Is it really that easy to post fake apps on Google play?
You would think they have some kind of filtering system to avoid this...
Posted via CB10
Printable View
Is it really that easy to post fake apps on Google play?
You would think they have some kind of filtering system to avoid this...
Posted via CB10
It's worse than just fake apps. Look at what they request (yes, this is a REAL fake BBM app trying to get this, and no, I wasn't dumb enough to say "Yes")
You approve this and your device and anything it can get to is instantly "owned".
THIS is what Android and Google allows and BlackBerry, if they had an ounce of balls in the corporate suite, would be all over this instantly.
Remember all the pirated Android apps in Blackberry World? Companies can either have a strictly regulated app store where each app is tested a la Apple or you can be like Google and allow all but the obviously malicious apps which is a similar route that Blackberry has taken. Like Instagram, it's somehow because easier for Google or they're more motivated to filter out fake apps once an official one is posted.
So it's not obviously malicious when an app is sent in that wants those permissions? Those, by the way, are in the manifest and thus trivially discoverable on an automated basis.
Google Play has a lot of trouble with fake/malicious apps.
Most of their app submission testing is automated, but as tickerguy wrote, automated testing can certainly ascertain when an app requests "excessive" permissions.
That said, a lot of these IM apps do in fact ask for tons of system permissions, which is one reason why I am skeptical of a lot of them because I do not trust most developers to be fully responsible in how they use that access. (Case in point: WhatsApp)
What makes things worse on Android is all you get is a list of permissions an app wants - your only choice is to completely accept ALL of them, or not install the app at all. (Same thing if you install an Android app on BlackBerry 10)
Whereas for BlackBerry native apps (either legacy BBOS or BB10) you can generally selectively deny permissions for a specific app, which is one of the best things about the platform as far as I'm concerned.
One of the worst problems is that "modern" Android versions (e.g. ICS, etc) separate the "mundane" permissions from the ones that you would want to think long and hard about, and the latter are under a tab you have to click to see them.
That's REALLY bad and in this case ruinously so.
Beyond the fact that BB10 lets you shut off things there's this wild difference in what's asked for -- this is what Facebook wants on BB10.
Contrast with what it wants on Android....
Bad? Undoubtedly.
But why would you install an app that asks for unseemly permissions?
You have some points, but bar then on some very flawed foundations.
Does the Facebook Android app have the same functionality as the BB app?
Go ahead. Check.
Most legitimate developers in the play store seem to have adopted the practice of specifically explaining why they are requesting each permission. The issue is that not many people stop to read the fine print (well, not many read anything at all, but that's another story).
So, basically Google hands over the security and privacy buck on to the developers and consumers.
Posted via CB10
Android 4.3 fixes the permissions issue. Finally.
If an IM app is going to be allowed to search through your contacts for friends/buddies, etc, then it needs access to contacts. If it's going to be able to send photos, videos, and so on, it needs file access. I think Google Play's "problem" is its Wild West approach to apps, which more or less reproduces the situation for PC software. A PC user can go to whatever site and download and install software. In doing so, he takes risks. Those risks can be reduced, but not eliminated, by the use of malware checkers and similar tools. These tools exist because the Internet in general is not policed.
Google Play is not quite as open as that, but it's close. Their policy appears to be more reactive than proactive. That is, if an app is reported to them as malware or violating copyright or trademark, they take it down, but they don't make much effort, if any, to prevent them from appearing in the first place. This used to be the approach taken to copyrighted music on YouTube, until litigation forced them to be more proactive. Then again, music copyright infringement is somewhat clearer than "malware", as a concept. Many bogus apps on Google Play are mere prank apps that do no harm. The bogus BBM apps may fall into this category, although not having tried any I really can't say for sure.
I think BlackBerry has learned that they need to put in their due diligence to protect their brand by watching what shows up in Google Play. They should have been doing this months or years ago, really, even before they had any plans to put BBM in there. It does them no good to let anybody else use their logo or name in a misleading way.
True fact, and I GUARANTEE you that Google does the UI design like that intentionally.
Probably mostly due to the fact that the Facebook app for BB10 was written by BlackBerry Limited. ;)
Actually that may be the practice of the very small percentage of apps there that happen to be high-profile, well-reviewed, popular apps which are A) under much more scrutiny than most other apps in that store and B) have the revenue and thus developmental resources to work on such "cosmetic niceties".
But I GUARANTEE you that the VAST majority of apps on Google Play do NOT make such nice explanations. And we still have the sneaky installer UI design that tickerguy mentioned to contend with, among other things.
Agreed on all of the above.
Unfortunately BlackBerry's ability to do such policing, even if they "get" the importance of it, is constrained by the same things that constrain them in every other area, that being basically not enough resources to bring to bear on the problem. And this will only get drastically worse after their alleged plan to layoff nearly half of their remaining workforce, after already severely cutting their staff over the last couple of years.