed in the past. There�s every reason to think that if you make that easier to do, you�ll see much more of it,� said David Jacobs, a fellow with the Electronic Privacy Information Center. �Not just celebrities are at risk. A lot of sites are trying to obtain images from everyday people and politicians to post online.�

[sleepngbear]

Haven't you heard? Security isn't important. /end sarcasm

Seriously, it isn't too much of a leap from this to the very situation Mr. Heins referred to a few weeks ago, and to much consternation and ridicule as I recall.

[gregorylkelly]

I mean, if I had pictures of someone famous doing something on my iPhone (which I don't have), then they would be out there in the open to certain developers. The thought of that is RIDICULOUS!

[T�nis]

Thanks for posting this. "Apps" just aren't worth the forfeiture of privacy.

[Alex_Hong]

Good example would be scarlett johansson. Remember her hacked iphone and photos?

Sent from my BlackBerry 9900 using Tapatalk

[[email protected]]

Thanks for posting this. "Apps" just aren't worth the forfeiture of privacy.

This whole about privacy is so ridiculous. Its all perceived. The NSA can turn on your phone's mic and camera with the push of a button. Even if your phone is off, they can turn it on.

My good friend "Eddie" is with the Secret Service. He tells me all the tie that there is no such thing anymore. It doesn't exist.

If you want privacy from the Gov't, you'd best go live in a cave somewhere.

Cheers!

[T�nis]

Well, the NSA can't turn my mic on when I take the battery out. Besides, what does the NSA's capabilities have to do with allowing every nasty app developer access to one's pictures?

[breakmedown]

I don't remember Scarlett's hacked stuff! I'm gonna have to google that now

[breakmedown]

This whole about privacy is so ridiculous. Its all perceived. The NSA can turn on your phone's mic and camera with the push of a button. Even if your phone is off, they can turn it on.

My good friend "Eddie" is with the Secret Service. He tells me all the tie that there is no such thing anymore. It doesn't exist.

If you want privacy from the Gov't, you'd best go live in a cave somewhere.

Cheers!

This is nothing new. Privacy has been merely a smoke screen for years. Just like the falacy that is personal rights. Even if you're not causing harm, there are still plenty of things that can get you on a watch list, just ask any Muslim.

Not that I believe all that "the gov't can do this and that" nonsense. I just know that if they really wanted to know what I was doing, they'd find out and my BB isn't gonna help me any with that.

[guzprom]

nasa can hack my android for all I care, all important stuff is in my bb. Also.. One of the 400 apps I got installed in my gnote have probably already done so. Android = free for all apps = back door worms

[[email protected]]

Well, the NSA can't turn my mic on when I take the battery out. Besides, what does the NSA's capabilities have to do with allowing every sh*tbag app developer access to one's pictures?

No idea what you're referring to. I wasn't commenting on your post.

[sinsin07]

This is why Corps and Gov't are Dumb for leaving BB

Tell the ATF
More feds ditch BlackBerrys

Well, the NSA can't turn my mic on when I take the battery out. ...

Everybody remove your batteries. Ought to free some ATT/Verizon bandwidth.

[[email protected]]

nasa can hack my android for all I care, all important stuff is in my bb. Also.. One of the 400 apps I got installed in my gnote have probably already done so. Android = free for all apps = back door worms

NASA? Why would NASA care about what's on your phone? You an astronaut or something?

And if the NSA(National Security Agency) wanted what was on your phone, they'd access it. Trust me.

[T�nis]

No idea what you're referring to. I wasn't commenting on your post.

You quoted me in your reply. I then quoted you in mine. It's just normal discourse.

[[email protected]]

You also can't use the phone. Better to go to the aluminum foil.

Classic...

[[email protected]]

You quoted me in your reply. I then quoted you in mine. It's just normal discourse.

Oh! My bad. My apologies.

[apengue1]

The government having access is not the same as any dbag off the street. I really don't think I need to say more.. It's common sense

[guzprom]

NASA? Why would NASA care about what's on your phone? You an astronaut or something?

And if the NSA(National Security Agency) wanted what was on your phone, they'd access it. Trust me.

Yes. Secret service,pd,Nsa,cia,fbi,hackers,spammers anyone would be able to if ur on andoid. My bad about nasa mix up.

[BB10FTW]

Secure Blackberry is Secure ;-)
We keep hearing about all the weird ways to access info remotely or with a locked device that has been stolen (Apple, Android and WP7 of course) Yet all these agencies don't seem to care....Then again we all have to think about the BYOB miracle security service!! (Drum roll please) BLACKBERRY FUSION!!! It no longer matters what device you use because Blackberry security is there to save the day!!!

Governments (mainly USA) watch what we do. Anyone remember Carrier IQ? That was huge and blew over in less then a month. No one cares what the governments or carriers do its the low level developers who really can't get caught because they aren't in the spotlight.

I Love My Blackberry because it makes me feel Safe!!! No viruses, no apps spying on me and all my information secure unless I choose to give it out. Like Thorsten Heins said "All those haters will be back, just you wait holmes! They deal wit a breach and they be back in our hood!" (Not an exact quote)

[xandermac]

I agree that it's unclear, unless of course you read the description of the app you're downloading in the app store. It's nothing new but could be better explained.

http://www.imore.com/2012/02/28/psa-...d-camera-roll/

The iMessage bug is a bit more of an issue at the moment and one corporations should be seriously looking at.


Sent from my iPhone4s using Tapatalk

[llllBULLSEYE]

This whole about privacy is so ridiculous. Its all perceived. The NSA can turn on your phone's mic and camera with the push of a button. Even if your phone is off, they can turn it on.

My good friend "Eddie" is with the Secret Service. He tells me all the tie that there is no such thing anymore. It doesn't exist.

If you want privacy from the Gov't, you'd best go live in a cave somewhere.

Cheers!

lol read
The Article is talking about app Developers being able
to easily access all your pictures and videos not the Gov't.

[Shlooky]

You guys are funny...don't you think the NSA or any government agency like the FBI can't hack into Blackberries?
If RIM lost to the Arab countries and India, don't you think here in Canada and States don't have access?

LOL

[eve6er69]

I don't use androids because they're battery life stinks, I don't use iphones because I don't like the apple lock on consumers. I use a blackberry for what it does for me and how much faster I can work with one.

If a developer wants to take all my pictures from my device he will just have a library full of dog/cat and kids pics from over the years.

I do nothing illegal so I don't worry about that stuff.

Sent from my BlackBerry Bold 9900 using Tapatalk

[apengue1]

You guys are funny...don't you think the NSA or any government agency like the FBI can't hack into Blackberries?
If RIM lost to the Arab countries and India, don't you think here in Canada and States don't have access?

LOL

Actually by law they are allowed, especially if they have suspicions about you, where carriers and probably RIM would cooperate with authorities. As for any joe blow off the street? No, I wouldn't think so. If you would read the thread, this is exactly the problem.

I don't use androids because they're battery life stinks, I don't use iphones because I don't like the apple lock on consumers. I use a blackberry for what it does for me and how much faster I can work with one.

If a developer wants to take all my pictures from my device he will just have a library full of dog/cat and kids pics from over the years.

I do nothing illegal so I don't worry about that stuff.

Sent from my BlackBerry Bold 9900 using Tapatalk

Personally, I find it appalling that anyone would let personal files, information, and whereabouts be available to the general public. They could seriously come back to haunt you one day. There's a lot of freaky people in this world who sometimes have motives that no one would understand.

[belfastdispatcher]

This is exactly why most "celebrities" use a BB. Can you imagine apes having access to their private photos?