Cydia Apps Leak Private Data Less Often Than App Store Applications

Cydia Apps Leak Private Data Less Often Than App Store Applications

Posted by · 11572 views · Translate

A study by researchers at the University of California at Santa Barbara and International Security Systems Lab found that Cydia apps leak private data less often than App Store applications, reports Forbes.

Researchers found that one in five free App Store applications upload private data back to the app's creators. To analyze privacy leaks, they built a tool called PiOS that analyzes data leaks and ran it on 1,407 free apps. 825 of those apps were from the App Store and 526 were from the Big Boss Cydia repository.

Of those tested apps, 21 percent of official App Store apps uploaded the user's Unique Device Identifier, (UDID) a series of user-specific digits that can be tracked between apps to assemble a profile of a specific person's behavior. Four percent uploaded the device's location, and half a percent uploaded the user's contact list. When the researchers analyzed the unauthorized Cydia apps, on the other hand, only four percent leaked the user's UDID, and only one app out of the 500 tested–a program specifically designed for espionage called MobileSpy–leaked location or contact data.

The table seen below shows how frequently authorized App Store and unauthorized Cydia iOS apps leak private information.

"Clearly this behavior hasn't changed over the last year. I'm not sure whether there's been any improvement from Apple's side," says Manuel Egele, a post-doctoral researcher at UCSB. "For easily accessible data, app store apps are much more frequently accessing and leaking that data. The app store is supposed to be a walled garden. Unless Apple gives approval, you can't put things there. But whatever job the company is doing isn't good enough."

Hypothesizing on why Cydia apps were more secure, Egele says, "The people who run Cydia seem very conscious of what information is available and can be accessed. The applications you get from Cydia are geared toward more privacy-aware people."

Saurik also commented on the privacy issues of late saying, "If you care about this kind of thing, you should jailbreak your phone," says Freeman. "Instead of Apple making decisions about what's good and bad, you decide. People think jailbreaking is about deciding that things Apple doesn't like are good. But it also allows you to decide that things Apple likes are bad. We provide you the tools to block the functionality you don't believe apps should have on your phone."

You can read the full study here.

Read More [via Andy]


Cydia Apps Leak Private Data Less Often Than App Store Applications

Jonathan - February 15, 2012 at 6:00pm
so, what are the names of the apps that leak Device ID Location Address Book Phone number Safari history Photos
Miguel - February 15, 2012 at 5:01pm
The illegal (according Apple) works more legal than the legal!!!
Gg - February 15, 2012 at 4:54pm
Morons will be morons^
Steve Jubs the Messiah - February 15, 2012 at 4:38pm
Saurik also commented on the privacy issues of late saying, "If you care about this kind of thing, you should jailbreak your phone," did I just read this?? Did I really read this??? So if I Want a virus or key logger or god knows what else to go along with "enhanced " privacy I should hack my phone? Man that dude has some strong moroccan Weed!
Spritz - February 15, 2012 at 9:27pm
You moron. You can't get a virus or key logger by jailbreaking your phone. What weed are YOU smoking?
Recent