Twitter App Graph exposes smartphone spyware feature App developers around the world are cursing Twitter for spilling the beans: spyware isn't a bug on iOS or Android, it's a feature. The world's favourite micro-blogging platform has quietly switched on a feature in which it looks at what other apps are running on a smartphone it's installed on. In the unlikely case that you'd …
Android /and/ iOS.
But I think I agree with the sentiment; Twitter at least (a) have mentioned that they collect data and (b) permit users to disable it if they wish.
How many other applications do people have installed on their respective devices where the developer has done neither of the above?
". . . something that on a personal computer would be called “spyware” by any decent antivirus is built into the two dominant smartphone operating systems."
Oh, like Origin you mean?
The problem is that gathering any and all information on users is considered de rigeur these days and companies feel like they can do so without having to worry about any real backlash. Sadly, they seem to be, largely, right.
People just don't stop using services because they are collecting information. If they did there wouldn't be the plethora or 'loyalty' programs and people 'liking' companies on Facebook to enter competitions.
It's complete poppycock to say that enumerating installed applications in a PC is intrinsically "spyware". How else does Control Panel present the list of installed applications ? On a Mac, just examine the bundles in the Applications folder.
If the user can do these things (and they HAVE to be able to) then so can any app that is running with the user's permission.
To qualify as "spyware" an application would have to do this without informing the user that it was doing so, or while claiming that it didn't do any such thing no way no how. Na uh. Not me.
It's the issue of consent and advertised intent, not capability, that determines what is or isn't spyware.
Otherwise you also have to decry the fact that your PC's keyboard driver is nothing more nor less than a KEY LOGGER !!! Sure, it doesn't do anything nasty, but spying on keystrokes is what a key logger does, so a key logger it is and must be. Right? Sheesh.
That would be yes, but that is NOT what the author describes:
"a feature in the iOS and Android APIs that lets developers scan devices for installed applications – something that on a personal computer would be called “spyware”"
Absolutely no mention of what is DONE with the information gleaned. Just scanning the installed applications is enough - in the author's opinion - for it to be identified as spyware. My entire point was that doing that is not what identifies spyware, rather what is DONE with the information so gleaned.
FTA:
So what does App Graph actually do? From the horse's mouth: “collecting the list of applications you have installed”, so it can (of course) “build a more personal Twitter experience for you” to “deliver tailored content that you might be interested in”.
In short, the application is collecting data about what you have installed and sending it back to Twitter for the data to be analyzed so that more focused ads can be served. On Android, they at least have the defense that the user agreed to that particular "feature" when installation Twitter; on iOS, not so much.
Why would any app need a list of all other (running) apps? Gathering that information and sending it off for 'analysis' definitely counts as spyware. If app functionality depends on the presence of certain other apps, the OS should provide a means to query whether those specific apps are installed, rather than revealing all of them.
How about an app that lists running processes and lets you kill them? There are lots of those for Andorid and none of them would work without this feature so of course you can enumerate running apps.
So much FUD in the article and no useful detail, very bad. Listing running/installed apps is a legitimate function. What makes this spyware is reporting it back to the developers. So do you need to run and log in to the Twitter app for them to know what apps you have installed or does it report back even if you aren't a user?
As Kanhef points out, an application may need to know what's running (it may be fighting for resources, or need a specific application to provide input or output capabilities) but there is absolutely no need for anything to phone home with that data - spyware indeed.
But it's a function of the application that makes it spyware, not the capability of the OS.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
