Both iOS and Android give developers access to photos: one is a bug, the other a feature

It was discovered this week that due to a bug in Apple’s iOS which may have been introduced in 2010 with iOS 4, a third-party developer could obtain access to your entire Photo Roll by merely requesting your location. According to the NYTimes’ Nick Bilton, who was scooped on the bug, a developer must explicitly ask permission for a user’s location, but doing so inadvertently allows the app to manipulate, even delete, existing photos on the device. Apple has been informed of the bug and, though they have not said anything official (as they did for the contact list controversy) they are rumoured to be working on a fix.

Google, on the other hand, has the same issue, but it is not a bug but a feature. The company takes the opposite approach to Apple’s so-called “walled garden,” giving developers access to photos and video in order to allow them to be shared. Android tends to store your photos in the ‘DCIM’ folder under the /SDCard. This was done in order to ensure developers who wanted to implement these share features could do so from a removable SD card. Back when Android was young and memory not so cheap, internal memory was small and users tended to rely on external memory for extra space. Now that this is no longer the case, Google has issued a statement to say they’re “taking another look at [it].”

We originally designed the Android photos file system similar to those of other computing platforms like Windows and Mac OS. At the time, images were stored on a SD card, making it easy for someone to remove the SD card from a phone and put it in a computer to view or transfer those images.

As phones and tablets have evolved to rely more on built-in, non-removable memory, we’re taking another look at this and considering adding a permission for apps to access images. We’ve always had policies in place to remove any apps on Android Market that improperly access your data.

Many new Android devices such as the Galaxy Nexus and upcoming HTC One X and One S do not have external memory, as Ice Cream Sandwich makes uses a phone’s entire internal storage for apps and media alike. Considering most phones come with at least 16GB, this isn’t proving to be a problem.

Nevertheless, it’s incumbent on Google, especially with the launch of its new privacy policy, to take no chances on a user’s data. Android is already famous for malware apps stealing customer information through tricks; one less loophole means fewer claims of insecurity.

Source: New York Times (2)
Via: The Verge

MobileSyrup may earn a commission from purchases made via our links, which helps fund the journalism we provide free on our website. These links do not influence our editorial content. Support us here.

Related Articles