[kgwhat]

Was going to originally post this in the BB10 App forum but this has been bothering me since my Bold 9700. Why the f**k do apps ask for access to shared files??? See attachment

#1 this is the quickest way for me to delete your app
#2 YOU DONT NEED IT a freaking news reader app doesn't need access to any of the files on my phone.

I know ppl will be like "what do you have to hide???" And to those idiots I give you this analogy. If you hired a plumber to fix your kitchen sink (the only problem is located within the kitchen) would you allow the plumber to go through the drawers in your master bedroom??? No you wouldn't. It's time to put these app developers on notice like seriously. Had Whatsapp on my 9900 and was a naive fool. I saw all the permissions I was allowing them and deleted that ASAP, and won't be getting it for my Z10 when it comes out in March. Songza too asks for these ridiculous permissions which is why I deleted that app and went with Slacker. I'd rather listen to a 5sec ad then give them access to ALL of files on my phone, media card, and in the cloud.

#3 BBRY needs to recognize this and take action. They say that security is one of their pillars will then common sense should tell you that a f***ing streaming music app should not NEED those types of permissions to run. Yes they need to be friendly to devs etc. but BBRY also needs to have some balls and call out the BS. All these companies want is data and info to either sell or mine for future use. I cannot think of one app that would NEED access to your files to run. GPS ya, files, contacts etc. NO. Wake up ppl the more that this is allowed and shoulders are shrugged the further they will push. (really not trying to sound like a revolutionary) But this is common sense and BBRY should do something about it.

What BBRY HAS done with BB10 is made application permissions MUCH easier to understand and I applaud that. Really easy and simple to understand. But they can and should do more!

[raino]

Does Taptu allow you to save images to your phone? Maybe that's why it needs that access.

I'm with you on the whole permissions issue, though. What I really hope comes to BB10 is the OS remembering denied permissions and not asking for them again. Here's what I mean: on my current (non-BB10) phone, I have a battery app that asks for internet permissions. I've denied them. The app works just fine without it, but every time I launch the app/plug in my charger/reboot my phone, the app asks for the permissions again, and I have to deny them again. I realize that it's the apps that trigger the re-asking, but if the mechanism could somehow be suppressed at the OS level, that would be great.

[kgwhat]

Does Taptu allow you to save images to your phone? Maybe that's why it needs that access.

I'm with you on the whole permissions issue, though. What I really hope comes to BB10 is the OS remembering denied permissions and not asking for them again. Here's what I mean: on my current (non-BB10) phone, I have a battery app that asks for internet permissions. I've denied them. The app works just fine without it, but every time I launch the app/plug in my charger/reboot my phone, the app asks for the permissions again, and I have to deny them again. I realize that it's the apps that trigger the re-asking, but if the mechanism could somehow be suppressed at the OS level, that would be great.

OMFG that is soo annoying. They could at least start with that. But seems like we're in the minority. (1 response) But when someone finds their photo on some porn site, because some app developer sold the picture they got from an allowed permission.(Not as outlandish as it may seem). Don't say that the point was not raised. Wish that CB would take this on and at least explain it, because I think it's vital that people have their property protected. Which as stated earlier is a long hallmark of BBRY.

[mikeo007]

Instead of posting a somewhat illegible rant, why don't you try offering a solution to this "problem".

What would you have Blackberry do? Remove application permissions? Make them more granular? Give the user absolute finite control over everything the app accesses?

Throwing a tantrum is not going to be very productive, which is also why you feel like you're "in the minority".

[notfanboy]

What BBRY HAS done with BB10 is made application permissions MUCH easier to understand and I applaud that. Really easy and simple to understand. But they can and should do more!

It's too much to expect Blackberry to police the apps at this permission level. It'll take too much time and energy and it'll bottleneck the app approval process. Centralized control isn't scalable.

A better way is to have a market solution. If you feel that an app is abusing permissions, then don't buy it. Or review the app and mention that you're deducting stars because of it.

[kgwhat]

Instead of posting a somewhat illegible rant, why don't you try offering a solution to this "problem".

What would you have Blackberry do? Remove application permissions? Make them more granular? Give the user absolute finite control over everything the app accesses?

Throwing a tantrum is not going to be very productive, which is also why you feel like you're "in the minority".

Simple, suggested solution in OP. All they have to do is verify if the app permissions requested make sense. Location apps asking for location data or camera apps asking for camera use. If it doesn't make sense then it gets denied. The dev can resubmit with the OPTION to prevent unwanted access. If the user doesn't look at the permissions or allows the permissions will then that's on the user. SONGZA won't run (and was promptly deleted) if you don't give them access to ALL of your files. This makes no sense. They could easily allow the app to run without such permissions (like slacker).

[mikeo007]

Simple, suggested solution in OP. All they have to do is verify if the app permissions requested make sense. Location apps asking for location data or camera apps asking for camera use. If it doesn't make sense then it gets denied. The dev can resubmit with the OPTION to prevent unwanted access. If the user doesn't look at the permissions or allows the permissions will then that's on the user. SONGZA won't run (and was promptly deleted) if you don't give them access to ALL of your files. This makes no sense. They could easily allow the app to run without such permissions (like slacker).

Who's to decide what permissions "make sense"?

[kgwhat]

It's too much to expect Blackberry to police the apps at this permission level. It'll take too much time and energy and it'll bottleneck the app approval process. Centralized control isn't scalable.

A better way is to have a market solution. If you feel that an app is abusing permissions, then don't buy it. Or review the app and mention that you're deducting stars because of it.

That's another problem. Purchased a dictionary app on the 9900 and AFTER I paid, I found out what permissions were required. Long story short didn't use the app and it was money down the drain because #1 the app was asking for unnecessary permissions #2 Could not view in the product description which permissions would be required.

BBRY should at the VERY MINIMUM mandate that devs in the description of their app write out what permissions will be required, saving the user some data at the very least.

To the point of bottle necks, another solution would be to create an algorithm that would screen the app and it's permissions. No bottle neck there. I'm just trying to save the average Joe from getting phone calls telling them that they have won a cruise! The app companies mine data and sell it, this is a fact, for BBRY a company that prides itself on it's security they really need to step up to the plate on this one. We don't need to have debacles like what goes on in the Google Play store.

[kgwhat]

Who's to decide what permissions "make sense"?

Algorithm, very simple and for the geniuses that come out of Waterloo every year I'm sure it could be done, within a week.

[raino]

Simple, suggested solution in OP. All they have to do is verify if the app permissions requested make sense. Location apps asking for location data or camera apps asking for camera use.

It's not that simple. Case in point, look at your own screenshot. Look at everything the 'Shared Files' permission covers. What if you were to download a cloud+on-device music player which legitimately needs access to songs saved on your device/microSD card, but it was also secretly uploading images (sticking with your example)? Apparently you can't get any finer than 'Shared Files,' so the "approval algorithm" would probably ok the app too during the approval process. And since it's a cloud player too, you would be granting it internet permissions also.

[mikeo007]

Algorithm, very simple and for the geniuses that come out of Waterloo every year I'm sure it could be done, within a week.

Algorithms are still written by humans. They still need parameters. So someone still has to decide what permissions "make sense".

[kgwhat]

Well clearly it doesn't make sense that a music player app or a news reader app should require access to ALL of your files in order to operate. I would hope that a company that at every chance touts its security record can clearly recognize that is not kosher. I would also hope that said company would have employees smart enough to have a solution for this. Which I am sure they do. How about they start of with permissions required in the app description. Can they at least start at that?

[madx80h]

A better way is to have a market solution. If you feel that an app is abusing permissions, then don't buy it. Or review the app and mention that you're deducting stars because of it.

The problem is you don't know about the permission requirements until you've already paid for the app and goto install it.
So now you're out $4.99 because the Crossword puzzle you wanted to play wants access to your GPS, Device Info, Share Files, etc. etc. and refuses to install unless you grant it access.

Question though - does anyone know what exactly the Internet Access permission grants?
Like, can the application gather ANY information from the device? E-mail? Content from other apps? Browser history? Whatever? Or is it limited to what you do and input within the application itself?

[ubizmo]

Developers could, as a courtesy, state the reasons for asking for various permissions. Without knowing all the permission options that are available, I suppose it's possible that the "Shared Files" permission is given to any app that needs to read and write files on the device.

Many well-behaved apps need to read and write files. They may not need access to all files, but file access is an all-or-nothing thing. That is, any app that can read and write its own files can read and write any other files. There may simply be no permission setting that restricts an app to access to certain files and not others. If so, it's a matter of trust. If you don't trust the app/developer, don't install the app. In a system with cloud integration, "file access" would include device and cloud files.

Maybe an actual developer can tell us more.

[abass]

Developers could, as a courtesy, state the reasons for asking for various permissions. Without knowing all the permission options that are available, I suppose it's possible that the "Shared Files" permission is given to any app that needs to read and write files on the device.

Many well-behaved apps need to read and write files. They may not need access to all files, but file access is an all-or-nothing thing. That is, any app that can read and write its own files can read and write any other files. There may simply be no permission setting that restricts an app to access to certain files and not others. If so, it's a matter of trust. If you don't trust the app/developer, don't install the app. In a system with cloud integration, "file access" would include device and cloud files.

Maybe an actual developer can tell us more.

I am a developer, and I can tell you that there are a few things that bug me. At times, to get one feature working on a phone, you have to allow access to a few thing. E.g. Shared files is a general term for needing just one thing.. but there is NOTHING we can do about this.. it sucks.. So there is me as a developer who has to fight between what is the minimum amount of permissions to have checked for my app to run perfectly. It's a fight between functionality, and users complaining as we have so few options. There are although a few devs who get careless, but I, and my fellow dev friends try to make the minimum amount of permissions needed.

That being said, I'm sorry, but users are starting to bug me a bit at times.. Internet access is needed so we can open up a site within our app, and many other things.. pulling in feeds, etc. We aren't running around stealing your history or bookmarks, I don't think that's even possible.. We NEED it for our app to function.

Most apps have BBM connectivity, which EXPECIALLY if it's a BFB App, don't complain about it!! BlackBerry requires it be BBM connected if it's BFB, and they also RECOMMEND it as it apparently accounts for 10x as many app downloads if it's BBM connected, which if you have a free app that your are trying to spread, that's crucial. I have gotten 2-3 one star reviews out of the 7 other which are all 5 stars on my FREE app, complaining that I have BBM connected (Internet and BBM connection are my only two permissions). ALL BBM connection does is put it in your "Apps list" in your BBM profile, and allow you to post from it to BBM and update your status if you so choose so (clicking an option within the app, it does not automatically post anything you don't want WITHOUT you choosing to do so).

Do all of us devs a favor (keeping in mind that if we dev for this platform, it means that we are doing it instead of developing for other platforms, and EXPECIALLY if our app is FREE, you giving us 1 star and complaining is not going to help ANYTHING, it is just going to annoy is and make us wonder why we even took the time to dev, and what BB NEEDS is DEVS!) and please PLEASE send us a contact email asking us why we have a permission checked and why it is needed before running and complaining or leaving a 1 star review, because if we are a legitimate developer, we will be more than happy to explain.. I have just accepted that people are too picky.. noone seems to care at the amount of "Permissions" when developing for iPhone or Android, but with BlackBerry, people are so quick to judge that the dev is out to steal their information.. which is not true.

PS. You say that we could as a courtesy state why we need what permissions, but barely anyone reads the notes for an App before downloading it anyways, and putting that information in the app, people already judge the app and disallow the permissions/delete it before looking into the app for the reason.

Thank you for your time and hopefully you can understand our side of the issue.

Posted via CB10

[ubizmo]

At times, to get one feature working on a phone, you have to allow access to a few thing. E.g. Shared files is a general term for needing just one thing.. but there is NOTHING we can do about this.. it sucks.. So there is me as a developer who has to fight between what is the minimum amount of permissions to have checked for my app to run perfectly.

Yeah, this is what I suspected must be going on.

PS. You say that we could as a courtesy state why we need what permissions, but barely anyone reads the notes for an App before downloading it anyways, and putting that information in the app, people already judge the app and disallow the permissions/delete it before looking into the app for the reason.

You may be right about that; it was just a thought. Personally, I read everything in the app description before installing it, but I may be an outlier. Thanks for the clarification.

[ragdeiii03]

Just deny the permissions you don't want to allow....

Sent from my BlackBerry 9930 using Tapatalk

[abass]

Just deny the permissions you don't want to allow....

Sent from my BlackBerry 9930 using Tapatalk

But then it breaks the app, and they then go to leave a 1 star review saying the app won't load or is broken.. It's not as easy as "Just Deny Permissions" most of the time atleast.

Posted via CB10

[abass]

Yeah, this is what I suspected must be going on.



You may be right about that; it was just a thought. Personally, I read everything in the app description before installing it, but I may be an outlier. Thanks for the clarification.

You are definitely an exception to the rule then, but I'll consider it for the future of releases!

Posted via CB10