ContactPrivacy Tweak Offers Alert Notifications When An App Attempts To Access Address Book
The ‘Path’ iOS application will no doubt go down as one of the most popular applications of 2011 thanks to its mix of having an innovative and beautiful user interface as well as operating as an extremely functional journal-type app. Although the Path app had been around since November 2010, the 2.0 release in final quarter of last year introduced a revamped UI which gained the application quite a lot of media attention and a large amount of new users.
As is usually the case with stories such as this, when an application is trusted by the public’s eye, people start paying close attention to the performance of the app and picking up anything behind the scenes which may look a little suspicious. In the last day or so, the Path developers have come under fire after developer Arun Thampi recently blogged about his discovery that his entire address book was being upload to Path’s servers in the form of a plist without any prior permission given. To make sure that his findings were accurate, Thampi created an entirely new Path account and once again found that the names, telephone numbers and email addresses of all contacts in his address book were sent to Path-owned servers without permission.
Path CEO, Dave Morin was quick to respond to the findings, and addressed the issue by confirming that the address book data was indeed sent to Path but only to help users connect with their friends and family who may use the Path journal service.
We upload the address book to our servers in order to help the user find and connect to their friends and family on Path quickly and effeciently as well as to notify them when friends and family join Path. Nothing more.
As you might expect, the discussion thread continue and blew up quite quickly with other well known iOS developers getting involved to not only query why Path required the data, but also to ask Mr. Morin why the application never prompted users to opt-in to the address book submission and instead just liberated the data. The Path CEO retorted by confirming that a new opt-in policy is up for approval in version 2.0.6 of the Path app.
We proactively rolled out an opt-in for this on our Android client a few weeks ago and are rolling out the opt-in for this in 2.0.6 of our iOS Client, pending App Store approval.
If you are a jailbroken iOS device user, and the story of data submission without permission has put you on the edge then you may be pleased to know that popular developer Ryan Petrich has acted swiftly to release his ‘ContactPrivacy’ tweak. The function of this tweak is pretty self explanatory, with the release notes even going as far to say that it has been inspired by the recent Path story.
ContactPrivacy provides an alert view on the device display whenever any application is attempting to access the device’s address book. The alert allows the user to allow or deny the request and also contains a user information warning which states that not all applications can continue to work if the request is revoked.
ContactPrivacy is a free of charge tweak and should provide piece of mind to any new Path users until the opt-in feature is released in the next version.
You can download the tweak by adding the follow repo in Cydia in Sources: http://rpetri.ch/repo
There are no settings or icons added and nothing to configure.
You will obviously need to jailbreak your device to install this tweak. For jailbreaking iPhone 4S and iPad 2, you can simply follow our step by step guide posted here to jailbreak iOS 5.0.1 using Absinthe on Windows or Mac. For those of you with iPhone 4, 3GS, iPad 1, and iPod touches can use Redsn0w or Sn0wbreeze to untether jailbreak on iOS 5.0.1.