Related
So in its latest release of 2.3.3 Google ousted the Facebook contact sync from stock Android. Personally, I believe that was a horrible idea on Google's part. Part of the reason I stay with the stock mytouch rom is because of the Facebook integration it comes with. I also was hoping Google would have actually stepped up the integration among social websites. I don't think anybody can argue that the majority of the population spends a lot of time on those web sites and with companies such as Apple and HTC stepping up their intergeneration, I believe this makes Google fall behind all over some pride issue?
Please let me know all of your thoughts on this issue?
Social Media = Empty Minds
Facebook is lame.
Mind numbing drivel for the brains full of mush masses.
useless useless//
mark manning said:
So in its latest release of 2.3.3 Google ousted the Facebook contact sync from stock Android. Personally, I believe that was a horrible idea on Google's part. Part of the reason I stay with the stock mytouch rom is because of the Facebook integration it comes with. I also was hoping Google would have actually stepped up the integration among social websites. I don't think anybody can argue that the majority of the population spends a lot of time on those web sites and with companies such as Apple and HTC stepping up their intergeneration, I believe this makes Google fall behind all over some pride issue?
Please let me know all of your thoughts on this issue?
Click to expand...
Click to collapse
Google removing the bloatware from the Stock Android has nothing to do with integration nor disintegration.
What does the included app do that another Market app can't? Keep the crap out of the ROM and in the Market.
oh so you read engadget than, kudos for bringing this important information to our attention....anyways facebooks a bunch of freaking hypocrites they want to have access to everything else, but let no one have access to their api's.....*****es
Sent from my HTC Glacier using XDA App
cal3thousand said:
Google removing the bloatware from the Stock Android has nothing to do with integration nor disintegration.
What does the included app do that another Market app can't? Keep the crap out of the ROM and in the Market.
Click to expand...
Click to collapse
You know not of what your talking about, Google specifically took away all Facebook contact syncing ability in 2.3.3!!! I believe thats disintegration. Please know the facts before you post.
This happens whether its in the market app or comes preloaded on the phone, its an attempted dis to facebook at the cost of people who enjoy the syncing abilities
mark manning said:
You know not of what your talking about, Google specifically took away all Facebook contact syncing ability in 2.3.3!!! I believe thats disintegration. Please know the facts before you post.
This happens whether its in the market app or comes preloaded on the phone, its an attempted dis to facebook at the cost of people who enjoy the syncing abilities
Click to expand...
Click to collapse
I do know the facts. Google is not ousting anybody, they are requiring Facebook to follow Android rules like everyone else.
You will still be able to access your precious little FB contacts from the app... again.. like I said... what did it do that an app cannot?
Simply put, all this does is require FB to actually use the provided APIs like everyone else. So now, your FB contacts will actually be on the phone instead of 'in the cloud'.
Quote from GOOGLE:"...Like all developers on Android, Facebook is free to use the Android contacts API to truly integrate contacts on the device, which would allow users to have more control over their data."
More reading here:
http://news.softpedia.com/news/Andr...tact-Sync-in-Facebook-on-Nexus-S-185773.shtml
Another question for you, who the hell is Google "falling behind"?
Sweet, maybe they will replace it with XDA instead...much more useful...
I don't think Facebook will follow this rule, at least until Android gets a bit more popular. Remember back in 2009, when we didn't have a offical facebook app? Facebook itself even that they weren't planning on making one, but then we seen all the leaked screenshots and widgets off course. They will, just give it sometime. The mobile site and the touch site of facebook sucks as well, so I'm really hoping they stepup the game.
going_home said:
Facebook is lame.
Mind numbing drivel for the brains full of mush masses.
useless useless//
Click to expand...
Click to collapse
Did you call for me?
going_home said:
Facebook is lame.
Mind numbing drivel for the brains full of mush masses.
useless useless//
Click to expand...
Click to collapse
+1.9 quadrillion
xdviper said:
I don't think Facebook will follow this rule, at least until Android gets a bit more popular. Remember back in 2009, when we didn't have a offical facebook app? Facebook itself even that they weren't planning on making one, but then we seen all the leaked screenshots and widgets off course. They will, just give it sometime. The mobile site and the touch site of facebook sucks as well, so I'm really hoping they stepup the game.
Click to expand...
Click to collapse
Can i ask why Facebook is so important to you?
To anyone?
I say this because when Justin "beaver" got his hair cut he lost some 80,000 follower from Twitter and Facebook.
OVER A FLIPPING HAIR CUT HE LOST FOLLOWER
(Now do not get me wrong i do not like the little sh!t as it stands but that is a different story)
So what kind of image is Facebook and Twitter promoting? self indulgence into believing you or i are actually important in this world. Twitter is the number one "screaming in silence site" in the known planet. No care what you have to say. Know why i say that? pick 10 people out of your group of friend that you follow and follow you. @Mention them with nothing but the word "duck". Then on person 11 @mention them with the word "goose". Everyone that sees their @ mention will reply with something related to "WTF". Meaning all they are read is stuff directed to them.
People claim that "Facebook makes it easy for people to find me". Wait a tick if you look on Google News at any given point in time there are articles related to Privacy and how to protect it on the web.
Well i'll end with this
IF you are a US Citizen, born in the USA. IF you have your Hometown and your Birthday (month/day/year) listed on facebook. There is a 13+% percent that a random computer that does nothing but search facebook for B/days and hometown will guess your social security number.
123-45-6789
is an area code that you were born in
Is a code for the hospital and state you were born in
is nothing more that a sequential number
So yes it is possible. Yes Facebook is for the mindless minions, Yes i respected my privacy enough to get rid of it.
neidlinger said:
Well i'll end with this
IF you are a US Citizen, born in the USA. IF you have your Hometown and your Birthday (month/day/year) listed on facebook. There is a 13+% percent that a random computer that does nothing but search facebook for B/days and hometown will guess your social security number.
123-45-6789
is an area code that you were born in
Is a code for the hospital and state you were born in
is nothing more that a sequential number
So yes it is possible. Yes Facebook is for the mindless minions, Yes i respected my privacy enough to get rid of it.
Click to expand...
Click to collapse
LOL!
That's hilarious, total BS information. I can go on and on as to why that is false but anyone with a SSN knows that's incorrect.
I find it highly amusing that anyone would bash FB and then allow Google to access their personal data.
Google is the biggest abuser of private information on the planet. Case closed.
If you don't like FB, don't use it, but just because some of us do enjoy it, does not make us ANY of the things you want to label us as.
have fun with your tin foil hat and denial of who the real privacy violator is.
mark manning said:
So in its latest release of 2.3.3 Google ousted the Facebook contact sync from stock Android. Personally, I believe that was a horrible idea on Google's part. Part of the reason I stay with the stock mytouch rom is because of the Facebook integration it comes with. I also was hoping Google would have actually stepped up the integration among social websites. I don't think anybody can argue that the majority of the population spends a lot of time on those web sites and with companies such as Apple and HTC stepping up their intergeneration, I believe this makes Google fall behind all over some pride issue?
Please let me know all of your thoughts on this issue?
Click to expand...
Click to collapse
Agreed. I believe this is a control issue. FB is a big boy in the control of private information, information Google wants to get it's grubby hands on.
Whatever the end result, the motive is definitely not to benefit our privacy. Guaranteed.
$pitacular1 said:
Agreed. I believe this is a control issue. FB is a big boy in the control of private information, information Google wants to get it's grubby hands on.
Whatever the end result, the motive is definitely not to benefit our privacy. Guaranteed.
Click to expand...
Click to collapse
True... but you should only put information that you want shared with the world on the internet. Personally, I believe privacy concerns should come down to personal responsibility.
Interesting thread. Personally I love the contact sync feature and would be thoroughly annoyed if it disappeared. I believe it will come back eventually.
So can someone clarify the issue to make sure we all understand correctly? Facebook only allows contacts to be displayed from the cloud but not synced down to the phone where they can be edited and then synced back? Is that the big issue? What API is Facebook currently using and what API is Google trying to force them to use that's resulting in this feature disappearing?
I like having contact information of facebook friends (phone numbers and emails) automatically show up on my phone. Very convenient. The pictures are nice and status updates are cool too.
Agree on privacy. If it bothers you, check your settings or delete your facebook. BFD.
Oh, and lol @ tin foil hat.
$pitacular1 said:
LOL!
That's hilarious, total BS information. I can go on and on as to why that is false but anyone with a SSN knows that's incorrect.
I find it highly amusing that anyone would bash FB and then allow Google to access their personal data.
Google is the biggest abuser of private information on the planet. Case closed.
If you don't like FB, don't use it, but just because some of us do enjoy it, does not make us ANY of the things you want to label us as.
have fun with your tin foil hat and denial of who the real privacy violator is.
Click to expand...
Click to collapse
Read this
http://www.time.com/time/nation/article/0,8599,1909133,00.html
Cyanogen Powered; Android designed
Ill pass on tinfoil hat.
(Hah. Sorry to previous poster. Didn't see you already used that term).
Sent from my HTC Glacier using XDA App
Who cares what data Google or Facebook has? If they abuse the privilege of having so much personal data, how do you think they would go about doing it and why? I absolutely don't care that they know exactly how much granny-porn I look at. I don't have anything they want...and neither does anyone in this thread. NEXT.
Sent from my HTC Glacier
neidlinger said:
Read this
http://www.time.com/time/nation/article/0,8599,1909133,00.html
Cyanogen Powered; Android designed
Click to expand...
Click to collapse
Nowhere does it state the identification pattern as you described it.
Mine and my wife's, daughters, brother's, sisters and fathers SSN all have the 3 first digits different and we were all born in the same State, same county. Also, my brother and sister were born in the same hospital and their 4th and 5th digits are completely different.
Also, you failed to note that they thieves would require VOTER REGISTRATION info to piece it together with a highly refined ALGORITHM that I'm sure isn't just floating around out there for the average identity thief.
Dude, seriously, even the article is stating this could be done IN THEORY.
This is from the same article you are citing:
Mark Lassiter, a spokesman for the Social Security Administration, dismissed as a "dramatic exaggeration" the suggestion that a successful prediction code has been developed. In a statement, Lassiter urged the public not to be alarmed by the report, stressing that there is "no foolproof method for predicting a person's Social Security number."
Like I said, tin foil hat, LOL, total BS
have a nice day
And to address the topic of the thread more directly,
I will be EXTREMELY pissed if this is an unresolved issue.
I use FB as my main contact list, and it's completely idiotic of Google to try and pull rank on this issue to force FB into doing what it wants.
If this can't be resolved, don't be surprised if you see a FB phone in the future... they are an empire capable of doing what they deem necessary.
So after starting this thread it has raised a stir. And I wanted to point out why the data that Google collects from Android devices is in my own opinion not at all "anonymous" although it is claimed to be.
The WSJ article fully explains. Please read it in full but I'm just going to cite a short passage here and embolden a few words:
...an HTC Android phone collected its location every few seconds and transmitted the data to Google at least several times an hour. It also transmitted the name, location and signal strength of any nearby Wi-Fi networks, as well as a unique phone identifier.
Click to expand...
Click to collapse
Apple does not collect the unique phone identifier in the data that they collect.
So Google is collecting location, unique ID, and if you sign into Google services they have your full account information and all within it. This means, via your phone ID that Google could very easily associate YOU PERSONALLY with the location data if they so choose. I know, they say they don't but it's one heck of a data mining marketer's dream to do it!
So I stop Android from phoning home.
I agree i own both a iPhone and a Droid but the difference is the Unique Identifier being sent from some Droid phones ... The real question is what is this unique identifier that is being sent is it the IMEI or MAC address
Looks like Google claims it's not the IMEI, according to this article: Google Responds To Smartphone Location Tracking Uproar, Says Android Is Opt-In
From the article:
Google explains that when a phone transmits data back to its servers some location data is actually assigned a unique identification number, but it says that this number is in no way associated with the device’s IMEI, the user’s name, or other information. In other words, they’d have a hard time associating a user with that data.
Click to expand...
Click to collapse
That makes me wonder, why must they create this "unique identification number" at the device level in the first place? If they simply want a unique value in their database for incoming data, it's much cheaper and easier to assign the value inside Google within their own databases as each new report comes in. (RowID for example. You who do any database level programing know what I'm talking about.) Than to assign each device a "unique" identifier that is sent with other data each time. The fact the device is sending some sort of "unique" identifier is troubling. And it's the researchers that found the value sent is unique and could be used to identify a phone. So do I believe the researchers who first told us exactly what is being sent or Google, since Google didn't tell us exactly what was being sent till the researchers uncovered it? I suspect if anyone could overcome that "hard time associating", Google could, but that's that my opinion. They know what method they used to create the supposedly unique value and they know how "unique" it is in relation to a specific device. In all my years of software engineering, I can't see how it would be so "hard" for Google to associate all the data they're pulling in with a specific device and person.
I'll just keep my device from phoning such data to Google and leave it at that. I'm also finding my battery life and GPS lock times have improved since stopping Android from phoning home.
ROMs need to address this directly
Darnell_Chat_TN said:
So Google is collecting location, unique ID, and if you sign into Google services they have your full account information and all within it. This means, via your phone ID that Google could very easily associate YOU PERSONALLY with the location data if they so choose.
Click to expand...
Click to collapse
Thanks for starting this thread. This is definitely an issue that we should be concerned about. I wasn't aware that Google was collecting more data than Apple, and your above point is very worrying!
I've asked this on the previous thread too, but I'm keen to see if/how ROM developers can directly manipulate Android to remove this malicious transmission to Google. How can we pressure them to do so? Beyond that, Google themselves need to be held accountable for this,
It actually makes perfect sense; when you're collecting all of this data from random phones, you need a way to vet the quality of the data. If some joker starts having fun and injecting bogus data into the uploads, they can eventually identify which phone the bad data came from and remove it all from their database. If the data is purely anonymous, with no ID tag whatsoever, it's much more difficult to maintain the quality of the data.
highlandsun said:
It actually makes perfect sense; when you're collecting all of this data from random phones, you need a way to vet the quality of the data. If some joker starts having fun and injecting bogus data into the uploads, they can eventually identify which phone the bad data came from and remove it all from their database. If the data is purely anonymous, with no ID tag whatsoever, it's much more difficult to maintain the quality of the data.
Click to expand...
Click to collapse
So, is there a way of "injecting" bogus data deliberately by phones to degrade Google's database? I've also read a report from a NCSU research team creating an application called TISSA for turning off or deliberately feeding misleading info for apps that try to read and transmit personal data. It says with development, this app will be launched on the Android market. Can such methods be used to 'rein in' Google?
Sent from my HTC Incredible S
Of course there is. Just disable the phone-home connection while accumulating data in the cache (using iptables/DroidWall). Then edit the cache files, putting whatever you want in them, and then reenable the connection. The phone won't be able to send the data before you edit it, if you keep the connection locked down.
Sent from my TP2 using Tapatalk
Apple has banned certain hackers from their app store. I'm not trying to send any bogus data to Google, because that might be the tipping point for them to try and ban my device.
Interestingly enough, Steve Jobs himself has come out to proclaim Apple does not track anyone, but he claims Android does: Steve Jobs: Apple doesn't track anyone
Don't iPhones have IMEIs too? Apple have denied using it. So have Google. As far as Google services go, Apple have your info through their store. What's the difference?
deejaylobo said:
Don't iPhones have IMEIs too? Apple have denied using it. So have Google. As far as Google services go, Apple have your info through their store. What's the difference?
Click to expand...
Click to collapse
Read through the earlier posts for details.
Darnell_Chat_TN said:
Read through the earlier posts for details.
Click to expand...
Click to collapse
Yes, and despite Google denying using unique identifiers with their data you are of the opinion that they do. But, you believe that Apple does not use unique identifiers based on what? Them saying so?
Nexus SuperAosp
deejaylobo said:
Yes, and despite Google denying using unique identifiers with their data you are of the opinion that they do. But, you believe that Apple does not use unique identifiers based on what? Them saying so?
Nexus SuperAosp
Click to expand...
Click to collapse
Not based on them saying so at all. Please read in full the article that I've cited, which is the account of 3rd party researchers who looked into what the devices are actually sending. Read the article and view the video on that page as well. Both provide details into the research that was performed and the findings of that research.
Darnell_Chat_TN said:
Not based on them saying so at all. Please read in full the article that I've cited, which is the account of 3rd party researchers who looked into what the devices are actually sending. Read the article and view the video on that page as well. Both provide details into the research that was performed and the findings of that research.
Click to expand...
Click to collapse
Just a small update. Once again, Google deny using unique identifiers.
http://online.wsj.com/article/SB10001424052748703387904576279451001593760.html?mod=googlenews_wsj
I wonder what came of TISSA? I can't find any release information on it. Just the paper:
http://t.co/Rsuq4L2
Also TaintDroid code is still not widely available in custom kernels or as an add-on module, which is quite sad.
We all know the Android privacy and security are quite bad and all Google does is clean up after-the-fact.
Are there any new developments in this arena that users can deploy themselves?
thanks for this info and the iptables tip above. I think I'll add a log and check it after about a week. I'm real curious as to what info my device is sending out and how much.
Hi,guys, l want to implement a malware on android as my graduation paper, and now i am hard to think more good ideas, would you like to share your novel ideas with me ?
thank you very much!
How bout something useful, like gps logger, call log, browser history. Make an app/server side interface that can customize various parameters such as minutes between gps logs and upload server. Several small companies would love to trace their employees activities on company phones. Might even get you paid.
westwind1120 said:
Hi,guys, l want to implement a malware on android as my graduation paper, and now i am hard to think more good ideas, would you like to share your novel ideas with me ?
thank you very much!
Click to expand...
Click to collapse
Sent from my MB855 using XDA App
1) Build an android HTTP server that parses the user agent and serves a different browser exploit depending on what android version is on, if it's a miss, forward to the actual requested page, if it's a hit, go for it!
2) + Arpspoof
3) ???
4) Graduation
Or something that will overwrite the default CD .iso image in the device (the one that is mounted when you plug the phone on the pc) and make a modified version of that with something evil that will jump on the pc.
jk... so is it going to be some app or PoC or a paper explaining potentials of exploiting from/to Android (like Zimperium - Anti / Faceniff / Droidsheep)?
I made a malware-related graduation paper many years ago...
jokersax11 said:
How bout something useful, like gps logger, call log, browser history. Make an app/server side interface that can customize various parameters such as minutes between gps logs and upload server. Several small companies would love to trace their employees activities on company phones. Might even get you paid.
Sent from my MB855 using XDA App
Click to expand...
Click to collapse
As a matter of fact, i want to write a rootkit on android, but at moment, it is lack of some useful cases, so as above, i need some ideas.....i promise it is just for study not for profits
ell3 said:
1) Build an android HTTP server that parses the user agent and serves a different browser exploit depending on what android version is on, if it's a miss, forward to the actual requested page, if it's a hit, go for it!
2) + Arpspoof
3) ???
4) Graduation
Or something that will overwrite the default CD .iso image in the device (the one that is mounted when you plug the phone on the pc) and make a modified version of that with something evil that will jump on the pc.
jk... so is it going to be some app or PoC or a paper explaining potentials of exploiting from/to Android (like Zimperium - Anti / Faceniff / Droidsheep)?
I made a malware-related graduation paper many years ago...
Click to expand...
Click to collapse
oh, guy, i just want to do some security research on mobile phone,and i don't want to attack others, i am a student who love researching information security.Forgive my poor english
This is the kind of thing you need to learn about yourself. Knowledge is a dangerous thing, and those who know how to exploit Android aren't about to share that kind of knowledge here unless it is clearly as a part of how to PREVENT such exploits.
lotherius said:
This is the kind of thing you need to learn about yourself. Knowledge is a dangerous thing, and those who know how to exploit Android aren't about to share that kind of knowledge here unless it is clearly as a part of how to PREVENT such exploits.
Click to expand...
Click to collapse
thanks, my friend, i am also realize that it is a long way to study android,and i will do my best,thank you again
I would recommend start learning reversing android malware, As you progress you will know the tricks of the trade and you can write your own stuff.
I been doing some reversing for a while as part of my job, A simple idea would be to write a small piece of code which sends sms to preminum rate numbers with out users knowlege (there are loads of them already doing it)etc..Start with simple ones which does not have support for command and Control center (C&C).
Read more about exsiting malwares which are around and i am sure you can prototype the one you wish to start with.
Random off the top of my head something I'd probably consider playing with someday:
if running on rooted device: install a system app and whatever is necessary, to then attempt overclocking the CPU enough to make the device go ape . 5Ghz Optimus One anyone?
Sent from my Transformer TF101 using Tapatalk
I just received an update notification for 'Google Play'. Being the cynical type, these type of changes make me suspicious. Oddly enough, a quick search throughout XDA and the internet seems to show that people's only objections to this change revolve mainly (perhaps only ) around the name change. Most don't like the way it sounds, the icons, theme integration, etc.
I find it odd that I can find no mention of Google's probable intent in this matter beyond marketing and 'unification' of Google services. I find it beyond coincidence that Google, just a week or two ago, started sending out notification of changes to their privacy policy.
More than that, I find it odd that no one suspects that there is more behind this than a simple rebranding. After all, Google is a corporate monster whose CEO has clearly and unequivocally stated that privacy of the individual is not only of no concern, but that violation of such privacy should be a given!
A quick look at some of Eric Scmidt's public statements leaves no doubt:
http://www.stateofsearch.com/top-15-of-eric-schmidts-remarkable-quotes/
http://www.seobook.com/eric-schmidt-quotes
http://www.huffingtonpost.com/2010/11/04/google-ceo-eric-schmidt-privacy_n_776924.html#s170420
No doubt at all in my mind. After all, to the contrary of what many may think, Google is not free. Google makes money (and lots of it) by collecting and selling our personal data.
I'm not sure, however, what can be done about it, other than to either root and lock down one's phone as much as is possible, whilst still retaining as much as possible of the functionality desired. One sure way is to give up my smartphone. The former is an ongoing practice here. The latter? I'm not ready for that (yet).
But does no one really see a day when smartphone tech will be used to track and control everything we do? Are we not anticipating that Government will see the value of this data collection technology and use it to their own ends, good or bad?
Another example:
http://bits.blogs.nytimes.com/2012/03/01/android-photos/
Our personal data is already being mined and profited from by untrustworthy entities, but at least they only seek profit. How long can we expect profit to be the only driving force?
Paranoid? Maybe. But remember the old saying: "It's not paranoia if they really are out to get you...". To my way of thinking, if they aren't now, they soon will be.
The solution is to crate a separate system. Like diaspora. An separate market, mabe an XDA-Market. I was searching the xda app on the market, yesterday it was there, today not but only the premium. This "update" is not normal, updates are here only for fix and repair from my point of view.
Yep is odd.
Let's create an indipendent system for freedom and liberty, open sorce to improve and sharing ideas.
No country restriction. One world, one nation, one free net global wide.
Peace
Sent from my LG-P500 using XDA
As you have indirectly pointed out, one can no longer get into the Android apps market unless you agree to accept whatever Google's legal terms are for their 'Play' and 'Books' services. But I don't intend ever to use these.
I wonder how applications developers feel about this.
Google really is getting beyond the pale, presumably introducing this change on a day when they hope that attention will be focussed on whatever Apple are up to. I shall now be looking for alternate market places. A real nuisance for me as I have a new phone and had intended installing my standard set of add ons.
I think it's a nice idea to keep similir Google's apps under the same brand so it's easier to identify and ,for them , easier to put in market.
If you ever needed evidence that this makes sense then you only need to know the conversation I had with a work colleague today.
..stuff that lead up to this conversation...
Me: Yeah, the Android Market is now called Google Play Shop
Them: Really? Why have they called it that?
Me: Because Android is made by Google.
Them: Oh, I didn't know that!
Seems that Android is known as a brand of its own. I just assumed everyone (or most people) knew that.
I also think that "market" gives a bad connotation comparing to play store
Yes
Re-branding to compete, yes...
I hate it.
Sent from my Nexus S using xda premium
privacy ...
What do you think about this statement ? (in Google Play Terms of Service)
2.4 From time to time, Google may discover a Product on Google Play that violates the Developer Distribution Agreement or other legal agreements, laws, regulations or policies. You agree that in such an instance Google retains the right to remotely remove those applications from your Device at its sole discretion.
So, if i understand right, Google have the right to delete things in my phone ??? C`mon ... isn`t this weird ??? Google Play mean that Google can play with our phone`s content ???
joyradu said:
What do you think about this statement ? (in Google Play Terms of Service)
2.4 From time to time, Google may discover a Product on Google Play that violates the Developer Distribution Agreement or other legal agreements, laws, regulations or policies. You agree that in such an instance Google retains the right to remotely remove those applications from your Device at its sole discretion.
So, if i understand right, Google have the right to delete things in my phone ??? C`mon ... isn`t this weird ??? Google Play mean that Google can play with our phone`s content ???
Click to expand...
Click to collapse
Didn't google retain this right with the market way before this change?
Sent from my ADR6425LVW using xda premium
Google Play
CharliesTheMan said:
Didn't google retain this right with the market way before this change?
Sent from my ADR6425LVW using xda premium
Click to expand...
Click to collapse
Did it ? I admit i don`t remember, it was a stock-app and if there was a question about my agreement first time when I used market - well i didn`t read it because i was sure the stock-apps can`t be sooo ... malicious ?
Maybe is not the best word but how would one describe an app wich is able to delete his phone content without his permission ?
joyradu said:
Did it ? I admit i don`t remember, it was a stock-app and if there was a question about my agreement first time when I used market - well i didn`t read it because i was sure the stock-apps can`t be sooo ... malicious ?
Maybe is not the best word but how would one describe an app wich is able to delete his phone content without his permission ?
Click to expand...
Click to collapse
It's in Google's best interests to be able to do this. They're most likely only getting you to agree to it so that when you download that malware app that starts sending text messages to premium rate numbers, they can remote uninstall it when they find out. It's of benefit to both parties.
Wow - I'm normally really cynical!
It would still be nice to have the choice to decide if you want that done.
-------------------------------------
Sent via the XDA Tapatalk App
http://forum.xda-developers.com/showthread.php?t=1533775
I've noticed sometime last year that local news apps developed by LSN Inc. requires hardware control of the phone camera. I suspect those apps actually snap pictures every time the app is opened.
Can the experts here help me validate this suspicion? Is there a way you can inspect for malicious codes in those apps?
Why suspicious?
sp_1st_timer said:
I've noticed sometime last year that local news apps developed by LSN Inc. requires hardware control of the phone camera. I suspect those apps actually snap pictures every time the app is opened.
Can the experts here help me validate this suspicion? Is there a way you can inspect for malicious codes in those apps?
Click to expand...
Click to collapse
Permission to use the camera is explicity requested. It probably supports a feature for the user to send pictures/videos back to the news station.
LSN Mobile has a legitimate looking website, including names of the officers
http://www.lsnmobile.com/about_us/our_team.html
... as well names/numbers/email for key contact personnel and physical address of the business:
http://www.lsnmobile.com/contact_us.html
Can I ask what makes you suspicious about these Apps?
Not sure if I should post a paranoid parrot meme, or a conspiracy keanu meme.
First, I can't find in the apps where a user can actually use the camera feature. And when opening the apps, it gives a completely black screen for several seconds before getting to the main interface. It makes me think it snaps an image during the black screen delay.
Why require permission to access the camera when there is no user accessible feature that requires it?
To GermainZ - I have seen you on the Tasker forum and always considered you a knowledgeable and helpful guy. Give this guy a break - he's just asking a question.
sp_1st_timer said:
First, I can't find in the apps where a user can actually use the camera feature. And when opening the apps, it gives a completely black screen for several seconds before getting to the main interface. It makes me think it snaps an image during the black screen delay.
Why require permission to access the camera when there is no user accessible feature that requires it?
Click to expand...
Click to collapse
The software from LSN gets a clean bill of health from mobilesecurity.com
http://appview.mobilesecurity.com/search?q=LSN
I downloaded the Local TV station LSN program to check it out, and I agree with you there is no accessible feature within the software to use the camera within the program that I looked at. Perhaps a capability for users to send pictures/videos is left over from a previous version or reserved for a future version. Perhaps it is a feature built into the general program that needs to be activated by the specific local TV station. At any rate, given the very wide use of this software by a seemingly-legitimate company, I personally wouldn't have a high level of concern about it. Also,perhaps it will help you to know that it can only take pictures when the program is running, not all the time.
There is a feature in the program where you can contact the developer... you might want to try that out to see if they have an explanation that satisfies you (and post any results back here if you do). There is certainly nothing wrong with a cautious and questioning attitude when it comes to permissions.
These posts make my day.
Sent from my cm_tenderloin using xda app-developers app
Electric Pete,
Thanks for not ridiculing my question. Yes, I presume it could only take pictures when the app is on. The are people who likes reading the news or checking the weather forecast while in the bathroom or as they come out of the bathroom. It's up to your imagination.
I'm not sure they would care to answer my question, because when I pointed this out in my user review of the app, my review is made invisible to the public. I actually waited for several days to see if my review would eventually become visible, but never. My reviews on other apps are visible.
If they are not guilty, they should not suppress my "wrong suspicion".
If the review you mentioned is on Google Play, I don't think the developer has any capability to supress that. Google runs the show there.
I do see your point about privacy. Reading the permissions and questioning the ones that don't make sense is good practice in my opinion.
electricpete1 said:
If the review you mentioned is on Google Play, I don't think the developer has any capability to supress that. Google runs the show there...
Click to expand...
Click to collapse
That is interesting. Why would Google suppress my review which can be considered laughable (as indicated by some reactions in this thread).
Anyways, thank you for giving time replying to this thread. If only I got the knowledge to inspect program codes of these apps...
By the way, the local news here where I live switched to different app provider. They listened to my concern.
Bottom line is, you could decompile the apk, edit the manifest and remove the camera permission (you could also check the output; or try a tool that decompiles an apk to java code, which will be much clearer, but it's still in beta if I'm not mistaken).
Monitoring the logcat/using the "ps" shell command might also reveal something useful, but I'm not if taking pics within an app starts a separate camera process ps would show.
Also, the logcat probably won't show anything useful, tho (the same thing applies; and if the app is malicious, it won't output anything malicious-related to the logcat).
Still think it's paranoid, tho. Why not contact the devs?