Clueful iOS app scanner warns of privacy-violating apps: Hands on


Compared to the Android platform, Apple’s iOS is a veritable clean room, more or less free of malware apps, thanks to Apple’s stringent review policy. But as last year’s “Locationgate” scandal, and the Path privacy debacle from early this year shows, even iOS users need to be cautious about what types of information their apps are broadcasting to unknown parties. And now there’s an app that does exactly that.

Earlier today, cybersecurity firm BitDefender released Clueful, which scans all the apps on a user’s iPhone, iPad or iPod touch device, and delivers a full report back about what types of information the apps are accessing, things like location tracking, address book access, usage tracking, and more. Given that most people likely never read terms of service, or even pay much attention to the permissions granted to certain apps, Clueful essentially provides the Cliff Notes to potential security holes in your iOS device.

Clueful works by communicating with the “Clueful cloud,” which currently has a database of information about “tens of thousands” of apps — meaning there are still hundreds of thousands of other apps available through the App Store that Clueful currently knows nothing about. Luckily, you can suggest apps to be added to the database. And from my tests, Clueful was able to provide information on nearly all the apps on my iPhone 4S.

I had originally planned on doing a full hands-on walk-through of the app, but it’s really so simple that such detail is unnecessary; you could easily download, launch, and use the app perfectly fine in the time it would take to read through my explanation.

That said, here’s a quick rundown of using Clueful: After launching the app, Clueful takes your through a quick “Getting Started” slideshow, which explains what the app does, and the information it provides. The Clueful creators have done an excellent job of using clear language to explain everything, so I never ran into a situation where I didn’t understand what the app was trying to tell me about my other apps. You can easily skip through the slideshow and get straight to scanning your apps. And if you want to reference it again, it’s accessible through the “Settings” screen.


Once you’re past the Getting Started items, Clueful then scans the apps on your iOS device, and gives you a list of all those scanned under the “My Apps” tab at the bottom of the screen. Next to each of the apps is a brief description of what the app has access to. Something like, “Your unique ID and 3 more.” Tap a specific app, and Clueful gives you a more detailed list of the permissions the app has that may be problematic for your privacy. Smartly, Clueful also tells you things that the app does right, like encrypting stored data, or using an “anonymous identifier” when communicating with its servers. For even more detail, simply swipe to the right to see an explanation of each permission.

And really, that’s it. My tests showed few surprises, though I wasn’t aware that Cut the Rope was accessing my address book, or tracking my usage with Flurry analytics. So that might be one I delete from my device. And even if you don’t find anything problematic, at least you know what kind of information you’re putting out there about yourself.

The only downside to Clueful is its price: $4. That may be nothing for those of you who are serious about your privacy, but it seems to me a bit too steep for the casual users.

Clueful is currently available from iTunes (here). And for you Android users out there, BitDefender also makes a Mobile Security app for Android, which provides a malware scanner and full app audits. That app is $10, and available from Google Play (here).

Correction: An earlier version of this article incorrectly referred to the app as “Cluely,” rather than it’s proper name, “Clueful.”