We know that because somebody snooped unencrypted data, but it was almost OK because it is social application. There are some others applications that did the same. What we don't know is how many application with totally unsocial purpose passed App Store's manual checks and sent data somewhere encrypted without being detected.
iOS security concepts are made for utopian world, were app vendors play nice according to prescribed rules and army of dedicated persons checks what they did, just to be on the safe side. When user installs app, he doesn't have to think about it; everything is in nice and disinfected for his convenience.Harsh reality is that none of the human activities work that way. Cars are being recalled, toys are toxic, you inbox is full of ads for fake Viagra, and "financial product" in which you invested left you without a dime. Someone always want to earn some money in less than decent way, and regulators are usually one step behind.
Apple's answer was to add alert when some application tries to read contacts. Fine; but what about all other data, which resides on smartphone?
I read a lots of ideas how to fix iOS security model, including:
- do nothing; it will reduce usability (yeah, but what about privacy and financial damage?)
- add another alert (how many one can stand, if you include future permissions for security holes not exploited yet - calendar anybody?)
- add optional permission grants (you either believe application or not; if not, why grant anything - although always ask / always allow could make sense)
Here is a thought:
- introduce mandatory permission list in application (Android)
- if there are some fishy permissions, do more thorough manual application check (iOS)
- at OS level, block operations not declared in permission list (Android)
Let's see how this works for different cases:
- If application does what it should and manual review passed, there is no need to bother user with permissions.
- If application does something fishy, review will see unusual permissions in list and do more thorough review.
- If application is malicious and tries to hide something, it will be blocked at OS level.