What's new

How do I know that an app isn't stealing my data?

G

GreenTruck

New Member
Joined
Feb 25, 2017
Messages
3
Reaction score
0
An App I bought is basically like a password/ media saver that supposedly only saves my media locally.

The dev claims it is only stored locally.

1) is there anyway to make sure that the media I save on that app isn't being uploaded to some hidden cloud that the dev accesses?
2) would apple allow such an app to save the pictures I upload to it to the devs cloud? ? It has been on the App Store since 2011

Thanks
 
Obviously app's can only access whatever you explicitly give it access to but this situation is a little different. What I would say is that if it's been around for 6 years then something would have happened by now if the devs had bad intentions.
 
I haven't had it for 6 years, I bought it a couple of days ago , but shuffling through updates , I can see some from 2011. I haven't directly "accepted" that the dev can take my data, so why is it fishy, an app made to "keep data safe" should not have anything in the code that says it will upload it to cloud.cloud . It's concerning that I can't take it for granted that the dev can't see the videos or pictures or passwords that I upload to his app to keep safe, it's also a paid app (though free variant exists)
 
Apple certainly doesn't allow an app to get data without the user's consent. If Apple finds apps that are not following their guidelines, these apps are removed from the App Store. This has happened a few times already.

Here are Apple's guidelines:
App Store Review Guidelines - Apple Developer

Does the app have a privacy policy?
 
Apps are sandboxed, which strictly limits how they can interact with other apps. If an app requires access outside its sandbox it has to ask permission and you have to expressly agree. For example, a third party camera app cannot access the camera unless you grant permission. Once granted it has access until you recind it.
 
scifan57 said:
Apps are sandboxed, which strictly limits how they can interact with other apps. If an app requires access outside its sandbox it has to ask permission and you have to expressly agree. For example, a third party camera app cannot access the camera unless you grant permission. Once granted it has access until you recind it.
Click to expand...

That's the thing though, i understand that i have the right to refuse it to access my gallery for example. However if i grant it access to my gallery, or if it actually has media/ data in the app ( The app is a gallery alternative ) Can it execute a code such as, if a new file/picture/password is introduced, send it to X(Dev's Cloud), If code such as this exists, will Apple refuse this app on the appstore ( I am aware that the APP Control team on apple may miss something. but they shouldn't miss such code over 50 updates that happened over 6 years which should mean it's safe? )


Thanks a bunch :)
 
It's certainly very likely that the app is acting legitimately if it's still in the App Store after all those updates as Apple would have had to approve all of them.
 
GreenTruck said:
That's the thing though, i understand that i have the right to refuse it to access my gallery for example. However if i grant it access to my gallery, or if it actually has media/ data in the app ( The app is a gallery alternative ) Can it execute a code such as, if a new file/picture/password is introduced, send it to X(Dev's Cloud), If code such as this exists, will Apple refuse this app on the appstore ( I am aware that the APP Control team on apple may miss something. but they shouldn't miss such code over 50 updates that happened over 6 years which should mean it's safe? )


Thanks a bunch :)
Click to expand...

Can an app execute such code... Yes, if written properly, it can, though it doesn't have access to your passwords unless it has the capability to store them and you input the data into the app. If you create a WiFi password, or log into a web site and have to enter a password, as long you are not doing it in this program it doesn't have access.

Does the code exist... This is the real question, without the source code there is no way to answer this one. If it has access to your photos it may be doing so, although not knowing anything about the software it sounds like this may be one of its selling points - off site backup.
 
You must log in or register to reply here.

Most reactions

Similar threads

I
Group-Accessible Database App?
Replies
0
Views
2K
intercostalclavicle
I
dgstorm
Mac OS X and iOS Security Flaw Lets Hackers Steal Your Passwords
Replies
1
Views
2K
scifan57
scifan57
RaduTyrsina
Amazon launches iOS Amazon Cloud Drive Photos app
Replies
0
Views
3K
RaduTyrsina
RaduTyrsina
Maura
iCloud Photos Beta Launches Prior to iOS 8.1 Arrival
Replies
1
Views
2K
scifan57
scifan57
ardchoille
How do I remove the badges on app store
Replies
5
Views
5K
zig9449
zig9449
Top