Privacy issues with Market apps


Last Updated: 2010-10-09 01:11:45
  1. bunnisher

    bunnisher Well-Known Member

    I'm not sure if this is the right section or not but here it goes.....

    There was an article on the BBC website a few days ago about a study that was done that found applications on the Android Market were transmitting information back like phone numbers, IMEI numbers and SIM serial numbers when the permissions were only for location, camera and audio data. (Original article: BBC News - Google Android apps found to be sharing data )

    It appears that Google's response was something along the lines that the apps give the user the choice to continue with the install and it is up to the user to only install apps they trust. I for one think that I am a bit careful in what I choose to download (ie: why would an app for wallpapers want access to my contacts? etc) but how can you really know for sure it is only getting the info it says it wants and where are the boundries?

    I don't know enough about programming and the like but was just wondering with the new Sense and other apps where you can remotely wipe your phone if stolen and other such things, if other companies (or even a kid in his bedroom who write a simple app game and gets access to your phone's details) have this info (IMEI number etc), how do you protect yourself? Am I just being overly paranoid? On the other hand, I don't want to have a phone and *not* download any apps!

    Is there someplace that can explain what permissions would give me a definite "no" for certain types of apps? Something like "a game should never want access to x, y, z." Although this probably wouldn't help if the app was taking more info than it needs anyway from the particular 'permission'.

    PS...I had a quick browse of the actual research paper and a lot of it is just techno-jiggery to me but I do recognize some apps that I would have normally trusted (ie: Layars, Barcode Scanner, Astrid). I don't know if these particular apps took more info than they should have but it does make me wonder. (Research can be found from here: TaintDroid: Realtime Privacy Monitoring on Smartphones )

    Advertisement
    bitsnbytes likes this.
  2. Hakasin

    Hakasin Member

  3. bunnisher

    bunnisher Well-Known Member

    Thanks for the link but I had already read through that when I first got my Desire back in May. :) As a rule, I always read through user comments and check what permissions are being asked before downloading any app.

    I know a lot of it is common sense but I guess I'm trying to say the permission categories seem a bit too broad for me. For example, I can understand why a game would want to have access to 'phone calls' to allow calls to get through (if that's what it really means) so I would want to give permission for that but I don't want to give permission for them to access my IMEI, etc. I would like to know if an app is taking liberties as it were and accessing other information within that permission that is of no concern to them. It's like giving someone your house keys so they can use your toilet only for them to also go rummaging through your knicker drawer. Or something like that. :p

    I suppose there is no easy answer unless there is some sort of app that runs like the one the study used that monitors exactly what info is being sent from what app.
  4. bfksc

    bfksc Well-Known Member

    I'm curious too...I'm guessing the authors report what permissions are needed, not the App Market, so if they're devious, they'd lie and put "nice" permissions in as requirements. In that case, make sure you read the comments section to make sure no one is reporting it as malicious (which is what I do).

    If the Market does the checks, then you can trust what it says.

    Hopefully someone knows how it works as I haven't found any conclusive answers.
  5. Bob Maxey

    Bob Maxey Well-Known Member

    I have learned to simply accept this curious state of affairs. I am beginning to trust the applications I DL and hopefully, nothing bad happens. One thing I DO NOT DO is order crap from the internet using my CC and the Zio. The exception is Google Checkout and the Android Market.

    Even then, I use a money card so the most I can lose is 25 bucks should an application do something naughty.

    I assume that everything on my phone will be seen by someone, at some point, and I make sure to watch for possible problems discussed on the forum. Other than that, I pray and hope for the best.

    Bob Maxey

Share This Page