Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Apple has tightened how permissions will be handled in iOS 6, the soon-to-be-released mobile platform unveiled last week at the company's Worldwide Developers Conference (WWDC).
The new version of Apple's mobile operating system would require developers to explicitly ask users for permission before an application could access certain types of information, according to the "Data Privacy" section of Apple's iOS 6 release notes.
Under the new requirements, developers will have to take into account that a user may refuse to grant permission to access personal data, and ensure the app continues working under that scenario.
The new rules specify that explicit permission is required before an app can access a user's phone contact list, calendars, reminders and photos.
When the app attempts to reach any of those data types, the user will be prompted with an access dialog to grant or deny permissions. Previously, apps needed to obtain explicit consent only for the phone's geolocation data.
"In iOS 6, the system now protects calendars, reminders, contacts and photos as part of Apple's data isolation privacy initiative," according to the release notes.
Apple likely made these changes to prevent a repeat of disclosures of third-party apps accessing and copying personal data off mobile devices. Earlier this year, social network application Path was named as one of the offenders, as its iOS app used the phone's contacts as part of its "Find Friends" feature and copied data on its servers without user permission or awareness. Path made the feature opt-in by releasing an update.
More recently, social networking site LinkedIn disclosed that its iOS app was sharing calendar data with its servers. Even though LinkedIn's data collection was part of an opt-in feature, most users were unaware their calendar information was being harvested, or that there was even a way to opt-out.
Apple has been focusing on iOS security recently. The company released a white paper earlier this month, detailing the security features implemented within the mobile platform, such as system architecture, device access tools and encryption. Plus, it plans to present on the topic at the Black Hat security conference next month in Las Vegas -- Apple's first-ever appearance at the hugely popular annual show.
This article originally appeared at scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.