The apps you download are pillaging your iPhone’s address book… still. According to data collected by security firm Bitdefender, “tens of thousands” of the 65,000 iOS apps studied “were specifically programmed to raid address books and upload the data,” Forbes wrote.
Supposedly, 40 percent of apps that extract data don’t encrypt the information, meaning any old peeping Tom can acquire the information with some know-how. None of this, by the way, is done with user consent.
In addition to information from address books being snooped on, 41 percent of apps tested track user whereabouts. You can run, but you can’t hide.
“It is worrying stored data and encryption on iOS apps is low and location tracking is so prevalent,” said Catalin Cosoi, Bitdefender’s chief security researcher. “Without notification of what an app accesses, it is difficult to control what information users give up.”
Overall, 19 percent of the apps studied were found to furtively extract data, which is definitely a worry. The introduction of iOS 6, however, may be a step toward rectifying such invasions, allowing users to block apps from gaining access to contacts, location and camera roll data.
This isn’t the first time iOS has been the focus of leaking personal information. In February, Congress began probing Apple amid reports that applications were unknowingly uploading private user address book information to remote servers. “Apps that collect or transmit a user’s contact data without their prior permission are in violation of our guidelines,” Apple spokesman Tom Neumayr told AllThingsD at the time. “We’re working to make this even better for our customers, and as we have done with location services, any app wishing to access contact data will require explicit user approval in a future software release.”