- As a new BB user I was surprised to see a lot of apps ask me to leave my phone wide open to tracking (and what else?) "Quick pull 5.0.2" which I downloaded for free seems to need a lot of information about me just to reboot my phone.
From The Wall Street Journal:
December 18, 2010
Your Apps Are Watching You
The results of an investigation of smartphones are disturbing.
By Scott Thurm and Yukari Iwatani Kane
Few devices know more personal details about people than the smartphones in their pockets: phone numbers, current location, often the owner's real name—even a unique ID number that can never be changed or turned off.
These phones don't keep secrets. They are sharing this personal data widely and regularly, a Wall Street Journal investigation has found.
An examination of 101 popular smartphone "apps"—games and other software applications for iPhone and Android phones—showed that 56 transmitted the phone's unique device ID to other companies without users' awareness or consent. Forty-seven apps transmitted the phone's location in some way. Five sent age, gender and other personal details to outsiders.
The findings reveal the intrusive effort by online-tracking companies to gather personal data about people in order to flesh out detailed dossiers on them.
Among the apps tested, the iPhone apps transmitted more data than the apps on phones using Google Inc.'s Android operating system. Because of the test's size, it's not known if the pattern holds among the hundreds of thousands of apps available.
Apps sharing the most information included TextPlus 4, a popular iPhone app for text messaging. It sent the phone's unique ID number to eight ad companies and the phone's zip code, along with the user's age and gender, to two of them.
Both the Android and iPhone versions of Pandora, a popular music app, sent age, gender, location and phone identifiers to various ad networks. iPhone and Android versions of a game called Paper Toss—players try to throw paper wads into a trash can—each sent the phone's ID number to at least five ad companies. Grindr, an iPhone app for meeting gay men, sent gender, location and phone ID to three ad companies.
"In the world of mobile, there is no anonymity," says Michael Becker of the Mobile Marketing Association, an industry trade group. A cellphone is "always with us. It's always on."
Alt, shift, Del works faster anyway.
OK, start flaming the newbieLast edited by BB 4 me; 12-19-10 at 01:24 AM.
12-19-10 12:57 AMLike 0 - No flaming from me. This is a perfect example of apps whoring themselves out to ad companies for more money. Everyone wants as much money as they can get now. Ad revenue in apps is a big plus for devs with no ethical regard.
Posted from my CrackBerry at wapforums.crackberry.com12-19-10 01:17 AMLike 0 - amazinglygracelessRetired ModI'm going to play Devils' Advocate here. I don't think the ethics of any developer needs to be called into question and I fully support their, what was the indelicate term, "whoring" themselves out.
Why. Because for as hard as many of these developers work to bring a good app to market there are tons of equally unethical individuals and websites that have no compunction about circumventing the developers legitimate costs.
For every app a developer ACTUALLY sells I would hazard that 20 or more copies are pirated. How many threads have the Mod team shut down for posting warez, keygens, piracy sites etc. And that's just this one site. Across the web it is exponentionally worse
If more people BOUGHT the apps they find useful maybe developers would not be so quick to try finding other revenue. I say more power to them.pantlesspenguin and syb0rg like this.12-19-10 03:54 AMLike 2 - I'm going to play Devils' Advocate here. I don't think the ethics of any developer needs to be called into question and I fully support their, what was the indelicate term, "whoring" themselves out.
Why. Because for as hard as many of these developers work to bring a good app to market there are tons of equally unethical individuals and websites that have no compunction about circumventing the developers legitimate costs.
For every app a developer ACTUALLY sells I would hazard that 20 or more copies are pirated. How many threads have the Mod team shut down for posting warez, keygens, piracy sites etc. And that's just this one site. Across the web it is exponentionally worse
If more people BOUGHT the apps they find useful maybe developers would not be so quick to try finding other revenue. I say more power to them.
Also, you can implement ads in an app without phishing the person's phone for other info and sending that as well. What I find amuzing is that RIM prides themselves on a secure application layer, but what good is that if an app is written to have ALL ALLOW or it won't work, even if it doesn't requite ALL ALLOW for it to do what it's intended to do. Once those permissions are set, there's nothing keeping an app from stealing info.
For example, if an app is needed to add info to contacts as you select text, it would need full control of your contacts. Once that's done, there's nothing keeping it from reading and sending all your contacts info to a 3rd party. Mobile OSs (Blackberry included) need much better security control then they have now. It's a joke.12-19-10 11:07 AMLike 0 - Reed McLayRetired ModeratorI goofed them all up and I have no idea what the default even is/was anymore.
Just checked one of my important Apps, All permissions are set wide open. Do I trust them enough to see my Contacts and messages?
Things that make you go Humm.
Posted from my CrackBerry at wapforums.crackberry.com12-19-10 12:09 PMLike 0 - Reed McLayRetired ModeratorOptions / Advanced Options / Applications. Select the Application, Menu / Edit Permissions. Make sure you expand each group.
Posted from my CrackBerry at wapforums.crackberry.com12-19-10 12:15 PMLike 2 - amazinglygracelessRetired Mod
personal sense of ethics and fair play although your cited developer is indeed
way over the top (personal opinion)
Again, I have absolutely no issue with a developer finding other revenue
streams when their apps, many of which are cheap, are pirated 8 ways to Sunday.
The security shortcomings I don't think I need to address as we have always been on
the same page in this area.12-19-10 12:27 PMLike 0 - My problem is, is that I don't understand all the settings/terminology to tell if it's important or not. For instance, Input Simulation, User Data (is the user me or them), Security Timer Reset, Display Information while Locked (again is this them being able to see my screen or what?). So I guess a person could just deny every app and spend time testing each one. Also some of my RIM core stuff have permissions.
Last edited by diffused; 12-19-10 at 12:31 PM.
12-19-10 12:27 PMLike 0 - Do you happen to know the specific 'permissions' setting to protect the UDID information? Thank you in advance.12-19-10 12:29 PMLike 0
- Reed McLayRetired ModeratorI just noticed, there is a function to edit Default Permissions. That explains why I have granted universal Allow.
Posted from my CrackBerry at wapforums.crackberry.com12-19-10 01:43 PMLike 0 - As a new user It's much easier to screen my apps to see if they will still work with permissions restricted as I only have a few. The ones I have deleted are sometimes challenging to uninstall though.
-Are there any good tutorials that will detail how we can help protect our privacy?
-The choices of how we set "connections, Interactions, User data" should be more specific than "Allow, Custom, Deny" . What about "custom" interactions? Is there a way to see what these settings are and what the effects are?
-Are there any app developers out there making app's that we can use to control our information?
Many thanks to all the knowledgable users on this site! What a great resource!!12-19-10 04:07 PMLike 0 - I'm going to play Devils' Advocate here. I don't think the ethics of any developer needs to be called into question and I fully support their, what was the indelicate term, "whoring" themselves out.
Why. Because for as hard as many of these developers work to bring a good app to market there are tons of equally unethical individuals and websites that have no compunction about circumventing the developers legitimate costs.
For every app a developer ACTUALLY sells I would hazard that 20 or more copies are pirated. How many threads have the Mod team shut down for posting warez, keygens, piracy sites etc. And that's just this one site. Across the web it is exponentionally worse
If more people BOUGHT the apps they find useful maybe developers would not be so quick to try finding other revenue. I say more power to them.
But essentially this hurts / punishes users who purchase an app, with some sort of expectation to privacy, yet find their info being distributed just the same as one who pirates the same software?
It comes down to the developer, vs the user. If the developer is pushing out shady apps, strike them down / dont support the developer. If a user pirates an app, same deal, strike em down. Dont lump everyone in together, and allow the excuse of recouping losses due to pirates, in order to breach privacy of all users.
Maybe the system needs a change, in that developers should be required to have a section explaining what preferences/requirements have to be set to allow, and the reasoning behind it. Then users can make a more informed decision to purchase and support developers who put that time and effort into full disclosure (a pain in the arse for them I am sure). That would focus my purchase habits to developers that go the extra mile in distinguishing themselves further from a more shifty J-Co like situation.12-19-10 06:04 PMLike 0 -
The big issue with BB is that their permissions are not similar to file system permissions. They have Allow/Deny/Prompt, but nothing more defining like "Read, Write, Modify, Allow to Transmit, Deny Transmit, etc." It would be super nice if RIM would rewrite their permissions settings when thy move to QNX. This BS about Allow/Deny/Prompt to the different databases is kindergarden. They need more refined permission control.
For example, an app that takes pics like a barcode scanner should be controlled to keep GPS data from being tagged to the pic or to whom it tries to send the data. A while ago, I had installed a specific OS version for the Storm that had very detailed network connectivity permissions. It would ask if Weatherbug could connect to a specific server for ads, etc. If you denied that permissions, the app would work, but the ads would not, which was great control. Then the next OS version removed this control for some silly reason. Since then, I haven't seen this type of control. Also, without wiping the application permission database entirely, you cannot go in and edit/see what the settings are for each specific app... ragardless of the screen you're seeing when you go to edit the app permissions. It also seems that when an app is uninstalled, the permissions set for it are NOT removed from the app permission database. When reinstalled (if the version doesn't change), the app picks up the same old permissions you had set on it before the uninstall.
I'm very surprised that no one's seeing this sort of behavior or that Blackberry is still being security certified with these glaring issues...12-19-10 08:50 PMLike 0 - The big issue with BB is that their permissions are not similar to file system permissions. They have Allow/Deny/Prompt, but nothing more defining like "Read, Write, Modify, Allow to Transmit, Deny Transmit, etc." It would be super nice if RIM would rewrite their permissions settings when thy move to QNX. This BS about Allow/Deny/Prompt to the different databases is kindergarden. They need more refined permission control.
Maybe if more people beef about this issue they will do something about it. I'm sure the people at RIM read Crackberry Forums (this means YOU!)
Then the next OS version removed this control for some silly reason. Since then, I haven't seen this type of control. Also, without wiping the application permission database entirely, you cannot go in and edit/see what the settings are for each specific app... ragardless of the screen you're seeing when you go to edit the app permissions. It also seems that when an app is uninstalled, the permissions set for it are NOT removed from the app permission database. When reinstalled (if the version doesn't change), the app picks up the same old permissions you had set on it before the uninstall.
NICE! Perhaps there is a lobby group that gets RIM in line with the data harvest. I'm sure there is a lot of money on the line
I'm very surprised that no one's seeing this sort of behavior or that Blackberry is still being security certified with these glaring issues...12-20-10 12:42 AMLike 0 - Well, what do you know, I open the paper(daily mail) to find an article about this but only referring to iphone, worst seems to be shazam app that comes preinstalled. Out of 101 apps tested, 47 sent the phone's location and 5 sent age, gender and other personal information and apparently users have no way of stopping the tracking.
Posted from my CrackBerry at wapforums.crackberry.com12-20-10 04:07 AMLike 0 - avt123O.G.Well, what do you know, I open the paper(daily mail) to find an article about this but only referring to iphone, worst seems to be shazam app that comes preinstalled. Out of 101 apps tested, 47 sent the phone's location and 5 sent age, gender and other personal information and apparently users have no way of stopping the tracking.
Posted from my CrackBerry at wapforums.crackberry.com12-20-10 04:18 AMLike 0 -
Posted from my CrackBerry at wapforums.crackberry.com12-20-10 04:23 AMLike 0 - It would be nice if someone out there that has a clue or maybe even the crack berry team would take a deeper look into this and let us no what we should be allowing and what we should not be allowing I think this will help us all deter main which apps should go or stay and what to better look out for in the future or maybe come up with a list off safe apps that users can look into this would help a lot
Posted from my CrackBerry at wapforums.crackberry.com12-20-10 07:34 AMLike 0
- Forum
- BlackBerry OS Phone Forums
- BlackBerry OS Apps
Your Apps Are Watching You
« possible to use google/gmail (google apps for business) as outlook exchange setup?
|
Tether speeds with the Tether app »
LINK TO POST COPIED TO CLIPBOARD