There have been a number of recent privacy issues involving iOS apps accessing Address Book data and other private information without the user’s permission – and sometimes even storing it in plain text on their own servers!
A new report released by security firm BitDefender claims that those concerns remain live, stating that around 18.6 of apps (based on a sample of 65,000 apps) can still access address book data – and 41% can track a user’s location without their permission, or their knowledge.
Worse than that is that over 40% of these apps transmit and store your private data insecurely, making your private information – as well as the information of all of your Address Book contacts – a significant potential target for hackers.
BitDefender’s Chief Security Researcher Catalin Casoi stated the following (quoted by MobileEntertainment, via 9to5Mac):
It is worrying stored data encryption on iOS apps is low and location tracking is so prevalent. Without notification of what an app accesses, it is difficult to control what information users give up.
We see a worrying landscape of poor user data encryption, prevalent location tracking and silent, unjustified, Address Book access.
Fortunately, Apple has fixed this problem in iOS 6, which is due out sometime this fall. Even so, users of certain older devices are unable to install and use iOS 6, leaving the question of data security for all of Apple’s iOS users unanswered.