[ugh]

The app programmers do have to take the blame. Those breaches of privacy have always been possible on desktop PCs but app programmers usually didn’t do them because that would make them a pariah.

I do not know why developers for mobile apps suddenly think that has changed. But they do. That’s certainly a problem and Apple should react to it quickly. The culprit, though, are still the developers who overstepped a pretty clear line.

[replax]

"Always been possible on desktop PCs"

Well, yes, but unlike on your iPhone you could actively do something against it. E.g. let outlook encrypt your address book, change the addressbook access permissions etc. it was trivial to bar anyone/thing from accessing your address book without having to remove the software you want to use.

On the iphone, you can only chose to install an app or not, if you chose to install, you have to accept anything that comes with it.

[ugh]

Trivial? No, not at all. Not in the slightest.

[replax]

I think I did not make my point clear enough. It is trivial to make it inaccessible to programs who assume that it is easily accessible. I did not mean to include solely malicious programs.

If you stick your addressbook into a truecrypt container 100% of programs (i know there is no 100% security, but there is not enough space to spell out all 99.999999s) will not be able to access it anymore without you unlocking/mounting it first. Thus, requiring your permission.