Facebook's Android App Can Now Retrieve Data About What Apps You Use 176
An anonymous reader writes "Facebook on Friday released its Android launcher called Home. The company also updated its Facebook app, adding in new permissions to allow it to collect data about the apps you are running. Facebook has set up Home to interface with the main Facebook app on Android to do all the work. In fact, the main Facebook app features all the required permissions letting the Home app meekly state: 'THIS APPLICATION REQUIRES NO SPECIAL PERMISSIONS TO RUN.'
As such, it’s the Facebook app that’s doing all the information collecting. It’s unclear, however, if it will do so even if Facebook Home is not installed. Facebook may simply be declaring all the permissions the Home launcher requires, meaning the app only starts collecting data if Home asks it to."
Bye bye Facebook (Score:5, Informative)
I expect Google to have pretty intimate integration into an Android phone. I signed on knowing that. From everything I read Facebook is now looking to pretty much take control of the phone OS, not by developing their own, but by hijacking large swaths of control from Android or the user.
Ultimately though one thing is making me stay away from this update, Facebook Home, and probably Facebook entirely on my phone: the Facebook app has been hands down the worst thing I've installed, and gets more useless with a very upgrade.
Use Tinfoil Instead (Score:5, Informative)
USE TINFOIL FOR FACEBOOK!!!
Seriously guys. It works pretty well, and it isn't as annoying as the Facebook app.
https://play.google.com/store/apps/details?id=com.danvelazco.fbwrapper&hl=en
Re:Big Android Problem (Score:5, Informative)
Re:Big Android Problem (Score:5, Informative)
As an app developer I would also like "negotiable" permissions.
I think a long list of permissions can be off-putting to users, and many permissions are needed only when the user actually tries to e.g. send an SMS from the app or take a picture. It would be better at that point to ask the user if they trust the app, much like the Android VpnService has to when it starts.
The other error is that some permissions are far too broad. For example, lots of apps require "Read phone state and identity" which gives the ability to learn not only the phone number, but also whether you are in a call and the number of the other party. Similarly there's a permission to read the phone book. A number of these apps simply want a unique ID for licencing purposes (the IMEI can be used where available, and the phone book gives the google account) but end up with a whole lot more and look a bit suspect.
The ID thing is discussed at http://android-developers.blogspot.co.uk/2011/03/identifying-app-installations.html, but the conclusion is poor, suggesting use of ANDROID_ID, but then still needing to jump through hoops for legacy devices. With about 40% of devices at API level 10 (http://developer.android.com/about/dashboards/index.html) this still gives developers a headache.
Google is in on it (Score:3, Informative)
They keep releasing new versions that prevent people (who own their phones) from rooting them to
1) block ads ( from their Google Play store) [zdnet.com]
2) prevent you from using apps to control permissions (like LBE Privacy Guard that now reboots your phone in an endless loop [androidforums.com])
With all the time and effort put into their OS, why have they not allowed users to control permissions on apps in any way, shape, or form? Why? Because they are marketing companies that also sell your data to other companies (including all the top mobile carriers). They make deals with these companies and propagate the problem - turning smart phones into a privacy nightmare. And it's not like the iPhone is any better.
Until people take a stand (and stop being a bunch of apathetic consumers), it's not going to change. People allow themselves to be taken advantage of. It's sad. Most don't even care. They'll happily give Facebook and Google all their information because "they don't have anything to hide" - which we all know is the lamest excuse for apathy possible and is easily dismissed [donttrack.us] as moronic. And it just keeps getting worse - and now our governments collect this data too.
And what is the effect? People are not getting jobs [sciencedaily.com] or losing their jobs [huffingtonpost.com] due to their Facebook posts. Insurance companies are increasing rates [wsj.com] on people who type certain terms into their search engines. And that's just barely getting started!
Wake up, folks!
Re:Big Android Problem (Score:5, Informative)
Pause while in call (Score:5, Informative)
For example, lots of apps require "Read phone state and identity" which gives the ability to learn not only the phone number, but also whether you are in a call and the number of the other party.
There's a very good reason for media players and games to require this. Knowing whether the user is in a call allows the program to pause itself until the call completes.
Re:Acceptance ritual under Belgian law (Score:4, Informative)
It should be done by mail/phone with a credit card with credentials mailed to you. It worked very well to keep trolls and spam off of Fidonet and Rime forums and since netmail messages cost a $0.25 so I'd love to get all the spam they could send. ;) BTW netmail was a feature of both those networks and I could send electronic mail all over the world. Both networks were like the internet but far more decentralized.
Re:Big Android Problem (Score:5, Informative)
The Pdroid http://www.xda-developers.com/android/pdroid-the-better-privacy-protection/ [xda-developers.com] patches are a "better" approach. They allow apps to keep the permissions they are designed to use, but feeds them fake data when they use them.
This protects privacy without crashing apps. However, it requires either a custom firmware with it already baked in, or running the patches against official firmware+root. This places it out of the comfort zone of many.