Monday, 3 January 2011

Apple Sued For Sending User Data To Advertisers

   Apple has been sued this week over "allegedly transmitting user information to advertising networks without the consent of owners" of its iOS devices.
   Jonathan Lalo, of Los Angeles, says Apple and a group of mobile app developers sold his personal data (age, sex, location) to ad networks:
"[Lalo] did not expect, receive notice of, or consent to Defendants' tracking of his iPhone app use and did not want Defendants to engage in such activity."
   The user agreement policies state that apps are not allowed to transmit data without a user's consent. The suit comes at a time when the WSJ has broken news that many mobile applications transmit personal data to third party advertisers without user content.
    About time for somebody to gather evidence and file a case as the risks have been there ever since the first iPhone and as apple never took a any action to cover the holes, it became obvious they didn't take any action for their own interest: iOS 4 - as insecure as ever, Apple personal information free give-away, October is the iOS security flaw month at the iPhone Fever!
    Unfortunately solvng the issue requires rewriting of a major part of the iOS kernel that unlike Symbian or Linux (Android, MeeGo) doesn't have any embedded security features like firewalls (hint: iptables).

One of the most high-profile apps named is Pandora, the popular Internet radio app.

Via: WSJ