Apple iOS 6 Tightens iPhone, iPad App Security
The next version of Apple's mobile operating system, iOS 6, will request explicit permission before allowing third-party applications to access user information. It's a privacy upgrade that could benefit Apple's hundreds of millions of iPhone and iPad customers.
In the new iOS 6, Apple will force apps to get user permission before accessing Contacts, Calendars, Reminders and Photos, MacRumors reported. The enhanced security feature, outlined in the "Data Privacy" section of Apple's iOS 6 Release Notes, was announced at the company's Worldwide Developers Conference last week.
The notes explain: "For contact, calendar, and reminder data, your app needs to be prepared to be denied access to these items and to adjust its behavior accordingly. If the user has not yet been prompted to allow access, the returned structure is valid but contains no records.
"If the user has denied access, the app received as NULL value or no data. If the user grants permission to the app, the system subsequently notifies the app that it needs to reload or revert the data."
In February, researchers discovered that iOS apps that had been granted permission to access user location were actually able to copy the user's entire photo library to a remote server.
The permissions upgrade could further tighten the security of Apple's app ecosystem by granting users full control over exactly what each app can access.
The "à la carte" or "granular" permissions model may also force Google to adjust its own permissions model for Android. At the moment, most Android users must either accept all the permissions an app demands upon installation, or reject the app entirely, creating an environment ripe for exploitation by malware writers. (Some hacked Android builds allow à la carte permissions.)
Apple's iOS 6 is currently in beta, and is expected to be released this fall.