{"id":2786,"date":"2010-10-01T23:16:55","date_gmt":"2010-10-02T03:16:55","guid":{"rendered":"http:\/\/mjtsai.com\/blog\/?p=2786"},"modified":"2012-04-17T07:52:16","modified_gmt":"2012-04-17T12:52:16","slug":"curated-doesnt-necessarily-mean-secure","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2010\/10\/01\/curated-doesnt-necessarily-mean-secure\/","title":{"rendered":"“Curated” Doesn’t Necessarily Mean “Secure”"},"content":{"rendered":"

Wil Shipley<\/a>:<\/p>\r\n

So, the better approach to security would be transparency, which is to say users could install applications like the one being written by Peter Gilbert, above, which would tell them when data is being sent to servers, and they could use their own judgment about whether a particular program should be contacting a particular server given their recent actions. With many pairs of paranoid eyes would come much better app validation than Apple could do in a few days.<\/p>\r\n

But this isn’t allowed on iOS right now—the necessary APIs are verbotten, and Apple apparently (and ironically) has<\/em> written a tool to automatically detect if an application is using APIs Apple doesn’t allow. So, in this case, Apple’s curated approach has potentially made them less secure<\/em> than Android.<\/p>\r\n<\/blockquote>\r\n

I don’t understand why iOS makes such a big deal about permission to access location data, when any random app, even one that shouldn’t need network access at all, can access my address book, photos, and clipboard and upload them to who-knows-where.<\/p>","protected":false},"excerpt":{"rendered":"

Wil Shipley: So, the better approach to security would be transparency, which is to say users could install applications like the one being written by Peter Gilbert, above, which would tell them when data is being sent to servers, and they could use their own judgment about whether a particular program should be contacting a […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"","apple_news_api_id":"","apple_news_api_modified_at":"","apple_news_api_revision":"","apple_news_api_share_url":"","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[],"class_list":["post-2786","post","type-post","status-publish","format-standard","hentry","category-technology"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/2786","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=2786"}],"version-history":[{"count":5,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/2786\/revisions"}],"predecessor-version":[{"id":4691,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/2786\/revisions\/4691"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=2786"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=2786"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=2786"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}