The app development world went into a frenzy when social network app Path was caught uploading users address book information without asking for permission last week. But, a study by the University of California at Santa Barbara has found Cydia apps leaked private data less than apps available on the iTunes App Store.
The group built a tool called PiOS that analyzes iOS apps for private data leaks. It looked at 1,407 free apps: 825 apps from the App Store; and, 526 apps from Cydia’s repository the BigBoss.
The findings indicated 21 percent of the App Store apps tested uploaded a users’ iOS device’s UDID, 4 percent uploaded location information, and .5-percent uploaded users’ address book—like Path did. When it came to the 526 apps tested on the BigBoss repo, only 4 percent leaked users’ UDID, and only one app leaked location and address book data.
While many have the impression that third-party apps do most of the uploading, it turns out that may not be the case. Smith says, “Perhaps Apple’s new restriction on uploading address book information without permission will help remedy the situation.”