Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Development
    • IT Management
    • Mobile

    Foursquare, Twitter Guilty of Slurping User Data: Report

    By
    Fahmida Y. Rashid
    -
    February 16, 2012
    Share
    Facebook
    Twitter
    Linkedin

      Several popular online services, including Foursquare and Twitter, are guilty of slurping up large amounts of personal data through their mobile applications without getting explicit permission from users. Now that they have been caught, these iOS developers, along with Apple, are promising to start warning users first.

      On Feb. 8, Arun Thampi, a software developer, disclosed reported that the popular diary app Path was uploading the entire address book from the user’s iPhone to the company’s servers without warning users. After a widespread outcry about violating user privacy, Path CEO Dave Morin apologized later that day and announced the latest version would explicitly require the user to opt-in to upload the information. However, more research by Paul Haddad, a developer with Tapbots, shows that Path was not alone in this kind of behavior, The Next Web reported.

      Foursquare is another offender, as its iOS app uploads all the email addresses and phone numbers in the address book with no warning or asking users for consent, Haddad told The Next Web. The latest update, released Feb. 14, now warns users before doing so. Popular photo app Instagram did the same thing until Feb. 11, when it quietly updated the app to inform users that contact data will be uploaded when using the “Find Friends” feature.

      Facebook’s iOS app appears to send email addresses, phone numbers and names from the address book but warns users first, according to Haddad’s analysis.

      However there are a group of apps, such as Yahoo! Messenger, Google+, and Skype, that hooked into the Address Book framework in iOS but did not appear to be sending any information, Haddad found. These apps had the capability to grab the data and use it locally, but have not done so yet.

      Twitter is another major company backpedaling after reports found that its iOS app is grabbing and storing user contacts information without explicitly warning the user. When a user selects the “Find Friends” option on the iOS app, the app uploads all the email addresses and phone numbers stored in contacts on the device’s address book and keeps it on its servers for 18 months.

      Twitter has promised to update the app “soon” with “more explicit” language on what the option does with user data. Users who don’t want Twitter to retain the contacts data can request the information be removed by clicking on the tiny “remove” link on Twitter’s Import page.

      “Most of us would like to be explicitly alerted when an app decides to this,” Carole Theriault wrote on the Sophos Naked Security blog.

      Online services are “trying to take advantage of the naivety of their users, rather than look after them,” Theriault wrote. When social media platforms depend on users to create accounts and use the services to be successful, then they should make more of an attempt to protect users, Theriault argued.

      In a recent mobile threats report, Juniper Networks warned about a growing number of mobile apps that were “suspicious, but not malicious.” These apps are likely to request more device permissions than they actually need, share excessive amounts of data with third parties, or access features and data without obtaining explicit consent.

      Of the approximately 790,000 apps analyzed by Juniper, 30 percent obtained device location data without explicit consent, according to the report. A little less than 15 percent of the apps requested permission to initiate calls without user intervention, and 5 percent asked to be allowed to send SMS messages without user knowledge. Another 6 percent wanted permission to view all accounts saved on the device, including email and social networking accounts.

      Apple has been roundly criticized for not explicitly building in controls in its iOS framework to make developers ask permission before grabbing user data. In response to Congressional inquiry, Apple has promised to update the iOS framework to require permission, Reuters reported.

      Fahmida Y. Rashid

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×