Apple loophole

Discussion in 'Photography' started by PeterN, Mar 1, 2012.

  1. PeterN

    PeterN Guest

    Interesting article:

    "The private photos on your phone may not be as private as you think.

    Developers of applications for Apple’s mobile devices, along with Apple
    itself, came under scrutiny this month after reports that some apps were
    taking people’s address book information without their knowledge."

    entire article online

    PeterN, Mar 1, 2012
    1. Advertisements

  2. PeterN

    Savageduck Guest

    key part of this story is about midway through;

    "The New York Times asked a developer, who asked not to be named
    because he worked for a popular app maker and did not want to involve
    his employer, to create a test application that collected photos and
    location information from an iPhone. When the test app, PhotoSpy, was
    opened, it asked for access to location data. Once this was granted, it
    began siphoning photos and and their locations to a remote server."
    and here is the kicker, they add as an afterthought, "(The app was not
    submitted to the App Store.)"

    That means this story is a work of speculation created by the NYT for
    this contributor. They provided their own software to fuel the FUD
    fundamentals of this story. This app was never submitted to the Apple
    App Store which would have to approve any apps or updates to apps, just
    to get them on the store shelf. It seems the real target of this story
    are the App Store, "gatekeepers"

    You might note the frequent use of the words, "conceivably", "concept",
    & "capability".
    So no iPhone, iPad, or iPod Touch user is actually vulnerable to an app
    which is not available to them, and if they do manage to actually
    install it they would have do so without the scrutiny of the App Store
    guardians. This story ends with a heavily implied question regarding
    the quality of the vigilance of the App Store scrutinizers.

    It just seems to be opportunist effort to chip away at the reputation
    and operation of the current leader of the Corporate value heap. $500B
    as a value & $97B in liquid reserves is not to be sneezed at.
    Savageduck, Mar 1, 2012
    1. Advertisements

  3. PeterN

    PeterN Guest

    my posting was intended as a cautionary warning.

    From the article:
    "It is unclear whether any apps in Apple’s App Store are illicitly
    copying user photos. Although Apple’s rules do not specifically forbid
    photo copying, Apple says it screens all apps submitted to the store, a
    process that should catch nefarious behavior on the part of developers.
    But copying address book data was against Apple’s rules, and the company
    approved many popular apps that collected that information.

    Apple did not respond to a request for comment."

    It could be interpreted as a swipe at Apple, and it could be just a
    cautionary warning.
    PeterN, Mar 1, 2012
  4. PeterN

    Pete A Guest

    As a cautionary warning: it is extremely trivial to write applications
    that bypass very careful expert inspection. Run-time dynamic-linking is
    one example of a performance benefit that is frequently misused to
    obfuscate the intended purpose of the application. Without access to
    the source code, it is impossible to detect.
    Pete A, Mar 1, 2012
  5. Fact: iPhone security is as weak as a screen door and
    completely misleading (location data != photo access!!!.)
    Fact 2: Apple's gatekeepers are failable. This has been
    proven several times.

    With screen doors at the safe of your bank, relying on the
    gatekeepers in the bank to prevent access to the valuables is
    necessary. However, bank robbers since ever have proven that
    these gate keepers are important, but can be overcome, bribed,
    tricked, shot.

    I'll rather have nigh impenetrateable vault doors first and
    gatekeepers as a second.
    Might does not make right. OK, maybe it *does* in Texas.

    Wolfgang Weisselberg, Mar 3, 2012
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.