[threeseed]

Those are if you are using the APIs directly.

But you can always go straight to the files themselves for cases like Photos and Calendars and also to the SQLite databases that back a lot of user data.

And current location is easy to get on OSX. You can simply look up the user's IP address and WiFi networks to triangulate the user's location with about the same accuracy as Apple can do.

With webcam you can easily switch the camera on, take the photo and switch it off. Could easily trick people into thinking it was a hardware fault rather than something nefarious with the app.

The fact is that none of what I listed above is possible on iOS.

[jakobegger]

That stuff is not possible if you have a sandboxed app from the Mac App Store.

Sure, if you download software from the web, it can do whatever it pleases.

But if you download apps only from the Mac App store, you should be safe.

On iOS, Apple checks all your software. On the Mac, they give you a choice: If you want "safe" software, go to the Mac App Store. If you want any software, go somewhere else.

The sandbox isn't as complete as on iOS, but the stuff you listed requires special permissions and confirmations when you get your software from the Mac App Store.

[MaxGabriel]

Aren’t the files outside of your app inaccessible from within the Sandbox, unless you give the app permission to read them? I mostly use non Mac App Store apps but one I use, the Unarchiver, needs permission to open files

[kakarot]

If my webcam light ever flickered on and then off, I'm chucking my laptop off the side of a bridge. Willing to be most other people wouldn't attribute it to a hardware fault, either.

[CodeWriter23]

You could just cover it with a post-it instead of chucking it off a bridge.

The thing that bugs me is there’s no indication an app is connected to my microphone.

[kakarot]

Thing is, at that point I'd be worried about the mic as well, as you point out.

Better safe than sorry!

[CodeWriter23]

Touché