Is 'flashlite' by Small Tech malware?

jtpcamp

New member
Feb 12, 2014
90
0
0
Visit site
An email today said that the top 10 flashlight apps on Google are malware so i was wondering if the app "Flashlight" by Smalltech is included in this. The article is found here http://www.youtube.com/embed/Q8xz8xKEFvU
 

Visa Declined

New member
Dec 25, 2013
700
0
0
Visit site
An email today said that the top 10 flashlight apps on Google are malware so i was wondering if the app "Flashlight" by Smalltech is included in this. The article is found here Cybersecurity Expert Gary Miliefsky - YouTube

I watched the video, and checked out the app you are talking about. The guy in the video is spreading FUD, and I'll explain why.

The app requires these permissions.

full network access
view network connections
read Google service configuration
control flashlight
prevent device from sleeping

It needs full network access because it's a free app, and it uses ads. Ads require network access. "Prevent device from sleeping" serves the purpose of keeping your screen from dimming while you're using the flashlight app.

These jackasses in the media don't understand how tech works, and start crying OMG the app is phoning home and stealing your information!
 

rockstarzzz

New member
Apr 3, 2012
4,887
1
0
Visit site
I watched the video, and checked out the app you are talking about. The guy in the video is spreading FUD, and I'll explain why.

The app requires these permissions.

full network access
view network connections
read Google service configuration
control flashlight
prevent device from sleeping

It needs full network access because it's a free app, and it uses ads. Ads require network access. "Prevent device from sleeping" serves the purpose of keeping your screen from dimming while you're using the flashlight app.

These jackasses in the media don't understand how tech works, and start crying OMG the app is phoning home and stealing your information!

These security firms have mechanism in place to say if permissions required by any app could exploit your data. That don't mean they always exploit data but they can, if they wanted. They are not jack ***. They are showing us 2+2=4.
 

ratsttam

New member
Jun 5, 2013
351
0
0
Visit site
With the large amount of flashlight apps available, why choose one that even has ads?
I found two that I really liked. The HTC one (if you've got an HTC windows phone), is ad free and fast. I found Flashlight XT (Elton Saul), which is also free, and doesn't have any ads. In fact, it doesn't even appear to need permissions beyond "camera".
It's not the prettiest icon on my home screen, but I hit it, and the light turns on, which is after all, exactly ALL that a flashlight app should do :)

Flashlight XT | Windows Phone Apps+Games Store (United States)
 

jmshub

Moderator
Apr 16, 2011
2,667
0
0
Visit site
I agree completely. Flashlight XT has no bells or whistles. It is as simple as lighting your flash when you launch the app. No ads, no extraneous junk.
 

a5cent

New member
Nov 3, 2011
6,622
0
0
Visit site
It needs full network access because it's a free app, and it uses ads.

These jackasses in the media don't understand how tech works, and start crying OMG the app is phoning home and stealing your information!

You haven't explained anything either though. Apparently out of the blue, you've just decided that none of those top 10 flashlight apps could possibly be misusing their network access rights (officially for ads) to send data about you back home. It's your word against his, but the guest on this show is at least the CEO of an IT security firm who claims to have investigated this issue.

Still, I also suspect that this report is highly exaggerating the privacy threat potential, (a) because no apps were named and (b) because it is in security firms best interest to do so (more business). However, it seems just as unreasonable to assume such privacy breaches don't exist at all. If I used an Android device as my daily driver, I'd certainly monitor my flashlight app's communications so I could be sure.
 
Last edited:

Visa Declined

New member
Dec 25, 2013
700
0
0
Visit site
You haven't explained anything either though. Apparently out of the blue, you've just decided

It's pretty clear from your tone here, and the other post I made that you called "B.S." that you don't like me. There's nothing I can do about that, but it does kind of suck.
 

jsooney

New member
Mar 27, 2014
412
0
0
Visit site
All the flashlight apps in the Windows App store that I checked out want microphone permissions, but I can't imagine why. Anyone know?
 

CJ Thunder

New member
Feb 16, 2011
714
0
0
Visit site
All I can think of is cheap/quick code to light up the light is use the camera, which uses the mic.

I don't like it cause my shutter opens on my 1020. That needs to stop! Lol.
 

jsooney

New member
Mar 27, 2014
412
0
0
Visit site
Flashlight XT (posted above) doesn't.

Ok thanks, I'll check it out. I've had "Flashlight" by some guy named Tony Sakariya for a while. I got it because it needed the least permissions of all the apps I looked at, although it was still more than I wanted (video & still capture, microphone and data services). I'll dump it and try that one, although it still wants vid & still capture for some reason. Maybe it controls the flash through those.
 

a5cent

New member
Nov 3, 2011
6,622
0
0
Visit site
It's pretty clear from your tone here, and the other post I made that you called "B.S." that you don't like me. There's nothing I can do about that, but it does kind of suck.

No. I have absolutely nothing against you.

A bit more than a year ago I looked at a lot of games in the play store and found none that saturated more than two cores. That is why, in that other thread, I was sceptical of your claims (I'm still sceptical of your claim when it comes to apps rather than games). Anyway, things have apparently changed, and I'm thankful you brought those games to my attention. I'm looking forward to taking a closer look under the hood, when I get back into the office.

Here, in this thread, it's no different. I'm just asking you to back up your claims. Your claim that there is no chance of a privacy breach seems just as extreme to me as the security guy's claim, who says almost every popular flashlight app is spyware. IMHO those are both black and white claims, in an area where I expect the truth to be a shade of grey.
 
Last edited:

Visa Declined

New member
Dec 25, 2013
700
0
0
Visit site
No. I have absolutely nothing against you.

A bit more than a year ago I looked at a lot of games in the play store and found none that saturated more than two cores. That is why, in that other thread, I was sceptical of your claims (I'm still sceptical of your claim when it comes to apps rather than games). Anyway, things have apparently changed, and I'm thankful you brought those games to my attention. I'm looking forward to taking a closer look under the hood, when I get back into the office.

Here, in this thread, it's no different. I'm just asking you to back up your claims. Your claim that there is no chance of a privacy breach seems just as extreme to me as the security guy's claim, who says almost every popular flashlight app is spyware. IMHO those are both black and white claims, in an area where I expect the truth to be a shade of grey.

I never said there was "no chance" of a privacy breach, but these guys are looking at the app permissions, and freaking out over them because they don't understand how apps work.

As for my other post that you called "BS", if you wanted to dispute my claim or had any doubts about it, calling it bull**** is flat out rude, and I've never seen a forum moderator act this way towards a forum member...anywhere.
 

jsooney

New member
Mar 27, 2014
412
0
0
Visit site
App permissions are one of the biggest factors in deciding whether I'm going to buy/install an app, maybe the biggest. I might really want something, but if I don't like the look of the permissions I won't get it.

Me being an ignorant freaker-outer, and you an expert, maybe you can enlighten me. Why does one flashlight app (Flashlight-X, say), need owner identity, phone identity, video and still capture, media playback, photo library, phone dialer, web browser component, music and video libraries, and microphone, when another only wants video and still capture? Doesn't make sense to me.
 

a5cent

New member
Nov 3, 2011
6,622
0
0
Visit site
Why does one flashlight app (Flashlight-X, say), need owner identity, phone identity, video and still capture, media playback, photo library, phone dialer, web browser component, music and video libraries, and microphone, when another only wants video and still capture? Doesn't make sense to me.

Either the app has additional features that require those permissions (sniffing about users devices and delivering advertisements would also count as such a "feature"), or it's spyware:

http://forums.windowscentral.com/wi...2507858.html?highlight=permission#post2507858
 

jsooney

New member
Mar 27, 2014
412
0
0
Visit site
That's what I figured, extra features or spyware. I can't think of a legitimate use of music library or microphone. Maybe I can clap my hands and the light comes on?

Thanks for the link, that's the most detail I've seen yet.
 

a5cent

New member
Nov 3, 2011
6,622
0
0
Visit site
I never said there was "no chance" of a privacy breach, but these guys are looking at the app permissions, and freaking out over them because they don't understand how apps work.

Well, you did say these people are "spreading FUD", which implies that the top 10 apps are in fact not snooping at all. I'm just not ready to take your word for it.

One reason why I doubt your claim, is because you think these guys are just looking at app permissions, which doesn't seem to be true. In the interview, the Snoopwall CEO clearly states that they identified data that was being sent back to China, India or Russia. You can't do that just by looking at app permissions. That's pretty much irrefutable evidence. That is why I tend to believe that he's not just outright lying. However, I'm also not willing to believe, without further evidence, that all of the top 10 flashlight apps in the Google Play store are spyware, some of which include trojans and require factory resets to get rid of. It's hard for me to imagine Google wouldn't have caught more of that.

If I cared more about Android I'd analyse these apps myself, but I don't, which is why I asked you! If there isn't more information about this in the Android blogosphere (I thought there would be), then that's fine. I'll just continue to believe that the Fox news report was partially true.

As for my other post that you called "BS"...

If you have an issue with this we can continue that discussion in the other thread (where it belongs) or discuss it via PM.
 

Members online

Forum statistics

Threads
322,383
Messages
2,241,919
Members
427,918
Latest member
cameronbosch