iOS Location authorization loophole gives apps access to iDevice photos

Posted:
in Mac Software edited January 2014


Amidst a clash between social networking, advancing technology and privacy issues, a loophole has been discovered that allows any iOS app which has been given access to location data to upload a device's entire photo library.



In a report on Tuesday, The New York Times outlined the issue that allows an app to upload geo-tagged photos from an iPhone, iPad or iPod touch in an unseen background task after said app has received permission from the user to enable location services.



Developers have been aware that the so-called "loophole" has existed for some time now, though until now there has been no proof-of-concept showing the functionality's scope. To that end, The Times asked a developer, who requested not to be named due to his association with a major app company, to write a test program that exploited the purported security weakness.



The code writer created "PhotoSpy" which, once installed and launched on an iPhone testbed, first asks for access to a user's location data. Once granted, the app begins the process of uploading photos and their corresponding location data to a remote server.



“Conceivably, an app with access to location data could put together a history of where the user has been based on photo location,” said app maker Curio's co-founder David E. Chen. “The location history, as well as your photos and videos, could be uploaded to a server. Once the data is off of the iOS device, Apple has virtually no ability to monitor or limit its use.”





Test app PhotoSpy's location authorization pop-up. Source| The New York Times







Typical Apple safeguards have been to sandbox apps, or limit their access to data and certain system-level iOS functions. When the company's mobile platform changed from "iPhone OS" to "iOS" in 2010, the sandbox grew to include the photo library among other system services.



Apple still has theoretical control over possibly malicious apps as software that reaches the App Store must first pass through the company's vetting process. However, the company has shown some missteps recently as the number of apps being submitted to the store is swelling.



An example would be the fake "Pokemon" app that made it into the App Store and reached top-five most-downloaded status before being pulled.



In attempts to streamline user experience and make a more cohesive product, developers have been looking for ways to consolidate data behind the scenes though some of their efforts border on invasion of privacy.



Earlier in February, the social networking app "Path" came under fire for uploading users' addresses in a background task in a reported attempt to make connecting with other friends using the program a seamless process. Customer backlash prompted the developer of the program to institute an opt-in requirement and issue an apology.



“Apple has a tremendous responsibility as the gatekeeper to the App Store and the apps people put on their phone to police the apps,” said David Jacobs, a fellow with the Electronic Privacy Information Center. “Apple and app makers should be making sure people understand what they are consenting to. It is pretty obvious that they aren’t doing a good enough job of that.”



[ View article on AppleInsider ]

«1

Comments

  • Reply 1 of 33
    Wait I though iOS was secure??







    This is just going to give Apple an excuse the lockdown iOS even more. Hope the iPad3 gets jailbroken swiftly.
  • Reply 2 of 33
    Quote:
    Originally Posted by realitycheck69 View Post


    Wait I though iOS was secure??







    This is just going to give Apple an excuse the lockdown iOS even more. Hope the iPad3 gets jailbroken swiftly.



    No no no. There are always holes in the wall. Gotta keep plugging the holes and raising the wall
  • Reply 3 of 33
    This is not a loophole, it is functioning exactly how it is supposed to. Once again the Times and the rest of the media blowing this out of proportion.
  • Reply 4 of 33
    Quote:
    Originally Posted by Just_Me View Post


    No no no. There are always holes in the wall. Gotta keep plugging the holes and raising the wall



    How about giving people the freedom to do what they want with their devices? How about personal responsibility instead of relying on big brother?
  • Reply 5 of 33
    Quote:
    Originally Posted by realitycheck69 View Post


    How about giving people the freedom to do what they want with their devices? How about personal responsibility instead of relying on big brother?



    You go android if you want that. Apple will tell you what you like. Apple is mother. Apple is Father.
  • Reply 6 of 33
    Quote:
    Originally Posted by crisss1205 View Post


    This is not a loophole, it is functioning exactly how it is supposed to. Once again the Times and the rest of the media blowing this out of proportion.



    I was under the impression that the *location data* of your photos could be uploaded, not the actual photos themselves. This article is stating the latter, which seems quite serious.
  • Reply 7 of 33
    Quote:
    Originally Posted by crisss1205 View Post


    This is not a loophole, it is functioning exactly how it is supposed to. Once again the Times and the rest of the media blowing this out of proportion.



    So if I see you on the street ask for the time and you give it to me, I have the right to borrow your wallet and copy all the cards I find there?



    I asked you for permission to access some of your data, you granted it, what's the problem?
  • Reply 8 of 33
    The photo library has always been readable. What the guy has done has written an app that makes use of the background location mode that enables the app to run in the background constantly (although at a significant battery cost), and monitors the photo dir for new photos.



    It's pretty convoluted to say by uploading the photos you can extract the location information from the geotagged photos. Since the app is runing in background location mode, it is SUPPOSED to have access to the location and can simply upload that instead.
  • Reply 9 of 33
    [insult removed]
  • Reply 10 of 33
    Quote:
    Originally Posted by crisss1205 View Post


    This is not a loophole, it is functioning exactly how it is supposed to. Once again the Times and the rest of the media blowing this out of proportion.



    This is NOT a bug. It is a FEATURE.
  • Reply 11 of 33
    eehdeehd Posts: 137member
    I've turned off all location services and turn them on when I need to use TomTom and maps. One thing that I've noticed, though, is that the Camera App has shown the little location arrow and has disappeared right away. I'm going to have to check pictures' metadata to see if the camera is still adding locations to the pictures.
  • Reply 12 of 33
    Quote:
    Originally Posted by Just_Me View Post


    You go android if you want that. Apple will tell you what you like. Apple is mother. Apple is Father.



    And Sissy. I mean Sister. No, Brother. Big Brother.



































    /s
  • Reply 13 of 33
    Troll bait engaged!
  • Reply 14 of 33
    solipsismxsolipsismx Posts: 19,566member
    If this does allow 3rd-party apps unfettered access to personal photos and images then this should be locked down. Despite what some are saying "personal responsibility" shouldn't including being able to understand the codebase of a 3rd-party app before using.





    Quote:
    Originally Posted by ChristophB View Post


    Troll bait engaged!



    They are out in force in this thread.
  • Reply 15 of 33
    "Lock it down"

    Ummmm... sounds like you should run as fast as you can to get an Android "open system" with it's record of flakey security, viruses, and near imposable to follow versions and upgrade path. Leave Apple to their obsessive concerns about user privacy and security. One man's lock down is another's securty. I'd rather my stuff was not circulated around Legos, Beijing and Brooklyn. Apple finds bugs & flaws then they fix 'em.
  • Reply 16 of 33
    Here's yet another example of our misguided and utterly useless focus on the quaint notion of "privacy." Privacy, always of questionable value, is now as obsolete as whale-boned corsets, and like such lingerie, is at this late date appropriately of concern only to historians, antiquarians, and fetishists.



    What we should be talking about is ownership. We should be fighting to ensure that all data about an individual is legally that individual's property, that any entity that uses such data without recompense to the owner is legally a thief, and that any entity that sells an allegedly secure product that turns out not to be is liable for damages.



    If the manufacturer of the lock on your front door turns out to have keyed it identically to ten thousand other units, are you going to face the resultant theft of everything you own and wonder who's responsible? Of course not. It's obvious who's responsible for your loss, and there are legal structures in place to help you be compensated.



    Not so, software. The software EULA is the apotheosis of the old Lilly Tomlin Ma Bell joke: "We're the phone company? We don't care. We don't have to." When it comes to code, the "kcuf you" goes in before the name goes on. Why do we allow companies to disavow all responsibility for a product merely because that product is intangible?



    If you're dumb enough to buy a car whose manufacturer tells you up front that it will not be held responsible when its defective gas tank causes it to explode, you can still cry on my shoulder when your entire family is killed, but please don't speak: I don't want to be tempted to tell you what I'm thinking while you're crying.
  • Reply 17 of 33
    Quote:
    Originally Posted by realitycheck69 View Post


    How about giving people the freedom to do what they want with their devices? How about personal responsibility instead of relying on big brother?



    Remind me to ask you about your personal responsibility when your car is stolen because its manufacturer just kinda sorta slipped up and keyed every vehicle in a run of five hundred thousand identically.



    Never mind? You're clearly a smart guy. I'm sure the first thing you do after buying a car is change the locks.



    It's time we stopped whimpering about our rights and understood that anyone who buys a software-based product without first becoming an engineer, then committing industrial espionage to acquire the source code, and finally proofing a billion lines of abstruse gibberish is getting just what he or she asked for.
  • Reply 18 of 33
    Congratulations on having one of the most sophisticated phorums I've came across in some time! Its just incredible how much you can take away from something simply because of how visually beautiful it is. Youve put together a great phorum space great graphics, videos, layout. forums.appleinsider.com is definitely a must-see phorum!
  • Reply 19 of 33
    This isn't really a loophole, it was designed this way so that we could have nice photo editing apps.



    However if people think it's an issue then Android should close the "loophole" as well, since its apps can read the photos without any permission shown - not even showing the location one.



    Apps on Android only need a permission to change or delete photos, reading is completely open. They can even go and read the other contents of the SD card too, not just photos.



    Not sure why the NYT choose to mention iOS specifically, but I have some suspicions.
  • Reply 20 of 33
    jungmarkjungmark Posts: 6,927member
    I wonder if the developers informed Apple of it before they contacted the Times...
Sign In or Register to comment.