Report: iPhone Apps Can Access Contact Information

In June, I reported that some Android apps could compromise a user’s data. Today, a new report calls into question the safety of some iPhone apps as well.

The news isn’t pretty: compared with approximately eight percent of Android apps that could cause security problems, 14 percent of all iPhone apps could do the same thing. This comes from the Black Hat conference in Las Vegas, Nevada, where security research firm Lookout revealed its findings. They reviewed the security of 300,000 free applications available in both the App Store and Android Market. Lookout produces virus protection software for Android, BlackBerry and Windows Mobile devices. Initial findings include:

29% of free applications on Android have the capability to access a user’s location, compared with 33% of free applications on iPhone

Nearly twice as many free applications have the capability to access user’s contact data on iPhone (14%) as compared to Android (8%)

47% of free Android apps include third party code, while that number is 23% on iPhone

These are simply the first findings of what is being billed The App Genome Project. The entire report is expected to be released soon. Clearly, the most significant (and scary) finding is the one about accessing a user's contact data. Typically, when an app wants to know a user's location, a message pops up. The user can then decide whether or not to allow the app access to the user's location data. However with contact data, this is not the case. There is no rule that requires developers to tell end-users if or when they want to access contact information. If apps are indeed able to access my contact data (phone numbers, emails, and whatever I might have in the contact's description field), this is worrisome. Also, I'd like to know which apps make up the 14 percent and promptly steer clear of those! I will be interested in reading the entire report when it is released. We will keep our readers updated on this security news.

Related articles