Messenger App

[chrisburton]

Are anyone else’s friends on Facebook freaking out about the logical app permissions? I’ve seen the craziest articles misinforming the public, even local news channels with their “tech experts” jumping in on this while having not a clue of what they’re talking about. Not to say that FB is an innocent company but…wtf?

[nixnerd]

I’m pretty concerned with privacy. Therefore, I don’t even have a Facebook account. Do they go too far? Probably. But if people don’t like it… they’re totally free to stop using Facebook. That’s kind of my take on it.

People tend to FLIP OUT over private corporations invading privacy. To me… it’s WAY more scary when governments do it. That’s just my opinion though.

[chrisburton]

I just have to shake my head at this “tech expert”. I don’t think people understand how app permissions work.

https://www.youtube.com/watch?v=CT7FbktcyqU

[__]

I’m not on FB anymore. It’s mainly for similar reasons. As for that “tech expert”… yeah, whatever. But he’s not wrong about what you are consenting to when you click “install.”

it’s WAY more scary when governments do it.

The easiest way for governments to do it is to slip a few bucks to the corporations.

[chrisburton]

But he’s not wrong about what you are consenting to when you click “install.”

You mean giving up your privacy? I think we can safely say that majority of social networks are using our data to cash-in. But to go as far as to imply that Facebook can/may spy on you through the front or back of your video camera — absurd.

[__]

But to go as far as to imply that Facebook can/may spy on your through the front or back of your video camera — absurd.

Whether they intend to, or if they ever will, is debatable: but it’s besides the point. Those permissions are more than Terms of Service. It’s literally your phone assigning those privileges to the app. If they decide to, then yes, they can.

[chrisburton]

But do I give Facebook universal permission to access my camera or do I give Facebook permission to use my camera when the app is in-use or when I touch an icon. That’s important.

[__]

Effectively, it is universal permission.

I’m sure they want the permission because the app does photo/voice messaging. But as long as the app is running, it does have access to the camera/mic. Because android/iOS almost never actually close apps you open (they just push the process to the background), once you open the app it will probably remain running for as long as you keep the phone turned on.

What it comes down to is whether or not you trust facebook. Before you answer, recall that facebook is an advertising company, and nothing else.

In any case, I don’t care whether anyone trusts FB or not. In all likelihood, nothing bad will come of this specific issue. But it is a symptom of a bigger problem: no one understands, or even cares, about things like this. It’s a big deal to tie your entire personal life to a computer, and then allow outside parties sweeping access to that same computer.

[chrisburton]

I know that most of the sites we use have rapidly changed their ToS over the years to be able to use our data and we are essentially agreeing to it whether we realize it or not (Terms and Conditions May Apply). However, I’ve found it a little difficult to find information on when apps are able and not able to access certain parts of the phone when permissions are granted.

It just seems out of the ordinary for thousands of programmers/engineers to know about this universal access and not patch it or speak out about it (whether Android or Apple). Think of the liability that each company has if something goes wrong. Things like this can destroy a company’s reputation or business as a whole.

[__]

I’ve found it a little difficult to find information on when apps are able and not able to access certain parts of the phone when permissions are granted.

The basic answer is “always.” Consumer devices simply don’t have the capability (and consumers don’t have the attention span) to keep your best interests straight from everyone else’s. Linux could do it, of course, but at the end of the day it’s up to the user and the user will always choose convenience over security.

[chrisburton]

Is it really that difficult? I see it sort of like when you close a browser and your sessions are cleared. Same logic when you close the camera feature of the Facebook app, disallow the app to have access.

[nixnerd]

I guess the thing I’d like to say is: NONE of this is new. Why is it being covered now? Probably to detract attention from the NSA’s EXTREMELY pervasive surveillance efforts… which are still going strong. Or to detract from brewing conflict in the Middle East and Eastern Europe. I don’t mean to sound like a conspiracy theorist but I’m searching for why this is even news. It should be news that people are surprised.

Since their inception, Android and iOS have had EXTREMELY invasive terms of service and/or data caching. Whether they know it or not, people have already made every piece of their hardware and personal data available to a corporation. Maybe not Facebook, but CERTAINLY Google and Apple. I read that Apple stores all conversations with Siri for 5+ years. Google has ALWAYS retained the right to access people’s microphone and camera whenever they see fit. Again, not new and I’ve got some really crazy anecdotal evidence that to me at least, totally proves that Google DOES access my microphone and camera on a fairly regular basis.

I guess this is just old news to me… no idea why people care so much. It’s been going on for 5+ years.

The easiest way for governments to do it is to slip a few bucks to the corporations.

This is true and certainly is one of their strategies. Sometimes they don’t even pay… they just flat out coerce corporations. Lavabit was just straight up SHUT DOWN. They didn’t make it easy enough for the feds to read people’s email… so they’re gone now. And… that’s the end of that.

It just seems out of the ordinary for thousands of programmers/engineers to know about this universal access and not patch it (whether Android or Apple does this).

Dude, I posted this a few months ago… but apparently a PACEMAKER company had blatant security exploits and refused to patch them. Read about it here. We are entering into the “Internet of Things” as business types call it and that puts us in an awkward position. We’re now at a point where it’s possible for someone in some remote location to kill another person over the internet via pacemaker exploits. Or for a car thief to lock you out of your own car. Don’t confuse what I’m saying. I’m not afraid of the “big bad hackers” that the media uses to fear monger. I’m simply saying that these exploits and the power they come with are up for grabs and the American Public is largely apathetic and ALWAYS late to the table.

And on another note, people are losing their shit over this celebrity nude photo leak… when it shouldn’t surprise anyone. The cloud is not and never will be totally secure. Apple iCloud as a platform for storing nude celebrity photos sounds like the worst idea in history. Furthermore, the goverment has been stealing our data for YEARS and almost no one cares. Unbelievable. But mess with JLaw? Oh, no that’s not OK!

Ok, speaking of that and on a lighter note… here is another “tech expert”:

https://www.youtube.com/watch?v=qz5i171h_no

Who is this 4chan person?

Ha ha ha.

[nixnerd]

Is it really that difficult? I see it sort of like when you close a browser and your sessions are cleared. Same logic when you close the camera feature of the Facebook app, disallow the app to have access.

But native apps have MUCH more low level control over the actual device and all of its hardware. And believe me, Facebook will do everything in its power to make it as hard as possible, maybe even IMPOSSIBLE to disable. That’s just how the world works now though.

[nixnerd]

And what are the implications here?

Well, a while back, researchers were able to crack 4096 bit encryption by listening to the sounds of the CPU with a microphone. So… if unscrupulous parties have access to our device hardware, including microphones, and it’s possible for THE BEST RSA keys to be cracked via audio… I don’t know where that leaves us.

[nixnerd]

Right about back to where we began: as secure as we were with our money under our mattresses.

This is probably the most true and poignant statement I’ve read in a year. You are ABSOLUTELY spot on @nkrisc. And it’s terrifying.

[Author]

Posts