Monday, September 12, 2011

Check out those permissions!

Both Battery Notifier Pro BT and Battery Notifier BT Free ask for and contain only two permissions. One is to start itself when your phone boots, and the other to be able to controls the vibration on your phone for the alarms.

UPDATE 3/31/14 :
Both of our apps now require three permissions.
To find out why, see: New permission added

A recent article I came across got my attention. It seems the bad guys have discovered the Android market and the number of people who now have Android on their phones. Significant Increase in Android Malware

This is not meant to tell you to download and install some sort of anti-virus on your phone or tablet if you have not done so yet. Although, it wouldn't be a bad idea.

But be sure to check out those permissions! Having annoying ads is one thing. You might even be willing to let the creator of the app know who you are and to have your mobile phone number in exchange for the app being free. But when an app asks to be able to see all the contacts on my phone, and asks for permission to be able to dial from my phone when the app is a game? I don't think so. But just because a battery app or any other app is FREE, it seems some people are willing to give developers access to almost anything on their phones.

Now I know I'm going to get in trouble with all the people who love Talking Tom Cat, but the latest release of Talking Tom Cat 2 (both the free and 99 cent versions) has this permission (not in the first version) which I guess no one seems to mind. "discover known accounts, use the authentication credentials of an account". Excuse me? Use the authentication credentials of accounts found on my phone? Maybe the app just wants to "Record videos of Tom and share them on YouTube, Facebook or send them by email or MMS", and knowing your Facebook or YouTube password is just to make life easier for you when you want to send videos of Tom. But maybe not. And the first Talking Tom Cat app certainly was successful without this permission. Why does the second one need it?

Is it wise to let ANY app use the authentication credentials of any account it just happens to discover on your phone?

Check out those permissions! And don't give away your privacy rights just so you can share with your friends a video where an animated cat farts.

UPDATE - 12/30/2011:
It seems since I last checked the developers of "Talking Tom Cat 2" have removed the permission to "discover known accounts, use the authentication credentials of an account". However, they would like you to read this agreement to see if you agree with it before installing their app. Have fun reading!
END-USER LICENSE AGREEMENT FOR ANDROID

UPDATE - 2/25/2012:
Malware Slides Past The Bouncer, Uses Facebook As The Side Door