Whenever I install an android app, google play store shows me the permissions that are granted to an app. These permissions are supposed to tell the user exactly WHAT data can be accessed by an app. If it doesn't show "App can access the internet" you could feel safe because the app would not be able to send any data to the developer. But now it turns out that Google HIDES some crucial permissions: "The app WILL read your full name, location, email address and perhaps payment data and WILL send it to the developer." The fact that the data isn't actually read by the app but transmitted directly by google should be irelevant. The result is similar. The current state is highly misleading, perhaps on purpose.
Whenever I install an android app, google play store shows me the permissions that are granted to an app. These permissions are supposed to tell the user exactly WHAT data can be accessed by an app. If it doesn't show "App can access the internet" you could feel safe because the app would not be able to send any data to the developer. But now it turns out that Google HIDES some crucial permissions: "The app WILL read your full name, location, email address and perhaps payment data and WILL send it to the developer."
Not at all what happens. The issue is with Google Wallet and nothing at all to do with apps or their permissions. Developers have written that no payment/credit card details are reported to them. That stays in Google's hands as the payment processor.
Whenever I install an android app, google play store shows me the permissions that are granted to an app. These permissions are supposed to tell the user exactly WHAT data can be accessed by an app. If it doesn't show "App can access the internet" you could feel safe because the app would not be able to send any data to the developer. But now it turns out that Google HIDES some crucial permissions: "The app WILL read your full name, location, email address and perhaps payment data and WILL send it to the developer." The fact that the data isn't actually read by the app but transmitted directly by google should be irelevant. The result is similar. The current state is highly misleading, perhaps on purpose.
Definitely on purpose since Google says it's not a flaw.
However, you need to be prepared for our Chief Google Shill to tell you that you're being unreasonable.
It looks to me that Google may have contacted her to point out an inaccuracy,
Really? Maybe your problem is simple reading comprehension.
"this story was amended at the request of Google. News.com.au took out the words 'massive' and 'huge' - referencing the size of the security 'flaw'. The word 'flaw' was also put into inverted commas."
What "inaccuracy" are you referring to? Google objected to a couple of adjectives and the word used to describe the problem - not inaccuracies in the story. The fact that they merely asked for the story to be toned down suggests pretty strongly that there's nothing wrong with the facts presented in the story.
Why is it OK that if some Apple problem affects 3 people on the planet (or none at all, for that matter), it's OK to present it as a massive security flaw, but if Google has a system that releases private information that affects every single user who ever buys an app, it's OK and you can't use the words 'massive' or 'huge'?
So how much does being Chief Google Shill pay, anyway?
I guess Google did not imagine how much worse they would look when the reporter made the changes and added their request to the story...
Maybe, but I suspect it's more along the lines of Google not caring. They are determined to act the way that they do and don't regard anyone as having the right to interfere with their plans and activities. At least in the EU, that's likely to lead to some problems.
Not at all what happens. The issue is with Google Wallet and nothing at all to do with apps or their permissions.
So you're admitting that the App ToS that you keep citing is irrelevant.
In any event, you haven't answered the question. Who cares if it's the app or Google Wallet which discloses your private information? They're both controlled by Google and Google is asking authors to change their story in order to try to minimize the impact.
Not at all what happens. The issue is with Google Wallet and nothing at all to do with apps or their permissions. Developers have written that no payment/credit card details are reported to them. That stays in Google's hands as the payment processor.
Are your serious? Google Wallet is the major payment system of google play store. It is integrated into that store. Google makes a statement about security and privacy by showing the app permissions to the user. The users TRUST Google when they accept the permissions shown to them. They WILL conclude that the app / and the developer can only access the data shown to them. And the permission cover every little detail, so you really feel safe when you accept them.
And now you and perhaps Google are saying "Look, the permissions are stored in an xml file that comes with the App-Package. That's why we don't need to inform you that your personal data can be sent accross the world. Please get a degree in Law and computer science before complaining, thanks!"
You are distorting my comment and using an ill-fitting counter-argument. But that's ok because I understand it is the normal practice here to deny existence of clouds while refusing to look at the sky.
To be precise, I didn't say Google had a rigorous approval process. I was commenting on "What's really scary is that Google has ZERO approval process when it comes to developers and their apps", which is patently untrue.
No company is perfect. In this area, Google could arguably do better. But that does not excuse anyone from making statements without knowing the facts, or outright lying.
No, you're arguing "to the letter of the law". I doubt the original poster is claiming Google has zero checks in place, but commenting on the very real fact it's easy to get an App into Google Play. No different than someone saying "Android is useless." Of course it's not useless, but trying to argue the point is a waste of time.
The fact you are so hung up on a person making such a statement shows your nature. Tell me, if your neighbour has a tree that extends 0.5" into your property are you going to demand something be done? Are you that anal?
So you're admitting that the App ToS that you keep citing is irrelevant.
In any event, you haven't answered the question. Who cares if it's the app or Google Wallet which discloses your private information? They're both controlled by Google and Google is asking authors to change their story in order to try to minimize the impact.
You kept saying the sharing wasn't disclosed in any TOS. You also said that that authors were being pressured to change their stories, with Google even suppressing some stories altogether. None of your claims appears to be accurate. Are you moving on to a yet another argument now, saying that the writers were being asked to correct something? That we can actually agree on so no argument there.
It's plainly stated this particular writer says she was asked to make changes. You act as tho no one does that. Even Apple has been know to contact writers to correct what they think is an inaccurate portrayal of a story. You'll have to be clearer if you think this somehow makes a company evil.
Would it have sounded better if writer had said "Google reached out to me. . ."?
No, you're arguing "to the letter of the law". I doubt the original poster is claiming Google has zero checks in place, but commenting on the very real fact it's easy to get an App into Google Play. No different than someone saying "Android is useless." Of course it's not useless, but trying to argue the point is a waste of time.
The fact you are so hung up on a person making such a statement shows your nature. Tell me, if your neighbour has a tree that extends 0.5" into your property are you going to demand something be done? Are you that anal?
Oh no, I've revealed my "nature". Do you ... like it? Can I ... see yours? You are such a master at hiding it. What a tease!
Are you ... extending 0.5" into ... my property? How fresh!
I would have one reaction to Google Play Store Security Flaw.
Did you also notice, that on Android (4+) you cannot use maps with GPS enabled AND use i.e. Facebook without GPS? And BTW facebook app is usually already installed on the device when you buy it.
The reason is that when you download app from Google Play Store, you have to agree that the app has certain permissions, otherwise you cannot download it. In case of Facebook App and many many others, this is access to your location services (ie. GPS).
Now, you can turn off your GPS on the phone or tablet, but after that you cannot use i.e. maps app, which is kind of handy / essential when it comes to your smartphone.
When you turn the GPS on, so that you can use mapping apps, you are also enabling GPS to all other applications that have access to location services (i.e. Facebook, even running in background).
Facebook app can be running in background and still access your position, so you would have to kill the app running in background in order to deny access to GPS while you use Maps app. There is no way how to say: Maps, use GPS, Facebook don't use it.
In iOS you can choose what app has access to your location, in Android 4+ you can't.
Comments
Quote:
Originally Posted by stelligent
Quote:
Originally Posted by Steven N.
Then why are there over 1000 hello world apps in the Google Play Store? About 4000 if you go to other languages.
Are you saying Google audited these apps?
...... deny existence of clouds while refusing to look at the sky.
My, my. Such poeticism!
Quote:
Originally Posted by stelligent
What does a statement like this accomplish except to concede that he has you flummoxed?
Quote:
Originally Posted by nedroi
Whenever I install an android app, google play store shows me the permissions that are granted to an app. These permissions are supposed to tell the user exactly WHAT data can be accessed by an app. If it doesn't show "App can access the internet" you could feel safe because the app would not be able to send any data to the developer. But now it turns out that Google HIDES some crucial permissions: "The app WILL read your full name, location, email address and perhaps payment data and WILL send it to the developer."
Not at all what happens. The issue is with Google Wallet and nothing at all to do with apps or their permissions. Developers have written that no payment/credit card details are reported to them. That stays in Google's hands as the payment processor.
Definitely on purpose since Google says it's not a flaw.
However, you need to be prepared for our Chief Google Shill to tell you that you're being unreasonable.
Really? Maybe your problem is simple reading comprehension.
"this story was amended at the request of Google. News.com.au took out the words 'massive' and 'huge' - referencing the size of the security 'flaw'. The word 'flaw' was also put into inverted commas."
What "inaccuracy" are you referring to? Google objected to a couple of adjectives and the word used to describe the problem - not inaccuracies in the story. The fact that they merely asked for the story to be toned down suggests pretty strongly that there's nothing wrong with the facts presented in the story.
Why is it OK that if some Apple problem affects 3 people on the planet (or none at all, for that matter), it's OK to present it as a massive security flaw, but if Google has a system that releases private information that affects every single user who ever buys an app, it's OK and you can't use the words 'massive' or 'huge'?
So how much does being Chief Google Shill pay, anyway?
Maybe, but I suspect it's more along the lines of Google not caring. They are determined to act the way that they do and don't regard anyone as having the right to interfere with their plans and activities. At least in the EU, that's likely to lead to some problems.
So you're admitting that the App ToS that you keep citing is irrelevant.
In any event, you haven't answered the question. Who cares if it's the app or Google Wallet which discloses your private information? They're both controlled by Google and Google is asking authors to change their story in order to try to minimize the impact.
Quote:
Originally Posted by jragosta
So how much does being Chief Google Shill pay, anyway?
I forgot today was "Claim Someone is a Shill Day" and not "As Usual Day". Sorry. It's hard to keep up with your schedules sometimes.
Quote:
Originally Posted by Gatorguy
Not at all what happens. The issue is with Google Wallet and nothing at all to do with apps or their permissions. Developers have written that no payment/credit card details are reported to them. That stays in Google's hands as the payment processor.
Are your serious? Google Wallet is the major payment system of google play store. It is integrated into that store. Google makes a statement about security and privacy by showing the app permissions to the user. The users TRUST Google when they accept the permissions shown to them. They WILL conclude that the app / and the developer can only access the data shown to them. And the permission cover every little detail, so you really feel safe when you accept them.
And now you and perhaps Google are saying "Look, the permissions are stored in an xml file that comes with the App-Package. That's why we don't need to inform you that your personal data can be sent accross the world. Please get a degree in Law and computer science before complaining, thanks!"
You're driving on the expressway. A rock flies off the truck that's 400 feet in front of you and cracks your windshield.
When you get within 100 feet of the truck, there is a sticker on the truck that reads: Stay BACK 500 feet.
You think "Oops, my bad and call your insurance agent on your Android phone."
Quote:
Originally Posted by Gatorguy
If I had a dollar for every time that you used that emoticon, I'd be rich.....
Can I suggest that as your tagline? (Your 'supply of truth' wore thin a while ago.)
The fact you are so hung up on a person making such a statement shows your nature. Tell me, if your neighbour has a tree that extends 0.5" into your property are you going to demand something be done? Are you that anal?
Quote:
Originally Posted by jragosta
So you're admitting that the App ToS that you keep citing is irrelevant.
In any event, you haven't answered the question. Who cares if it's the app or Google Wallet which discloses your private information? They're both controlled by Google and Google is asking authors to change their story in order to try to minimize the impact.
You kept saying the sharing wasn't disclosed in any TOS. You also said that that authors were being pressured to change their stories, with Google even suppressing some stories altogether. None of your claims appears to be accurate. Are you moving on to a yet another argument now, saying that the writers were being asked to correct something? That we can actually agree on so no argument there.
It's plainly stated this particular writer says she was asked to make changes. You act as tho no one does that. Even Apple has been know to contact writers to correct what they think is an inaccurate portrayal of a story. You'll have to be clearer if you think this somehow makes a company evil.
Would it have sounded better if writer had said "Google reached out to me. . ."?
Originally Posted by Gatorguy
You kept saying ......
Originally Posted by Gatorguy
I may regret posting this thread ....
Originally Posted by Gatorguy
Yes there is. Read the Google Wallet Terms of Service .....
Originally Posted by Gatorguy
I cant find any specific reference .....
Originally Posted by Gatorguy
Users of the service did agree .....
Originally Posted by Gatorguy
Ah, just like the State Farm...
Originally Posted by Gatorguy
It looks to me that Google .....
Originally Posted by Gatorguy
I thought you were putting me on ignore ...
Originally Posted by Gatorguy
My apology then. ...
Originally Posted by Gatorguy
Originally Posted by Gatorguy
Not at all what happens. ....
Originally Posted by Gatorguy
I forgot today was ....
zzzzzz.......
Quote:
Originally Posted by anantksundaram
zzzzzz.......
Yet you follow me so closely. Your cognitive dissonance mention was timely then.
Quote:
Originally Posted by EricTheHalfBee
No, you're arguing "to the letter of the law". I doubt the original poster is claiming Google has zero checks in place, but commenting on the very real fact it's easy to get an App into Google Play. No different than someone saying "Android is useless." Of course it's not useless, but trying to argue the point is a waste of time.
The fact you are so hung up on a person making such a statement shows your nature. Tell me, if your neighbour has a tree that extends 0.5" into your property are you going to demand something be done? Are you that anal?
Oh no, I've revealed my "nature". Do you ... like it? Can I ... see yours? You are such a master at hiding it. What a tease!
Are you ... extending 0.5" into ... my property? How fresh!
Did you also notice, that on Android (4+) you cannot use maps with GPS enabled AND use i.e. Facebook without GPS? And BTW facebook app is usually already installed on the device when you buy it.
The reason is that when you download app from Google Play Store, you have to agree that the app has certain permissions, otherwise you cannot download it.
In case of Facebook App and many many others, this is access to your location services (ie. GPS).
Now, you can turn off your GPS on the phone or tablet, but after that you cannot use i.e. maps app, which is kind of handy / essential when it comes to your smartphone.
When you turn the GPS on, so that you can use mapping apps, you are also enabling GPS to all other applications that have access to location services (i.e. Facebook, even running in background).
Facebook app can be running in background and still access your position, so you would have to kill the app running in background in order to deny access to GPS while you use Maps app.
There is no way how to say: Maps, use GPS, Facebook don't use it.
In iOS you can choose what app has access to your location, in Android 4+ you can't.