Nick Bilton of the New York Times reports that a loophole in iOS’s security infrastructure enables apps you have allowed to determine your current location to access all the photos on your device (presumably due to the location information stored within photos). Although there are no known instances of this capability being abused in the wild, a proof-of-concept app commissioned by the New York Times showed that it could upload photos to a remote server once it had been given location permission. Apple will likely fix this soon; in the meantime, we recommend turning off unnecessary permissions in Settings > Location Services. follow link
Find Which Applications Phone Home with VirusBarrier X6
Worried about rogue applications or spyware "phoning home" with your private data? Turn on VirusBarrier's Anti-Spyware feature, and it will alert you to applications that attempt to connect to remote servers. Once you know which apps are phoning home, you can block or allow each individually, and you can even block or allow specific ports for each application, to ensure that your private data stays private.
iOS Apps with Location Permission Can Access Your Photos
Second, in a conspiracy, there has to be some benefit to Apple, and I can't see how Apple benefits in any way from exposing users' photos to apps. Apple already has access to those photos via Photo Stream, so what possible gain could the company achieve by allowing third-party apps similar access? And it's not like Apple is known for giving developers all sorts of unfettered access.
No, this really does feel like an oversight to me.
I feel it's nit-picking to complain that the alert only mentions that your photos and videos being accessed rather than saying "location information AND PHOTOS AND VIDEOS from your photos and videos." You are giving the app access to your photo library. What do you expect it to find there? Cumquats?
Sure, we don't want apps surreptitiously uploading photos. And occasionally some problem apps of various kinds do get into the App Store, at least for a while. It's not perfect.
I think it would be a shame if every access of every app to every API required a dialog. Although it's way to early to declare it a success, the OS X concept of sandbox entitlements, where an app declares (to Apple) the shared data features its going to use (calendar apps for calendar data, photo apps for photo data), actually seems better than the "more and more dialogs" approach.
I still don't want to see more dialogs.