Google Play store mobile site update are they for real or have i been hacked

Rob Keeble

Member
Messages
12,633
Location
GTA Ontario Canada
Looking to find out if someone else has been asked to update the Google Play store app (essentially the app store for google on Android ) on their phone recently.

Reason i ask is it requires that one hit an accept button with new acceptance features.

Here are a few that have had me refuse.

  1. New Microphone ..."Allows the app to record audio with the microphone. This permission allows the app to record audio at any time without your confirmation". This is directly verbatim from the app explanation.
  2. New Bluetooth Settings...."Allows app to configure local Bluetooth phone and to discover and pair with remote devices. also " Allows the app to view the configuration of the Bluetooth on the phone and make and accept connections with paired devices" verbatim
  3. Your Personal Information " Allows the app to change or add to personal profile information stored on your device such as your name and contact information. This means the app can identify you and may send your profile information to others" "Allows Apps to read personal profile information store on your device such as your name and contact information. This means apps can identify you and may send your profile information to others." all verbatim.
  4. Modify Contacts " Allows the app to modify the data about your contacts stored on your phone, including the frequency with which youve called , emailed or communicated in other ways with specific contacts. This permission allows apps to delete contact data." all verbatim.
  5. Read your contacts " Allows app to read data about your contacts stored on your phone, including the frequency with which youve called email or communicated in other ways with specific individuals. This permission allows apps to save your contact data, and malicious apps may share contact data without your knowledge.
  6. Read your social stream " Allows the apps to access and sync social updates from you and your friends. Be careful when sharing information this allows the app to read communications between you and your friends on social networks regardless of confidentiality. Note this permission may not be enforced on all social networks"
  7. Write to your social stream " Allows the app to display social updates from your friends. Be careful when sharing information. This app allows the app to produce messages that may appear to come from a friend. Note: this permission may not be enforced on all social networks".

Under the heading "Full network access".
"The list goes on to network communication and NFC (near field connection ) allowing the app to create network sockets and use custom network protocolas. The browser provide meanst to send data to the internet so this permission is not required to send data to the internet"

There is even permission to allow access to storage and modify usb storage.


Now my point here is normally this kind of permission stuff is on a per app basis so one can accept or reject the app and evaluate if the risk is worth the value.

But in the case of Google Play services, this is the actual App that you need to obtain apps and update existing apps. So if you do not agree to this update you cannot obtain more apps.

I thought aspects like monitoring communication of a person were a crime in the USA and elsewhere, is it just that this technology has not been covered in modern day law.

I mean this is more than equivalent to going out to someones home and tapping their phone its also creating essentially the ability to read their post and hear what is going on in their home.

How the heck are they getting away with this?

So i guess my phone is becoming useless. So much for what i thought was going to be a great platform of technology.

I accept that a certain amount of privacy is gone forever but to have absolutely no control is just not on in my books.
 
I keep different accounts and profiles for every device. Giant pain in the neck but...

I use the Pandora app to steam music in the shop. The crazy list of what it needed to do is what originally flipped me to an account per device. It would really be nice if you could grant individual permissions per app (and/or prompt on usage) but id also bet most people would just click all as convenience so often wins. Sigh.
 
These things happen when you try to make a 'game-boy' with a phone bolted to the side act like a computer ;-) Anything that wanted to turn on audio or video without an acceptance action from me would be verboten on any of my devices. But, I don't use any of the tracking or location 'conveniences' without expressly enabling them for the task I am doing 'right now' and then disabling them immediately after, either. This doesn't guarantee better privacy but, it does make me feel more like a human being and less like a tracked animal in a migratory study :)
 
These things happen when you try to make a 'game-boy' with a phone bolted to the side act like a computer ;-) Anything that wanted to turn on audio or video without an acceptance action from me would be verboten on any of my devices. But, I don't use any of the tracking or location 'conveniences' without expressly enabling them for the task I am doing 'right now' and then disabling them immediately after, either. This doesn't guarantee better privacy but, it does make me feel more like a human being and less like a tracked animal in a migratory study :)

Pretty much same here.

Rob, are you sure this agreement is talking about what the Google Play Store app itself can do? It seems to me they're talking more about what the apps you acquire via the Play Store can potentially do. It looks like more of a "cover their backsides" move to protect against the liability of providing a platform or portal from which to gain access to unregulated apps. (Otherwise, why would they have had a reference to "malicious apps"?)
 
These things happen when you try to make a 'game-boy' with a phone bolted to the side act like a computer ;-) Anything that wanted to turn on audio or video without an acceptance action from me would be verboten on any of my devices. But, I don't use any of the tracking or location 'conveniences' without expressly enabling them for the task I am doing 'right now' and then disabling them immediately after, either. This doesn't guarantee better privacy but, it does make me feel more like a human being and less like a tracked animal in a migratory study :)

It's crazy the stuff "they" want to turn on/off etc. when you want to download an app. I've not downloaded several things because I don't want them in my business. I'm like you Glenn if I use the tracking stuff I turn it on and then off afterwards.
 
I don't have many apps. Everyone that asks for permission to do just about anything other than just exactly what I want it to do is rejected. So that leaves me with not having many apps.:thumb::rofl::rofl::rofl:
 
I don't recall my app store updating since I've gotten the phone, wonder if it's pushed out with an OS update? What version of the store is it trying to install?
 
Well like others i disable most and after this have not only unloaded my few apps i had but on my phone i can physically disable the installed OS apps. Sorry Darren i cannot answer that question anymore because since writing I basically took everything back to original state and disabled it.

So now the phone that could be a great portable device is back to being just a phone with a browser when i enable it.

Having to enable and disable as you use is not convenient so it just simply wont get used by me. Fun is gone from Smart Phones after this. Personally i still dont see how these things are getting past the law.

Vaughn you make a good point that this may be Google covering their backside but the wording also has it such that it is Google themselves saying they may practice this kind of behavior.

If we draw a parallel to some of this to the old landline logic then it would be equivalent of having the carrier company enabling someone to go into their local switch and tap the phone. In the desire to have the apps have the ability to use the hardware available i think Google are allowing and enabling the problem. They are receiving a cut of revenue from the illicit sale of bad apps therefore in my view they are complicit in the action of whatever the app does. One would expect a company of their stature to have a more custodian role.

Imagine now if all the institutions we have suddenly take this approach. Heck why can our banks not put out our bank balances on the wire and let all see who they would like to rob.

When an app producer begins to participate in fraud by creating communication to one based on who they may think based on horded data they have accumulated may be connected to you and therefor artificially prompts you to make contact as if said contact was originating from the person then that is pure and simple fraud.

Somewhere there has to be a line here. There are points of principle and law here that go beyond the simple data collection aspect some of it is totally criminal. You guys forgetting the whole Watergate scandal. Whats to say that an app is not used by some company to do precisely the same thing for some or other organization based on payment. Forget the gov and there spying that is in my view a whole different aspect we hope there is at least some oversight there. But when commercial companies start behaving that way we need to be more than concerned.

I dont think the vast majority of people realize the extent and implications of what these permissions are capable of doing. You may not be aware but the whole BYOD (bring your own device ( to work for use at work) ) movement is growing at an amazing pace. This can lead to some serious issues when it comes to company security.

Thanks for the input guys. Sorry to bring up a negative issue like this but i wanted to make sure others know of what is going on behind the accept button and see if perhaps somehow i was being hacked. Turns out not, this is just the new Google play store terms.

Kind of makes a mockery of having antivirus on your computer if they gonna let the bad guys in through the back door via a Trojan horse. Many of us will be used to hooking up our phones to our computers via some means and USB card use is included in the acceptance criteria for apps to access.
 
...I dont think the vast majority of people realize the extent and implications of what these permissions are capable of doing. You may not be aware but the whole BYOD (bring your own device ( to work for use at work) ) movement is growing at an amazing pace. This can lead to some serious issues when it comes to company security...

That's what all the developers and I do in our office. I have my computer, and my government computer. I do all my work on my computer, and use the government computer only when I need to access the government network for file uploads or email. (I handle a lot of my government email from my computer via a web interface, too.)
 
Top