[D.Vader]

I bought and paid for a FlashLight app a while back. Deleted it because it required access to my personal information and connectivity.

Now StormSlider Paid edition wants the same thing. I don't want to waste my battery power sending my personal information to these software vendors when I have PAID for my application. I can understand this crap with free apps.

Is this just the way it is for Apps? Because if that is the case Apps are a freaking scam!

[D.Vader]

Yep BerrySlider won't even work at all without access to the email. WTF? Are Apple and Droid apps like this? Honestly this would be a case for me switching phones. I shouldn't have to give up my privacy when I pay for an application.

This might be the reason my Torch's batter life sucks. All my apps are out the sharing my contact info, photos, videos. Read the security info, when you Allow all, that app has access to EVERYTHING. From that text to grand ma, to those boobie pics you may have.

[phonejunky]

To buy any app in the App store all of your credit card information, and email address must be provided when setting up the iPhone anyway.

[D.Vader]

Email address is one thing... BB Apps want access to your entire phonebook, all your texts, videos, photos, your GPS location. You have no privacy basically just because you elected to use an application.

This is unacceptable for PAID applications to me.

Now that StormSlider has access to that, I am getting the hourglass more often and my transmit receive icon is more active without anything being sent or received by me.

Anyone else notice this or even care?

Well iPhone doesn't even give you this granularity of settings. Either you allow the app or deny it. So I imagine Apple probably has this built in for their own purposes.

[MobileMadness002]

Personally, I dont care. But thats just me.

[SCrid2000]

I kinda doubt that's happening, I'm pretty sure it'd be illegal.

[je61]

How do I prevent this! I was unaware this even happened

Posted from my CrackBerry at wapforums.crackberry.com

[Shao128]

The only real way to protect yourself is to deny permissions that an app is requesting that you are not comfortable giving it. It might break something in the application though if it requires certain access. You can also research an app before purchasing it. The majority of apps are safe in this aspect but there are a few sour apples in the group.

The OP referenced a flashlight app in his first post. There is a known developer (I wont say his name or which flashlight app, but if you search the forums you can find it) that once you installed the app you would be signed up to his mailing list. He's shady to begin with but if you find apps doing this post about them like the OP has.

[ba_hamilton]

Are you double dog sure about Stormslider doing that? When I installed the newest version 5.5 it did not require any of that information from me. There are no settings in Stormslider that require access to your email contacts. After all, it is only a lock screen app.

If I am wrong I will be soon be corrected.

[D.Vader]

Are you double dog sure about Stormslider doing that? When I installed the newest version 5.5 it did not require any of that information from me. There are no settings in Stormslider that require access to your email contacts. After all, it is only a lock screen app.

If I am wrong I will be soon be corrected.

When StormSlider is set to not have access to contacts or your connection it will not work on my BB Torch 9800.

[D.Vader]

It doesn't look like I am being crazy either...


The following article is about Android, but they are all apps made by similar developers targeting similar demographics. This would also explain why Apps are so cheap really. When you consider the functionality of Apps for a phone vs. a PC there isn't that much different for many of them. A PC you pay a much higher price, because there is no "back-end money" for them.

Android Apps Disclose More Than Users Know -- Google Android Apps -- InformationWeek


Android Apps Disclose More Than Users Know

Half of applications studied share location information and unique identifiers with advertisers, many without disclosing this to users.

By Mathew J. Schwartz InformationWeek September 30, 2010 01:29 PM

Is your Android App quietly phoning home?

In fact, half of studied Android applications share location information and unique identifiers with advertisers or servers, oftentimes without disclosing this to users, according to a study

of 30 Android apps conducted by researchers from Duke University, Intel Labs, and Pennsylvania State University. Their research is due to be presented at next week's 9th USENIX Symposium on Operating Systems Design and Implementation in Vancouver, British Columbia.

The researchers made their discoveries after building a software application, TaintDroid, designed to track how different Android applications actually handle data and unique identification information. "Using TaintDroid to monitor the behavior of 30 popular third-party Android applications, we found 68 instances of potential misuse of users' private information across 20 applications," they said.

Note that this wasn't a random sample of applications, but rather the researchers starting with the 50 most popular applications in each of 22 Android Market categories, and culling that list to just the ones which require Internet permission, together with permission to access location, camera, or audio data, which worked out to about a third of all applications. From there, the researcher randomly selected "30 popular applications" across 12 categories, then tested them.

From an advertising standpoint, they found that "half of the studied applications share location data with advertisement servers." Of these, only two offered an end-user licensing agreement, but neither indicated that they were collecting data. Furthermore, "approximately one third of the applications expose the device ID, sometimes with the phone number and the SIM card serial number."

In summary, said the researchers, "Android's coarse-grained access control provides insufficient protection against third-party applications seeking to collect sensitive data."

Responding to the report's findings, a Google spokesperson said: "In all computing devices, desktop or mobile, users necessarily entrust at least some of their information to the developer of the application. Android has taken steps to inform users of this trust relationship and to limit the amount of trust a user must grant to any given application developer. We also provide developers with best practices about how to handle user data."

As those best practices

note, "application developers are ultimately responsible for how they handle users' information." In particular, Google recommends they maintain a privacy policy, minimize required permissions, give users a choice about what data gets shared, not collect unnecessary information, and not send any data off of the device.

In short, caveat emptor. "We consistently advise users to only install apps they trust," said the Google spokesperson.

Continuous data protection used to be a pipe dream for most outside the financial world because of sky-high cost and complexity. That's changing, creating new options for businesses that require different thinking about disaster recovery. Download our report here (registration required).