Security bug in iOS lets apps secretly access your photos

A security issue has been identified in iOS which gives third party applications and its developers unsolicited access to your photos.

According to The New York Times who uncovered this issue, an application that has the permission to use your location can also access your photos. They demonstrated this by commissioning a developer to create a dummy app (which was not submitted to the App Store) that popped up a notification asking the user for location (as seen above) and when provided had complete access to the photos stored on the device.

When contacted, Apple declined to comment about this issue.

The Verge, however, is now reporting that this functionality is not by design and is a bug in the current version of iOS. They have also learned that Apple is working on a fix for the same and is likely to be bundled with fix for the other security issue that cropped up recently, in the next version of iOS.

To be clear, just like with the address book issue, apps having access to your files is not something new. This happens on desktop computers all the time or on, say, an Android smartphone infested with malware. However, considering that Apple screens every app that goes on the App Store, we do not expect to see such things from them, especially since this behavior clearly violates the App Store guidelines, which states that apps that do not perform as advertised by the developer will be rejected.

Source 1 • Source 2