In the past couple of days, Path – a popular social networking app – was heavily criticized after developer Arun Thampi discovered that the app is uploading its users’ addressbooks to its servers without asking for permission ( for more info read Arun’s blog ).
The jailbreak community responded immediately through Ryan Petrich, who quickly developed ContactPiracy, a tweak that will prompt you whenever an app wants to access your contacts database.
Ryan’s move is not unusual for the jailbreaking community which is known for quickly fixing loopholes like this ( also see the PDF exploit ).
Dave Morin, Co-Founder and CEO, came forward today and publicly apologized for the way they had designed Path‘s ‘Add Friends’ feature. Dave also announced that they’ve fixed the contact privacy issue and a new update for the app is available for download.
Through the feedback we’ve received from all of you, we now understand that the way we had designed our ‘Add Friends’ feature was wrong. We are deeply sorry if you were uncomfortable with how our application used your phone contacts.
In the interest of complete transparency we want to clarify that the use of this information is limited to improving the quality of friend suggestions when you use the ‘Add Friends’ feature and to notify you when one of your contacts joins Path––nothing else. We always transmit this and any other information you share on Path to our servers over an encrypted connection. It is also stored securely on our servers using industry standard firewall technology.
You can download Path 2.0.6 in the App Store here.