Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Why Does Facebook Need To Read My Text Messages?

timothy posted about 9 months ago | from the is-facebook-played-by-scarlett-johansson? dept.

Facebook 293

DavidGilbert99 writes "Facebook updates its Android app quite a lot, but the latest version asks for some rather odd permissions. Rolling out in the UK this week, some users have noticed that it now wants permission to read your text messages. While most suspected Facebook wanted to access the data to try and serve you more targeted ads, Facebook says it is only so it can facilitate two-factor authentication...apparently."

Sorry! There are no comments related to the filter you selected.

Think of the children (-1)

Anonymous Coward | about 9 months ago | (#46092221)

Raise your hand if you have absolute control over what your kids are doing on their cellphones after you told them to go to bed.

I'm sure pedos will think twice before molesting my kids once this tech becomes commonplace.

Re:Think of the children (2)

i kan reed (749298) | about 9 months ago | (#46092267)

This is the dumbest line of reasoning for new corporate abuses. "Think about what those 0.1% of private citizens might do if they had similar access!"

Rather than, "Your ours now, since you've ever used our service." I'm not entirely sure the facebook bloatware that comes on cell phones won't provide this data back for even non-users like me. You just can't prove it, since the walled-garden prevents you from installing your own security measures.

The big corporations feel entitled to our private lives, and we can't stop them.

Re:Think of the children (-1)

Anonymous Coward | about 9 months ago | (#46092331)

Whooooooosh!!!

Re:Think of the children (5, Funny)

mandark1967 (630856) | about 9 months ago | (#46092457)

That's the sound goatse makes when he farts

Re:Think of the children (5, Informative)

Opportunist (166417) | about 9 months ago | (#46092461)

We can't?

Facebook didn't get any kind of information from me. Take a wild guess how I accomplished this feat.

Hint: They can't exist without us. We can exist just fine without them.

Re:Think of the children (3, Interesting)

i kan reed (749298) | about 9 months ago | (#46092547)

And if bloatware on your phone is eating your private messages and sending them off to a company you never signed up for an account with, would you know?

Re:Think of the children (1)

ackthpt (218170) | about 9 months ago | (#46092565)

We can't?

Facebook didn't get any kind of information from me. Take a wild guess how I accomplished this feat.

Hint: They can't exist without us. We can exist just fine without them.

You disable all sorts of stuff and you also don't install their app?

I've only installed 2 apps since I purchased my Samsung Galaxy S4, 8 months ago. I disable all manner of things, and as if that's not mean enough by me, I turn the power off for extended periods of time to save my battery (which admittedly is a very good battery, but I don't feel like charging it all the time when I'm not using it.) So I'm pretty useless to anyone trying to spy on me. (Not that spying on me is going to tell anyone much "he spends an awful lot of time walking around in little circles, what could be the reason?" hint: may involve tupperware and million dollar satellites.

Facebook gets *some* info from me... (1)

Dr. Manhattan (29720) | about 9 months ago | (#46092801)

But it's limited, because I uninstalled their app from my phone the moment they wanted a list of the running apps on my device [slashdot.org] . I still interact with FB, but using a separate browser app that only talks to FB. With location turned off.

Yes they do (1)

jtara (133429) | about 9 months ago | (#46093051)

Duh, wait for it, wait for it... ... you were going to say "I'm not on Facebook".

But what you really mean is, you don't have a Facebook account.

But you ARE on Facebook!

Re:Think of the children (1)

ackthpt (218170) | about 9 months ago | (#46092539)

What is this "Walled Garden" on Android of which you speak?

Re: Think of the children (1)

iamhassi (659463) | about 9 months ago | (#46092567)

You can if you support a smartphone OS that does not casually give all your information to every app that requests it

Re:Think of the children (1)

the_B0fh (208483) | about 9 months ago | (#46092925)

Are you fucking serious? So give up your privacy, and let corporations monitor your actions because it will make pedophiles think twice before molesting your kids?!

Just what kind of fucked up life do you have?!

Obvious answer (5, Insightful)

Anonymous Coward | about 9 months ago | (#46092235)

Why Does Facebook Need To Read My Text Messages?

Because shut up, that's why. If you ever want to hear from your "friends" again, you'll do exactly what we say without question. I'm certain you know that either you or your friends are too stupid or lazy to start and follow privately-hosted blogs, so sit down, shut up, and continue giving us data to mine. Idiot.

Re:Obvious answer (5, Informative)

Anonymous Coward | about 9 months ago | (#46092359)

I believe Zuckerberg refers to users as 'dumb fucks' [businessinsider.com]

Re:Obvious answer (-1)

Anonymous Coward | about 9 months ago | (#46092889)

I believe Zuckerberg refers to users as 'dumb fucks' [businessinsider.com]

To be fare Zuckerberg would have been talking about Facebook users.

Most users are idiots, Facebook users doubly so.

Why use their app? (0)

Anonymous Coward | about 9 months ago | (#46092239)

I don't know why anyone is using the official app instead of Tinfoil. It's open source and non-evil.
I have Tinfoil installed, and I don't even have a Gmail account.

Re:Why use their app? (4, Funny)

lagomorpha2 (1376475) | about 9 months ago | (#46092291)

I have tintoil installed and I don't even own any electronics.

Re:Why use their app? (2)

borcharc (56372) | about 9 months ago | (#46092535)

I am more interested in why Google Play Services transmits my fine location, wifi-scan, cell scan, and GPS data 24/7.... Although FB has perms for lots of stuff, the logs on my phone report that is SMS has never been accessed. If you are rooted install AppOpsXposed and see for yourself.

Re: Why use their app? (1)

iamhassi (659463) | about 9 months ago | (#46092583)

Because Google

Re:Why use their app? (3, Interesting)

jkflying (2190798) | about 9 months ago | (#46092679)

So that Google can provide geolocation for devices without GPS by fingerprinting the signal strength patterns and access point names you see. They also use it for road traffic reports - where do you think Google Maps gets its traffic data from?

android is so broken... (-1, Flamebait)

Anonymous Coward | about 9 months ago | (#46092241)

android is so broken... it is beyond belief. I made the mistake of buying a phone and tablet to substitute my aging iphone3g and ipad. As soon as the new devices get amortized down, I am back to a more decent OS that does not grant every app everything they want.

pebkac (0)

Anonymous Coward | about 9 months ago | (#46092473)

Don't install apps that require permissions you don't want to give.

Re:android is so broken... (0)

Anonymous Coward | about 9 months ago | (#46092735)

Stop installing fleshlight apps that want all and sundry for permissions.

Actually one of my beefs (5, Interesting)

tthomas48 (180798) | about 9 months ago | (#46092243)

Android needs to add two levels of permissions for much of this stuff. You basically have to ask for everything or nothing. I wanted to check network state in my current app, which requires asking for permission to change the user's networks. I don't want to change their networks. I just want to see if the network is up.

Re:Actually one of my beefs (3, Interesting)

AmiMoJo (196126) | about 9 months ago | (#46092383)

The problem is that such granular permissions are too complex for most users to understand. It's not such a good security model. Think about how endless permission messages on Vista lead to people blindly clicking "OK" all the time. Think about how parents were quickly trained by their kids to enter their PIN every time the iPad required it to play some game.

Permissions are a very hard problem to solve, but I think the Android way of presenting them all up front at a high level does at least make it easy and most importantly very low time/irritation cost for the user to check them. Most people seem to be cottoning on to the fact that flashlight apps don't need network or phone access. Maybe power users could have a box to tick for extended granular permissions, but of course such users can get them via an app because they already have root.

Re:Actually one of my beefs (2, Insightful)

BitZtream (692029) | about 9 months ago | (#46092417)

iOS does fine. Its not hard. Android's permission system is simply not intended to protect users, its intended to ensure users will accept any permissions so that Google can get access to all data for mining.

As I said, iOS pretty much solved this a few years ago, Android has been nothing but excuses ever since.

This is not a flaw in Android, it is an intentional design decision made by Google in order to accomplish THEIR goals, you are not the customer, you are the product.

Re:Actually one of my beefs (3, Informative)

tthomas48 (180798) | about 9 months ago | (#46092717)

iOS has solved the problem of security in text messaging apps? In apps that allow innovative network access methods?

Oh right. They haven't solved it, they just don't allow those apps.

Re:Actually one of my beefs (-1, Troll)

thetoadwarrior (1268702) | about 9 months ago | (#46092557)

Let me get this, the "geek" OS Android doesn't offer fine granularity over controls because it's confusing. However the "idiots" OS iOS handles it just fine and no one has a problem with it. Either android users aren't the tech wizzes they think they are or Google simply doesn't want that. I know which one I'd bet on it being.

Re:Actually one of my beefs (0)

Anonymous Coward | about 9 months ago | (#46092683)

I've never seen Android as a geek OS. I don't think anyone I know does.
The geek mobile OSes are the ones the normals haven't even heard of.

Re:Actually one of my beefs (4, Informative)

tthomas48 (180798) | about 9 months ago | (#46092701)

Well Android does offer more way more granularity than iOS. I think iOS is nicer in the way it will prompt for a couple of the permissions. That said, iOS can't do many of the things android can, so it's not really an apples to apples comparison.

Facebook can't read your texts on iOS because it's not possible. My app doesn't require a permission to access network state on iOS because my app can't change it anyway.

It's easy to do security by simply stopping developers from being able to do things. Of course you just have to trust that Apple is doing all your security properly since there's no way to validate that fact.

Re: Actually one of my beefs (1)

Martin Blank (154261) | about 9 months ago | (#46092729)

Android is by far the smartphone OS with the widest distribution. While it was at one time pointed more at geeks, Google has to take into account a much wider range of users including people who get stuck a phone only because the price is the same as feature phones (free on contract), especially when they're added to a family plan.

Re:Actually one of my beefs (1)

TangoMargarine (1617195) | about 9 months ago | (#46092739)

Think about how endless permission messages on Vista lead to people blindly clicking "OK" all the time. Think about how parents were quickly trained by their kids to enter their PIN every time the iPad required it to play some game.

I'd say that's more of a user problem than an interface problem, really. If it throws up a popup in front of the user saying, "This site is attempting to steal your credit card info" and the popup is green with a giant smiley face, *that* would be an interface problem. Ignorant users is not a design problem. Making it hard for users to figure stuff out would be.

Security is not an Easy Button, for a number of reasons. Allowing all permissions in one chunk is the equivalent of signing your soul over in every EULA you ever encounter in a product in order to use it, but there's no reason it has to be. There could at least be a settings page that lets you granularize things (as you say).

Re:Actually one of my beefs (2)

mlts (1038732) | about 9 months ago | (#46092829)

What I'd like to see is something similar to the old LBE Privacy Guard (which doesn't have a version in English for recent Android releases.) That way, even though an app might ask for everything under the sun, one can turn on functionality that prompts if an app can do something, similar to how iOS and BlackberryOS do things.

For non-technical users, they can leave that off and either allow/deny apps on install. For more technical users, they can turn off a permission either explicitly (with an exception or error returned), or false data (so a GPS request ends up winding up in the same place such as USENET Central Administration's address.)

I like having functionality similar to the Cydia app, PMP (Protect My Privacy). That way, if something asks for everything under the sun and won't work without it, the app can data-mine all day... all it will get is random garbage for contacts, random meme pictures, and randomly generated death metal band names.

Re:Actually one of my beefs (1)

JavaBear (9872) | about 9 months ago | (#46093045)

I'd say at least have the ability to set if the requested permissions are read only, or read/write.

Re:Actually one of my beefs (4, Insightful)

mythosaz (572040) | about 9 months ago | (#46092401)

...while I agree, the next step is that applications start crashing when you revoke their permissions, or the authors simply refuse to let them run.

Anyone who writes a program that makes its money by spying on you (while presenting you a game of Hearts), will simply stop dealing the cards when it can't read your text messages. HOSTS blocking already kills ads on a lot of software, but it's an arms race.

The revenue model is the issue. We want 99 "free" apps.

Re:Actually one of my beefs (0)

Anonymous Coward | about 9 months ago | (#46093001)

You mean like the facebook app? The reason I do not have it installed anymore is that it crashes without most of the permissions it wants.

simple fix on android (0)

tresstatus (260408) | about 9 months ago | (#46092247)

root install xposed framework install AppOpsXposed remove permission to almost everything i checked and noted that the new permission had been added but never used.

simple fix on android (2)

tresstatus (260408) | about 9 months ago | (#46092271)

Root
install xposed framework
install AppOpsXposed
remove permission to almost everything

i checked mine and noted that the new permission had been added but never used

Re:simple fix on android (0)

TangoMargarine (1617195) | about 9 months ago | (#46092775)

Root.

install xposed framework
install AppOpsXposed

Remove permission to almost everything.

I checked mine and noted that the new permission had been added but never used.

Re:simple fix on android (1)

s7uar7 (746699) | about 9 months ago | (#46092371)

"simple". Not something my parents could do (nor would I expect them to).

Re:simple fix on android (0)

Anonymous Coward | about 9 months ago | (#46092405)

cyanogenmod has privacy guard. If I am not mistaken it just feeds apps empty data.

Why does Facebook read your text messages? (1, Insightful)

Anonymous Coward | about 9 months ago | (#46092249)

Because you let them. Duh.

Social Networking (2, Insightful)

Anonymous Coward | about 9 months ago | (#46092259)

ALL - and I mean ALL - of these social networking sites and apps exist for one thing and on thing only - to extract your information.

They have the data and know that they can manipulate your buying habits. You will not agree with this. I know you wont. But you are manipulable.

We all are.

It's NOT 'You will eat at Joes!'

It's more like, 'Hmmm, I want to go out and eat, How about Joes?'

That's all it takes.

And with Big Data, they got us.

Re:Social Networking (5, Insightful)

Anonymous Coward | about 9 months ago | (#46092373)

I resent the notion that product trend manipulation works on everyone. It does not, and it doesn't have to. It only has to work on enough people to make it worthwhile.

SubjectsInCommentsAreStupid (5, Informative)

lesincompetent (2836253) | about 9 months ago | (#46092261)

Uninstalled the app, started using FB via browser. For my low intensity usage it's still perfect. Also links to click and youtube embeds work seamlessly now.
Got no messenger installed too.

Re:SubjectsInCommentsAreStupid (5, Informative)

CastrTroy (595695) | about 9 months ago | (#46092339)

As soon as I saw this I uninstalled Facebook as well. My battery life has improved a bit. Also recently uninstalled Google Talk (now called "Hangouts (Replaces Google Talk)") because it started asking for access to my text messages as well. I've noticed a lot of apps asking for increased privileges lately. I usually uninstall them if it's something I don't really need. I wonder if the developers get statistics about number of people who uninstalled the app?

Re:SubjectsInCommentsAreStupid (0)

Anonymous Coward | about 9 months ago | (#46092421)

Hangouts is the new default messaging app, that's why it's asking for access to your text messages.

Re:SubjectsInCommentsAreStupid (5, Informative)

asavage (548758) | about 9 months ago | (#46092467)

Google hangouts wants to read your text messages as it is the default text message app for kitkat.

Re:SubjectsInCommentsAreStupid (4, Interesting)

JesseMcDonald (536341) | about 9 months ago | (#46092541)

My battery life has improved a bit. Also recently uninstalled Google Talk (now called "Hangouts (Replaces Google Talk)") because it started asking for access to my text messages as well.

That shouldn't come as too much of a surprise, since Hangouts is the app for text messaging these days. I just upgraded to a new Nexus 5, for example, and there is no separate Messaging app. Hangouts handles that function by default.

Moving back on-topic, App Ops X is a good start, and I'm disappointed with Google for removing this function from the base system and making it increasingly difficult to install and use. Ideally I'd prefer for users to have complete control over permissions, in a way which is completely transparent to the app. The app doesn't need to know that network access is blocked; it just gets a "no signal" response, or "destination unreachable" when attempting to access particular domains. It doesn't need to know that you've restricted access to the contact list; it just gets its own, private contact list. It doesn't need to know you've restricted location access, it just sees "acquiring GPS signal...". And so on. If the app can see what you've restricted, then the app can be designed to refuse to function until you've removed the restriction, which defeats the whole point. The sandbox approach is the only reasonable way to have fine-grained permissions under the user's control.

Re:SubjectsInCommentsAreStupid (0)

Anonymous Coward | about 9 months ago | (#46092435)

I would do the same, but I really like the contact integration that the Facebook app does. Is there a different way to get it over to my phone and/or synced with Google contacts?

Re:SubjectsInCommentsAreStupid (1)

hacker (14635) | about 9 months ago | (#46092437)

If you're doing that, might I suggest just using "Tinfoil for Facebook [google.com] ", or use Orbot [google.com] + Orweb [google.com] , and browse a bit more anonymously through Tor instead.

Re:SubjectsInCommentsAreStupid (2)

tobiasly (524456) | about 9 months ago | (#46092599)

Uninstalled the app, started using FB via browser. For my low intensity usage it's still perfect. Also links to click and youtube embeds work seamlessly now.
Got no messenger installed too.

A thousand times this. The line for me was when my recent camera pics popped up in the app with a caption "do you want to post these to Facebook"? Uhh, fuck no Facebook and stop rifling your grubby mitts through my pics without asking me TYVM (Dropbox, Twitter, Google+ all have similar functionality but have an explicit settings for this).

This is also a weakness in Android permissions IMO: many apps ask for USB access to store their own data but that means they can read everything under /sdcard including photos.

Now I use the mobile site, plus Slice if needed. The only drawback is that apps which require Facebook to login now require an OAuth web dialog where I have to log in again, whereas before the Facebook app showed the confirmation with no re-auth required.

Simple solution: (0)

Anonymous Coward | about 9 months ago | (#46092279)

Don't use the facebook app.

If you have an app-capable phone, you can probably access the facebook website using your phone.

The bigger issue... (1)

mythosaz (572040) | about 9 months ago | (#46092283)

The bigger issue is that Facebook is shovelware on most providers handsets.

I had to go get Facebook, since I live on this planet, and have friends who use it to coordinate, you know, life. ...but at least I had a choice.

Admittedly, people do have to sign into that big F icon. It doesn't just auto-authenticate.

Re:The bigger issue... (3, Informative)

hacker (14635) | about 9 months ago | (#46092415)

You don't need to use the Facebook app on your phone, you can use the mobile version of the website, or if you're using Android (as is the case with the OP's gripe), you can use Tinfoil for Facebook [google.com] .

Remember to uninstall Facebook as an app and from ROM including the SNS service (not a typo), to completely rid your handset of that mess.

If you don't want to do that, use Orbot [google.com] and the mobile site over Tor using the Orweb Privacy Browser [google.com] .

Re:The bigger issue... (1)

mythosaz (572040) | about 9 months ago | (#46092695)

Because of the shovelware issue, and mostly locked, un-rooted phones owned by people who can't root their phones by themselves [It's not easy for the general population], they don't have most of the options you suggest.

Their best bet is to never logon to the shovelware version (good luck, grandpa!), and download an app that they've never heard of.

I'd never heard of Tinfoil until today, but I'll check it out -- since, as I mentioned, Facebook is a necessary evil for me. I've got it set to the minimum number of notifications allowed (my personal peeve, since I don't value my privacy over my convenience [generally]), but as long as my friends and family use it to coordinate social functions instead of voice and paper, I'm stuck with it.

Re:The bigger issue... (1)

jratcliffe (208809) | about 9 months ago | (#46092913)

Because of the shovelware issue, and mostly locked, un-rooted phones owned by people who can't root their phones by themselves

It's not just can't root. If I root, I lose access to (at least) Netflix, if not others, so there's a tradeoff.

Re:The bigger issue... (0, Troll)

Anonymous Coward | about 9 months ago | (#46092419)

I had to go get Facebook, since I live on this planet, and have friends who use it to coordinate, you know, life. ...but at least I had a choice.

Er, you have a rather funny way of defining choice there buddy. Good luck with the wool fitting. Remember it just needs to cover your eyes just enough so you don't have a desire to lift it.

lies (0)

Anonymous Coward | about 9 months ago | (#46092285)

two factor auth doesnt require the app to read your txts

SMS Integration (3, Informative)

ottothecow (600101) | about 9 months ago | (#46092297)

They want to be able to view your messages, so that they can do the same thing google is doing with Hangouts:

Put both your SMS and your Instant messaging in the same app (just pushing facebook chat over hangout chat).

... and so does twitter ... (2)

hpoul (219387) | about 9 months ago | (#46092303)

... and many other apps. No idea why they really need those permissions just so users don't need to copy over a verification number. This is ridiculous... i wonder if they did research what more users would accept.. having their app require the permission to read *all* SMS .. or just requiring the user to occasionally type a one time password from the SMS app into the twitter/facebook/whatever app.

this is really something android has to solve.. something like optional permissions for the lazy users who really want to have that single features which requires all your personal data.. it's not just as a user, but it's also annoying as a developer - i could obviously also just make the user download 3 different apps for each functionality, and have fine grained permissions this way, but this can't be the best solution..

Do not have my permission (0)

Anonymous Coward | about 9 months ago | (#46092321)

If I opt to txt someone, I expect that data is only accessible to them (and the NSA). Similarly, I object to emailing dweebs with gmail accounts.

The content of my private communications is none of these companies business.

Re:Do not have my permission (1)

BradMajors (995624) | about 9 months ago | (#46092615)

Yahoo also reads all yahoo emails.

Re:Do not have my permission (1)

mlts (1038732) | about 9 months ago | (#46092967)

I'd recommend reading the EULA of any "free" E-mail provider. All of them reserve the right (in some wording or another) to go looking through the mailbox as they see fit to sell to advertisers.

Want E-mail privacy? One has to do like they did before the advent of Hotmail, and either pay for a custom domain +hosting or pay for a private ISP for mail hosting. I personally use SaaSHost.net [1], but there are many others that are good.

I prefer a provider that only does paid subscriptions, no ad revenue. That way, no matter what, you are the customer, not the product.

So it can authenticate by sending a text (1)

jonnythan (79727) | about 9 months ago | (#46092325)

What Facebook wants to do is send a text message with a special code to your phone. Letting the app read your text messages allows the app to read the code automatically so you don't have to copy and paste from the messages app.

Re:So it can authenticate by sending a text (2)

QuietLagoon (813062) | about 9 months ago | (#46092375)

What Facebook wants to do is send a text message with a special code to your phone. Letting the app read your text messages allows the app to read the code automatically so you don't have to copy and paste from the messages app.

But what else is the app reading in my text messages?

Re:So it can authenticate by sending a text (0)

Anonymous Coward | about 9 months ago | (#46092463)

What Facebook wants to do is send a text message with a special code to your phone. Letting the app read your text messages allows the app to read information that has nothing to do with the operation of the app or Facebook, but can be sold to the highest bidder.

There. Fixed that for you.

Re:So it can authenticate by sending a text (2)

aardvarkjoe (156801) | about 9 months ago | (#46092843)

This is a perfect example of why is should be possible to give an app temporary permission to do something, or to selectively deny permissions. This type of authentication is something that only needs to be done once over the lifetime of the device. If I was using it, I would just copy/paste the code -- and someone who is less paranoid could allow the facebook app to read their text messages at setup time, and then deny that permission from that point on. Instead what we end up with is that after you've gone through that authentication step, Facebook will be able to read your text messages forever more.

But I assume that most people are just going to shrug and install the app anyway. I know that way back when, facebook would bug me to give them my email password so that they could go look up all my contacts. It's hard to believe that people actually fall for crap like that -- but apparently they do.

Well there you go (5, Funny)

Java Pimp (98454) | about 9 months ago | (#46092343)

Facebook says it is only so it can facilitate two-factor authentication

No need to question it further. A completely benign reason with no ulterior motive. Just allow it and be happy. Facebook wouldn't do anything against your wishes...

Re:Well there you go (0)

Anonymous Coward | about 9 months ago | (#46092777)

Facebook says it is only so it can facilitate two-factor authentication

No need to question it further. A completely benign reason with no ulterior motive. Just allow it and be happy. Facebook wouldn't do anything against your wishes...

Doesn't automating-away the process of two-factor authentication, sorta kinda defeat the whole purpose of two-factor authentication?

when monkeys have hymens (-1)

Anonymous Coward | about 9 months ago | (#46092345)

or tell us why not. that's when we'll be real advance again? meanwhile, beware falling gargoyles support our returning vets http://www.youtube.com/results?search_query=scott%20olsen&sm=3 & call this 'weather' if it makes us feel better http://www.globalresearch.ca/weather-warfare-beware-the-us-military-s-experiments-with-climatic-warfare/7561

facebook wants to know more about you.... (4, Insightful)

QuietLagoon (813062) | about 9 months ago | (#46092367)

That is why facebook does anything it does, it wants to know all about you, your friends and relatives.

.
facebook even collects the posts you start typing but decide not to send [geekosystem.com] .

Removed app + hidden services from ROM long ago (4, Interesting)

hacker (14635) | about 9 months ago | (#46092379)

I couldn't be happier now that I've completely purged Facebook and its hidden (SNS, not a typo) services from my ROM and phone, and frozen/deleted all of the other assets in other apps that try to "phone home" to Facebook. Side benefit is that after removing Facebook from my phone, I gained seven solid HOURS of battery life back. I didn't realize how often the SNS service and Facebook itself were sending and receiving data, phoning home, etc.

The combination of Android Permission Manager [google.com] , DroidWall [google.com] and LBE Security Master [lbesec.com] have made things much easier to block, delete, drop packets, deny and forbid services from trying to use unnecessary permissions.

I guarantee that no app is doing what it shouldn't, and those that should have permissions (Camera => Take Photos Permission) are prompted every time they attempt to do so, never allowed by default. If I'm not using the Camera for example, and I get a popup that it tried to take a photo, I permanently deny it and remove/uninstall the app. I don't tolerate any of that out-of-band behavior on my phone.

You should investigate the same. Yes, we all know about the L4 kernel, but this at least will help remove the abuse from the application level.

Re:Removed app + hidden services from ROM long ago (0)

Anonymous Coward | about 9 months ago | (#46092745)

Why do I feel so strange about your suggestion to download a Chinese "security" application?

Re:Removed app + hidden services from ROM long ago (1)

Java Pimp (98454) | about 9 months ago | (#46092757)

Out of curiosity. Have you actually gotten a popup about an app trying to use the camera like that or was it a "for instance"? If so, what was it? This is a serious question. I'm working on a project looking at rogue behavior like that.

Re:Removed app + hidden services from ROM long ago (2, Informative)

Anonymous Coward | about 9 months ago | (#46092949)

The combination of Android Permission Manager [google.com] , DroidWall [google.com] and LBE Security Master [lbesec.com] have made things much easier to block, delete, drop packets, deny and forbid services from trying to use unnecessary permissions.

Dear members, please remember that installing closed source software as root will automatically voids your paranoid member card.

Permission Manager and LBE Security Master are both closed source, and need root to run. Not acceptable.
Bonus points, LBE's home page is in chinese, no offense intended, just paranoid.

On the other hand, Xprivacy does the same job and is GPL'd.
By the way, Droidwall is severely outdated, you might consider trying its (open source) successor / fork, AFWall +

Being paranoid is a full time job !

Sigh. Blackberry fixed this more than a decade ago (1)

Anonymous Coward | about 9 months ago | (#46092407)

Why do people put up with this kind of shit and keep buying iphone & android?

People ask why I still carry a blackberry instead of iphone or android. This is one of the many reasons. Unfortunately it seems that only a dozen people think like me.

Both iphone and android are insecure platforms designed to give OTHER PEOPLE full access to your data while limiting YOUR access to YOUR data.

Many, many years ago, smart people at Research in Motion designed the blackberry and allowed the owner of the device to set individual, granular permissions as to what an app can access.

Re:Sigh. Blackberry fixed this more than a decade (2)

Njovich (553857) | about 9 months ago | (#46092495)

The real security for blackberry apps is in that they made it such a PITA to develop for Blackberry that nobody bothers.

Re:Sigh. Blackberry fixed this more than a decade (1)

Anonymous Coward | about 9 months ago | (#46092501)

Yeah, iPhone does the same thing, jagoff.

Re:Sigh. Blackberry fixed this more than a decade (1)

mlts (1038732) | about 9 months ago | (#46093015)

You can make Android pretty decent by starting off with a device with an unlockable bootloader and using CM or another decent ROM. I've always added a firewall (root needed) so if an app doesn't need to communicate out, it won't get out, no matter if it has that permission or not.

Another simple solution (4, Informative)

stevegee58 (1179505) | about 9 months ago | (#46092453)

1) Go to "Account Settings"
2) Press "Deactivate you account"
3) Get an effin' life.

Re:Another simple solution (0)

Anonymous Coward | about 9 months ago | (#46092957)

Get an effin' life.

Like trolling Slashdot. Much more productive apparently.

im sure the dialog is scripted. (4, Insightful)

nimbius (983462) | about 9 months ago | (#46092479)

user: Facebook, why do you want to read my text messages?
Facebook:Fuck you, thats why.
user: okay.jpg.


All joking aside though, seriously, stop using facebook. You're the product, not the consumer, so none of your opinions or concerns sincerely matter.

Re:im sure the dialog is scripted. (0)

Anonymous Coward | about 9 months ago | (#46092637)

You're the product, not the consumer, so none of your opinions or concerns sincerely matter.

This isn't really fair. Doesn't facebook have an interest in curating a good product? How can they do that if your opinions don't matter? In fact, this very logic is why I joined facebook in the first place, because it seemed like they understood that. I haven't seen that they don't still get it; Android permissions are hardly a smoking gun along the lines of "OMG facebook is spying on you!?!"

Re:im sure the dialog is scripted. (0)

Anonymous Coward | about 9 months ago | (#46092891)

I though everybody already knew that fb spies on users in every way imaginable and that no smoking gun is needed. Europeans that under more sane legislation were able to request fb to hand over all the data collected about them and were stunned when just browsing habits data rarely fit on one CD, as you should recall....

Re:im sure the dialog is scripted. (0)

Anonymous Coward | about 9 months ago | (#46092795)

You're the product, not the consumer, so none of your opinions or concerns sincerely matter.
 
Ironic to see this out of someone posting on Slashdot in 2014.

Google Voice (0)

SlashDPC (931574) | about 9 months ago | (#46092515)

I use Google Voice exclusively for SMS. My 'Messages' app is almost always empty, so it can read(spy on) my txt messages all it wants.

Wish there were a Cyanogenmod for my phone (2)

barlevg (2111272) | about 9 months ago | (#46092545)

I recently installed Cyanogenmod on my old phone (HTC G2/Desire) so my wife, who's taken possession of it, could use some 4.x-only apps. I couldn't believe how beautifully it runs on a three-year-old phone (I mean, it's SLOW, but everything WORKS), and the lack of bloatware and pre-installed apps (read: Facebook) makes me super jealous. I'd put Cyanogenmod on my current phone (Samsung Galaxy Relay), but last I checked, there weren't any stable builds for it with an Android version greater than what I've got now (4.1).

Re:Wish there were a Cyanogenmod for my phone (0)

Anonymous Coward | about 9 months ago | (#46092803)

http://download.cyanogenmod.org/?device=apexqtmo shows cm10.2 (Android 4.3, based on http://www.cyanogenmod.org/blog/cyanogenmod-10-2-0-release) available, is you're Relay really on 4.4 ?

Re:Wish there were a Cyanogenmod for my phone (1)

barlevg (2111272) | about 9 months ago | (#46092897)

No, that's new! I actually just found that for myself, about 5 mins after posting this comment, and now I'm super excited. Anyone know by any chance whether there are issues putting Cyanogenmod on a locked phone? I found this stackexchange issue [stackexchange.com] , but I feel like if it were actually a thing, it would be more commonly documented.

Blackberry (4, Insightful)

QBasicer (781745) | about 9 months ago | (#46092561)

Blackberry actually had this right. Apps requested permission when you installed them, you could either allow, deny, or ask it to prompt you first. It would be really awesome if Android had that feature too.

When Google... (0)

Anonymous Coward | about 9 months ago | (#46092563)

...built the same on OS level into KitKat, no-one seemed to care, so why should Fuckbook not at least try to do the same...?

Android going the wrong way about permissions (0)

Anonymous Coward | about 9 months ago | (#46092569)

Right now, when I download/update an app it tells me it needs a number of permissions, I can either accept or not use the app at all. Instead, I should be able to tell Android what each app can access, just like the NoScript plugin for Firefox.

Even if you don't use Facebook (1)

Anonymous Coward | about 9 months ago | (#46092645)

My carrier seems to think I need to use Facebook so much that it won't allow me to remove the app from my phone. So, now I'm left with the option of upgrading (and therefore giving FB access to my messages), or not upgrading and tolerating any potential security/privacy risks in the earliest version.

Simple: Android permissions are not fine enough (2)

krelvin (771644) | about 9 months ago | (#46092813)

Simple. They want to be able to get a status from SMS text and the only way to get that is to get permission to the SMS Messages. There is no finer permission level in Android to just give them what they need without access to the rest.

I just block that access since I don't want to use their messaging anyway. Blocked with Root, Xposed Framework, XPrivacy to control which permissions I want to allow them to have.

Im not updating (2)

el momia (1400135) | about 9 months ago | (#46092837)

I saw that odd permission request today, fuck me if I ever update this crapware again

Simple solutions (0)

Anonymous Coward | about 9 months ago | (#46092861)

1) dont use it, or
2) use an older version with less permissions, or
3) use a third party app for FB, or
4) write your own app.

FB app is a APK which is a ZIP file, you can resource the java intermediate code to generated Java and see what it REALLY does.

I have done this myself out of curiosity, and after that, I no longer use FB apps and ANY app that OVERREACHES permissions beyond reasonable, I also upload REVIEWS on app store sites such as Amazon with the information and negative stars.

Stuff like this... (1)

Red_Chaos1 (95148) | about 9 months ago | (#46092883)

...is why I have never installed the app in the first place. Using the browser works perfectly fine, and doesn't let Fuckerberg mine my phone.

Because fuck you (0)

FuzzNugget (2840687) | about 9 months ago | (#46092973)

That's why
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?