Android, Security, Google, Vigilance!

Discussion in 'Android General Discussions' started by Bateluer, Aug 13, 2010.

  1. Bateluer

    Bateluer Member

    Joined:
    Nov 10, 2009
    Messages:
    160
    Likes Received:
    0
    Trophy Points:
    16
    Ratings:
    +0
    Seems like most of the apps I look at now want network and GPS location, access to phone call logs, contacts, etc. Even for something as simple as a Tic Tac Toe game, it'll want GPS location access. Heck, the Pandora 1.4 update wants access to both Network and GPS location, phone call records, and contacts. No idea why it needs those things, I emailed their support inquiring about it but have not received a response yet. Naturally, when I don't install apps like these when there doesn't seem to be a valid need for the security access levels. In the case of Pandora, if I don't get a response from Pandora support that I like, I probably will uninstall the Pandora app entirely and switch to Last.fm or Slacker Radio, which ever is more agreeable. I'm not a developer, but I just don't see the need for simple applications, tip calculators, simple games, etc, to have any need for location information, phone call logs, or contacts.

    This like this concern me greatly because so many people have a very cavalier attitude to their own privacy. I may not install an app that wants unrestricted access to my GPS location and contact list, but my name and number are on other people's contact lists, and they will install those apps, often without so much a second glance at the security levels. Seems like I can be security minded and carefully guard my own privacy and information, but if the people I associate with don't maintain the same level of awareness, then my efforts are completely wasted.

    Combine this with Google's 'No Security/Privacy by Default' policy, and it seems like a recipe for disaster. Theo de Raadt and Richard Stallman would be appalled.

    What say you?
     
  2. alphawave7

    alphawave7 Member

    Joined:
    Jul 23, 2010
    Messages:
    334
    Likes Received:
    0
    Trophy Points:
    16
    Ratings:
    +0
    We need (some say desperately) a service to vet these Android apps one by one...even more vigorously than Apple would. A *detailed* description of what security requirements, and reasons the app has them. At least google gives us the warnings, but it's insufficient, imho. Perhaps someone like AppBrain or similar could be the 'Underwriter's Laboratory' for Android apps.
     
  3. ilikemoneygreen

    ilikemoneygreen Silver Member

    Joined:
    Apr 7, 2010
    Messages:
    2,580
    Likes Received:
    18
    Trophy Points:
    103
    Location:
    AZ, Superstition MTNs!
    Ratings:
    +18
    I want an app that will just deny apps of a certain service. So even if you install an "app A" that requires gps... youll be able to prevent the app using it while still having "app A." I would love if a dev created this. :)
     
  4. Bateluer

    Bateluer Member

    Joined:
    Nov 10, 2009
    Messages:
    160
    Likes Received:
    0
    Trophy Points:
    16
    Ratings:
    +0
    Oh I'd buy an app that did that reliably.
     
  5. furbearingmammal

    furbearingmammal Super Moderator

    Joined:
    Jun 16, 2010
    Messages:
    11,163
    Likes Received:
    372
    Trophy Points:
    513
    Location:
    Anywhere you're not
    Ratings:
    +455
    Current Phone Model:
    32GB Moto X Developers Edition
    Twitter:
    furryvarmint
    It'd be my first paid app purchase, and I don't do pirated apps. I installed one once, ran it for a while, and got rid of it. It wasn't worth breaking the law for an app I have no use for.

    I think there should be an approval process for any app that asks for anything that could be dicey for the end user, especially things like your contact list. Giving up your own privacy is mucho estupido, even if everyone under the age of 30 doesn't expect it and is wild about the idea of everyone and their uncle who cares knowing that they're going to the bathroom or who they're sleeping with, but sacrificing everyone else's privacy so you can listen to music is not only stupid, it's immoral.
     
  6. ilikemoneygreen

    ilikemoneygreen Silver Member

    Joined:
    Apr 7, 2010
    Messages:
    2,580
    Likes Received:
    18
    Trophy Points:
    103
    Location:
    AZ, Superstition MTNs!
    Ratings:
    +18
    Glad to know its a good idea, Maybe someone could foward the idea to a popular dev. My problem is, i know no one in that department....
     
  7. hapster

    hapster Member

    Joined:
    Mar 7, 2010
    Messages:
    94
    Likes Received:
    2
    Trophy Points:
    8
    Location:
    USA, Kentucky
    Ratings:
    +2
    Dunno why Pandora would need call log access, but it wants GPS because it's ad supported and uses your location to show relevant ads. GPS doesn't help it if it's not on, so then it uses network location.

    It's the same concept for other apps. Blocking an app's access to those services could interfere with with the dev's ad revenue, which could mean development could stop. Bottom line is, if you don't want an app accessing things like that, or you question why it wants it, don't install it.

    Sent from my Droid
     
  8. ilikemoneygreen

    ilikemoneygreen Silver Member

    Joined:
    Apr 7, 2010
    Messages:
    2,580
    Likes Received:
    18
    Trophy Points:
    103
    Location:
    AZ, Superstition MTNs!
    Ratings:
    +18
    WOW, how could it interfere with the devs revenue? Considering the adds are written in the app. I would like to know how the devs are paid by the adds. Because if they are paid by just having the adds written into the app then you would be wrong.
    And lol, Using your point, my Bb .4 blocks adds.... So i guess none of the devs are getting paid. (thus the gps is a useless service to have. I want to block access!)
     
  9. hapster

    hapster Member

    Joined:
    Mar 7, 2010
    Messages:
    94
    Likes Received:
    2
    Trophy Points:
    8
    Location:
    USA, Kentucky
    Ratings:
    +2
    I don't know how the payment schemes are set up, or if the dev gets paid simply by the ads being shown, or only if a user clicks on it. But, using Pandora again, the ads themselves are not part of the app. I see ads for products and services for businesses in my area. When we went out of town last month, I saw ads for that area. Not saying that is how they all work. Ads in other apps I've used were pretty generic.

    Sent from my Droid
     
  10. Bateluer

    Bateluer Member

    Joined:
    Nov 10, 2009
    Messages:
    160
    Likes Received:
    0
    Trophy Points:
    16
    Ratings:
    +0
    I have ads blocked in my Sapphire ROM as well, however, I have paid/donate versions of several applications, Rom Manager, SetCPU, Cachemate, and a few others.

    While the dev does get some revenue from ads, you don't need location information to display ads. Yes, targeted ads can be applied with location information, but I don't think there'd be much difference in their usefulness to the end user. Its not worth the risk of having Google or the dev having a list of data of every place I've been and the routes I've taken to get there. This is a very serious security concern, and, to be honest, the lack of response from people across the net really concerns me.

    You've got various governments, including the US Govt pressuring all the major smart phone makers and carriers for access to their information, which would include all that location, phone call logs, and contact information that was tracked. The dev may be just one individual, or a small team of individuals, who's only goal is to make a few extra dollars in ad revenue, but the government's objectives are cloaked in the guise of our own protection. Think they need a warrant to get your data? Nope, all four US national carriers actively cooperate with law enforcement willingly without warrants.

    Very scary stuff. Where's my tin foil hat?
     
  11. hapster

    hapster Member

    Joined:
    Mar 7, 2010
    Messages:
    94
    Likes Received:
    2
    Trophy Points:
    8
    Location:
    USA, Kentucky
    Ratings:
    +2
    There's always the potential for such abuses. I'm not much of an alarmist though. Some might say that's bad. I'll just hide my head in the sand. Lol

    Sent from my Droid
     
  12. ilikemoneygreen

    ilikemoneygreen Silver Member

    Joined:
    Apr 7, 2010
    Messages:
    2,580
    Likes Received:
    18
    Trophy Points:
    103
    Location:
    AZ, Superstition MTNs!
    Ratings:
    +18
    I dont mean the specific adds are written. Lol i mean the add script probly to the add company. I need to do more research on that, But i really dont want it. Expecially since i dont use it anyway... I think im going to PM a dev and ask them about the possibility of an app like i mentioned. Its definetly worth an opinion from an actual dev.
     
Search tags for this page
android app prevent from accessing contacts
,
blocking android apps prevent apps from accessing private in
,
google vigilance
,
how to prevent google form accessing information from my and
,
how to stop textfree from accessing my contacts
,
keep google from accessing my information
,

prevent android apps from accessing contacts

,
prevent android apps from accessing my contacts
,
prevent apps from accessing contacts
,
stop apps access to contacts