Should mobile address books be more secure?
There has been a lot of buzz lately about privacy and users' information being compromised, stolen, exploited, etc.
The whole Carrier IQ debacle is subsiding, but just a couple weeks ago, it was a complete mess. For those of you who haven't looked at the Internet since 2011, it was discovered by Android developer Trevor Eckhart that Carrier IQ software was secretly installed on mobile devices and logged users' every move and was sent to a remote server, all without the customer ever knowing or consenting. Turns out, Carrier IQ's software was being used on over 141 million devices worldwide and things got a little crazy.
Earlier this morning, a similar (yet totally different) story spread around the Web like a wildfire. It was discovered by Arun Thampi that the Android and iOS versions of Path, a popular, up-and-coming social network, uploads users' address books to a remote server without asking permission or prompting. Dave Morin, CEO of Path, has since come forward to answer some questions and extend an apology to the users of his network. He explained that:
"We upload the address book to our servers in order to help the user find and connect to their friends and family on Path quickly and effeciently [sic] as well as to notify them when friends and family join Path. Nothing more."
Still, doing so without a users' consent is unlawful and morally wrong. Morin stated that they understand and take the situation seriously, and that the Android version of Path was updated recently to ask users to opt-in before remotely storing their contact data. The iOS update version 2.0.6 for Path is currently pending App Store approval.
(Note: If you want to ask Path to delete your data from its servers, contact their service team at firstname.lastname@example.org. However, I agree with what Michael Arrington said on Uncrunched – that they should just dump their servers and re-collect the data the right way.)
What's important to take away from this is not that Path's means of collecting and storing data was discovered, but how effortless it was for them to do so. There are thousands upon thousands of applications available that could be doing the exact same thing without us ever knowing.
When it comes to contact information, I don't think it can be said any better than how Arrington worded it:
"A lot of users just don’t care about their address book integrity, they know that it’s been exploited, repurposed, shared and siloed for a long, long time. The argument that Facebook has always made is that it isn’t really your data since it includes personal information of others. So it isn’t really yours to control."
Truthfully, we shouldn't have to care about it or control it. Contact information security and control should be built-in security features of mobile operating systems. Extended security for a user's data should be a requirement. For example, a specific, user-defined password or PIN that is required to be input by the owner of the phone whenever they install an application that accesses vital information, such as an address book, would provide an added layer of security.
For instance, when you install an application on Android – whether it's from Android Market, Amazon Appstore or side-loaded by the user – the user is met with a permissions page. (You know, the prompt that I foolishly ignore every time.) This page details all of the different parts of the operating system that the application will require access to. And, of course, there are some red flags, like a fart app needing access to your location.
But it's far too easy for users to completely over look these things. I am a prime example of that.
For applications that don't need access to vital information, the current permissions page works well and as intended. However, for access to more sensitive data (like contact information), the user should be forced to investigate a little further, even on iOS. If we were asked for a special PIN (made specifically for contact information) upon installation of the app with a more in-depth description of why the application would need access to the address book, it would at least give us more reason to read into things and stop something before we install it. It's not fail-proof, but it's certainly an additional level of security that could help prevent things like this from happening. Think of it as granting "administrative privileges" much like what is used on the desktop versions of Windows.
Nobody likes spam. But SMS spam (which I am convinced I now get because one of my friends stupidly installed a sketchy application that steals contact information) is enough to drive someone mad. And it's only getting worse. Since users obviously don't seem to care about (or carelessly or unknowingly compromise) the integrity of their friends' information, something needs to be done.
I'm not saying consumers shouldn't be responsible for their data, but they should not have to constantly worry about which apps are accessing their data or why. It should be a worry-free experience, with any platform (iOS, Windows Phone, Android, BlackBerry, etc.). If a user's data is compromised, it should be their own fault, not because there are simply next to no security measures out there to prevent it from happening.
Mobile operating systems have the ability to control this, or at least keep it to a minimum. It's high time for Apple, Google, Microsoft and every other software provider that we trust with our personal data to quit taking security of such sensitive information so lightly.