Apps phoning home

Posted:
in Mac Software edited January 2014
I am looking to purchase a financial app for the iPhone.



How can I verify that the app will not be able to "Phone Home" and send my financial info to another party ?



Thanks,



Jess

Comments

  • Reply 1 of 11
    Disconnect from the internet...
  • Reply 2 of 11
    Don't you think this is a serious issue?

    The iphone allows you to control whether the app accesses the GPS. Why shouldn't you be able to control whether it subversively sends something to the outside world?



    Jess
  • Reply 3 of 11
    Unless you're a "guru" with firewalls and network access via ports and such, you can't even be sure you're home PC/Mac isn't sending info "home" (short of disconnecting it.)

    Or that the info isn't being "hacked" from your banks servers anyway (there's a headline about that once a week or so.)



    While I'd like to have some control over such things, just for "peace of mind", NO, I don't think it's a serious issue.

    (You did ask for opinions on the matter.)
  • Reply 4 of 11
    bbwibbwi Posts: 812member
    You can't be absolutely sure but I'm pretty sure that it would be against a sh1t load of good laws
  • Reply 5 of 11
    Quote:
    Originally Posted by Jess View Post




    Don't you think this is a serious issue?




    I think this a deadly serious issue.

    And I gave you a deadly serious answer:

    short of disconnecting from the internet there is no way you can be really sure. So if you want to be absolutely sure your financial app doesn't 'subversively' connect to some outside computer to upload your financial details and passwords DON'T CONNECT TO THE INTERNET! Simple as that...



    Want to work with that app anyway? Then download it, install it, disconnect from the internet, and work with your app. When you're finished with the app, un-install it before connecting to the internet again.



    Good luck, Jess.
  • Reply 6 of 11
    My question is specifically about iPhone apps.

    The iPhone seems to have pretty strong controls about what each app can and cannot do so I'm wondering whether there is any way for me determine whether an app can phone home. In today's world a little paranoia can come in handy.



    Jess
  • Reply 7 of 11
    The only way to determine that is to trust Apple to not let any nefarious programs through their vetting process.



    Sure, apps aren't SUPPOSED to do that without notifying you, and Apple tries to reject apps that don't follow their guidelines (and apparently some that do )... but you have no way of really knowing. You just have to go on faith that the app creator was/is an honest person just trying to make a buck from their app in a legitimate manner.



    Same goes for WinMo apps, Pre apps, Android apps ... and desktop computer apps. If your hardware is connected to the internet, a nefarious app could send stuff out without you knowing it. (unless you're closely monitoring your network traffic, which isn't possible on the iPhone... unless there's an app for that.)
  • Reply 8 of 11
    regreg Posts: 832member
    There are some out there that have done some work on this

    http://i-phone-home.blogspot.com/200...tion-list.html

    Give them the name of the app and they might do it for you.

    Call me old school or paranoid but I don't do financial activity with a wifi connection. Even if it is a secure web site, I'll use the AT&T connection.
  • Reply 9 of 11
    Quote:
    Originally Posted by Jess View Post


    In today's world a little paranoia can come in handy.



    IN today's world a little paranoïa is not nearly enough!
  • Reply 10 of 11
    Well, I guess the only thing I can say is that I hope that someone from Apple is reading these forums and that they will give us the ability to determine the permissions of each iPhone app (access to the internet / GPS / Contacts, etc).



    Jess
  • Reply 11 of 11
    jeffdmjeffdm Posts: 12,946member
    Quote:
    Originally Posted by KingOfSomewhereHot View Post


    Unless you're a "guru" with firewalls and network access via ports and such, you can't even be sure you're home PC/Mac isn't sending info "home" (short of disconnecting it.)



    Little Snitch doesn't require guru skills. It CAN get old though. There is no iPhone equivalent.



    There is no perfect solution, but taking steps is a good idea whenever you're dealing with sensitive data.
Sign In or Register to comment.