Personally, I like the first one and wouldn’t use an option to automatically give those permissions to all apps.
Being a power user doesn’t make anyone immune from malware, it just needs to pass some sniff tests. It was by luck that that backdoor in the Linux kernel was found and it’s naive to believe every single malware app is going to be obvious with unrealistic promises and/or bad grammar and spelling. Permissions requests are a clue that an app is doing something it shouldn’t be. And Facebook is considered trusted by many despite an insider even confirming the “talk about something near your phone and fb will advertise it to you” being real.
When you download an app, unless you either wrote it yourself (including all libraries) or have checked the source for open source apps (again including libraries), you can only guess at what it is really doing. And just because an app does what it claims to do doesn’t mean it isn’t doing anything else, so the “well, it does work” test isn’t a great security test.
For the app developers being able to block side loading, it says it uses meta data to enforce that. Couldn’t modders just modify that meta data so that it doesn’t realize X’ app is actually a modified X app? It would need to do something more complex than a checksum or hash to detect it’s the same app.
I mean, I love “fuck Google” bandwagons, but either I’m missing something or this one doesn’t seem like that big of a deal.
Sometime in the last couple of years iirc, though I’m having trouble finding it, what with all of the articles about “it might look like this is happening but Facebook insists it’s not”.
Let me know if you do find anything as I’m very keen to hear the inside scoop. It always seemed like nonsense to me as it would be so easy to prove (unexpected mic access, large amounts of data or CPU usage, actual recreation in test conditions) but all the claims (that I’ve seen) are very anecdotal.
Personally, I like the first one and wouldn’t use an option to automatically give those permissions to all apps.
Being a power user doesn’t make anyone immune from malware, it just needs to pass some sniff tests. It was by luck that that backdoor in the Linux kernel was found and it’s naive to believe every single malware app is going to be obvious with unrealistic promises and/or bad grammar and spelling. Permissions requests are a clue that an app is doing something it shouldn’t be. And Facebook is considered trusted by many despite an insider even confirming the “talk about something near your phone and fb will advertise it to you” being real.
When you download an app, unless you either wrote it yourself (including all libraries) or have checked the source for open source apps (again including libraries), you can only guess at what it is really doing. And just because an app does what it claims to do doesn’t mean it isn’t doing anything else, so the “well, it does work” test isn’t a great security test.
For the app developers being able to block side loading, it says it uses meta data to enforce that. Couldn’t modders just modify that meta data so that it doesn’t realize X’ app is actually a modified X app? It would need to do something more complex than a checksum or hash to detect it’s the same app.
I mean, I love “fuck Google” bandwagons, but either I’m missing something or this one doesn’t seem like that big of a deal.
When was this‽
Sometime in the last couple of years iirc, though I’m having trouble finding it, what with all of the articles about “it might look like this is happening but Facebook insists it’s not”.
Let me know if you do find anything as I’m very keen to hear the inside scoop. It always seemed like nonsense to me as it would be so easy to prove (unexpected mic access, large amounts of data or CPU usage, actual recreation in test conditions) but all the claims (that I’ve seen) are very anecdotal.