Path quickly apologized and updated its system to make the upload opt-in. “We made a mistake,” blogged Path CEO David Morin. “In Path 2.0.6, released to the App Store today, you are prompted to opt in or out of sharing your phone’s contacts with our servers...” But it raises the wider question, exactly what are the different apps doing? Mark Chang, concerned over the Path issue, checked his own apps, and in particular, Hipster. He reported, “The Hipster app allows you to deselect the ‘Contacts’ button when looking for new friends, but it is enabled by default. Therefore, there is no way to avoid sending address book emails to Hipster, as far as I can tell.”
Now anti-malware company Bitdefender has released an app specifically designed to tell iOS users what is going on inside their phones, good and bad. Called Clueful, it is described as ‘the world’s first and only app that tells you which iOS apps may be accessing more information than they need.’ The good can be positive attributes, like the use of encryption. The bad can be unnecessary access to personal data.
“App developers can ask for, and receive, access to your precise location, your contact list and more information about you when you install their products on your iPhone,” explains Alexandru Catalin Cosoi, Bitdefender’s chief security researcher. “Your iPhone is probably the most personal device you own, holding vast amounts of information about what you do, who you are, and where you go.”
Bitdefender’s Clueful doesn’t stop the app ‘stealing’ users’ data, but it does say which ones are behaving badly. The company maintains a cloud database of apps with details of what they do. This approach is never perfect since maintaining a complete details of all apps as soon as they are released or updated is an impossible task – but it will certainly include the most popular apps, and has the advantage of being responsive to crowd reputation. It allows users to check the behavior of their existing apps, and to query the behavior of interesting apps before installation.
“Clueful tells you what kinds of private information apps can access so you can make an informed decision whether to use that app,” claims Cosoi.