Anger for Path Social Network After Privacy Breach. Ed Ou for The New York TimesAn Egyptian youth updates a Facebook page with new information about the protesters in Tahrir Square in Cairo. Last week, Arun Thampi, a programmer in Singapore, discovered that the mobile social network Path was surreptitiously copying address book information from users’ iPhones without notifying them. David Morin, Path’s voluble chief executive, quickly commented on Mr. Thampi’s blog that Path’s actions were an “industry best practice.” He then became uncharacteristically quiet as the Internet disagreed and erupted in outrage.
Mr. The most sought-after bounty for state officials: dissidents’ address books, to figure out who they are in cahoots with, where they live and information about their family. Mr. And with that, the knife fight turned into a pillow fight. Some even asked: What’s the big deal anyway? The big deal is that privacy and security is not a big deal in Silicon Valley. At Mr. E-mail: bilton@nytimes.com. Paris Lemon and the No Good, Very Bad Day. Sometimes we have bad days. It's a part of being human, part of working in a stressful time and place. Among the problems of being a blogger are that it exposes one's weaknesses, magnifies the limits of one's personal perspective, and often amplifies our feelings beyond what we might have intended.
I have avoided being a blogger in the traditional sense partly because I'm fairly certain that you don't care - nor should you - about these things as they pertain to me. Andy Rooney was among the greatest news writers of his generation. But during the latter stages of his life, he complained about how awful life had become, about how things had ceased to be familiar any more, about how disruption had left his world a blur. Rooney's complaints had become emblematic of what has been perceived as the decline of the role of television as an information medium.
So when M.G. The Path to Bulls--- Writing in his personal Paris Lemon blog, Siegler chastised Bilton for not doing the requisite legwork. Path Is A Free App, And It Will Spy On Us. Path is a lovely app. It pushes all the right buttons. It's mobile, it's tactile, it's personal, it's full of people we love and moments that matter to us. It makes us feel good. It's got all the greatest hits a post-Facebook social app should have.
It's also free. "Facebook will always be free," it tells us, so free is now the standard. Thampi was using a cool new tool to observe Path's API calls, just out of curiosity. It's a secure exchange of information between Path's servers and your phone, and it's not necessarily doing anything flat-out wrong with the information. Why didn't we know about this until an enterprising hacker stumbled over it by accident? The functionality is opt-in on Android, and CEO Dave Morin says it will be opt-in on iOS soon, but the fact is, the app added it before asking. UPDATE 11:53 a.m.: Path CEO Dave Morin replied to Thampi's post in the comments: Translation: We did it first, and we'll ask you for permission in a little while. "1. "1. Are you using Path? Path Apologizes, Deletes All Address Book Data.
Dave Morin, the CEO of beleaguered social network Path, posted an apology today addressing the recent controversy over how the app accesses information on a user's phone. Saying the the company made a mistake, Morin promises Path has purged all address-book data from its servers. In the blog post, titled simply "We are sorry," Morin says Path values its users' trust more than anything, which is why the company opted to delete the "entire collection" of user-uploaded contact information. (The full text is below.) "We made a mistake," Morin writes. "Through the feedback we’ve received from all of you, we now understand that the way we had designed our ‘Add Friends’ feature was wrong.
We are deeply sorry if you were uncomfortable with how our application used your phone contacts. " SEE ALSO: Photo-Sharing Network Path Gets Organized With Stacks After downloading the update, the app will prompt you to let it access your address-book data with the following screen: We made a mistake. Stealing Your Address Book by Dustin Curtis. It’s not really a secret, per se, but there’s a quiet understanding among many iOS app developers that it is acceptable to send a user’s entire address book, without their permission, to remote servers and then store it for future reference. It’s common practice, and many companies likely have your address book stored in their database. Obviously, there are lots of awesome things apps can do with this data to vastly improve user experience. But it is also a breach of trust and an invasion of privacy. I did a quick survey of 15 developers of popular iOS apps, and 13 of them told me they have a contacts database with millons of records.
One company’s database has Mark Zuckerberg’s cell phone number, Larry Ellison’s home phone number and Bill Gates' cell phone number. There are two major questions to ask about this behavior: First, why does Apple allow iOS apps to access a user’s entire address book, at any time, without permission? There was similar outrage last year, when Kik was outed. Your address book is mine: Many iPhone apps take your data. Path got caught red-handed uploading users’ address books to its servers and had to apologize. But the relatively obscure journaling app is not alone. In fact, Path was crucified for a practice that has become an unspoken industry standard. Facebook, Twitter, Instagram, Foursquare, Foodspotting, Yelp, and Gowalla are among a smattering of iOS applications that have been sending the actual names, email addresses and/or phone numbers from your device’s internal address book to their servers, VentureBeat has learned.
Several do so without first asking permission, and Instagram and Foursquare only added permissions prompts after the Path flare-up. Some of these companies deny storing the personal data, as Path was doing, but the transmission alone makes the private data susceptible to would-be intercepters. Path steps on a privacy landmine These same relationships are the building blocks for any successful social application. Above: Unencrypted address book data. Apple provides no protection.