I’ve included this post in with my Diplomatic Technology posts, because this is something everyone should be aware of.
It is vital that you read and consider the permissions of an application before installing it. Not doing so is tantamount to signing a contract without reading it. You can be giving away everything you have and be completely oblivious to it.
This blog has been recently blessed with high traffic. Since I started posting so frequently about Android apps and games, I’ve been lucky enough to see more and more search results hits and random visitors. This has largely been thanks to the time I spend promoting it on reddit. As a result, I’ve begun receiving requests from developers asking politely if I would review their app on my site – it has been my honor to receive these requests. I received one recently though that gave me pause.
The e-mail had no return address, just a URL – I was already spooked at that point. Then I looked at the app, and the permissions were simply unacceptable for what the application was. Why would a simple game need so many permissions!?
Example: Here are the permissions for Karoshi, a game with OpenFeint enabled:
Read Sensitive Log Data? Hell. Freaking. NO. No game needs this.
This is simply unacceptable. They offer an explanation on their market post, and a link to some strange site to further explain away their permissions (something about ‘some new search function we’re trying out’ – as far as I can glean by looking at it, they’re going to put their sites in your bookmarks, and redirect your browser searches), but it is still completely unnecessary. I’m not about to take some fledgling developer’s word for it, especially when there are comments right in the marketplace saying the app is spyware. To the developers, even if what your application does IS completely harmless, it is still unacceptable – there’s nothing to tell your endusers that, just a gigantic warning label.
I will not review their game, disclose their name, or publicize their company in any way. I can’t prove that they’re shady, but they look shady, and apps aren’t people – I will happily profile and judge them without knowing them first, as any consumer would and should.