Forget about privacy on iPhone apps
Why is it exactly that App Store developers seem to have a common tendency to ignore their users’ rights to privacy? After the Loopt debacle (which most of my readers may not know about, because the app isn’t available outside the U.S.: it basically sent a list of all your contacts to the Loopt servers — with little or no warning — and spammed them all with SMS messages specifying your current location — every single one of your contacts), I now find out that I should probably not have recommended Twinkle to my friends.
Twinkle is a cute, functional and efficient Twitter client for the iPhone (unlike Twitterific, which isn’t really usable in its current state) that hooks into the developer’s private servers to geotag your tweets and display Twitter activity close to your location (which works as advertised, and is cool). It never warns you, however, that your Twitter login and password are being saved on Twinkle’s servers* (so that tweets can be stored and resubmitted later if Twitter fails — it’s mostly** well-intentioned, which doesn’t make it okay that a native, local application saves your credentials on a third-party server without asking). Or that your tweets will appear in the Nearby tab even if you set your Twitter account to private (with all that’s happened before, it’s very naive to think Twitter accounts marked as private actually are, but that’s no excuse).
How on earth does a developer launch a 1.0 version on the App Store and think those things are okay? Wouldn’t those people be upset if Firefox saved their banking passwords or personal messages on Mozilla’s servers? It’s exactly the same — especially with people’s propensity to use the same password on everything they log into (not their bank, but e-mail accounts, Paypal, etc.) — except I’d trust Mozilla much more than a little shareware developer (like I trust Google, and maybe I shouldn’t) to store my data with reasonable security.
It’s pretty likely I’m never checking out a Tapulous application again.
* I posted a comment requesting clarification, but it’s been “awaiting moderation” for several hours and more recent comments have appeared, so I’m taking that as a confirmation.
** I say “mostly” because their real motivation isn’t so much serving your needs as it is to launch their own social network, Friendfeed-style. Incidentally, Friendfeed works perfectly well without asking for my Twitter password.
Want to know when I post new content to my blog? It's a simple as registering for free to an RSS aggregator (Feedly, NewsBlur, Inoreader, …) and adding www.ff00aa.com to your feeds (or www.garoo.net if you want to subscribe to all my topics). We don't need newsletters, and we don't need Twitter; RSS still exists.
garoo, 6 years ago:
Oui, parce que c'est plus efficace, mais ils pourraient aussi bien utiliser le RSS de chaque utilisateur que ça ferait la même chose.
Legal information: This blog is hosted par OVH, 2 rue Kellermann, 59100 Roubaix, France, www.ovhcloud.com.
Personal data about this blog's readers are not used nor transmitted to third-parties. Comment authors can request their deletion by e-mail.
All contents © the author or quoted under fair use.
Régis, 6 years ago: