WP8 Privacy Nightmare?

eldnar

New member
Dec 7, 2012
6
0
0
Visit site
Hi all,

I just got my HTC 8X setup. I was eager to download some of the apps, and was shocked at what I have to give up in order to use the vast majority of WP8 Apps. I'm considering going back to my old phone simply because WP8 seems to have incredible privacy overreaches with its Apps. Thus far is appears to be the most insecure of any modern phone OS (in regards to apps). Can someone please explain a couple of things to a newbie? I'm newer to the WP8 platform, so there might be a rhyme and/or reason for these things.

1) Why does Flashlight X require video and still capture and the ability to playback media to simply turn on a rear flash?

2) Why does Flixster and Fandango need to access my photos, music, and video in order to tell me what time a movie starts?

3) Why does Amazon Mobile and NewEgg need to access my photo, music, and video libraries in order to show me what they have for sale?

4) Why does NetFlix need to access my photos, music, and videos in order to play videos

5) Why does "RapDialer" need to access my photo, music, and video libraries in order to make outgoing phone calls faster?

Why do I need to give them access to my private vacation photos, videos and music, as if the applications will not work without it. It's like going to Amazon.com via a web browser on your desktop and they say, "Oh sorry, to use Amazon, you need to let us scan your C drive first". I don't understand this.

Thanks for your time.
 

Slai

New member
Nov 27, 2012
557
0
0
Visit site
1) Why does Flashlight X require video and still capture and the ability to playback media to simply turn on a rear flash?

Perhaps because the video and still capture use the flash? No idea about the media, could be because the flashlight has a soundeffect?

2) Why does Flixster and Fandango need to access my photos, music, and video in order to tell me what time a movie starts?

Because it also lets you view media, perhaps? Might be that photos/music/video is baked into one thing, so if you need access to video you get access to the entire package.

3) Why does Amazon Mobile and NewEgg need to access my photo, music, and video libraries in order to show me what they have for sale?

Same thing as above, Id guess.

4) Why does NetFlix need to access my photos, music, and videos in order to play videos

And same.

5) Why does "RapDialer" need to access my photo, music, and video libraries in order to make outgoing phone calls faster?

No idea, does it have anything to do with audio at all?
 

Pete

Retired Moderator
Nov 12, 2012
4,593
0
0
Visit site
I wouldn't worry. You're only giving the apps permission to use those pieces of functionality on your phone, allowing you to upload or download content.

most of us blindly click Allow and just get on with using the apps.
 

VoordeR

New member
Oct 30, 2012
2
0
0
Visit site
I saw this to when I checked out some of the apps I would like to install when I finally get my lumia920.

For example:
Angry birds: photo, music, and video libraries. Why the **** is this necessary for a game!?

Just a simple flashlight app which is the most downloaded in the store:

  • phone identity
  • owner identity
  • video and still capture
  • photo, music, and video libraries
  • microphone
  • data services
  • movement and directional sensor
  • camera
  • compass
  • WVGA (480x800)
  • media playback
  • HD720P (720x1280)
  • WXGA (768x1280)

And if you say this isn't a big of a deal, Angry birds and this simple flashlight app can look at all of your pictures and videos taken. That's insane!


These are just 2 examples, almost every top app in the market has these kind of insane permissions. I am on android now, and I can safely say that apps do not have these permissions there.
 

Slai

New member
Nov 27, 2012
557
0
0
Visit site
Angry birds: photo, music, and video libraries. Why the **** is this necessary for a game!?

Again, might have to do with the fact that angry birds plays music, etc. Something about if youre playing music on your phone then launching the game, the gamesounds will be muted. Something like that.

Not really a huge "OMG WTF U NEED PIC 4!?", its more like "oh yeah, sure, that makes sense".

Just because an app needs different reqs on different OSes, doesnt mean its malicious.
 

caret

New member
Nov 30, 2012
12
0
0
Visit site
I felt like you when I first started using my phone (it's Windows 7.5, but same philosophy). Some of the requests you listed are totally expected - how can an app play videos if it can't access your videos? Some functionality is lumped together, too - there isn't really a dinstinction between videos, pictures and music, it should probably just be called 'local media'.

Saying that, some apps seem like they're taking the proverbial when they ask for access to certain things. They are almost certainly poorly developed (apps are so easy to throw together for Windows Phone), but when considering that some of them are published by big names, you begin to wonder. I'm not going to call out certain companies, but I do know that many online retailers use neural networks in order to process your data and target products at you. They would almost certainly be interested in your music library so they could cross-sell - whether or not it is happening from your phones storage, I'd be doubtful. I'm sure given the opportunity to access that library, they'd take it (whether it is practical to use or not). They already know lots about you by processing digital purchases and trading that information between each other.

The biggest security problem on the phone is others' information, in my humble opinion. People who don't even have a computer, such as my grandma, have their personal information stored in the 'cloud' if someone adds them to their Windows Phone. If you're serious about protecting information, I'd start by protecting this sensitive information that others have no control over, but should. There is an app on the Marketplace called My People which gives you the ability to store contact information for people on your local phone, not on Microsoft's servers.

And if you ever need to do a John McAfee, remember to turn the phone off :wink:
 

VoordeR

New member
Oct 30, 2012
2
0
0
Visit site
It is when it is a commercial company that is driven by making money on advertising.

This is what it says:
How can I tell if an app has specific hardware or software
requirements? | Windows Phone How-to (United States)


Photo, music, and video libraries ? Allows an app to access all photos, music, and videos on your phone.


So just because they perhaps want to simply mute my music when I play a game. This commercial company can look into ALL my photos and vids on the device!


That's just insane. And i know you are a fan of windows phone, but that doesn't mean you can't have critique.
Why doesn't microsoft make a stand alone permission where they can only shut down my music or calls or whatever without unlimited permissions to my personal vids and pictures!
 

Slai

New member
Nov 27, 2012
557
0
0
Visit site
No, I just dont care if they have access to my music and videos. I dont get what POSSIBLE harm could that do me. So I dont care.
 

BokiV

New member
Nov 21, 2012
27
0
0
Visit site
Same here, a lot of apps are free, so if they need my data to make money..sure..., and even if not, I just don't care..
 

conanheath

New member
Sep 10, 2012
450
0
0
Visit site
Same here, a lot of apps are free, so if they need my data to make money..sure..., and even if not, I just don't care..

+1. I don't know why everybody thinks the permissions are such a big deal. If you think there are people looking at your personal content, you're wrong. Your information is out there. If somebody wanted to, they could find it and use it without your permission. But nobody cares about your family pictures. You're not that important. If some software somewhere analyses my content they won't find anything of interest. It's for advertising purposes. Advertising is a way of life. You can't get away from it. If some program wants to check my info and send advertising that actually pertains to my life, so be it. I would rather have customized advertising than just random crap sent to me that I could care less about. And somebody made a comment about Android apps are better in this aspect. Google started this trend.
 

SaucePolicy

New member
Dec 4, 2012
83
0
0
Visit site
For Amazon and Newegg, it probably has something to do with their barcode scanning that's built into the app's search. They need to access the camera. Nothing to worry about.

For flashlight, why don't you just use HTC's flashlight app. It's pretty nice.
 

brmiller1976

New member
Aug 5, 2011
2,092
0
0
Visit site
OP makes a good point about trust.

Too many well-known developers (Facebook, Path, Google, Apple) have violated users' trust in the past. The low-trust environment is directly a result of stories like Path downloading and holding onto all your contacts (without your permission) or Apple tracking your movements and storing them in a non-secure file on your phone that can be downloaded and accessed.

Don't even get me started about Carrier IQ.

This is something that needs to be addressed by a nonprofit trade group -- auditing apps, OSes, and phones for privacy certification.
 

Fleon

New member
Feb 21, 2011
174
0
0
Visit site
Not sure why the OP says "Thus far is appears to be the most insecure of any modern phone OS (in regards to apps)" when Android lets apps get to these things without even asking... and iOS has issues like this:
http://www.theregister.co.uk/2012/10/17/itrack/
Latest iPhone hacked to blab all your secrets ? The Register

Not saying I am disagreeing that a lot of apps seem to need weird permissions, but insecure OS? Hardly.
 

paulm187

New member
Nov 14, 2010
279
0
0
Visit site
In Windows 8 you can manage these app permissions for metro apps by turning them off or on. Perhaps Windows Phone could benefit from something like this.
 

brmiller1976

New member
Aug 5, 2011
2,092
0
0
Visit site
Fleon also makes a good point. A friend of mine had his Twitter account start sending all of those annoying "Hey, someone is saying nasty things about you at this link" malware e-mails. He changed the password but the e-mails were still going out.

We finally isolated it to a free game on his Android device that never asked for permission, but was accessing his Twitter account without his permission (via Android shared services) and also converted his phone into a spam hub that was sending out spam e-mails using his data connection.

THAT is "insecure." And it will never happen on Windows Phone.
 

zedmartinez

New member
Dec 14, 2011
31
0
0
Visit site
A lot of apps require access to the media hubs to save images or interact with them at all. As the ability to save images (like wallpapers) is pretty common in WP since it encourages media-richness, this will be common. Pretty sure apps also need those permissions to integrate into those hubs, so, from the Music & Videos hub you can open the app since that movie you were watching got you thinking, that sort of thing.

The Flashlight one is more interesting. There's no actual API to allow direct access to the flash, except through the camera. So, for the flashlight to work, it basically tells the phone it's a camera, turns the flash on, then doesn't actually capture any video stream. I remember reading about the dev end of things back when that came out. A weird but clever workaround, is what that is.
 

hopmedic

Active member
Apr 27, 2011
5,231
0
36
Visit site
As a developer, I think I can speak directly to this issue. Depending on which services are being requested, it can be many things. Sometimes locations are requested because of the advertisements - to give the advertisers locations will give more directed ads, and the developers will be paid a higher rate (measured in "cents per thousand impressions"). Sometimes the media is needed for sounds in a game, the camera is needed for bar code reading, or if the app is one where you can take a picture, or even to modify a photo (Pictures Lab, etc.). Sometimes the phone identity is used in order to track statistics (I have done this, just to get how many unique users of my apps) - without phone identity, you don't know if a repeat instance of your app is the same user using the app again, or a different user. Sometimes User identity (or is it Owner Identity? - I don't remember exactly) is used for reasons of tracking purchases - say for instance you have subscription content or something, maybe you had in-app purchase, or maybe you're participating in something where your identity does matter. These are all valid reasons to use these services.

Now that we've covered valid, let me also say this... When you create a project in Windows Phone, the WMappManifest.xml file, which is where all of the capabilities are enabled/listed, by default, has all of the capabilities enabled. So, if a developer is lazy, forgetful, or doesn't know he needs to remove the unneeded capabilities from this file, then when they submit it to the store, it will list these capabilities, whether they are used or not.

My personal opinion is that if the capabilities are checked, but not used, either the app should fail certification, or perhaps Visual Studio should automatically uncheck the unused capabilities during the final build so that they are unchecked. The reason for this, to me, is because with the knowledge that this is happening out there, it diminishes the value of having the capabilities listed and the value of asking permission prior to allowing the app to install. Since I know this happens, when I look at a game or app that I know can't possibly need these capabilities, I figure that this must be the case - lazy, or forgetful, or uninformed programming. So I end up allowing the app. But the problem with that, is that just when we get into that habit, that's when it will bite us. That's when the note-taking app that doesn't do anything in the background will be the one that ends up running in the background, tracking our location, and sending it home to the server every step we take. Or whatever the case may be. No system is perfect, and it is the social engineering that is the weakest.

In Windows Phone 8, the capabilities listed in WMappManifest.xml are:
Appointments
Contacts
Gamer Services
Device Identity
User Identity
Camera
Location
Media Library
Microphone
Networking
Phone Dialer
Push Notifications
Sensors
Web Browser Component

So, if you see an app that lists ALL of those capabilities (though it will be worded in a more user-friendly way), odds are it was lazy, forgetful, or uninformed programming, and not that it's actually using all of them. If something's missing from that list, I'd wonder, because the developer was in the file, and obviously removed something, so why not the rest of what wasn't needed?

For WP7 apps that were recompiled for WP8, the list could be different. If it is an app created (or updated) for or after Mango, the list can be the same as above. But if it is an older game or app that wasn't updated to the Mango (WP 7.5) update (Fruit Ninja, for instance), then the list of capabilities would be shorter:

GAMER SERVICES
IDENTITY DEVICE
IDENTITY USER
LOCATION
MEDIA LIB
MICROPHONE
NETWORKING
PHONE DIALER
PUSH NOTIFICATION
SENSORS
WEB BROWSER COMPONENT
 

Daniel Ratcliffe

New member
Dec 5, 2011
3,061
0
0
Visit site
Now that we've covered valid, let me also say this... When you create a project in Windows Phone, the WMappManifest.xml file, which is where all of the capabilities are enabled/listed, by default, has all of the capabilities enabled. So, if a developer is lazy, forgetful, or doesn't know he needs to remove the unneeded capabilities from this file, then when they submit it to the store, it will list these capabilities, whether they are used or not.

My personal opinion is that if the capabilities are checked, but not used, either the app should fail certification, or perhaps Visual Studio should automatically uncheck the unused capabilities during the final build so that they are unchecked. The reason for this, to me, is because with the knowledge that this is happening out there, it diminishes the value of having the capabilities listed and the value of asking permission prior to allowing the app to install. Since I know this happens, when I look at a game or app that I know can't possibly need these capabilities, I figure that this must be the case - lazy, or forgetful, or uninformed programming. So I end up allowing the app. But the problem with that, is that just when we get into that habit, that's when it will bite us. That's when the note-taking app that doesn't do anything in the background will be the one that ends up running in the background, tracking our location, and sending it home to the server every step we take. Or whatever the case may be. No system is perfect, and it is the social engineering that is the weakest.

Thank you! I wasn't aware that there is where the permissions was. As I'm hoping to develop a radio app for a specific station, I'll be able to use this for the services I want. Data, check. Media, check. Phone identity, maybe (depends whether or not I want to track statistics of the app). Gamer services, no. etc, etc. This has truly opened my eyes!
 

Members online

Forum statistics

Threads
322,908
Messages
2,242,875
Members
428,004
Latest member
hetb