User topics

Article topics

Log in Sign up

Android a photo-slurper too: report

On the heels of last week’s controversy regarding the photo-slurping habits of iPhones come reports that Android can play similar games with privacy. Following the template it used to demonstrate the iOS vulnerability, the New York Times commissioned an Android app developer, Ralph Gootee of Loupe, to put together a demo app …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

This post has been deleted by its author
This post has been deleted by its author
Sunday 4th March 2012 23:18 GMT Anonymous Coward

A huge problem with Android apps is the 'take it or leave it' approach to permissions. You either accept what the dev claims his app needs to run, or don't install it. Where's the third approach, which would be to install it but replace dodgy sounding permissions with stub implementations? No, your game doesn't need access to my phone book or the internet, so if it tries, it gets an empty phone book and I appear permanently offline...

31 1
1. Sunday 4th March 2012 23:42 GMT Chet Mannly
  
  option c)
  
  A third option is to install LBE Privacy guard (and there's probably a few similar apps I don't know about, just found one that worked and have stuck with it) which allows you to block these permissions for each app and each permission (eg access phone book, contacts, internet, location, phone ID etc).
  
  If you deny a genuinely needed permission the app obviously wont work properly, but at least you have more control than the blanket permissions a lot of apps request.
  
  In terms of the out of the box Android experience I guess its good to be informed, but would be better to have control without having to use third party apps...
  
  3 1
  1. Monday 5th March 2012 03:40 GMT Yet Another Anonymous coward
    
    Re: option c)
    
    But doesn't this mean you need to give the security app access to everything?
    
    Can you trust the security app?
    
    8 0
    1. Monday 5th March 2012 05:07 GMT Charles 9
      
      Re: option c)
      
      Also, does this not require root privileges, which opens a whole other can of worms (not to mention voids most warranties)?
      
      3 0
  2. Monday 5th March 2012 11:34 GMT countd
    
    Re: option c)
    
    Cyanogenmod allows you to dig into an app's permissions and deny / allow as you see fit before you run the app for the first time. This does have the occasional side effect of an apps crashing, but in a recent case I had of a note taking app wanting contact and network permissions and falling over when denied such, it was warning enough for me to nuke the damned thing and look elsewhere.
    
    2 0
  3. Monday 5th March 2012 15:41 GMT BillG
    
    option d)
    
    A better option is to install DroidWall. It's a free firewall that let's you block apps from accessing the internet. About half my apps are blocked, including cameras, games, books, barcode scanner, calender storage, contacts, and video players. Also blocks ads on those apps.
    
    I feel safer, my phone runs faster and gets better battery life.
    
    0 0
    1. Monday 5th March 2012 16:10 GMT Gordon Fecyk
      
      At least until the 'evil app' learns how to access Droidwall
      
      "A better option is to install DroidWall. It's a free firewall that let's you block apps from accessing the internet."
      
      If an app has 'full permissions' it will only be a mater of time before apps have enough code to look for and disable these things.
      
      0 0
  4. Monday 5th March 2012 18:33 GMT joe.user
    
    Re: option c)
    
    1) Root your phone so you actually have control of your phone. Sad, but true.
    
    2) LBE works AWESOME to block nefarious requests to information completely unrelated to the app. You'll be surprised how many things ask or are currently - grabbing!
    
    0 0
2. Monday 5th March 2012 07:23 GMT LarsG
  
  I STOPPED....
  
  downloading apps that need apparent permissions that have no relevance to what the app is all about.
  
  Now I have no apps!
  
  This I think will remain a problem until we have the choice on permissions on the download page.
  
  Each app should come with a 'tick' the box for what you will allow and this should have no effect on the app.
  
  1 0
  1. Monday 5th March 2012 07:27 GMT Anonymous Coward
    
    Re: I STOPPED....
    
    If only everyone took a stand over these permissions, just give a one star rating for apps that require too many permissions or everyone stops downloading for a few weeks we would probably see some changes.
    
    6 0
    1. Monday 5th March 2012 08:09 GMT Alan W. Rateliff, II
      
      Re: I STOPPED....
      
      Sadly, I highly doubt this will happen. Especially if it means that the user won't be able to run their favorite app, or an app which everyone else is running. I can already hear the screams about not being able to play "Angry Birds" (not implicating Rovio, here, just that I honestly don't know any other games on the platform) JUST because it can snarf their pics.
      
      Those screams would sound like customers who call me because their favorite website has been exploited and Google, Firefox, or their anti-virus is preventing them from visiting. But they REALLY REALLY REALLY need to get to the website, so can't we just drop those protections long enough to get some work done?
      
      I've had to liken it to sexually transmitted diseases and unprotected sex before to get the point across. Even then, I'm not certain the conversation had lasting effect.
      
      Paris, no conversation has a lasting effect.
      
      2 0
      1. Monday 5th March 2012 10:18 GMT Miek
        
        Re: I STOPPED....
        
        Ditched Angry Birds myself when I realised they were adding more and more intrusive permissions to their games, to the point that it wanted to read my SMS, my contacts and more.
        
        4 0
3. Monday 5th March 2012 11:47 GMT M Gale
  
  Probably for adverts.
  
  So here's a suggestion: PERMISSION::ADVERTS, PERMISSION::ADVERTS_GPSLOC, PERMISSION::ADVERTS_TOWERLOC, plus any others that are specifically related to the advertising framework you're using.
  
  Now offer users a central control panel with checkboxes that say "Yes, adverts can know my location", "Yes, adverts can read my contacts", and any other permissions that Adwords and other approved advertising companies might use. I say this because "approved advertising companies" is better than "whatever advertising companies the local monopolies commission says you HAVE to work with".
  
  Make sure the user can always turn all checkboxes off. Doesn't stop an advert-funded app displaying adverts, just that they would be more like billboards and less like a personalised sales pitch.
  
  Does anybody remember the utter stink that Go!Zilla and Aureate kicked up? It wasn't just because of the ad banner.
  
  1 0
  1. Monday 5th March 2012 12:32 GMT Wize
    
    Re: Probably for adverts.
    
    An advert doesn't need to know my location, the nosey bastards.
    
    I want a 'give false location info to adverts' app.
    
    1 0
4. Monday 5th March 2012 15:44 GMT Lallabalalla
  
  Only an idiot codes to an Interface rather than an implementation
  
  Oh, wait...
  
  0 0
5. Monday 5th March 2012 20:45 GMT JohnG
  
  "Where's the third approach, which would be to install it but replace dodgy sounding permissions with stub implementations?"
  
  Yeah, agreed but it ain't gonna happen. It would be like turkeys voting for Christmas - the people offering the "free" apps are making their money by pimping users' data to marketing companies - and Google aren't going to help as it was their idea in the first place. There are 3rd party solutions though.
  
  0 0
6. Wednesday 7th March 2012 21:51 GMT Flendon
  
  You can do that if you have root
  
  The app Pdroid can block a number of permissions in that way, but requires Root.
  
  http://forum.xda-developers.com/showthread.php?t=1357056
  
  I combine that with Avast AV which contains an application firewall, also requires root. It allows Deny All, Permit by Exception. If it is a game or something that has no need to access the internet it is blocked automaticlly, unless I specifically add it to the allowed list. If it needs internet to work I use Pdroid, so for example, facebook is feed a random Device ID, phone number, SIM serial, Subscriber ID, GPS and Network location, while incoming number (why the hell do they need this?), call log, SMS, MMS, Sim Info, and network info are blocked completely.
  
  I know some friends who would really love these capabilites, but are nervous about rooting their phone. It would be great if this was allowed for everyone.
  
  0 0
Sunday 4th March 2012 23:25 GMT Jolyon Smith

I don't see any difficulty in NOT conflating "Internet Access" with "Access to <insert LOCAL data of choice>".

One is accessing data over a network the other is... n't.

The trouble is, I can't seem to find any Android manifest permission relating to local data other than the specific CALENDER, CONTACTS and FRAME_BUFFER data (the closest I found to any camera content I guess).

I'm not sure (but don't know for sure) that there is ANY protection for camera files or any other local data. Looking at the available permissions on Android, it looks like the real problem is that if you give an app INTERNET access then you open a big fat pipe down which it can SEND local data that it already has access to.

Paris, cos she likes big, fat pipes. Allegedly.

3 0
Sunday 4th March 2012 23:50 GMT Anonymous Coward

Permissions

Not sure why half my Android tablet apps need half the permissions they do. Sure you can have access to my phonebook, I'm using a tablet so I don't have one!

So if I don't have one, why does it need it? The app still works. Most odd. Likewise with some of the other permissions? Over-caution from Google or data mining?

Still at least it asks. God knows what is happening on my iPhone where I do have a phonebook, etc.

4 1
1. Monday 5th March 2012 01:01 GMT scarshapedstar
  
  Re: Permissions
  
  Like I said in another thread: share buttons. You wanna tell your friends about the app? Well, it needs to know who your friends are. And how do you wanna tell them?
  
  SMS? That's a permission.
  
  Facebook? That's a permission.
  
  Email? That's a permission.
  
  Seriously, The Moron Test is not rifling through your text messages. It just needs to be able to send one.
  
  1 1
  1. Monday 5th March 2012 01:03 GMT scarshapedstar
    
    Re: Permissions
    
    Oh, and by "send one" I don't mean secretly send one without your knowledge, I mean it needs a permission to compose a little message reading "Play the Moron Test!" and ask you to click send.
    
    1 1
  2. Monday 5th March 2012 12:34 GMT Wize
    
    Re: Permissions
    
    "You wanna tell your friends about the app?"
    
    If yes, then I'll tell them myself. I'd like to take those auto email/post things out everyones hands. To many auto generated messages by spammers without friends acting like some psudo spam relay.
    
    0 0
Monday 5th March 2012 00:58 GMT scarshapedstar

Yes

Basically the whole file system is open - just like on your (non-Linux) desktop.

There are a number of solutions. One, your photo app could encrypt your photos so that no other app could read them. This would get the job done, but you'd be unable to view them in the built-in Gallery or do anything else with them outside the photo app - the classic walled garden approach. Trivially easy to implement, but also crappy.

Rumor has it that future versions of Android will allow apps to limit outside access to their home folders.

0 3
Monday 5th March 2012 01:59 GMT Anonymous Coward

Nice!

"Gootee of Loupe"

Nice!

What does it mean, though?

0 0
This post has been deleted by its author
Monday 5th March 2012 02:57 GMT Anonymous Coward

Curious to see what Google does about this, if anything.

The modify/delete permission was introduced in Android 1.6 - before it apps could write or delete without stating anything. However introducing that also meant that all apps designed to prior versions of the Android API get the modify/delete SD permission implicitly, regardless of actual use.

If they did the same again, all existing apps would shown an implicit read SD card permission, even if they don't use the SD card. This would be highly counter-productive and confuse users to no end, so I suppose they'll have to think of something else other than just adding another permission.

0 0
1. Monday 5th March 2012 13:57 GMT Ilgaz
  
  Issue is deeper and WONTFIX
  
  Issue is choice of the file system, Microsoft fat which Ms themselves bypassed on first opportunity (win phone)
  
  It has no clue about owners, it is designed for dos.
  
  Sorry for stating these basic facts to you, it is in fact for couple of idiots who claims people who will plug the card to computer and manually manage files can't install a ext reader to windows.
  
  Billions of dollars at risk, people lose personal, impossible to reproduce photos are disappearing because it has no journal and now, all personal data at risk. Every time someone mentions these basic facts, someone pops up and talk about that imaginary guy who plugs the sd to computer and hasn't installed some suite.
  
  I can't even believe the fact that even if you manually go with ext3/2 and kernel has support, your device won't mount it. Yes, tried and I am not hacking the /etc just because some Microsoft Trojan made its way to stupid google, unnoticed.
  
  2 0
Monday 5th March 2012 04:28 GMT James O'Brien

great

I sense another lawsuit from Apple coming seeing as they did this first...

11 4
Monday 5th March 2012 07:43 GMT Dave Fox

WTF?

So the NYT's "commissioned" an app developer to put together something incredibly trivial because it's a known fact (and presumably a design decision) that the "user data" (let's call it external SD, because it differs from /data/data, which is some what protected) is accessible to any app. This is newsworthy?

How else are apps like Photoshop, Facebook, Twitter, Dropbox, etc going to gain access to your photos for retouching/uploading? Yes, you could have them encrypted on external SD with an API and explicit permission set for accessing them, but then you wouldn't be able to access them when you connect your phone via USB mass storage, which would be an incredible inconvenience.

I have several different video and/or music players on my Android devices, and they can all access my stored videos/MP3s, which is what I want to be able to do. On my wife's iPad, I accidentally loaded some non-video files into the walled garden of her CinePlayerX app, which I'm now completely unable to delete because they don't appear in the file list of the app.

Sometimes we have to balance the needs of security with convenience, just as we do in real life. I'm not going to be taking naked pictures of myself, or copies of state secrets on my phone, so if they somehow end up on a public website, I don't particularly care.

If I were to do something that required more security, I would be taking the appropriate steps to safeguard my data.

3 2
Monday 5th March 2012 08:44 GMT Anonymous Coward

Matter of trust

So we've established that both Android and the iPhone suffer from unprotected parts of the file system that allows unscrupulous apps to access photos and probably other media. There is no difference between this and my desktop and to deny all access would completely limit anything any app could do.

Anyway, the issue is trust, 1) you have to trust the author not to have written a backdoor and 2) Starting with Google, and ending up with the law authorities, the author of such software would be done over, dragged through thorn bushes and prosecuted to the full extent of the law for EVERY person effected.

Unfortunately, having an app store gives the impression of increased security for both platforms yet its simply not the case. (Yes, even Apple let some slip through despite the rigorous approval procedures in their walled garden)

1 1
Monday 5th March 2012 09:05 GMT Lamb0

Permissions

If Android is going to function as a proper OS it needs to act like one! I like the way MEPIS groups permissions and restricts user access as needed (or desired - sometimes with a little fiddling). Permissions Functionality should be a simple, yet easy to use tool integrated into the OS - settable by the OWNERS, not Google, or the phone company; and all apps should delineate why specific permissions are required for what features.

Many features I'd leaved enabled, others would have certain permissions enabled only as needed, and a few would be routinely blocked, disabled, and not show on-screen (such as Facebook) - until I desire otherwise!

1 2
1. Monday 5th March 2012 09:49 GMT Anonymous Coward
  
  Re: Permissions
  
  "If Android is going to function as a proper OS it needs to act like one"
  
  It does act like an OS, it operates the hardware on behalf of application programs. I an application wants access to a resource, it gets it via the O/S.
  
  Android is more secure than most desktop operating systems because it requires an application progam to be given permissions to user data; when was the last time you installed a Windows or Mac OS program and had it tell you that it required internet access and access to specific user data? Pretty much every desktop O/S application program has access to read from, and in most cases write to, files created by other applications - the security normally just get's enforced at the User level so all my programs can see all my data (but not anyone else's).
  
  5 1
  1. Monday 5th March 2012 12:01 GMT M Gale
    
    I'll upvote you just for being pedantic...
    
    ...and raise you a "Android isn't even the OS, that's Linux. Android is a whacking great stack of software running on Linux, the visible part you see of which is the Dalvik virtual machine and whatever launcher is running."
    
    But yes, the permissions model does need a bit of a remodel.
    
    0 0
    1. Monday 5th March 2012 12:14 GMT Anonymous Coward
      
      Re: I'll upvote you just for being pedantic...
      
      I'll upvote myself just for being a dick...
      
      ...and raise you a "Linux isn't even the OS... It's the kernel".
      
      0 0
    2. Monday 5th March 2012 12:51 GMT Andy Watt
      
      Re: But yes, the permissions model does need a bit of a remodel.
      
      That takes the 2012 "understatement of the year" award.
      
      2 0
Monday 5th March 2012 11:21 GMT keitai

And the solution is..

Have two devices: one for apps, games and entertainment, and another for private stuff: Calendar, contacts, mail, pictures, sms, and calls.

0 0
Monday 5th March 2012 12:44 GMT Anonymous Coward

As mentioned earlier, often the permissions are needed for something you may not consider. A bit like the furor over granting Facebook, Google etc the right to display your photos. How else are they meant to show your friends said photos that YOU are sharing?

Obviously with a dodgy developer there could be a problem.

On the other hand, how many apps that people install really are quite trivial to go and create yourself? A huge percentage, I'd say. In fact, several times when I've thought an app needs ridiculous permissions I've written something myself - and that's coming from no previous developing background. Probably the thing I like most about my androids actually, I'm quite enjoying coding and I'd probably never have tried it.

1 0
Monday 5th March 2012 14:32 GMT Leona A

Google+

Talking of Photo Slurping without consent, anyone using Google+ app on their Android might like to know it automatically uploads photos to a 'private' album on your profile for you, hum, I don't ever remember agreeing to that! Go through the options list and you can turn it off, but you can't remove the photos from Google+ how helpful, sure people will love looking at photos of my lounge and garden!

0 0
1. Monday 5th March 2012 15:44 GMT Anonymous Coward
  
  Re: Google+
  
  Odd that, a quick straw poll shows that everyone I know was asked the first time they signed in with the Google+ app.
  
  1 0
  1. Monday 5th March 2012 19:37 GMT Shades
    
    Re: Google+
    
    Christ, you don't know many people then if EVERYONE you know has the Google+ app! You do realise that the person in the magic window that copies everything you do IS you, don't you? ;)
    
    0 1
    1. Monday 5th March 2012 19:40 GMT Anonymous Coward
      
      Re: Google+
      
      I would have thought it was fairly obvious I meant solely within the group who have the app, since everybody else I know would be pretty bloody irrelevent to the comment, no?
      
      Besides which, what does it matter how many people I know? The fact it's the first option you get when running the app would still be valid if I knew one person or a million.
      
      0 0
      1. Monday 5th March 2012 22:08 GMT Shades
        
        Re: Google+
        
        I would have thought it was fairly obvious I wasn't being serious, what with the inclusion of the winky smiley.
        
        0 0
Monday 5th March 2012 19:01 GMT dssf

Vaults...

http://forums.theregister.co.uk/forum/1/2012/02/29/iphone_photo_slurping_privacy_risk/

I still prefer the idea of at least having the OPTION to use a vault.

As for "apps breaking", the phone being queried, when seeing a URL probing for an image, would just serve up a red circle "X". A challenge-reply would enable the user to decide whether and to whom the photo or file will be "released".

It isn't hard, and yes, there will be users who'll screw up the concept and create a lot of tech support headache. But, that is not a valid excuse for not providing a facility for the demanding savvy to use/exploit to the hilt.

Imagine if military officials felt that way about secrets, "oh, it's cumbersome, so just let EVERYone access whatever files we have, shared or not...".

0 0
1. Monday 5th March 2012 23:21 GMT Charles 9
  
  Re: Vaults...
  
  IIRC, military types end-run around the problem by simply not using it. Military communications tend to use their own proprietary devices.
  
  But back to the civilian world, you have a classic power struggle here. Both users and developers want control over the phone, and Google's caught in the middle. If they favor the users too much, devs won't feel comfortable and will probably defect to Apple, who already has an established base that could convince devs to take the plunge...if Google didn't slant things back in their favor. So basically, if you want their app, you have to play by their rules or they won't provide. It's like an auto garage. If you want them to handle your car, you have to agree to their terms, even though it's your car.
  
  0 0
Monday 5th March 2012 23:07 GMT BrianKeesbury

Breaking news: Phones play subliminal messages.

http://brian-keesbury.blogspot.com/2012/02/music-app-playing-subliminal-messages.html

0 0

This topic is closed for new posts.

Other stories you might like

We call this kernel saunters: How Apple rearranged its XNU core with exclaves

iPhone giant compartmentalizes OS for the sake of security

Research 8 Mar 2025 | 17

How Google tracks Android device users before they've even opened an app

No warning, no opt-out, and critic claims ... no consent

Security 4 Mar 2025 | 91

Court filing: DOGE aide broke Treasury policy by emailing unencrypted database

More light shed on what went down with Marko Elez, thanks to NY AG and co's lawsuit

CSO 17 Mar 2025 | 121

Microsoft wouldn't look at a bug report without a video. Researcher maliciously complied

Maddening techno bass loop, Zoolander reference, and 14 minutes of time wasted

Security 17 Mar 2025 | 141

Google slips built-in terminal, Debian Linux VM into Android 15 March feature drop

Try it out now on Pixel phones for some penguin on penguin fun

OSes 13 Mar 2025 | 31

Microsoft isn't fixing 8-year-old shortcut exploit abused for spying

'Only' a local access bug but important part of N Korea, Russia, and China attack picture

Research 18 Mar 2025 | 41

Microsoft admits GitHub hosted malware that infected almost a million devices

Infosec in Brief Also, phone cleaner apps are a data-sucking scam, Singapore considering the literal rod for scammers, and more

Security 10 Mar 2025 | 6

Expired Juniper routers find new life – as Chinese spy hubs

Fewer than 10 known victims, but Mandiant suspects others compromised, too

Cyber-crime 12 Mar 2025 | 5

How NOT to f-up your security incident response

Feature Experts say that the way you handle things after the criminals break in can make things better or much, much worse

CSO 10 Mar 2025 | 15

The Badbox botnet is back, powered by up to a million backdoored Androids

Best not to buy cheap hardware and use third-party app stores if you want to stay clear of this vast ad fraud effort

Cyber-crime 7 Mar 2025 | 10

CISA pen-tester says 100-strong red team binned after DOGE canceled contract

Updated Election infosec advisory center also shuttered

Public Sector 12 Mar 2025 | 163

Murena kicks Google out of the Pixel Tablet

Privacy-centric Android makes more sense on this form factor than a phone

Personal Tech 26 Feb 2025 | 36

The Register Biting the hand that feeds IT

About Us

Our Websites

Your Privacy

Situation Publishing

Copyright. All rights reserved © 1998–2025