Hans D. Baumeister

Hans D. Baumeister

First Impressions: Android Security

Apple prides itself for a highly scrutinous overview of all apps submitted to the Apple Appstore.
Anything that might offend or otherwise perturb is denied a listing. For several years, this has been one of my main arguments of iOS over Android, and the argument may very well still be quite true.

However, I’m quite surprised - positively - of the details listed under “Permissions” for each app in the Google Play store, with the permissions you grant each app categorized under

  • Network Communication
  • Personal Information
  • Storage
  • System Tools

I’m quite certain this is done by an automated process that checks to see which functions are called from within the API. This is information that is completely lacking in the Apple Appstore. Permissions details are also available on the Amazon Android store, by the way, but by far not in as much detail as on Google Play.

As an example, I was about to load Wunderlist onto my Xperia when I read that the app would be given full rights to read my contacts database:

“Allows the app to read data about your contacts stored on your tablet, including the frequency with which you've called, emailed, or communicated in other ways with specific individuals. This permission allows apps to save your contact data, and malicious apps may share contact data without your knowledge. Allows the app to read data about your contacts stored on your phone, including the frequency with which you've called, emailed, or communicated in other ways with specific individuals. This permission allows apps to save your contact data, and malicious apps may share contact data without your knowledge.”

Why the heck would I accept that? There is positively no reason at all for the app to go pilfering through my contacts, as there are no contacts assignable to list entries. While I like the way it is simple to set up different todo lists in Wunderlist, this has - until I get more detailed info - stopped me from installing the app.

I remind the reader about reports on the widely distributed WhatsApp, which apparently transfers all contact data from the mobile device to one of the WhatsApp servers… gee, I wonder what they do with that information…?

So the logical thing to ask is: does Wunderlist also have full access rights to my contacts on iOS? And if it does, why doesn’t Apple disclose that information proactively? Perhaps iOS apps aren’t as secure as they are always daunted?
Comments