App permissions: We are our worst enemy

App permissions: We are our worst enemy

Summary: The recent disclosure that iOS allows apps to send personal contact lists to the developer's servers without permission created a justified uproar. Unfortunately users are the real culprits.

SHARE:
TOPICS: Apps, Android, Mobile OS
30

The recent discovery that the Path app was uploading users entire contact lists to the company's servers riled up the tech community. The uproar escalated quickly to outrage with the admission that iOS allows this to happen without asking the user for permission. The tech press questioned how that could happen with the importance of privacy and security in this day and age. While the Path situation was quickly defused with the company's apology, followed by the tech press falling on each other like wild dogs, had the app requested permission in advance it wouldn't have made much difference.

Don't misunderstand me, I believe user privacy and the security of apps is of utmost importance. There are too many ways that this can be abused, and the results of abuse can be devastating. All mobile apps should take adequate steps to inform the prospective user exactly what personal information is going to be accessed, and what is going to be done with it. This will keep developers honest with users, and transparent in how their apps are using this information.

Unfortunately, the weakest link in the open disclosure process are we the end users. Even if we are informed at app installation exactly how the app will tap our information, odds are we'll just approve it and move right along. This happens at the installation of just about every Android app.

See also: Android security deep dive (video)

Android does a great job forcing app developers to inform the prospective user just what sort of permissions are required and what information the app will access. It also makes the user aware of exactly how the app can take over key areas of the device to perform the tasks needed by the app.

Some Android developers have a CYA approach when it comes to asking for permissions, and have the app ask for far more permissions than the app actually needs. These requests are plainly presented to the user at app install time, and the user has to approve them or abort the installation.

Almost without fail the user gives approval for the app to access virtually every aspect of the device, just to get the app to install. That's if the user even pays attention to the permissions being requested, many don't particularly care. They just hit the button and get on with the app installation.

I am as guilty of this as anyone even though I am usually very careful with my online activities. I take care not to do anything, desktop or mobile, that risks exposing my information or systems to potential bad guys. But like far too many careful people, I admit to installing apps without understanding fully the implications of the permissions the app is requesting. I just want to get on with using the app and hit the button to make that happen.

This is especially the case if an app is being discussed online by people I trust. Obviously they felt comfortable enough to install the app even it they wondered why it needed permission to change user data, so why should I worry? So I hit the button and install the app, never thinking again what it might be doing behind the scenes.

It doesn't help that the Android permissions are not well defined to the user. Just look at the permissions in the screenshot above. Some of the permissions granted to the app don't fully explain what it is doing with the system or my data. That should raise a flag but I installed the app anyway.

Those are the permissions that the Twitter app requested of the system (and me at install time) to run. Yes, Twitter can read and write to my personal contact data and can use my credentials for any account on my system. Worse, it can delete my entire USB storage contents, because I told it that's OK.

Sure Twitter is a well known service so it's no problem. But think back to when Twitter was just getting started. The Twitter app was asking for those permissions then, too, and we were all saying OK. The fact is unless an app is questionable to begin with we are all just going to approve any permissions it asks for. We want to get on with using the app and that's that.

It is bad for apps to do things behind the user's back, so asking permission should be mandatory. Even if that happens, we are our own worst enemy and we'll end up approving just about anything it wants to do, even if it sounds fishy.

The next time you install an Android app, pay particular attention to the permissions it is asking you to give it. If is indicates it wants permission to send/receive MMS/SMS messages, ask yourself if that's appropriate for the type of app you are installing. If not, nix the install and get rid of it. Most scams make money through expensive MMS/SMS messages, and most have been given permission by the user to do so up front. Take control over your device.

Related:

Topics: Apps, Android, Mobile OS

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

30 comments
Log in or register to join the discussion
  • RE: App permissions: We are our worst enemy

    Do iOS Apps even tell you wat they are using? I cannot for the life of me remember.
    slickjim
    • To blame the user when the user has no REAL choice.....

      ...is ludicrous! The way it currently is, you have two choices, ALL, or NONE! Users should be able to dissallow permissions and still install/run the apps till they are comfortable giving those permission. Arbitrary crippling of the app to force unneeded compliance IS NOT the answer! :-(
      kd5auq
      • RE: App permissions: We are our worst enemy

        @kd5auq

        Frankly I am surprised to learn that Android and iOS apparently take an 'all or nothing' approach to giving apps permission to use personal info.....I know that Blackberry allows for selective authorization, so that, for example, you can allow the GPS app to access your current location, while denying it the right to access your contact list
        Doctor Demento
      • RE: App permissions: We are our worst enemy

        @kDoctor Demento: That's a very good point. The BB screen you speak of is ridiculously complicated to navigate but at least it's there. With Android you have to allow it all permissions or don't install it.
        bradavon
      • RE: App permissions: We are our worst enemy

        @kd5auq CM7 allows the user to revoke any permission individually, and considering this uproar it's likely Android will implement this feature on future updates.
        lionsson
    • RE: App permissions: We are our worst enemy

      I didn't use to read Android app security installation notifications but I do today. They're not at all clear enough and I work with computers.

      You have to have faith the app may require this particular obscure permission for some reason, often because you install it you don't exactly know what it does or can do.

      There are some very scary ones on the Android market, like wallpaper apps that ask for so many permissions it's crazy.
      bradavon
      • RE: App permissions: We are our worst enemy

        You are right, they are really not clear enough and that is fueling the movement to brands that offer honest minimal permissions for their apps and dont harvest all your data. The likes of http://stringfree.co.uk are one of many - you have to pay a minimal fee but in cash terms rather than with your data.
        cuttymarks
  • RE: App permissions: We are our worst enemy

    I am glad to see that this incident is catching some headlines. In your article, you stated "Android does a great job forcing app developers to inform the prospective user just what sort of permissions are required and what information the app will access. It also makes the user aware of exactly how the app can take over key areas of the device to perform the tasks needed by the app."

    I actually disagree. When you install most all apps from the android marketplace, you get an extremely vague outline of what information is being accessed. In most cases, the consumer still does not fully understand how or why this information is being accessed.

    To help the customer from making mistakes, there needs to be more of a simplified description of the access being requested. I say this in that developers know what they are doing. They ask the minimum to cover themselves. The problem is due to the fact that thinking out what needs to be said requires work from the developer. Throw in the lawyers and now you have vagueness.

    This can be fixed with a little more description in "people talk".
    servnhim
    • RE: App permissions: We are our worst enemy

      @servnhim Yeah, like they are going to tell you they are going to ravage your phone's memory for anything they think might be of interest to them... At least IOS compartmentalizes things so that files can only be accessed from the program that they are intended for. It's a pain in one way, but helpful for security purposes.
      rphunter42
      • RE: App permissions: We are our worst enemy

        @rphunter42 Excuse me? Wasn't it iOS's total lack of asking anything that brought this issue to light?
        anothercanuck
  • Android permissions need to be more granular...

    ...so that developers can easily define what they are trying to do and not use Catch-All permissions.
    DevJonny
  • Long, obfuscated legalese is the real enemy

    In dealing with software, most of us have seen so many licenses written in long, drawn-out legalese that we glaze over and hit "Accept" without ever fully reading what rights we may be giving up. The circumstances are no different with cell phone apps. We get presented with small pop-ups telling us that so-and-so app is requesting some personal information, but we're never told exactly why. And after being asked those questions for so many apps on our system, we get as numb as we do reading license agreements and just do what it takes to get it over with.

    I often think that if apps explicitly said "This app is about to upload your entire contact list to our servers" or something equally plain then we might take more time to consider the ramifications of our consent. "Do you grant this app access to your contact list?" just doesn't really get the point across.
    the.ksmm
    • You want cancer with that?

      It's kind of like the way they passed a law in California that requires any business that uses chemicals that might cause cancer to post a sign that says, "This facility contains chemicals known to the State of California to cause cancer."

      You would think this law would be of some use, but it's not. There is hardly a building in the entire state that does not have one of those signs. Since even coffee sweeteners have been alleged to cause cancer, the lawyers told all their clients to just post the sign and be done with it.

      This is what happens when the Disclosure Do-Gooders get overzealous: the average person gets bombarded by so many warnings that they all lose their effect.
      Robert Hahn
  • RE: App permissions: We are our worst enemy

    I agree for the most part, but there is another camp of users. Those who vigilance towards security and privacy leads them to abandon installs when prompted to grant the app permissions. On my Android, I passed on many apps from lesser known developers because it was unclear exactly why the app needed certain permissions. Granted, this camp is a fraction of the "click through" crowd, but I suspect there are still many like me who missed out on a good app because it's permissions requirement appeared too extensive and/or the developer did a crappy job of explaining what purpose those permissions served (although I probably also missed out on questionable apps in the process as well).

    I think the ideal solution would be for security preferences each user could set on their phone for various types of data like contacts, somewhat (not I said "somewhat") similar to the IE security zones where the user can classify Contacts, for example, as high/medium/low security. Then anytime an app requests permissions to something, the OS responds based on those settings. For example, if Contacts were classified as high, iOS would prompt you anytime Path tried to access it and tell you specifically what it was trying to access (e.g. a single contact's e-mail address or the entire list). If it was medium, it might prompt you the first time an app tries to do something, but remember your answer. If low, then maybe it's the wild west.
    TroyMcClure
    • RE: App permissions: We are our worst enemy

      @piousmonk
      I'm in the vigilant camp too. Have passed on many cool apps that just want access I don't want to give them.

      The problem is partly the result of "you get what you pay for". If we had to pay more for apps, it would allow more time to be allotted for writing them including better choices at install time as to access they need/want.

      We may love all the tech that surrounds us but we are also our own worst enemy because we want it to cost very little or nothing. Not realistic.
      alex@...
      • RE: App permissions: We are our worst enemy

        @alex@... I also have passed on a few apps when my reaction was 'you want WHAT?'
        rphunter42
      • RE: App permissions: We are our worst enemy

        @alex@...

        I agree about the "you get what you pay for" to a certain extent, but given these apps are generally not that complex in comparison to desktop applications, writing good, detailed descriptions of the permissions they require (and why) shouldn't be that time consuming of a step for developers, especially if they aren't over reaching in what permissions their apps really need.

        I agree that when anyone can develop an app and give it away for free or sell it for a few bucks, the overall quality will suffer due to volume, but I don't know that's the problem hear. I think malicious app developers are intentionally vague, while in other cases, it's a matter of developers being lazy and/or not necessarily being good at conveying technical things to non-technical people.
        TroyMcClure
    • RE: App permissions: We are our worst enemy

      @piousmonk
      'Free App creators has met the enemy and he is us.' (Profuse apologies to Pogo!)

      Seriously, we expect apps to be provided without cost while we don't expect app creators to find ways to monetize them. To that extent, we are our own worst enemy, aren't we?
      MikeyrInFL
  • One word - REVOCABLE

    If the app asks for certain permission(s) when installing then the same permission(s) should be revocable after installation.

    If a specific permission is mandatory then you're, most likely, using the app for its primary purpose. For example - a photo edit app "should" have access to your photos. However, the photo editor's secondary function "may" be the ability to email a photo using data from my contacts - doing so should only be allowed when I give the okay, e.g. this time only, always.
    Bruce Lang
  • RE: App permissions: We are our worst enemy

    And this problem applies only to Android apps???
    murfish2003@...