iPhone App Privileges

by Chris Josephes

"(Twitteriffic/Urban Spoon/Where) would like to use your current location"

Once I select "Ok" two times while running the program, the iPhone no longer asks; it assumes the program has carte-blanche to know my location. I haven't been prompted for any other security issues yet, but I've only used about six or seven applications so far.

Granting privilege escalation on an application by application basis is good, but I'd like to make a couple of recommendation for the next release of the iPhone OS.

1. From the "Settings" application, give me a master list of all installed applications, so I can say in advance whether an app can have, cannot have, or must always ask for the privilege it is requesting.

2. Clearly identify that the OS is prompting for privilege escalation, and not the application itself.

3. Create more privileges. For example, Twitteriffic needs permission to know where I am; but MyStreets doesn't need permission to read and sort all of the contacts on my phone. And with VoiceRecord, I was never prompted for permission for the application to listen to my microphone. That would suggest that any application could just read the contact info or use the microphone at any time. Maybe I'm wrong, or maybe Apple's application screeners check this out beforehand.