JAMFiOS应用程序权限分析

2022/9/5新建文本文档.html

Mobileappsneeddatatofunction.That'swhyappdevelopers

askforvaryinglevelsofaccesstotheinformationonyourmobiledevice.Usually,it'stoimprovefunctionality,butoccasionallyitlacksproperjustification.

Appdevelopersmayrequestexcessiveaccesstopersonalinformationforavarietyofreasons,

including:sloppycodedevelopment,tailoringyourexperiencewhetherin-apporacrossapps,

monetizingyou,providinglegitimatefunctionalityorfornefariouspurposes(e.g.tostealdataand

resellwithoutyourknowledge).

AppleandGoogle-whomaintaintheworld'slargestmobileappecosystemsforiOSandAndroid

-havebeencrackingdownonexcessdatacollection.Thesetwomajorplatformsenforcestandards

thatappdevelopersmustmeettogainaplaceontheirrespectiveappstores,andtheycontinueto

raisethebarwhenitcomestoapppermissiontransparency.Appleevenmadeuserprivacythethemeofarecentadcampaign.

Buttheonusonproperdatahandlingcan'tfallentirelyonAppleandGoogle.Developersneedto

evaluatetheirdatacollectionpracticestominimizethepotentialprivacyimpactwhilemaintaining

functionalityintheirapps.Ontheotherhand,consumersneedtobeawareoftheprivacythatthey

aregivingupusingtheinformationavailabletothemontheirdevicesandthecontrolstheyprovidetomanagedatacollection.

file:///F:/桌面/报告审核新建文本文档.html

1/7

2022/9/5新建文本文档.html

OuranalysisofiOsapppermissions

Tobetterunderstandtheuseofapppermissionsandtheinformationthatappdevelopersaretrying

tocollect,welookedatthemetadatawithinasampleofalmost100,000popularappsacrossthe

AppStorecatalogue.Thissamplewasdeterminedbylookingattheappsthatareinstalledwithin

Wandera'scustomerbase,whichhas2.5milliondevicesundermanagementWedidnotinclude

themillionsofappsontheAppStorethathavenotachievedwidespreadadoption.Thisanalysis

wascarriedoutinQ2of2021.Themetadataanalyzedinthisresearchcomesfromaggregatedlogs

thatdonotcontainpersonalororganization-identifyinginformation.

Forouranalysistobemoreactionable,wegroupedappsbytheirAppStorecategories,allowing

readerstolookathowlogicalgroupsofappsaredesignedamongsttheirpeergroup.

file:///F:/桌面/报告审核新建文本文档.html

2/7

Camera

Whilecameraisaverycommonpermission,it'saveryriskyone.Withaccesstothecamera,abadactor

canspyonusers.Thisisthereasonwhytop-secretorganizationsdonotallowphoneswithcamerasintheirfacilitiesandwhysomevendorsdisablecameraaccessorremoveitfromthehardwaretosellto

theseorganizations.

Ina2020lawsuit,Instagramwasaccusedofmisusingthecamerapermissiontospyonusers

whentheyhadtheappopenbutweren'tinteractingwiththecamerafeature.Instagramclaimsitwasabug,andthatnocontentwasrecorded.

2022/9/5

新建文本文档.html

Topfourpermissions

Ouranalysisshowsthe

mostrequesteddatatypeisphotos,withatleasthalftheappsacrosseverycategoryrequestingaccesstophotos.

Thetopcategoriesofappsrequestingphotolibraryaccessare:

1.Photo&Video(96%).ThiscategoryincludesappssuchasYouTube,

FaceAppandSplice.

2.Shopping(87%).ThiscategoryincludesappssuchasAmazon,ShopandeBay.

3.SocialNetworking(84%).ThiscategoryincludesappssuchasFacebook,

InstagramandTwitter.

Photos

Historically,photolibraryaccesswasallornothing.

Forexample,ifauserwantedtouploadascreenshot

toTwitter,they'dhavetogiveTwitteraccessto

decadesofphotosintheirlibrary.Thereisnothing

nefariousaboutasocialmediaappneedingphoto

libraryaccess,butthislevelofaccessisexcessive

andcouldputusersatriskifpairedwithapoorly-built

app.WithiOS14,Appleintroducedmoreconsumer

controltophotopermissions.Now,whenanapp

needsthephotolibrary,itmustoffertheuserthe

choiceofallowingaccesstoselectedphotosorthe

entirelibrary.

Thecameraisthesecondmostpopularpermissionrequested.

Thetopcategoriesofappsrequesting

accesstothecameraare:

1.Photo&Video(90%)

2.ShoppingequalsecondwithSocial

Networking(83%)

3.Business(75%).ThiscategoryincludesappssuchasZoom,SlackandWebEx.

file:///F:/桌面/报告审核新建文本文档.html

3/7

Location

In2019,bothAppleandGoogleintroducedanextralayerofconsumerchoicetolocationpermissions.

PriortoiOs13,thereweretwolocationpermissions:WhenInUse(foreground)andAlways(background).Withios13,AllowOncewasintroduced,whichisconsideredatemporaryauthorization.

Similarly,priortoAndroid10,userswerepresentedwithtwooptions:allowordeny.Theformermeantlocationwasaccessedatalltimes(foregroundandbackground)andtherewasnoin-between,but

withAndroid10,tristatelocationpermissionwasintroducedsouserscouldthenselect'allowonlywhenappisinuse.’

Learnmoreaboutlocationdatamisuseinthis

investigationbyTheNewYorkTimes.

Microphone

Justlikethecamera,microphoneappaccessinthewronghandscanhaveseriousconsequences.Withtheabilitytoactivatethemicrophone,appscan

recordandtransmitprivateconversationsorlistenforwhat'sgoingonaroundyouinordertosellthisinformationtoadvertisingorganizations.Andifthepermissionwasabused,appscoulddothiswithouttheusers'knowledge.

However,iniOs14,Appleintroducedtheorange

dotthatindicateswhenyourmicrophoneisinuse

byanapp—makingiteasierforconsumerstoseeifsomethingfishyisgoingon.

2022/9/5

新建文本文档.html

Thirdonthelistofmost

popularpermissions

requestedislocation.

Thetopcategoriesofappsrequesting

locationinformationare:

1.Shopping,equalfirstwithFood&

Drink(81%).TheFood&DrinkcategoryincludesappssuchasDoorDash,

UberEatsandYelp.

2.SocialNetworking(72%)

3.Photo&Video(68%).

Thefourthmostpopularapprequestismicrophone.

Thetopcategoriesofappsrequestingaccesstothemicrophoneare:

1.SocialNetworking(69%)

2.Photo&Video(64%)

3.Business,equalthirdwithProductivity(41%).TheProductivitycategory

includesappssuchasAsana,GoogleCalendarandTimeTree.

file:///F:/桌面/报告审核新建文本文档.html

4/7

2022/9/5新建文本文档.html

Cross-appdatasharing

Thereisagreatdealofinformation-sharingthatgoesonoutsideoftheexplicitpermissionsabove.Theappsandboxisintendedtoprevent

appsfromsharingdatabetweenthem,butvarioustrackingapproaches

circumventthat.Eventhoughtheappsaren'tcommunicatingdirectlywitheachother,byconnectingvariousbackendservicesandwebinteractions,an

advertisercanpiecetogetheranaccuratepictureofauserbasedontheironline

behavior.Herearesomeexamplesofcross-appinformationsharingthatfalloutsideofthepermissionsoutlinedabove:

Informationexchangeshands(orapps)viaadvertisingidentifiersthattrackand

shareinformationaboutuserbehaviorforadtargetingpurposes,whichtheaverage

userprobablyneverrealizes.Thiscross-appinformationexchangeforadvertising

iswhyafteryousearchedfor'sourdough'onGoogle,yourInstagramfeedsuddenlystartedincludingadsforbread-bakingequipment.Recently,AppledeviceusersweregivenmorecontrolovertheirprivacywhenApplereleaseditsnewAppTracking

TransparencyfeaturewithiOS14.5.Nowappdevelopersneedtoaskwhethertheycantrackyouractivityacrossothercompanies'appsandwebsites.Note:ourpermissionsanalysisdoesnotyetincludethispermissionduetoitsnewness.

Thenextexampleconcernsthephotolibrary.AppsaccessingthephotolibrarymightalsobeaccessingGPSdataembeddedinthephotos,makingitpossibleforunwanted

partiestodecipherwhereapersonhasbeenandwhen—evenwheretheyliveand

work.LocationdatawillonlyattachtophotosifGPSisenabledforthecamera.But

ifyoudisableGPSdataforthecamera,youwilllosesomeofthebenefitsitprovides

withinthephotolibrary.Here'ssomeinformationonhowtoavoidsharingthe

locationdataofphotoswhenyousendthem.

Acaseofdatamishandlingcametolightin2020whenLinkedInandTikTokwere

accusedofcopyingtheclipboardcontentsofiOSusers.TheissuewasdiscoveredinthebetaversionofiOS14whenAppleaddedanewprivacyfeaturethatshowedaquickpop-upthatletusersknowwhenanapphasreadcontentfromtheirclipboard.Atfirstthismaynotseemconsequential,butit'snotuncommonforpeopletouseapasswordmanagerandcopy-pastecredentialsfromthepasswordmanagerintoawebsiteorapp.

file:///F:/桌面/报告审核新建文本文档.html

5/7

2022/9/5新建文本文档.html

Keytakeaways

DespiteimprovementsbybothAppleandGoogleinpromotingpersonalprivacy,

consumersneedtotakestepsoftheirowntosecuretheirdata.Thepurposeofthis

researchistoencourageuserstoconsiderthedatatheyaresharingbeforeaccepting

anyrequestthatappearsontheirdevices.Therearesomedatapointsinthisanalysis

thataren'tsurprising,andsomethatare.

Forexample,themajority(62%)ofnavigationappsrequestaccesstoyourlocation.

Itmakessenseforplacingyouonamap,butwhydoalmosthalfofthem(48%)also

requestaccesstoyourcamera?Samestoryforthe83%ofshoppingappsrequesting

accesstoyourcamera.ItmakessenseforscanningQRcodes,butwhydosomany

(87%)alsorequestaccesstoyourphotolibrary?Itpaystothinkaboutwhatanapp

actuallyneedstofunctionbeforehittingaccept.

Therearecategoriesofappsaskingformoreaccessthanothers.Accordingtoour

analysis,thesearePhoto&Video,ShoppingandSocialNetworking.Ifyouhave

ahighnumberofappsinthesecategories,considerdeletinganyyoudon'tuse

regularlytominimizetheriskofdataexposure.

Somepermissionsaremoresensitivethanothers,andthiswillvarypersontoperson.

Maybeyouworkinanindustrywhereyouhavesensitivefilesstoredinyourphoto

library,ormaybehigh-profilecontactsinyourcontactlibrary.Ifthisisthecase,

considerreviewingeachsensitivepermissionwithinyoursettingstoaudittheapps

thathaveaccesstoitsoyoucanremoveanythatmightposearisk.

file:///F:/桌面/报告审核新建文本文档.html

6/7

2022/9/5新建文本文档.html

Recommendations

Tominimizetheriskofhavingyoursensitiveinformationexposedtounwantedparties,

werecommendthefollowingadditionalprecautions:

·Readpermissionscarefullywhentheypopup.Askyourself:doesthisappneed

accesstotheprivatedatatofunction?Forexample,ifaweatherappisaskingfor

accesstoyourcameraorcontactlibrary,thinktwicebeforeaccepting,anddon't

hesitatetodenyaccesstorequeststhatyoudon'tunderstandordon'tagreewith.

·Regularlyaudityourapppermissionsettingstoseewhichappsareaccessingwhat

onyourdevice.Thingstolookfor:(1)appsyounolongeruse(considerdeleting

thembutifyoucannot,removethepermissiontosensitivedata);(2)appsthatarein

thenews(hastherebeenaburstofprivacyactivity?).

·Whenitcomestolocationdata,alwaysgrantpermission'onlywhileinuse'—which

isavailableonbothiOSandAndroid.

·Deleteappsyounolongerusetominimizetheriskofbugsappearinginoldor

abandonedapps.TherearefeaturesavailableonbothiOSandAndroidtooffload/

deleteunusedapps.

Ifyouoverseeappsforothersinabusinesscontext,considerthefollowing:

·Adoptasecuritysolutionthatoffersappvetting.Anappvettingtoolc