Last week I chose between an Android phone and a Q5
Looking like the Q5 was the correct choice, and it hasn't even arrived yet.
Security researchers have discovered an Android botnet that masquerades as a benign settings app for carrying out administrative tasks on mobile devices. Once authorised by the user, the malicious app surreptitiously steals SMS messages from the infected device and emails them to a command-and-control (C&C) infrastructure …
Something I could never slate blackberry for with the playbook, choose what access you want the app to have and even with less privileges still works (some times less functionality! but why would an alarm clock need to be able to make phone calls ?)
It's probably an IT / cautious person thing to do but I check all permissions for apps before downloading them even when they're on the Play Store. If I'm downloading from somewhere else I'm even more careful to check into it first. Sadly it seems I'm in the minority with a lot of people just blindly installing apps from anywhere and ignoring the very clear warning about installing apps from unknown sources.
And what good does that do you? Or do you look at the requested permissions for each app (that performs a specific function) and then install the one with the least permissions? What about updates? If the permissions change with a new version, do you blindly allow the update to complete? Or do you uninstall the app and start over?
do you look at the requested permissions for each app (that performs a specific function) and then install the one with the least permissions?
if the permissions change … do you uninstall the app and start over?
->yes, if I don't like them.
Any more questons?
The "extra permissions on update" seems to be a common trick, has prompted me to uninstall quite a few.
I would prefer when ticking a box like "Access to microphone" or "send SMS"
I had the choice of "When app is in focus only" (alarm at any other time.)
So program X enables voice prompts, why the hell should that mean access to the microphone as and when it likes?
give me "access to microphone for ten seconds after condition Y" like double tap, visible button etc.
I guess some will now tell me that is all there, but the developers don't enable such choices because thick users wouldn't understand the question.
@theodore Chairo here has already answered pretty much what I would have answered. I take the app type into consideration when I see the permissions and if it's extreme then it doesn't get installed, simple as that. Some apps that add extra permissions will explain why the new permissions are needed and again, if I agree that it's necessary and don't mind I'll allow it. If I don't agree then I either stay on the current version or uninstall if it requires the latest version.
Examples? A camera app will obviously need access to the camera and storage but it might also have an account permission. First glance you might wonder why but if it integrates with a service then that's easy to understand. However, if it asks for permission to send email without my permission it gets removed. Yes that permission actually exists and showed up in a recent app updates for something, Blipar I think it was.
Why don't they post which aps they have found the botnet in?
The way Permissions are handled is ambiguous...
Of course some apps will have to look at your contacts. Of course some will have to access your WiFi... or access your email - in order to help you send one... the question is can they do it with out your knowing... amongst others. (Not wishing to go into a deeper level of complexity.) We, the users, need to demand a more clarified level of detail on permissions. They, the programmers need to give the users a way to block access. (Without having to root phones.) (And why would you trust rooted software more than the corporate which can be held accountable?)
Biting the hand that feeds IT © 1998–2019