Out of all the advantages of having an open-source platform, an obvious caveat is the increased threat to security which can arise.
Over the last few months a number of vulnerabilities have been found within the iOS platform that could potentially allow some ethically challenged individuals to gain access to certain parts of a user’s handset if it is lost or stolen, even if a passcode lock is enabled. The methods used have generally been long winded and allows access mainly to the device’s Camera Roll, recent call logs, as well as allowing the perpetrator to be able to make outgoing voice or FaceTime calls in some cases. Being able to circumvent the passcode lock and access that kind of minimal data is concerning, but on the grander scale of things hardly represents a massive breach.
Security, or the lack of it, is very much a hot button topic these days, and nowhere more so than in the mobile space. It seems things may be getting worse before they get any better.
A potential new privacy loophole has been discovered in the way iOS handles the Camera Roll and how apps are granted permission to interact with it. Unsurprisingly, the pitchforks are out all over again.
One of the hot topics surrounding not only iOS, but mobile operating systems in general is data security and privacy. Over the last couple of weeks there has been a lot of discussion on the world wide web about mobile applications accessing data without permission or prior notice, as well as independent reports about users being able to launch FaceTime calls and gain access to certain contact information on an iOS device. Only last week, we were also able to view a report from the University of California which used the PiOS tool to show us that official App Store applications leaked more data than their Cydia based counterparts. When all of this information is put together, it hasn't been a very good two weeks for the reputation surrounding iOS security.
If there's anything that truly antagonizes consumers, it's breaches of privacy, resulting in data being accessed without due consent. In iOS, if a third-party app requires permission to access your location data with the intention of enhancing user experience, you're met with a popup window, and have the option to allow access, or simply block the app from knowing of your whereabouts.
It seems that the iPhone owning and application using world has been going a little bit loopy over the last few days thanks to the revelations that popular journal application Path has been liberating entire address books of data and uploading it to their servers in the form of a plist file without asking for the user’s permission. The company CEO David Morin quickly responded to the outrage by claiming that the name, telephone numbers and email addresses of the user’s address book are captured to help users find friends and family who are using the Path application, but the bottom line is; that the contacts data doesn't actually belong to the user and therefore they don't even have permission to upload it should it ever be requested.
Despite Apple working pretty damned hard to tighten security with its latest iteration of the iOS mobile operating system, it’s only natural that flaws will occur; but unless they aid the jailbreaking process in any way, shape or form, we’re about as excited to see them as Tim Cook’s security squad is.
Over the last couple of weeks various reports have begun circulating that some Android, Nokia and BlackBerry smartphones feature a piece of software which logs certain key software events, as well as keeping track of some hardware functions, too. The world is up in arms about the whole thing, as it tends to be when anything even remotely related to privacy rears its ugly head.
Android is being portrayed as the smartphone operating system for those that like to push boundaries, be their own people and not conform to the usual rules, and there may be some truth to that if a recent report about how they treat security is anything to go by.
