Study Finds iOS Apps Just As Intrusive As Android Apps

Posted by samzenpus on Thursday July 18, 2013 @08:01PM from the more-of-the-same dept.

wiredmikey writes "Despite fevered arguments that iOS is more secure than Android, and that Android offers developers more options than iOS, a study has found that both platforms are equally as invasive and curious when it comes to collecting user data. Security firm BitDefender analyzed more than 522,000 apps over the past year and focused on the 'intrusive behaviors' the app developer may have included in the product, such as tracking location, reading contact lists, and leaking your email address or device ID. According to Catalin Cosi, iOS applications appear to be more focused on harvesting private data than the ones designed for Android. Cosi did acknowledge that Android apps state all the permissions needed at installation time and there is no way to change the settings afterwards, while iOS permissions are requested at run-time, as the specific resource is used, making iOS a little bit more secure in practice."

1 of 107 comments (clear)

Min score:

Reason:

Sort:

The basic problem by ArsenneLupin · 2013-07-18 20:38 · Score: 5, Interesting

... is that if apps are denied permission, they may refuse to work (even though the permission requested might not actually needed for the app's official purpose).
So, what we would need is a change in how permission refusal is communicated (or not communicated) to the app. The OS should always tell the app "yes you got permission", but then just fake the action (return plausible but fake location data, plausible but fake adresses, etc.). Or fail with a code not linked to permission (pretend that there is no cellular network available if user refused permission to use it)
That way, it will be much more difficult to pressure users into granting apps each and every right they ask for...