Wednesday, February 8, 2012

Want to avoid malware and intrusions to privacy, user discretion is a must


PC Magazine reports that Path Uploads Your Entire iPhone Contact List By Default.  In fairness, this is not malware. It is a feature. Path uploads the address book information to its servers in order to help users find and connect to their contacts who also use Path. The Android version of the app only uploads contacts when the users give it permission to do so. In the iOS version it uploads contact information automatically and with no notice to the user.
Dave Morin, the chief executive of Path, acknowledged that Path uploads the entire address book without user permission on the iOS version of the app, but only does so with the user's permission on the Android version of the app. Where, it does so, however, wasn't clear.

The opt-in capability will be added to Path version 2.0.6 of the iOS client, pending App Store approval, Morin added.
What is the lesson in all of this? Apple's process of vetting (checking apps) does not guaranty that all apps in the App Store are malware free. The other problem with the vetting process is when a fix is issued, it goes through the same vetting process and the fix may take some time in coming. 

Google, which does not pre-screen apps, added Bouncer. Basically it is a malware scanner which checks apps uploaded to the Android Market. Like all virus scanners, it is not going to be 100% full proof.

No system is perfect, and few do make it past the stringent approval process.  The user will need to exercise some discretion when downloading apps. When installing new apps or updates, it might be best to wait for a few days and read user reviews. Android users should check the permissions the app is asking for before downloading.

The early bird really does get the worm. But in apps, this is not a good thing.

Update: Path has deleted all Address Book Data and version 2.06 which allows the user to control whether or not to upload data is now on the App Store.


No comments:

Post a Comment