Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I'm confused as to how Apple's lack of regard for the privacy of its users is a story, but Path's lack of regard for the privacy of those same users is a non-issue. One of the parties failed to protect the users' data, another one of them took it without asking. Both should be held to account in my mind


What is Apple supposed to do to prevent a social network app (i.e., something plausibly worth granting access to your contact list, and so asking for permission to access your contacts wouldn't help) from uploading your data to their servers?

I think having some sort of permission guard for contacts is totally worth doing, but to put Path's sending of your contacts to a remote server in the same category as Apple not asking before allowing something to see your contacts is misleading at best.


> What is Apple supposed to do to prevent a social network app ... from uploading your data to their servers?

1) Put in their detailed rules that this (uploading entire address books) is not allowed.

2) Remove apps from the Apple App Store if they are found to violate this rule.

Apple could also remove such apps from phones after the fact as if they were hostile malware. This may be going too far, but it can be done: http://cybernetnews.com/apple-can-remotely-remove-bad-apps-f... I mention this since by saying "What is Apple supposed to do to prevent.." you may be asking if there's anything Apple can do at all. Yes, of course there is. It's not hard to do something when you own the app store and have control over all the devices.


That's not enough. Contacts should not be accessible by third party apps without explicit permission, period. Its not enough to remove apps after they are found to violate a rule. Just don't even make it possible to violate that rule in the first place.


> That's not enough. Contacts should not be accessible by third party apps without explicit permission, period.

Well, that too. But eropple (the parent poster)'s point is that social networking apps are the kind that would typically ask for this permission. Controls on this behaviour before and after the fact can work together.

Now that I think about it, doing the "find your friends" thing without uploading address book data at all would be tricky.


That is exactly it. If Apple were to put safe guards in place, that were not optional, these things would not happen.

This is the same reason Facebook apps have to explicitly ask for permission to certain data.

It is Apple's platform, and Apple's app store. They own more of this issue in my eyes. They are the ones that make the rules and review the apps.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: