Modernizing Authentication — What It Takes to Transform Secure Access
Apple recently removed Bitdefender's Clueful privacy awareness app from the App Store. Prior to its removal, however, Clueful found that 42.5 percent of more than 60,000 iOS apps studied do not encrypt users' personal data, even when sending it over public Wi-Fi; 41.4 percent can track a user's location; and almost one in five can access a user's entire Address Book, with some sending that data to the cloud without encrypting it.
"While most app developers use this information for legitimate purposes, others might not," Bitdefender Chief Security Researcher Catalin Cosoi said in a statement. "Clueful was the best way for iPhone owners to know the difference. While Clueful remains off the App Store, we are working hard toward understanding why our app was removed and to develop the app to improve its chances of staying there."
"Apple’s reasoning around why apps are removed is rarely made public and often seems capricious when it emerges," writes Lifehacker's Angus Kidman. "Much of iOS’ reputation for security rests on Apple’s vetting of apps, but as we’ve noted before, that’s not a perfect process, and cutting off scrutiny of the app ecosystem doesn’t actually improve confidence in it."
"iOS 6 may well obviate the need for Clueful, as it will let you control not just 'location services' settings (which was essentially all you could control privacy-wise on previous iOS versions), but also settings for individual apps can access reminders, calendars, contacts and even photos -- with the new iOS to ask your permission before letting individual apps access these personal repositories of information," notes iTWire's Alex Zaharov-Reutt. "However, in a world iOS 5.x, Clueful was best able to give users a clue about the privacy implications of the apps they’re using, with BitDefender stating it created Clueful 'under the belief that iPhone owners should be able to learn which apps may be behaving unscrupulously with their personal data.'"