iPhone apps Path and Hipster offer address-book apology

Posted by
|

The makers of two iPhone apps have apologised after it emerged they had uploaded users address-book information without explicit permission.

Path and Hipster both sent contact data to company servers in order to help users find friends who were also using the apps.

Both companies said they had now updated their apps to fix the problem.

But there is concern the practice may be more widespread. Hipster has called for a “summit” to discuss app privacy.

Path is a social media app which bills itself as “the smart journal that helps you share life with the ones you love”.

Arun Thampi, a software developer, first drew attention to the issue with Path in a blog post after he discovered that his phone’s address book was being sent to the company’s servers without his permission.

The company has since apologised. “We made a mistake,” Path chief executive David Morin said in a blog post.

“Through the feedback we’ve received from all of you, we now understand that the way we had designed our ‘Add Friends’ feature was wrong,” he wrote.

According to the company, contact information was encrypted before being sent to its servers. However, Mr Morin said Path had now “deleted the entire collection of uploaded contact information from our servers”.

Path updated its app with a feature which asks users whether they want the service to use personal contact list information.

Continue reading the main story

“Start Quote

We blew it, we’re sorry, and we’re going to make it right”

Doug LudlowHipster chief executive

Hipster howler

The discovery of the Path issue was quickly followed by news of a similar problem with Hipster.

Hipster says it allows users to “easily share where you are and what you’re doing with postcards of your photos”.

Like Path, the Hipster app was revealed to be uploading address book information to the company’s servers without explicit permission.

“We blew it, we’re sorry, and we’re going to make it right,” wrote contrite Hipster boss Doug Ludlow in a guest post on the blog Techcrunch.

“When we built our ‘Find Friends’ feature for iOS, we clearly dropped the ball when it comes to protecting our users’ privacy,” he added.

Hipster has, like Path, made an updated version of the app available which makes sharing contact information an opt-in.

Friend-sharing forum

Mr Ludlow invited other developers to attend an “application privacy summit” at its San Francisco headquarters.

The aim, he wrote, would be to create a “privacy pledge – one that can be adopted by all apps, detailing for users what types of privacy expectations they should have”.

Both incidents have caused some to wonder whether other apps are also sharing contact information and whether Apple is doing enough to restrict the practice.

Writing in Sophos’ Naked Security blog, senior security adviser Chester Wisniewski asked: “Where was Apple when the original app was released? The lengthy approval process should be looking out for its customers.”

Several tech blogs also flagged up a post by blogger Dustin Curtis which claimed that “there’s a quiet understanding among many iOS app developers that it’s acceptable to send a user’s entire address book without permission to remote servers and then store it”.

Add a comment


Quote of the week

Steve Jobs
"Being the richest man in the cemetery doesn't matter to me. Going to bed at night saying we've done something wonderful, that's what matters to me."Steve Jobs

Tweets

  • Twitter is currently flying the fail whale
  • About the site

    iMattic is highly designed Apple news blog and forum resource. However we don’t just do news, we like to spread our wings and try new things. We also have a highly rated iPhone app available right now on the app store. Along with our app we also dabble in iOS theming and you can find our themes by simply searching imattic within cydia.

    Where can i find…?

    You can find iMattic Lite (our native iOS app) HERE and our themes by searching iMattic in cydia.

    Hit us up…

    Follow us: Twitter | Facebook

    Built Using

    iMatticCopyright © 2011 iMattic. All rights reserved.                                           Privacy Policy