iOS Location authorization loophole gives apps access to iDevice photos
Amidst a clash between social networking, advancing technology and privacy issues, a loophole has been discovered that allows any iOS app which has been given access to location data to upload a device's entire photo library.
In a report on Tuesday, The New York Times outlined the issue that allows an app to upload geo-tagged photos from an iPhone, iPad or iPod touch in an unseen background task after said app has received permission from the user to enable location services.
Developers have been aware that the so-called "loophole" has existed for some time now, though until now there has been no proof-of-concept showing the functionality's scope. To that end, The Times asked a developer, who requested not to be named due to his association with a major app company, to write a test program that exploited the purported security weakness.
The code writer created "PhotoSpy" which, once installed and launched on an iPhone testbed, first asks for access to a user's location data. Once granted, the app begins the process of uploading photos and their corresponding location data to a remote server.
“Conceivably, an app with access to location data could put together a history of where the user has been based on photo location,” said app maker Curio's co-founder David E. Chen. “The location history, as well as your photos and videos, could be uploaded to a server. Once the data is off of the iOS device, Apple has virtually no ability to monitor or limit its use.”
Test app PhotoSpy's location authorization pop-up. Source| The New York Times
Typical Apple safeguards have been to sandbox apps, or limit their access to data and certain system-level iOS functions. When the company's mobile platform changed from "iPhone OS" to "iOS" in 2010, the sandbox grew to include the photo library among other system services.
Apple still has theoretical control over possibly malicious apps as software that reaches the App Store must first pass through the company's vetting process. However, the company has shown some missteps recently as the number of apps being submitted to the store is swelling.
An example would be the fake "Pokemon" app that made it into the App Store and reached top-five most-downloaded status before being pulled.
In attempts to streamline user experience and make a more cohesive product, developers have been looking for ways to consolidate data behind the scenes though some of their efforts border on invasion of privacy.
Earlier in February, the social networking app "Path" came under fire for uploading users' addresses in a background task in a reported attempt to make connecting with other friends using the program a seamless process. Customer backlash prompted the developer of the program to institute an opt-in requirement and issue an apology.
“Apple has a tremendous responsibility as the gatekeeper to the App Store and the apps people put on their phone to police the apps,” said David Jacobs, a fellow with the Electronic Privacy Information Center. “Apple and app makers should be making sure people understand what they are consenting to. It is pretty obvious that they aren’t doing a good enough job of that.”
[ View article on AppleInsider ]
Comments
This is just going to give Apple an excuse the lockdown iOS even more. Hope the iPad3 gets jailbroken swiftly.
Wait I though iOS was secure??
This is just going to give Apple an excuse the lockdown iOS even more. Hope the iPad3 gets jailbroken swiftly.
No no no. There are always holes in the wall. Gotta keep plugging the holes and raising the wall
No no no. There are always holes in the wall. Gotta keep plugging the holes and raising the wall
How about giving people the freedom to do what they want with their devices? How about personal responsibility instead of relying on big brother?
How about giving people the freedom to do what they want with their devices? How about personal responsibility instead of relying on big brother?
You go android if you want that. Apple will tell you what you like. Apple is mother. Apple is Father.
This is not a loophole, it is functioning exactly how it is supposed to. Once again the Times and the rest of the media blowing this out of proportion.
I was under the impression that the *location data* of your photos could be uploaded, not the actual photos themselves. This article is stating the latter, which seems quite serious.
This is not a loophole, it is functioning exactly how it is supposed to. Once again the Times and the rest of the media blowing this out of proportion.
So if I see you on the street ask for the time and you give it to me, I have the right to borrow your wallet and copy all the cards I find there?
I asked you for permission to access some of your data, you granted it, what's the problem?
It's pretty convoluted to say by uploading the photos you can extract the location information from the geotagged photos. Since the app is runing in background location mode, it is SUPPOSED to have access to the location and can simply upload that instead.
This is not a loophole, it is functioning exactly how it is supposed to. Once again the Times and the rest of the media blowing this out of proportion.
This is NOT a bug. It is a FEATURE.
You go android if you want that. Apple will tell you what you like. Apple is mother. Apple is Father.
And Sissy. I mean Sister. No, Brother. Big Brother.
/s
Troll bait engaged!
They are out in force in this thread.
Ummmm... sounds like you should run as fast as you can to get an Android "open system" with it's record of flakey security, viruses, and near imposable to follow versions and upgrade path. Leave Apple to their obsessive concerns about user privacy and security. One man's lock down is another's securty. I'd rather my stuff was not circulated around Legos, Beijing and Brooklyn. Apple finds bugs & flaws then they fix 'em.
What we should be talking about is ownership. We should be fighting to ensure that all data about an individual is legally that individual's property, that any entity that uses such data without recompense to the owner is legally a thief, and that any entity that sells an allegedly secure product that turns out not to be is liable for damages.
If the manufacturer of the lock on your front door turns out to have keyed it identically to ten thousand other units, are you going to face the resultant theft of everything you own and wonder who's responsible? Of course not. It's obvious who's responsible for your loss, and there are legal structures in place to help you be compensated.
Not so, software. The software EULA is the apotheosis of the old Lilly Tomlin Ma Bell joke: "We're the phone company? We don't care. We don't have to." When it comes to code, the "kcuf you" goes in before the name goes on. Why do we allow companies to disavow all responsibility for a product merely because that product is intangible?
If you're dumb enough to buy a car whose manufacturer tells you up front that it will not be held responsible when its defective gas tank causes it to explode, you can still cry on my shoulder when your entire family is killed, but please don't speak: I don't want to be tempted to tell you what I'm thinking while you're crying.
How about giving people the freedom to do what they want with their devices? How about personal responsibility instead of relying on big brother?
Remind me to ask you about your personal responsibility when your car is stolen because its manufacturer just kinda sorta slipped up and keyed every vehicle in a run of five hundred thousand identically.
Never mind? You're clearly a smart guy. I'm sure the first thing you do after buying a car is change the locks.
It's time we stopped whimpering about our rights and understood that anyone who buys a software-based product without first becoming an engineer, then committing industrial espionage to acquire the source code, and finally proofing a billion lines of abstruse gibberish is getting just what he or she asked for.
However if people think it's an issue then Android should close the "loophole" as well, since its apps can read the photos without any permission shown - not even showing the location one.
Apps on Android only need a permission to change or delete photos, reading is completely open. They can even go and read the other contents of the SD card too, not just photos.
Not sure why the NYT choose to mention iOS specifically, but I have some suspicions.