Want to keep Android apps from spying on you? A security researcher has released an Android app that allows users to control precisely what information they share with other programs installed on their smartphones. The latest version of WhisperCore remedies a shortcoming of the Google mobile operating system that has vexed users since its release: a design that often …
This can't come too soon. Angry Birds is just one example of apps that seem to start with just "Internet Access" and then with later updates, expand their permissions requirements into location and other such lovelies. Presumably the developer and/or advertisers think you can't live without some toy that involves flinging birds about like a sparkly version of GORILLAS.BAS.
Yeah. Watch me.
I think more to the point the developers/advertisers think you wont check or care that they've decided to add location permissions to your list of requirements. At any rate, the latest angry birds update remains 'pending' on my own droid until the permissions are changed or I get another option such as an app like this one.
Useful to know, thank you Register.
My apps eat bandwidth all the time, even if I've told them not to (where possible). The result is going way over my data bundle allowance and enduring costly data charges. Together with the idea of some apps reporting on my location and other personal info I simply switch off my data connection - or APN to be precise. I activate it when i need to go online. The result is going from 3GB of data per month down to a reasonable 500MB.
I'm angry though, that for an OS built around/on Linux, that Google didn't build it with the premise that users may want to revoke privileges for apps at the app and data lifting level. Shameful and disappointing.
And, I will operate on that position, too: If the app crashes after being denied, it's going bye-bye!
I've been sticking to open source apps on my android. If I don't like the permissions I change them even though all the ones I'm using already have minimal permissions. It does make me wonder if there isn't a need to take over the process from Google in order to have an actually open operating system instead of just a "no such thing as a free lunch" one.
root your device and use DroidWall to stop 3g/wifi access to specific applications. They're all disabled by default, meaning while Angry Birds might want to know your location it can't do anything with it. plus the added bonus that none of those stupid in-app adverts load up anymore
Nice Idea, but the looking at the files, it seems their script would issue the command 'oem unlock' to unlock the bootloader. It would have been much easier to use .zip files and flash them through a modded recovery than use fastboot to flash the included .img files
Think the the Reg should included a warning that their software would 'Unlock' the Bootloader on the Nexus One and Nexus S phones which may or may not void the warranty on the phones.
I use these:
1. LBE Privacy guard: lets you control precisely what services an app can access. So far, I've denied lots, and had no crashes. This seems superior to the one in the article, and works on most phone, I assume. Requires root though.
2. Gemini app manager: lets you control what gets autostarted when, so that things that suck bandwidth don't get autostarted when, for example, you merely plug in the charger. Yes, there are things programmed with that sort of logic ... Also requires root.
Only problem with (2) is that updates to the apps reset the autostarts and then you need to switch them off again.
Privacy guard and Gemini app manager installed, thank you poohbear.
Although I like the work that Moxie does, I can't give up Rodriguez's MIUI ROM. It's the most advanced phone I've ever used. (rotating cube desktops, etc)
I'm surprised at those who are surprised that that-search-engine-everyone-uses is the greatest Data Mining Business In The World. People blithely hand over their contacts, network of friends, emails, and their very voice calls! This is so valuable for marketing, not to mention intel services.
I use ixquick.com for searches. Just as good.
It's frankly utterly ridiculous that Android has never allowed application-specific permissions control. Even old JME phones running the likes of Sony Ericsson's old OS had this.
Considering that it isn't particularly difficult to implement such a feature, I think that there's more than a fair chance that this is deliberate by Google. The less control given to users over permissions, the more data Google can collect on Android users.
Google will soon delete this application from the Market, as well as retroactively removing it from the phones of everyone who installed it. Which is why I don't like this trend towards remote deletion and interference these companies have accorded themselves on just about every new OS.
Do I get a refund if Google delete from my phone an app that I paid for? I bet I don't. Which is theft as far as I'm concerned.
"Google will soon delete this application from the Market, as well as retroactively removing it from the phones of everyone who installed it."
Citation needed, methinks.
Yes, they certainly *could* do that, but I think it's unlikely they will.
From what I've seen, Google have remotely uninstalled less than a handful of apps from phones - and they were all malicious or PoC exploits.
Google hold a lot of power in their hands, but I think it's unfair to accuse them of having abused it just yet.
Finally: "I bet I don't." Really?! Have you a) looked around the Internet for this answer or b) thought to ask Google?
No doubt this will be down voted to oblivion, but the fact is that having spent months slaving away on an app, app developers have to make some return. The "stupid in-app" ads allow you to have the app for free and devs to make a few pence on the side.
If you don't like the permissions, don't install the app. If you cheat your way around the ads to get the app for free whilst providing nothing back, it's no different to piracy.
Fallacy. Some apps have no substitute. The free market is not truly free.
When you are forced to accept all the fine print in the Microsoft OS or Photoshop, can you realistically modify or negotiate? No. There is no substitute for these, if you want to share with others, and there can't realistically be when they are like the monopoly utilities of the software world.
Same with certain phone apps. When you need a function, you can't just not use it if you don't agree to the terms. It is a completely asymmetric negotiating situation, as has so often become the case with the total corporatization of our world.
What I do mind is anything other than "Internet Access" required to deliver them. That includes phone state and identity, and definitely includes location awareness. Also SMS sending/receiving, being able to read contact data, and the numerous other permissions that some apps require for no good reason at all.
Your right to a return on your work does not trump my right to privacy, and I will take active measures to defend myself. If you don't want your app being used by people with adblockers, then don't make your app require stupid permission levels. Simples!
Or to paraphrase a certain Cupertinian businessman: "Change your app's permissions. Not that big a deal."
It isn't a negotiation. Someone has slaved away to create something and you are free to use it by their terms. That's it. If you aren't happy with the terms, write it yourself. If you aren't capable, then you survived perfectly fine before the app existed, and you'll survive perfectly fine in the future.
Re: I don't mind the ads.
I absolutely agree with you, and I won't install an ad-supported app which relies on location. The problem is that all of the ad agencies require a unique id as a minimum, location data is optional, and that's why I don't include it in my apps.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
