View Single Post
Old 06-12-2012, 01:39 PM   #52
JoeD
Guru
JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.
 
Posts: 895
Karma: 4383958
Join Date: Nov 2007
Device: na
Quote:
Originally Posted by murraypaul View Post
Looks like Apple is adding more fine-grained access control by application to things like contacts, similar to how access to location services is already controlled:

http://appadvice.com/appnn/2012/06/a...s-app-in-ios-6
Yep, a welcomed change that will at least allow you to recognise apps that are trying to access data they have no business touching.

I doubt it would have helped avoid the linkedin issue though, since people would have granted contact access thinking it's only sending name/email for matching purposes whilst it was transfering everything behind the scenes.

I do wonder why they didn't pre-process the contact info on the iphone and only send hashes of names/emails back to their servers. That way any email address/contact who is not a member of linked-in would not have their details exposed to linked in, yet those hashes could be compared against their current member list to find matches. Not that it's perfect nor secure by any means.

If they wanted to do it properly though they'd implement some form of secure computation such as garbled circuits. Considering they didn't hash/salt their password db though, security wasn't their highest priority :P

Last edited by JoeD; 06-12-2012 at 01:42 PM.
JoeD is offline   Reply With Quote