iOS Apps with Location Permission Can Access Your Photos
Nick Bilton of the New York Times reports that a loophole in iOS’s security infrastructure enables apps you have allowed to determine your current location to access all the photos on your device (presumably due to the location information stored within photos). Although there are no known instances of this capability being abused in the wild, a proof-of-concept app commissioned by the New York Times showed that it could upload photos to a remote server once it had been given location permission. Apple will likely fix this soon; in the meantime, we recommend turning off unnecessary permissions in Settings > Location Services.
Perhaps its my inherently suspicious and cynical nature, but I rather doubt that access occurred due to a "loophole", especially given Apple's evasive responses to the matter when exposed.
I tend not to err on the conspiracy theory side of things here, for two reasons. First, Apple never responds directly to any criticism like this right away - they sit on it for a few days or weeks until they have a public statement that says exactly what they want it to say. Look at all those letters from Steve Jobs about Flash, the location tracking hoohah, and so on.
Second, in a conspiracy, there has to be some benefit to Apple, and I can't see how Apple benefits in any way from exposing users' photos to apps. Apple already has access to those photos via Photo Stream, so what possible gain could the company achieve by allowing third-party apps similar access? And it's not like Apple is known for giving developers all sorts of unfettered access.
No, this really does feel like an oversight to me.
Is it really news or a loophole that 3rd party apps can access the iOS photo library? Ok, I'm a developer, so hopelessly well-informed about such things, but still: Apple has well-publicized that feature, at the very least in developer docs (no registration required) and photo-accessing features have been widely reported on since 3rd party apps came out (for example: http://mashable.com/2008/12/27/iphone-photo-video-apps/ ). Plus, this ability is off by default for each app until user-enabled.
I feel it's nit-picking to complain that the alert only mentions that your photos and videos being accessed rather than saying "location information AND PHOTOS AND VIDEOS from your photos and videos." You are giving the app access to your photo library. What do you expect it to find there? Cumquats?
Sure, we don't want apps surreptitiously uploading photos. And occasionally some problem apps of various kinds do get into the App Store, at least for a while. It's not perfect.
I think it would be a shame if every access of every app to every API required a dialog. Although it's way to early to declare it a success, the OS X concept of sandbox entitlements, where an app declares (to Apple) the shared data features its going to use (calendar apps for calendar data, photo apps for photo data), actually seems better than the "more and more dialogs" approach.
I think there's a special case to be made for photos and videos, though, since they may be far more private than any other data on the iPhone. People don't generally keep confidential financial data on their phones, for instance, but it's very common for people to take revealing or compromising photos or videos. So there's a higher bar to be cleared about who can do what with your photos.
Ok, good point. I'll go along with photos potentially being more sensitive than other data. I forgot that other people lead more interesting lives than I do :-). Seriously, corporate IT people have to worry about somebody taking a photo of a whiteboard and accidentally revealing the company's 5-year strategy.
I still don't want to see more dialogs.
Clearly you need to start taking more "interesting" photos. :-) But yes, I agree about not wanting more dialogs. The important thing is that Apple needs to make sure that any bad actors that slip through do so because they actively deceived Apple, not because there was a wide-open entitlement to the photo library.
Hopefully there's a reasonable middle ground between more dialogs on the one hand and open access to all of the device's photos/videos on the other. Too, once you've enabled iCloud, does the permission apply to all synched device data?