Scrivener looking for access to Contacts ?

I just launched Scrivener the first time after upgrading from Snow Leopard to Mavericks.

A popup asked me to allow Scrivener access to my Contacts.

Anyone know why ?

The panel that appears asking you for access should already explain this - if not, please update to the latest version of Scrivener (2.5). Scrivener uses your contacts purely for filling in your name and address on the title page of manuscripts, the same way Pages does, and for auto-filling other meta-data in the project with default values, to save you having to edit and replace default values such as “Your Name Here”.

You might also find this useful…

Customise Author and Address Details
You can now tell Scrivener which Contacts/Address Book entry to use when adding your name and address to title pages by typing “(Scrivener:UseMe)” somewhere in the “note” area of the contact you wish Scrivener to use in Contacts/Address Book.

I am using v2.5 (2539) and it says nothing about this whatsoever.

Personally I see no justification for allowing access to 100+ contact details for sake of knowing the computer owners name, and possibly phone number, and my Contacts don’t even include my own details, so what is the point ?

Where in the Scrivener settings do I find this ?

Well, here’s what I see in v2.5 on Mavericks when this notification comes up - Scrivener sets the message to something meaningful to explain why it uses Contacts, as per the developer documentation, so I don’t understand why it wouldn’t look the same for you:

Then simply disallow access if you really think we’re going to do something malicious. But this really is quite standard behaviour. And your Contacts almost certainly do include your own details unless you have edited them not to, because when you first set up your computer, the details you use are automatically entered into Contacts. The whole point of Apple providing access to the Contacts framework to other programs is so that they can do exactly this sort of thing. Scrivener has been doing it for years for this quite benign reason; Pages does it, and so do many other applications. It is only that as of OS X 10.8, Apple started putting up a dialogue box to tell users that the application would like to use their Contacts. Prior to 10.8, programs would use Contacts without any notification to the user - so Scrivener has been doing this all the time you were on Snow Leopard, without once trying to use your contacts for nefarious reasons.

To say that it is “unjustified” is itself unjustified, since, as I say, the whole point of Apple allowing programs access to Contacts is for exactly this sort of auto-population of user details in areas that make sense (such as title pages and meta-data). And, as I say, if you would rather type out your name and address in the title pages and various meta-data areas, then you are quite free to do so by refusing Scrivener access, but there’s no good reason to force every other user to do the same.

I think part of the problem here is that the dialogue panel that appears is mistaken by some users for a security alert, as though OS X is warning them that the program might be up to something nefarious, when it is in fact just a feature of the system that gives users the opportunity to opt in or out of which programs they allow access to their Contacts, and something that appears for many Apple programs too.

You can’t do this if you deny Scrivener access to your Contacts, so this probably won’t apply.

I find your responses disappointingly defensive and patronising to an enquiry that is a perfectly reasonable one. I do realise that you are one of the developers and that explains a lot of bias and sensitivity. Nevertheless having bought the product I feel entirely entitled to ask such a reasonable privacy question and have it merit fair discussion.

There was no middle text like this in the notice I got. Otherwise I would not have felt it necessary to ask in the first place.

That really doesn’t solve the question and issue. Why is this access necessary is my question. It seems to me to be an excessively intrusive process by Scrivener.

No it isn’t standard behaviour. This is the only app that has requested this on my iMac since I updated to Mavericks other than apps that require access to contacts for email purposes.

I don’t accept any of this. I don’t use any personal details when setting up my computer. I use a username that is not connected with my real name, and my details were never in Contacts. Also saying that Scrivener have been doing it for a long time is not much of a justification for what I am saying is excessive and unnecessary access.

a) how do I know this ? You are a developer and hardly likely to admit it if it were true. b) that is no justification as I said above. And I am not convinced that widespread apps have had access to Contacts previously as you claim.

It is perfectly justified. Firstly this is not the ‘whole point’. The whole point of allowing access is that users may chose to allow access. And secondly, the requirement that it ‘makes sense’ is correct. Screivener does nothing that requires access to a persons complete and extensive Contacts List, or should need to benefit from it. All it needs to do is have a settings section for the specific personal details that the user wishes to use within Scrivener, which would make a lot more sense as the details that are useful here would be entirely different than those in Contacts.

Now you’re being pedantic.

No. Sorry but that is rather patronising. The problem is an app asking for access to something that makes no reasonable sense to a normal user. I’ve been a Windows and Mac user for 25+ years.

Why not just offer an answer instead of assuming I said no ?

I’m sorry to hear that you feel that way, but I wasn’t trying to be defensive at all. You said that something in my code had “no justification” so I was justifying it for you, because I - and many other developers who use this feature, and Apple who provide it - think that it is justifiable, and even welcome for many users. That is not bias or sensitivity, I am just explaining to you that something you seem to see as dodgy is nothing of the sort but quite standard, and also that you are quite free to disable it. (I’m not “one of the developers” but the only developer of the Mac version, by the way. :slight_smile: )

That is very strange - I cannot think of any reason that text would not appear there, given that Scrivener provides Contacts with the information it needs to provide the explanatory text.

I have already explained this. There is nothing intrusive going on here; Scrivener is not peering through your contacts or doing anything invasive or untoward. The access is not so necessary that anything will break if you disallow it. If you allow access, though, Scrivener can automatically fill in your name and address on MS title pages, and insert the author name as a default in e-book meta-data and suchlike (although you can edit all of this information within the projects). As I’ve also already explained, this is exactly what Pages does, as well as many other word processors and programs. Scrivener at no point tries to access any of your other Contacts information. All it does is ask the AddressBook frameworks, as provided by Apple so that developers can do precisely this sort of thing, for the current user’s name, address, email and phone number so that it can enter this information into title pages and suchlike. At no point is this information transmitted in any way, or used for anything other than auto-population in Scrivener projects, all visible to the user; it is all purely used by the local copy of Scrivener on your local computer for purposes of title page and meta-data auto-population and nothing else. Again, just the same as Apple’s Pages and other programs uses such information.

Yes, it is standard behaviour - I really am not lying to you. Perhaps you don’t use any other programs that do this sort of thing because they don’t need to auto-fill such data, but you can check by going to “Security & Privacy” in System Preferences and clicking on the “Privacy” tab. This lists programs that have, or have requested, access to your Contacts. On my MacBook Air, other than Scrivener, Pages and Microsoft Office Setup Assistant are listed. On my Mac Pro, Apple’s Xcode is also listed there. By “standard” I do not mean that it is something every program does; I simply mean that it is not uncommon, and that it is something that Apple has made easily accessible to developers because it is something that programs are likely to want to do, and because it is something that Apple thinks is useful for programs to be able to do.

Whether you accept it or not, I’m telling you the truth: when most users set up their Macs, they enter their name and address. OS X places this information in Contacts. This is part of the standard setup procedure of OS X. Any Cocoa application can then call on AddressBook to access this information.

“Excessive” and “unnecessary”, though? There is nothing excessive going on here at all - just Scrivener using a Cocoa framework that is provided by Apple for exactly this sort of thing. If your real name is not in Contacts and nor your address, then there is no point allowing Scrivener access to Contacts anyway. I don’t entirely understand how anyone could have a serious objection to a piece of software using the address and name associated with the current user account to fill in details on a title page - especially when such access can easily be denied. I can certainly understand why users might worry that software they don’t know could use their Contacts database in some nefarious way, and if you don’t trust Scrivener or L&L, then you should most certainly deny such access. But we are doing nothing wrong at all here - we are using standard Apple frameworks in the way they were intended to be used by Apple. Moreover, Scrivener is signed using an Apple developer ID, so if we ever did do anything nefarious such as exploit Contacts information maliciously, we could have our ID revoked and users would see immediately that Scrivener was not trusted software. But we do nothing malicious and have no reason to want to do so. True, as the developer I would say this, but if you don’t trust what I say then you can deny Scrivener access, so there is no problem.

I’m very sad that your trust of L&L is such that you think I am lying to you or trying to mislead you in all of this; I’m not sure how we have ever given the impression that we are not a trustworthy company, as we’ve never done anything that should call our hopefully good reputation into question. I wouldn’t claim that access to Contacts is something that every app does, but it is certainly not uncommon, and the uses for which Scrivener puts Contacts are standard (“standard” as in being the sort of thing Apple intended in providing programs with access to Contacts).

One of the points of Apple having an AddressBook framework that allows programs access to Contacts is that it means users do not have to enter their name and address into every single program where this might be useful - it allows instead for apps to use sensible defaults based on the information in Contacts. Scrivener will work perfectly fine without access to your Contacts - you can then just enter the information and title pages and such manually. But just because this is the case does not mean that Scrivener is unjustified in accessing the AddressBook framework. Mac users are accustomed to software harnessing Apple-provided technologies that make their lives easier, and this is an example of an Apple technology (the AddressBook framework) that can make users lives easier by allowing software to use its information for the current user to pre-populate relevant fields or areas, saving the user having to re-enter common information over and over again.

How was I being pedantic here? You are saying that you don’t think Scrivener should access your contacts; I am saying that’s fine, you can deny it access and it will still work, but you’ll just have to fill in those pieces of information yourself, which shouldn’t be an issue; and I’m also saying that just because this is your opinion, that doesn’t mean that therefore other users should be denied this sort of Mac integration, that I shouldn’t use Apple-provided frameworks in the way they were intended.

It wasn’t intended as patronising at all - regardless of how long you’ve been using a Mac, this message was only introduced with 10.8, and this is the first time you’ve seen it, so I can understand that you might find it surprising, as a number of users did with various programs using the AddressBook framework when 10.8 was first released. But you will find that you see it in other programs as you come to use Mavericks more. I’ve already given the example of Pages, one of Apple’s own flagship programs, which uses the information in exactly the same way as Scrivener does. Obviously you’re not a Pages user, but you would see exactly the same message when you first go to use Pages. I’m a normal user too, and this sort of thing makes absolute sense to me, and to many other normal users.

Partly because you seem so opposed to allowing Scrivener access to your Contacts (to the extent that you are telling me that I shouldn’t be using Apple’s AddressBook frameworks at all!), but mainly because Briar Kit has already given you all the information you need here anyway. Place “{Scrivener:UseMe}” in the note area of one of your Contacts and Scrivener will use that instead of your home Contact details (provided it has access).

KB - Thank you for the reply.

I don’t want to drag out the discussion any more than necessary, as I think I have expressed my views clearly and you have now replied to most of them. I will simply narrow my comments down by making a couple of short points that I don’t think you really tackle.

  • No one is accusing you of lying. But I do not believe that you are not aware of current controversies regarding the wider issue of privacy on the internet. Thus you cannot be unaware of the clear and obvious issues that are fair to raise when an application asks for access to a large database of personal information when it’s reason is to access one single record, which may or may not be even there or match the information the user wishes to use. I have 329 contacts persona details and I am not even as well connected as many of my colleagues/friends.

  • I hear your reasons. I am simply questioning the scale of the access in proportion to the need. I am surprised that you do not accept this as an issue that merits examination.

  • BTW: I have ~200 apps in my Application folder and when I go to Security/privacy/contacts there are only three apps that have access to Contacts: Chrome, Scrivener, MacSOUP. I allowed Chrome because I was a confused about why, and still am. I am discussing the Scrivener issue with you, and I have written to the MacSOUP developer and awaiting a reply. It may come across that I am obsessed with privacy. Actually I am not - it just raised it’s head because of this Scrivener request and I believe it was worth pursuing.

So that’s it. I am actually a little surprised to have gotten the responses I have. I had expected people to come and say yes that’s a little quirky, but it was done without really thinking about the wider privacy issues a long time ago … and well … it was never thought about since then.

And as no one else has popped in to opine, I guess the readers of this forum don’t feel it is an issue that bothers them.

Hey that’s ok. I have done what I set out to do … raise the issue :smiley: sorry I wasn’t as brief as I wanted to be at the beginning above :slight_smile:

And how could Scrivener, or any other app, access that “one single record” within Contacts if it is not granted access to your Contacts?

I have 25 apps that have requested access to Contacts, so it seems pretty standard to me. After reading Keith’s reply, I have allowed access to some of the other apps that I previously blocked.

It’s absolutely reasonable to wonder why a given program (Scrivener in this case) needs access to your contacts. But when you say that there’s no justification, there are really only two possible interpretations: Either the developer is up to something nefarious, or he/she is incompetent (asking for information that has no purpose in the app). Declaring that there’s no justification is not questioning; it’s accusatory. Don’t believe me? Tell someone in person that there’s no justification for them to be doing whatever it is they’re doing. See if they don’t get angry, frightened, or at least confused & defensive.

As for the prompt; here’s a little background:

And as to why it has to access all of your contacts? Access to only your “me” contact entry is not provided by Apple; you either give a program the key to your (contacts’) front door, or you refuse it entry altogether, but while the program has access to all of your contacts, it doesn’t mean it is accessing all of your data. I’m sure that if Keith could restrict access to just your designated contact, then he would.

Again, it’s reasonable to be curious, even concerned. When I first discovered this behavior, my first question was “How can I get it to choose a particular email address?” rather than “Why are there Scrivener elves leafing through my contacts!?” because I never had that prompt to make me think about the broader implications (this was a while before the iPhone’s ubiquity brought these concerns to light). All I saw were the shoes I was working on the night before, expertly cobbled for me while I slept–It never occurred to me that there were inhuman beings sneaking around my home with hammers and sharp implements while I lay defenseless in my bed.

Just a reaction to the whole concern about privacy.
If you want privacy, don’t be a writer.
Isn’t the goal to become famous, rich, and widely admired? :open_mouth:

Or, if you don’t want that, don’t use a computer,
or hook it to the Internet, or use it to buy anything
or to express your opinions about any topic
because then others are going to know what you think. :bulb:

I think that privacy and anonymity are often confused.
And most of the time they aren’t that necessary.
On the other hand, sometimes paranoids do have real enemies. :mrgreen:

I’m not sure what you mean by “examination”, as I’m not sure what there is to examine here. I do absolutely accept that privacy issues are something users have every right to be concerned about, of course, and that users have every right to ask us why Scrivener wants to access their contacts. (As I say, I can’t work out why you aren’t seeing the explanatory message in the “Scrivener wants access” notification.) I think Apple was right to introduce this message, but I also think that the message does everything that needs doing here (when it shows the explanatory text, at least!). When an app first goes to access your Contacts, OS X puts up a message: “Scrivener wants to access your Contacts”. The app provides explanatory text, in this case that Scrivener uses Contacts only to auto-populate certain data, such as title pages (which you unfortunately did not see through some system glitch, presumably). Now the user can make an informed decision: do I want to allow this application access to my Contacts for these reasons? If you don’t think that auto-populating title pages is enough of a reason for Scrivener to access your Contacts, then you can deny it such access. Other users, who think this is enough of a reason, can grant access.

So I think this is where our chief disagreement lies - you think that Scrivener shouldn’t even ever ask to access your Contacts just so that it can auto-fill title page information and other meta-data, whereas I see this as a perfectly valid usage of the AddressBook frameworks. And as I say, the key point is that as of Mavericks, users get to choose themselves whether they agree with the developer about this or not.

Indeed, perhaps this isn’t something I have made clear. Scrivener most certainly does not need - or use - access to your entire Contacts list. However, information for the current user - name and address and so on - is all accessed through the AddressBook framework, which also handles all other Contacts. The “This app wants access to your Contacts” message is thrown up by OS X whenever an app is launched for the first time that links against the AddressBook framework at all. An application has no way to call up the current user’s information without linking against the AddressBook framework, and OS X, in throwing up the message, does not distinguish between an application that only needs access to the current user info or to all of your contacts, because this sort of granularity just isn’t part of the frameworks. An app either has to ask for access to everything or to nothing. There is no way to ask for access only to the current user’s details.

I guess I’m equally surprised that it is something you see as a major risk, since you are the first user who has been offended by this usage of Contacts. We have had many users email us to ask us why Scrivener access Contacts (although we don’t have many now that we have included the explanatory message, which didn’t show for you for some reason), but once we have told them that Scrivener just uses it for title page details and nothing else, no one has ever objected. I’m not sure what “wider privacy issues” there are here, though. The only issue is whether or not you trust Scrivener to access your Contacts for the purposes it states. The only cause of an ill outcome could be if Scrivener contained malicious code or if you had downloaded a copy of Scrivener that had been hacked, although with the advent of Apple-signed applications, a hacked executable should be flagged up by OS X these days.

There are many other things that an evil application could do if it wanted, of course. Scrivener and other programs have complete access to your hard drive and to the internet (although this can be limited if you’re using the Mac App Store version), which means that in theory they could delete everything on your machine or upload all of your documents to a remote server (although this could be detected using something like Little Snitch). These possibilities have to be weighed up when you decide whether you install software, and I’d say that the same applies to when you choose whether or not to allow software access to your Contacts. Malicious or hacked software can do all sorts of damage, and we always have to weigh that up, but I don’t think that the small possibility of such malfeasance should force us into removing useful and convenient features, especially in this case where users get the choice to deny access anyway.

Of course, we shall continue to monitor all of this, and if it turns out that most users don’t want Scrivener even to suggest it has access to Contacts, or if it becomes something that Apple or general consensus frowns upon, or if any serious security issues arise with the AddressBook frameworks, we will certainly remove this integration.

It’s now my turn to apologise for verbosity. I’m also sorry if anything I have said comes across as too defensive or aggressive, as nothing in any of my replies was intended that way. I often pour out these replies between coding furiously or late at night with code fatigue, and so my wording is frequently not quite as tactful as I wished it had been upon rereading.

All the best,

An interesting, and well-written, exchange of views. I accept KB’s position, that nothing nefarious is intended nor attempted, but I guess the recent controversies concerning the NSA and data security are making people extra sensitive.

May I make a simple suggestion here? Instead of asking for access to contacts, which does seem like an inelegant and scatter-gun approach to finding personal details, why not simply have a screen appear during the installation process, and made available for future edits in Preferences, explaining that Scrivener allows you to auto-populate certain oft-used fields, and that if you would like to make use of this feature, please enter your name and email address here (and optionally, any other personal data deemed likely to be regularly needed by the user).

This makes it more transparent and removes the anxiety-inducing request to access contacts (and in the worried minds of some, possible access to other personal data as a result). It also means that the user can specify exactly what details e.g. a nom de plume should be used.