Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.
02-02-2013, 02:21 AM #1
Path Updates App after Being Caught Geotagging Uploaded Photos without User Consent
A new security issue has been discovered and recently patched with Path on the same day the company had to pay $800,000 in settlement with the U.S. Federal Trade Commission. Userís location may have been posted alongside uploaded photos even when Location Services had been disabled in the app.
The flaw was found by security researcher Jeffrey Paul, who detailed the problem that allows Pathís iOS app to geotag a userís photos without permission. The discovery had really poor timing for Path as the popular social network ended up on the news for settling with the FTC over similar privacy concerns. To be more specific about the issue that was discovered, Pathís iOS app was using the embedded EXIF tag location information from photos in the iOS Camera Roll to geotag posts, even when explicitly disabled in Location Services for the Path application.
As per the settlementís arrangement, Path is prohibited from making misrepresentations about the extent to which it maintains the privacy and confidentiality of usersí personal information in addition to the $800,000 penalty. Information for children under the age of 13 was said to be deleted and the company said it has already removed the previously collected data. In addition to clearing the data, the company has released an updated version of the app which is now available on the App Store having been pushed to and accepted by Apple.
Source: Jeffrey Paul (blog), The Next Web
02-02-2013, 07:40 AM #2
This while geotag and privacy thing is really beginning to worry me - for kids and grand kids. Once your data's out there - it's out there forever. No find paid by Path will get your location data back off the web once out there.Here to help if I can. If I can't, I know someone who can!
Tutorial - Upsize a 5/5S widget to 6 or 6+
Tutorial - Simple conversion for WW widget to work with Groovylock+/Groovyboard+
Tutorial - Add a SWITCH in Config,js to work with GroovyLock+ or all other players
Add GL+ switch code to UniAW7 & mods
02-02-2013, 01:33 PM #3
That's ridiculous that path has had so many security flaws, it's more ridiculous there's so much news on path, does anyone who even used that still use it?
02-02-2013, 06:55 PM #4
If you access Internet. Your information isn't safe.
The Following User Says Thank You to micaiah12 For This Useful Post:
02-04-2013, 08:31 AM #5