All users should read Jamf’s analysis of iOS app permissions
Jamf has published what should be essential reading to every iPhone or iPad user, a detailed analysis of the kind of permissions apps request to run on your device. This information should be of particular use to enterprises attempting to evaluate risk.
First ask if you are exposed
Michael Covington, VP of product strategy, Wandera explained why: “In order to address risk, you first need to understand where you’re exposed. When it comes to preventing excessive data collection, businesses should look to implement a solution that gives them visibility into all the apps installed across their user base and their relevant risk scores at scale. That way, administrators can be alerted to vulnerable or dangerous apps that are accessing sensitive data.”
Apple and Google – who maintain the world’s largest mobile app ecosystems for iOS and Android – have been cracking down on excess data collection, the report said, but noted that consumers of apps should spend time to understand app privacy concepts.
Control the apps that can access your camera and mic
Jamf looked at what privacy permissions 100,000 popular App Store apps required. The company found that the most required permissions are access to photos, the camera, location and microphone.
The company warns:
“While camera is a very common permission, it’s a very risky one. With access to the camera, a bad actor can spy on users. This is the reason why top-secret organizations do not allow phones with cameras in their facilities and why some vendors disable camera access or remove it from the hardware to sell to these organizations.”
Another feature that seems open to abuse is microphone access. “The microphone is a particularly risky permission given the fact that it can be, and has been, used to capture audio without any user interaction or knowledge,” Covington said.
“On the other hand, many social media and communication apps are virtually useless without microphone access. We give apps access to our data in exchange for better functionality, but the line needs to be drawn somewhere, and that’s why I’d recommend carefully auditing your permissions to weed out apps that don’t need certain access to function.”
He’s right of course.
The ability to activate the microphone, apps can record and transmit private conversations or listen for what’s going on around you in order to sell this information to advertising organizations.
https://youtu.be/Ihw_Al4RNno
What about cross data sharing?
The report also warns of the perils of cross data sharing, which advertisers exploit to build complex data profiles of users. A case of data mishandling came to light in 2020 when LinkedIn and TikTok were accused of copying the clipboard contents of iOS users.
We also learn that lots of apps seem to request permissions they don’t logically need. For example, the majority (62%) of navigation apps request access to your location. It makes sense for placing you on a map, but why do almost half of them (48%) also request access to your camera?
Same story for the 83% of shopping apps requesting access to your camera. It makes sense for scanning QR codes, but why do so many (87%) also request access to your photo library?
What should you do to secure your device?
- Read permissions carefully. Ask yourself: does this app need access to my private data to function? Deny requests you can’t understand or justify.
- Regularly audit your app permission settings. Look for permissions given to apps you don’t use, no longer need or apps that have made the news for abuse of privacy.
- When it comes to location data, always grant permission ‘only while in use’.
- Delete apps you no longer use.
Apple’s work to make app permissions more transparent is helpful but it is essential every user take the time to understand how to make use of them.
Photo by Jeremy Zero on Unsplash
Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.
Dear reader, this is just to let you know that as an Amazon Associate I earn from qualifying purchases.