A security analyst has found that iPhones are collecting and transmitting Apple analytics data regardless of whether or not the user agreed to this during setup.
In a report by 9to5Mac, the researcher was astounded by the amount of information gathered.
It has now been claimed in a class action complaint that Apple's assurances of user privacy are totally fictitious.
Mysk's Discoveries
Developer and security researcher Tommy Mysk revealed the finding, adding to his previous reports that many iOS applications do not use VPNs while transmitting data to Apple.
He conducted his own experiments by monitoring the IP addresses being visited by applications while connected to a VPN. 9to5Mac reported that he discovered several of the built-in Apple apps bypassed the VPN and instead communicated with Apple's servers directly.
Consequently, there is a possibility that Internet service providers (ISPs) or hackers conducting man-in-the-middle (MITM) attacks using easily-created counterfeit Wi-Fi hotspots might intercept any data sent to or from these servers.
Moreover, Mysk has previously found that Apple's Watch's Mail app did not implement the Mail Privacy Protection function. Apple eventually patched the issue.
Related Article: Apple App Store Privacy Dispute: Researchers Claim that Cupertino Tracks Everything You Type
Illegally-Sent Data
With each new iPhone setup, you will be asked whether you are okay with Apple gathering analytics data. Of course, no analytics data will be transferred to Apple if you choose not to give your approval.
Mysk observed, however, that even with this option disabled, Apple applications were still collecting and transmitting the information. In fac ..
Support the originator by clicking the read the rest link below.
