I had an article pop up on my radar yesterday on iOS Privacy, specifically where a researcher found that a particular app (Path) was uploading data without explicit permission. iOS, in some respects, feels like it has been given a pass with the type of traffic it passes (and how it does so) because a significant number of iOS users are in fact iPhone users, where traffic often moves over cellular networks. Those networks are coming under increasing scrutiny as the equipment required to disrupt or spoof cellular communications is quite affordable whereas in years past that was a massive barrier to entry.

wi-fi, by poloballs

With Facebook getting in all kinds of hot water over privacy concerns, how did iOS get a pass? I’m not saying that all apps are evil, but there is a really good chance that an app can get approved (remember the Flashlight app for tethering?) with a secondary use. If it gets approved, it can probably do quite a bit before the problem is found and the app is pulled—especially if the app is sneaky about it.

For the most part, the only way someone will really know what is going on is if they watch traffic going over their wireless networks. For the vast majority of users, this is never going to happen. But the bad guys sitting in a Starbucks might be interested to see what kind of data your device is sending in the clear, especially if it is personal information that you think is only available in your phone. I don’t know if there is a better case for mutually authenticated, encrypted traffic than mobile devices on open Wi-Fi hotspots.

This post originally appeared on BrandenWilliams.com.

Possibly Related Posts: