美博客曝苹果任由开发者违规上传用户通讯簿
ugmbbc发布于 2012-02-09 16:11:05|1309 次阅读 字体：大 小 打印预览
美国科技博客ZDNET的博客写手达斯汀-柯蒂斯（Dustin Curtis）爆料称，苹果开发者可自由地将iOS用户通讯簿的全部内容（包括姓名、地址、电话号码、电子邮箱等等一切信息）上传到他们的服务器上，尽管 开发者这样做直接违反了苹果的使用条款，但是苹果却听之任之。

事实上，柯蒂斯指出，在他随机访问的15个iOS开发者中，就有13个开发者承认复制了iOS用户的通讯薄，并建立了包含“数百万个”联系人的数据库。一家开发公司甚至宣称拥有“马克-扎克伯格（Mark Zuckerberg）的手机号码、拉里-埃里森（Larry Ellison）的住宅电话号码和比尔-盖茨（Bill Gates）的手机号码”。
开发者上传通讯薄的行为一旦被发现，就可能会遭到公众的强烈抵制。那么，开发者为何还会铤而走险呢？柯蒂斯的博文中有一段关于开发者上传通讯薄风险收益比的精彩论述：
“任 何应用程序都是一笔投资，就像任何投资一样，它会有三种结果：赚钱、赔本和不赚不赔。在像应用商店（App Store）这样的市场上，开发者唯一看重的东西就是赚钱。因此，一些初出茅庐的应用程序开发者会竭尽全力提高他们的赚钱几率。由于苹果任由开发者访问用 户的通讯薄数据，因此，开发者利用这些数据改善用户的体验、提高使用率就是一件利大于弊的事情。”
问题就出现在“苹果任由开发者访问用户的通讯薄数据”这句话上。这听起来很荒唐，也让人感到非常惊讶。苹果素以审核程序冗长而严厉著称，它会批准批量上传用户通讯薄的应用程序？这确实令人感到不可思议。
“在 iOS上，任何其他涉嫌隐私的本地数据来源，例如地理位置和相册，均得到了强有力的保护。若用户未从其相册中选取照片，应用程序根本无法看到相册中的任何 照片。苹果给用户提供了大量的隐私设置，让他们能够极为便利地控制哪些应用程序可以访问他们的地理位置信息。苹果未保护用户通讯薄的做法实在令人感到费 解。”柯蒂斯写道。
而且，上传用户通讯薄的做法也直接违反了苹果自己对应用程序的规定。苹果的开发者使用条款（TOS）中有两条如下规定：
17.1: 若事先未获得用户的同意，以及未向用户详细说明如何以及在何处使用用户个人数据，任何应用程序不得转播这些数据。
17.2: 需要用户分享个人信息，例如电子邮箱地址和生日，才能够运行的应用程序，应该被拒之门外。
假 如你的通讯薄上存有你个人的信息（例如，语音助手Siri需要你的通讯薄联系人中有“我”，这样它才能够执行类似“给我指出回家方向”的指令），那么暗中 上传你通讯薄的做法就触犯了苹果iOS使用条款中第17.1条的规定。即使你的通讯薄中联系人没有“我”，其他联系人信息也可被视为“个人信息”，因而也 应该禁止开发者上传。
截至目前，苹果尚未对此发表评论。

腾讯科技

帮水果洗个地～不得传播而已，并不是不能收集～over～

Stealing Your Address Book  ⚓It's not really a secret, per se, but there's a quiet understanding among many iOS app developers that it is acceptable to send a user's entire address book, without their permission, to remote servers and then store it for future reference. It's common practice, and many companies likely have your address book stored in their database. Obviously, there are lots of awesome things apps can do with this data to vastly improve user experience. But it is also a breach of trust and an invasion of privacy.
I did a quick survey of 15 developers of popular iOS apps, and 13 of them told me they have a contacts database with millons of records. One company's database has Mark Zuckerberg's cell phone number, Larry Ellison's home phone number and Bill Gates' cell phone number. This data is not meant to be public, and people have an expectation of privacy with respect to their contacts.
There are two major questions to ask about this behavior:
First, why does Apple allow iOS apps to access a user's entire address book, at any time, without permission? Even Android requires that apps ask for explicit permission to access local contacts. On iOS, every other seemingly private local data source, like location and the camera roll, have strong protections; apps can't even see photos in the Camera Roll unless the user explicitly selects them from the image picker. There is a huge section of the Settings app dedicated to giving people fine control over which apps have access to location information. That Apple provides no protections on the Address Book is, at best, perplexing.
Second, why do app developers, who know of the potential public backlash if this behavior were publicized (that's why they keep it quiet), continue to upload user address books to their servers? I think this question is easier to answer. Any app is an investment, and, like any investment, there are three outcomes -- success, failure, and mediocrity. The only one that matters on a market like the App Store is success, so fledgling app developers do everything they can to increase their chances. Because Apple provides extremely easy access to address book data, the pro -- that is, using the data to improve user experience, increase virality and growth, etc. -- outweighs the con. To stay on equal footing, larger apps, like Yelp, Facebook, and Foursquare, have to follow along. From a design perspective, it is a concession of user growth at the expense of user trust.
Yesterday, it was revealed that the private social network app Path practices this behavior. People were outraged. Today, CEO Dave Morin apologized on the Path blog:

Through the feedback we’ve received from all of you, we now understand that the way we had designed our ‘Add Friends’ feature was wrong. We are deeply sorry if you were uncomfortable with how our application used your phone contacts.

There was similar outrage last year, when Kik was outed. But, after a while, things calmed down. Kik never conceded. Developers continued to stay quiet. Users forgot about it entirely.
Apple's Failure
I fully believe this issue is a failure of Apple and a breach of trust by Apple, not by app developers. The expectation of Address Book privacy is obvious; in fact, one person on Hacker News, in response to learning about Path's use of the data, said, "Apple would never do this to their users." Because Apple has your trust and yet gives this private information freely to developers, Apple does do this to their users. All of them.
Usually, when I am curious about something Apple has done, I try to understand the design thinking that went into the decision. In this case, I can't think of a rational reason for why Apple has not placed any protections on Address Book in iOS. It makes no sense. It is a breach of my privacy, and it has allowed every app I've installed to steal my address book.
You should follow me on Twitter here.