You’d be forgiven for thinking that unauthorized iOS apps obtained from the likes of Cydia aren’t as careful with your personal data as those approved by Apple for sale in the App Store. In fact, the opposite is true. Jailbroken iOS apps respect your privacy more than those obtained from the App Store.
Following the recent Path scandal which saw users’ address books uploaded to servers without their permission, iOS users seem to be more concerned about their private data than ever before. So much so that the concern has inspired jailbreak developers to release a tweak that blocks access to your address book from third-party apps.
But if you jailbreak your iOS devices to install this tweak and indeed other software that isn’t sanctioned by Apple, do you increase you risk by downloading content that isn’t regulated? Apparently not.
Andy Greenberg of Forbes discovered a study from a group of researchers at the University of California at Santa Barbara and the International Security Systems Lab that attempts to analyze how iPhone apps transmit a user’s private data.
The study reports that one in five free iOS apps downloaded from the App Store upload data to the apps’ creators that could potentially be used to identify a users and built a profile of their activities.
What’s more interesting, particularly for those who jailbreak, is that the study also looked at unauthorized apps built specifically for jailbroken iPhones and found that these actually leak data “far less frequently” that apps authorized by Apple.
The researchers built a tool called PiOS to analyze the data and ran it on 1,407 free apps, 825 of which were downloaded from the App Store while the other 526 were obtained from the BigBoss repository within Cydia.
21% of the apps from the App Store leak a user’s unique device identifier (UDID), while 4% also upload a device’s location. 0.5% upload a user’s entire contacts list.
However, only 4% of apps downloaded from Cydia upload your UDID, while only one (yes, just one app) leaked location and contact data. And it’s worth noting that this particular app, called “MobileSpy,” was built specifically to do this task.
Manuel Egele, a post-doctoral researcher at UCSB, believes Cydia’s apps are safer because of the culture of jailbreakers:
Egele points to Cydia’s culture of privacy among administrators and users. “The people who run Cydia seem very conscious of what information is available and can be accessed,” says Egele. “The applications you get from Cydia are geared toward more privacy-aware people.”
Jay Freeman, who is also known as Saurik and the creator of Cydia, firmly believes that you should jailbreak your iOS devices if you are concerned about your privacy:
If you care about this kind of thing, you should jailbreak your phone. Instead of Apple making decisions about what’s good and bad, you decide. People think jailbreaking is about deciding that things Apple doesn’t like are good. But it also allows you to decide that things Apple likes are bad. We provide you the tools to block the functionality you don’t believe apps should have on your phone.
So next time someone tells you that it’s “unsafe” to jailbreak your iOS devices and install unauthorized apps and tweaks, just smile politely and agree, safe in the knowledge that someone, somewhere, is flicking through their private data at a “reputable” Silicon Valley company.