Apple has been grilled for iOS security problems repeatedly over the last few weeks. Path started the firestorm when it was revealed that the popular iPhone app secretly uploaded a user’s entire address book to its private servers. Despite the fact that Apple is firmly against such practices, many apps continue to take advantage of Apple’s poor guideline enforcement.
The New York Times sounded the bell again earlier today with the revelation that an iOS app can collect your device’s entire Camera Roll (not just the location data) without your permission. A new report claims that Apple has acknowledged the bug and is working to fix it in a future iOS update.
The Verge reports:
All hope might not be lost, however. We spoke to sources familiar with the situation, and were informed that a fix is most likely coming for the loophole. According to the people we talked to, Apple has been made aware of the issue and is likely planning a fix with an upcoming release of iOS. Those sources also confirmed that the ability to send your photos and videos to a third-party is an error, not an intended feature. If we had to guess, the fix will likely come alongside a patch for Apple’s other recent security issue — the ability for apps to upload your address book information without warning.
Apple issued a statement two weeks ago on the Path debacle saying “Apps that collect or transmit a user’s contact data without their prior permission are in violation of our guidelines.” The company affirmed that “any app wishing to access contact data will require explicit user approval in a future software release.” The same rule will assumedly be applied to photo and video data collection.
Rumors have pegged iOS 5.1 to drop on March 9th, and Apple is set to unveil the iPad 3 on Wednesday, March 7th. With an iOS update on the near horizon, this whole privacy scandal will hopefully be over soon.