Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

9 iPhone-iPad Apps That Invade Your Privacy, and 1 That Doesn't

Tom Kaneshige | Feb. 1, 2013
Most iPhone and iPad apps appear harmless and fun, but don't fall for them. Some apps are virtual Trojan horses that swipe personal data when you're not looking. Appthority has put together a list of some of the worst offenders and you may be shocked to learn that a couple of the most popular apps made the list, such as Facebook and Angry Birds Star Wars. Be sure to check out the app at the end of the list for the one most honest.

Stagecoach Group Media and Investor

What it does: Stagecoach Group Media and Investor (free), with separate iPad and iPhone versions, serves up the latest investor and financial media information. Armed with the latest share price, corporate news, financial reports and even corporate videos, users presumably can make better investment decisions.

What are the risks:

  • The app was not compiled as a Position Independent Executable (PIE), which could expose the app to memory corruption attacks.
  • Can access a user's Location, Calendar and Contacts Book.
  • Sends some sensitive data in clear text (no encryption).

Salon-Finder

What it does: Salon-Finder (free) is an iPhone app that helps salons and customers "connect, build loyalty and be pampered," according to its Facebook page. Got a broken nail? Find a salon and get it fixed. No worries. Well, there are a few things to worry about.

What are the risks:

  • Not compiled as a Position Independent Executable (PIE), which could expose the app to memory corruption attacks.
  • Sends some sensitive data in clear text (no encryption).
  • Can access a user's Location and Contacts Book.
  • Includes file paths to source code files in debug information, stored within the app's executable. These file paths often include usernames or other information related to the app developer or development company.

Angry Birds Star Wars

What it does: Be careful of free (or nearly free) game apps. Nothing is really free, is it? The most popular game on the iPhone and iPad is Angry Birds Star Wars. Some of the app's risks might turn you into an angry bird, too.

What are the risks:

  • Can access a user's Location, Calendar and Contacts Book.
  • Incorporates Flurry Analytics framework, a service used to collect usage data.
  • Includes file paths to source code files in debug information, stored within the app's executable. These file paths often include usernames or other information related to the app developer or development company.
  • Uses several ad networks, such as InMobi, AdMob, iAd, Google's Double Click and Millennial Media.

StoneWater Church

What it does: Religion-based apps promise to make daily deliveries of truth. StoneWater Church (free) gives "life-changing messages of Jesus Christ" over the iPhone and iPad. But I wouldn't have too much faith in the privacy and security of this app.

What are the risks:

  • Not compiled as a Position Independent Executable (PIE), which could expose the app to memory corruption attacks.
  • Uses Google Maps (location tracking) and transmits source or destination location values unencrypted via HTTP.
  • Can access a user's Location, Calendar and Contacts Book.
  • Includes file paths to source code files in debug information, stored within the app's executable. These file paths often include usernames or other information related to the app developer or development company.

 

Previous Page  1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.