Diplomatic Technology, Android Edition – a Quick Note on Permissions

I’ve included this post in with my Diplomatic Technology posts, because this is something everyone should be aware of.

It is vital that you read and consider the permissions of an application before installing it.  Not doing so is tantamount to signing a contract without reading it.  You can be giving away everything you have and be completely oblivious to it.

This blog has been recently blessed with high traffic.  Since I started posting so frequently about Android apps and games, I’ve been lucky enough to see more and more search results hits and random visitors.  This has largely been thanks to the time I spend promoting it on reddit.  As a result, I’ve begun receiving requests from developers asking politely if I would review their app on my site – it has been my honor to receive these requests.  I received one recently though that gave me pause.

The e-mail had no return address, just a URL – I was already spooked at that point.  Then I looked at the app, and the permissions were simply unacceptable for what the application was.  Why would a simple game need so many permissions!?

Example: Here are the permissions for Karoshi, a game with OpenFeint enabled:

Nothing too sinister here, these are fairly common and simple permissions.  Now, here are the permissions for the simple free game this developer e-mailed me about:

Read Sensitive Log Data?  Hell.  Freaking.  NO.  No game needs this.

This is simply unacceptable.  They offer an explanation on their market post, and a link to some strange site to further explain away their permissions (something about ‘some new search function we’re trying out’ – as far as I can glean by looking at it, they’re going to put their sites in your bookmarks, and redirect your browser searches), but it is still completely unnecessary. I’m not about to take some fledgling developer’s word for it, especially when there are comments right in the marketplace saying the app is spyware.  To the developers, even if what your application does IS completely harmless, it is still unacceptable – there’s nothing to tell your endusers that, just a gigantic warning label.

I will not review their game, disclose their name, or publicize their company in any way.  I can’t prove that they’re shady, but they look shady, and apps aren’t people – I will happily profile and judge them without knowing them first, as any consumer would and should.

Bottom Line: If the permissions don’t make sense, don’t download it.  Do some research first, both on the permissions and the company.  See what other apps they’ve posted.  Read their 1-star market comments.  If you’re a developer, strive to make your games require as few permissions as possible, because identity and data theft are really hot issues right now, and will (rightfully) impact your downloads.   There are a lot of great resources for further reading on the subject; here is a great place to start for the average consumer

Android Permissions Explained, security tips, and avoiding malware – forum post at AndroidForums.com

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s