With the growing use of mobile devices there is a growing threat from malicious applications. The larger the target is the more appealing it is to an attacker. iOS has a very large application store that allows the user to download and install applications on demand. While many of these programs may have some utility there are also ones that may have more questionable usefulness or malicious intentions. There are a couple areas on interest in the section of mobile application usage.
Applications that are installed on mobile devices may request access to certain parts, features, or data stored on the phone. For example a navigation program may access such resources on the phone as: GPS (exact location), network communication, contact list, and phone calls. Most of those might be deemed acceptable based on what the application does, to provide directions it would need to know where you are so the GPS permission would seem acceptable. The network communication permission could allow the application to communicate with a server to get directions for your device. The contact list feature may allow the application to read addresses you have stored in your phone’s contact list, and the phone calls feature may allow the application to place calls for businesses your find in the navigation application. It is also quite possible that the application could do a number of other things with those permissions it has acquired. For example it could use the contact list permission and the network communication permission to read your contact list and then upload that to a server elsewhere. It could also use the GPS and network communication permissions to send your location at a given time to a server as well.