cdransf/coryd.dev-eleventy
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: refactor pagination implementation

Browse source
This commit is contained in:
Cory Dransfeldt 2023-03-26 17:35:46 -07:00
parent ee77555c32
commit da793fd1cc
No known key found for this signature in database
196 changed files with 2498 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

17
src/posts/2017/app-sarahah-uploads-contacts-without-permission.md Normal file
View file

@ -0,0 +1,17 @@
---
date: 2017-08-27
draft: false
title: Sarahah uploads your contacts without permission
link: https://theintercept.com/2017/08/27/hit-app-sarahah-quietly-uploads-your-address-book/
tags: ['iOS', 'privacy']
---
**Yael Grauer, writing for The Intercept:**
> Sarahah bills itself as a way to "receive honest feedback" from friends and employees. But the app is collecting more than feedback messages. When launched for the first time, it immediately harvests and uploads all phone numbers and email addresses in your address book.<!-- excerpt -->
This behavior seems to be all too common lately and, while most apps ask for permission to access contacts, it's worth bearing in mind that they may not need that access. Additionally, once that access is granted, it isn't always clear what's actually done with the data.[^1] If an app asks for access to sensitive data, it's worth considering what they intend to use it for and how securely it might be stored should they copy it off of your device.
**Update:** apparently the app [is going to be updated to discontinue this behavior](https://threatpost.com/anonymous-messaging-app-sarahah-to-halt-collection-of-user-data-with-next-update/127668/). Better late than never, I suppose.
[^1]: This all assumes the app actually adheres to the platform rules requiring that they ask for permission to access this (or any other) device data.