iPhone app spyware: Shocking enterprise risks

By Richi Jennings (@richi ) - October 20, 2011.

Troy Hunt

Many iPhone apps are stuffed with spyware. That's the worrying conclusion from Troy Hunt's recent analysis of network traffic generated by popular iOS apps. Enterprises using iPhones and iPads need to be concerned about the possibilities of data leakage and regulatory non-compliance, as I'll argue in The Long View...

Australian software architect Troy Hunt (pictured) is the latest blogger to point out that apparently-legitimate iOS apps are spying on us. Of course, these are apps that are downloaded from Apple's supposedly-secure and carefully-curated App Store. They're sending back detailed information about actions in applications, including the unique device ID and often the location.

Troy Hunt's analysis starts off slow -- he tut-tuts about some poor coding practices that are causing far more data usage than is necessary -- graphics that should be resized or better compressed, and large data transfers repeated unnecessarily. OK, fine, some app developers are dreadfully sloppy, but he's keeping the real problem to the second half of his post. He's been sniffing the data traffic from several apps and he keeps seeing his Device ID and location transmitted, along with information about what he's doing in the app. For example, when he favorites a recipe in a cooking app:

To continue reading this article register now

Shop Tech Products at Amazon