Forgot your password?
typodupeerror
Cellphones Handhelds Privacy Software

Why Users Don't Trust Mobile Apps 153

Posted by Soulskill
from the all-of-the-convenience-none-of-the-security dept.
snydeq writes "Fatal Exception's Neil McAllister writes of the growing unease among consumers around mobile data privacy, and how this distrust will impact mobile app development. 'When every week seems to bring another news story about a data breach resulting in the theft of customer data, customers are growing increasingly jealous of their privacy. Given the unique nature of the data to be found on smartphones, it's only natural that they have begun to view mobile apps with a skeptical eye. If you're developing apps that use customers' mobile data, you need to do more than recognize these realities. You need to develop a policy that places secure, ethical, and appropriate handling of user data at the core of your application development process.'"
This discussion has been archived. No new comments can be posted.

Why Users Don't Trust Mobile Apps

Comments Filter:
  • Wow (Score:5, Insightful)

    by 0123456 (636235) on Friday April 29, 2011 @11:43AM (#35975408)

    It's almost as though downloading random apps from the Internet to run on a device you use for personal information might be a bad idea.

    • Lets be honest, there's no accountability on the part of mobile app developers. Before you download an Android app it asks for permission to use certain features, but the developers aren't required to say how they'll use those features, or what they'll do with it. The markets that distribute these apps should be obligated to compel developers into disclosing what their apps do with your information.
      • by Zumbs (1241138)
        But they actually have to say that they use those features. This allows a user to make a much more informed choice of installation than I get on my Windows 7 computer. If an app needs access to something, I do not think that it should, I just pass it up. So single player game + internet access = no-no.
      • Lets be honest, there's no accountability on the part of mobile app developers. Before you download an Android app it asks for permission to use certain features, but the developers aren't required to say how they'll use those features, or what they'll do with it.

        And what's worse is that despite having a fairly granular permissions system, the end user is totally denied any ability to selectively remove permissions. Want to remove Internet access from an application that doesn't need it? Tough luck--Google knows what's best for you.

        And then they try to say they don't add this because 90% of users wouldn't use it. So? Bury it deep down in a menu somewhere that only people that really care will find it. The fact is it would be simple, but Google just doesn't want the

        • by h4rr4r (612664)

          All that would change is free apps would check if you gave it the permissions it wanted and if not tell you to enable them. I suspect paid apps would as well, many of those still sell data if they can.

          Google is still an advertiser first and foremost. Microsoft nor Apple will pass up this "free" money either.

          • All that would change is free apps would check if you gave it the permissions it wanted and if not tell you to enable them. I suspect paid apps would as well, many of those still sell data if they can.

            If an app told me it needed a permission when I tried to use that permission, that would be a great improvement. Then I would have some more information on which to make the decision of whether to grant it.

            If an app on start-up complained about every permission it didn't have with no explanation as to why it needed it, that would be great as well, as I would instantly know it's an app I don't want.

          • by Zan Lynx (87672)

            Why would the app even know?

            "I'd like a network socket please."
            "Sorry, the user is not connected to the network."

            "I'd like the Contact List please."
            "Sure! Here it is, all 0 contacts."

            "I'd like to send a text message."
            "Ok! Message sent." (to /dev/null!)

            These things could be done by custom ROMs and I'd be surprised if they're not already being done by somebody.

            • by h4rr4r (612664)

              Because then you refuse to run when you can't connect to the network, No contacts is also a dead give away. What you really need is to fake access to a very slow network connection, one that corrupts data too. Contact lists and stuff like that would need to also be fake not empty.

              This would take lots of development on top of the standard, not sure any rom does this.

              • by Zebedeu (739988)

                Because then you refuse to run when you can't connect to the network

                Yes, but then the user at least has the chance to get suspicious. "Why does this solitaire game require network so badly that it won't even let me play a game?"

                What you really need is to fake access to a very slow network connection, one that corrupts data too

                That would result in the same problem. The rogue app would simply fail if it couldn't communicate properly with its server.
                For all solutions you can think off, there will be a check which will be possible to make from within the app.

                I think the best way to do ensure security is to do it like old J2ME did it: every time an app needs to do something wh

                • by h4rr4r (612664)

                  Sure, but we want a check that fails based on probably real life scenarios not the user killed your permissions.

            • These things could be done by custom ROMs and I'd be surprised if they're not already being done by somebody.

              It's not in any ROMs yet, but a patch is being considered for inclusion in Cyanogenmod 7.1 [cyanogenmod.com] [javascript required]. Here's the related issue thread [google.com].

              It will be great if this is included in custom ROMs, but I strongly feel one shouldn't need to void the device warranty for this simple, important, easy-to-implement feature. Google has no (good) reason for failing to include this in AOSP, and this is becoming more apparent by the day.

              • by h4rr4r (612664)

                Yes they do have a good (for them) reason. Google is an advertiser, this will hurt them.

                What we really need is a law stating that this does not void the warranty. A Moss Magnuson act for phones.

            • by nschubach (922175)

              Cyanogen is working on it or has a solution. I have not followed it as close as the main issue because Cyanogen is something very few have (relative to the core Android build) http://code.google.com/p/cyanogenmod/issues/detail?id=2814 [google.com]

        • by Draek (916851)

          And then they try to say they don't add this because 90% of users wouldn't use it. So? Bury it deep down in a menu somewhere that only people that really care will find it. The fact is it would be simple, but Google just doesn't want the user to have this power over her device.

          No, Google merely knows that people bitch much less when they can't do something on their device than when they can, but in a manner that's not entirely straightforward at first. Weirdly enough.

          Compare and contrast OSX with Linux for a clear example.

      • by slapout (93640)

        Several developers do. But what's to keep them from lying?

        • But what's to keep them from lying?

          The ability to remove permissions you aren't comfortable with.

          Except, oh wait, they decided users shouldn't have that ability.

      • by gfxguy (98788)

        Yup... I think about what the application does and what it needs to know. I wanted a CNN app, for example, and the app created by the folks at CNN wants to read my phone's identity. Why? There's an app created by the android team, and all it asked for was net access... guess which one I installed.

        I wanted a dictionary... Dictionary.com's app wanted to track my location... I found another dictionary app that just wanted net access. Guess which one I installed.

        I've only had a "smart" phone for about a mon

    • by jedidiah (1196)

      > It's almost as though downloading random apps from the Internet to run on a device you use for personal information might be a bad idea. ...except mobile apps (at least on the iThing) are supposed to be "curated".

  • by trifish (826353) on Friday April 29, 2011 @11:44AM (#35975422)

    People might worry about their data stored in their mobile phones, but what worries me more is that they forget about the built-in microphones and cameras.

    • by traindirector (1001483) on Friday April 29, 2011 @12:07PM (#35975716)

      Android already has a great permissions system by which an application is granted permission to access functions of the phone and the Internet connection on a fairly granular level.

      However, even though they have already implemented this system that could allow the user to control what an application can do on her device, Google has chosen to restrict the end user from obtaining greater privacy and security by restricting an application's permissions. Through the user interface, one must either grant all permissions to an application or choose not to install the application--a single permissions cannot be removed.

      There is a small argument to be made that this makes things easier for developers, but how hard is it to gracefully handle not having certain permissions? For many features like GPS and Internet connectivity, Android could simply respond as if they are turned off if permission is denied. Some members of the Android development team have tried to spin the lack of user permission settings as a benefit to the user with the argument that "if users can disable permissions arbitrarily, then developers will have no incentive to minimize the amount of permissions they declare their applications need, and the average user will be less secure". This is the only somewhat rational explanation I have gleaned from there responses, and while there might be a small bit of merit to that and certain developers might really believe that, I think on the whole it is misguided.

      I believe Google's real goal is to make sure the user has no control over permissions, only a binary install / not install, because they're an advertising company with an interest in your data being sold. They continually ignore this permissions issue even though they have acknowledged it is among the top Android security complaints [google.com].

      • For what it's worth, Blackberry has a much more granular permissions system.

        But it doesn't seem to base its revenue model on the same things.

        • by h4rr4r (612664)

          That and it has a terrible OS, horrible user interface and in general sucks.

          Heck the OS is so bad they bought QNX, just so they could have an OS that did not suck.

          As to their revenue model, I believe they base that on selling your private information to dictators and despots instead of advertisers.

          • As to their revenue model, I believe they base that on selling your private information to dictators and despots instead of advertisers.

            In that case it's not selling. It's simply the price of doing business in India, China, Pakistan, the U.S., etc.

  • Big deal (Score:5, Insightful)

    by tripleevenfall (1990004) on Friday April 29, 2011 @11:45AM (#35975430)

    I see this as having a huge impact for the market for apps and what kinds of apps can be developed.

    The situation is developing where users don't want to give apps access to anything on the phone other than the data pipe, except for maybe a mapping application or something with an obvious need. This is really going to limit where apps can go.Because of the sins of Apple (and others), people don't trust the platform as much as they used to.

    Instead of being a device we voluntarily turned over information to in order to expand its role in our life, we are starting to see it as something that needs to be reigned in, controlled, watched like a hawk.

    Formerly people happily used Windows and IE to bring the internet into their lives. Now these are items you don't trust, you run several other programs on top to police them, etc.

    It's really a shame that this greed for personal information to sell has set back the role that palmtop tech may otherwise have headed toward in our lives.

    • Personally, I was on the brink with smartphones anyway. I have owned blackberry, android, and iphone devices. Most recently, an iphone.

      The privacy issues combined with the huge data plan expense, bandwidth caps - and the fact that most of the time I'm near PCs anyway - these things just made it feel like there are better things I can do with that $30-40 a month.

      The fact that I was able to go back to a dumbphone while selling my iphone online for what I paid for it, 6 months later, was helpful too.

      • Burn the Contract Break Fee and then do a prepaid plan.

        The point of a Smart Phone is the features and the "boring" apps like the calculator, and the nicer rendering in Safari. I despised my dumbphone with a passion - I don't call anyone much.

        "Apps" themselves are brilliant - people often only have 7 must-use features and don't need $80 programs to cruise through their day.

        Also Apple made the entire industry wake up and pay attention to UI for once.

        • Burn the Contract Break Fee and then do a prepaid plan.

          Which U.S. prepaid smartphone carrier do you recommend? I looked at Verizon's prepaid plans, and some of them were more expensive than contract plans. Is the Samsung Intercept on Virgin Mobile USA any good?

          • by nabsltd (1313397)

            I looked at Verizon's prepaid plans, and some of them were more expensive than contract plans.

            You cannot get an unlimited data plan with any of Verizon's "pay for what you use" prepaid plans. Since you must have a unlimited data plan for any smart phone (if you want data at all), you effectively can't have a smart phone on a true prepaid plan on Verizon.

            The "prepay for a month of up to X minutes" plans are really just like the contract plans without the contract, so you can get unlimited data with those. Even if they are less money, you'd have to pay about $350 more for the smart phone without a c

          • by gfxguy (98788)

            My Virgin Mobile plan is $25/month for unlimited data and text messages, and 300 minutes call time (you can pay more to get more call time, but I don't talk on the phone for more than a couple of hours a month).

            I have the LG Optimus V.

          • AT&T GoPhone.

            You even get a free Meatloaf Commercial to watch!
            http://www.youtube.com/watch?v=o5YMVO7-8ns [youtube.com]

            I'm not sure about the terms ("unlimited talk and text") in the ad mean, but I just paid for $100 in minutes. The point of the $100 pack is that they have the longest expiration (I want to say a year but I forget.)

            The point was that since it was an iPhone and I was already on AT&T anyway, I just gambled that the fewest hassles would be staying in carrier. The "store" rep at the mall warned that we

      • and the fact that most of the time I'm near PCs anyway

        When I'm on the bus to or from work, I'm near a PC (my laptop), but this PC doesn't have Internet access. Some people subscribe to mobile broadband for exactly this use case.

    • by Kuukai (865890)
      I don't think so. Everyone I know regularly uses all sorts of Android apps that require permissions they don't need. Last I checked you can't even find a free Japanese input program or even an emulator on the marketplace that doesn't require internet access. And at least one of these isn't much more than a privacy-invasive wrapper of gpl code. There was that article a while back about how the vast majority of apps send back user information, and with this as the norm there's often nothing a user can do
      • Exactly - there's no benefit to a company in developing a nice, free, safe application. Either they need ad revenue, or people have to start paying for software again.

        • Exactly - there's no benefit to a company in developing a nice, free, safe application. Either they need ad revenue, or people have to start paying for software again.

          Or people have to stop thinking of "companies" as where you get commodity software. How much do you pay for a kernel these days? (Or a media player or web browser or text editor or file manger?) These things are worth a lot but it wouldn't even occur to me to buy them; you don't get these things from "companies," you get them from the repos

      • by h4rr4r (612664)

        I suggest you then sell the GPL code and a non-privacy invasive wrapper. Then you can make a $1 each and provide a needed service.

    • by mangu (126918)

      It's really a shame that this greed for personal information to sell has set back the role that palmtop tech may otherwise have headed toward in our lives.

      It's not only palmtop tech that has been affected. Back in 1994 I read an article in a magazine about comet Shoemaker-Levy 9 [wikipedia.org]. I found the author's email and wrote him with some questions, he promptly answered me. These days I doubt my email would have got past his anti-spam.

  • by Maxo-Texas (864189) on Friday April 29, 2011 @11:47AM (#35975454)

    I'm just a Cube Runner and I don't have a degree in Physics but I don't want some stranger to Take Me to My Car by reading my location file.

    Yelp! I'm going to have Words with Friends and dance the Fandango if they have been sharing my information. I may use Device Locater but I don't want others to. Siri ously. They can build their own Empire and Tunein to their own location data but not mine!

  • "If you're developing apps that use customers' mobile data..."

    How about not writing mobile apps that store user's data?

    Very few apps need to store user data. Companies aren't using the data because the apps need it. Their ad stream needs it. Which reminds me: if you're not paying for a product/service (google, facebook, slashdot, reddit, etc.) you're not the customer...you're the product.
    • by h4rr4r (612664)

      Which reminds me: if you're not paying for a product/service (google, facebook, slashdot, reddit, etc.) you're not the customer...you're the product.

      So who exactly is the customer of Debian? Wine? XFCE? LibreOffice?

      That wide brush might be useful for painting a house, but what you are trying to do now requires a little more detail work.

    • by Draek (916851)

      But even if you are paying for a product/service (cable TV, movies, portable devices with 'exclusive' stores, etc) you may still be the product rather than the customer, it just may be harder to realize at first.

  • Old & Busted: Shareware
    New Hotness: Low Orbit Privacy Cannons

    Why are we simultaneously whining about threats to national security and purposely tricking users into leaking sensitive info?

    • by geekoid (135745)

      I don't know who the 'we' is you talk about. I do know that the Feds are taking this seriously and have a committee to study it. The first meeting is next week.

      • OOh, they have a committee to study it, now that's what I call taking it seriously. Will it be like Obama's blue ribbon panel to study the deficit? You know, the one whose suggestions he ignored? BTW, this is in no way unique to Obama, when some problem that politicians don't want to tackle becomes of concern to voters, they generally appoint a committee to "study it". Then when the committee releases their findings, the politicians will try to ignore them.
      • ... In May 2011. Really.

        It's WWII's Loose Lips Sink Ships problem, except this time we think the enemy is Terrorists.

        These data sharing patterns were emerging some seven years ago, just after the trauma of the Dot Com Bust wore off.

        For priorities, compare their response to privacy leaks by sneaky corps to their response to wikileaks when their own backyard was leaked. Will that meeting address the Sony disaster?

  • Why shouldn't everyone else?

  • Is it possible that people are discovering that life isn't all roses and sunshine inside the walled garden?

    Perhaps people actually like to be able to have some amount of control over the things that bought and paid for?

    I wasn't sure this day would ever come. I think I'll go and celebrate with a nice walk to a neighborhood restaurant.
    Seriously, I'm pleased if this is really what is happening.
  • When every week seems to bring another news story about a data breach resulting in the theft of customer data, customers are growing increasingly jealous of their privacy

    Project much? As long as you aren't losing CC data, people are as unconcerned as they ever were. The rapid growth of Facebook is exhibit A, and enough to close that argument down.

    Not that app makers should not strive to protect a users privacy anyway, but it's a very small (yet vocal) minority of people that are attempting to paint this a

  • Makes a good point for GPL licensed software, now doesn't it?

    • by The Moof (859402)
      Nah. An open source app can collect just as much data as a closed source one. Average users won't do a code review (and, honestly, most tech savvy users won't either). Even with a code review, I'm sure that some programmers can get creative with the methods so they aren't so easily detected.
  • How about the smartphone OS developers providing more granular control to the users to allow/restrict apps' access to specific functions?

  • and they trust the app store. You just need a trusted central authority reviewing everything. My Firefox Plugin [mozilla.org] has a binary component in it to make the MP3s, so every time I submit a new version it takes a week or two to show up on Mozilla's site, but the awesome thing is they review it for me so that my users don't worry I'm trying to pull a fast one.
    • I agree, but there's a difference of scale here; and add that there's no source code available to the reviewers for most apps. There is only so much that they can do when they have thousands of apps and updates to get through every day.
  • Not only is privacy an issue, there is the fact that the app may be nonexistent when you go to use it.

  • 1) Report your location
    2) Perform any financial transaction
    3) Scan UPC and other computer codes
    4) Has a camera, sometimes front and back
    5) Can pick up sound and conversation

    and... (Drumroll please) report all this back to a central authority anonymously. The ghost of Stalin must be green with envy. And the best thing is, the people actually pay for this themselves!

    What next, a site that compiles all personal information of all suspected subversives, er, "friends" and the people those "friends" are connected

  • On what basis does he think that consumers are starting to care more about privacy? A few comments on some apps?

    In reality... the awareness simply isn't there. The all-or-nothing approach taken by Android doesn't help much: because you have to grant every requested permission or deny the app entirely, android installer is simply another form of windows UAC: it encourages people to click 'yes' without considering the consequences. You might have some vocal minority speaking out against excessive permissi

  • Since I learned that AdMob sends my location data tagged with the Unique Device ID of my phone to Google, I'm very much wondering if even Google has actually realized that there may be problems with that approach. WP7 sends the very same data that the iPhone saves into its local database right home to Microsoft, also with the Unique Device ID.

    It's not just the apps, really.

  • TFA has no evidence what-so-evar to back up its claim that people don't trust mobile apps any more or less than they do any other type of app (hell, even freakin' MS Office asks if you want to supply "anonymous data" to Redmond). Well, unless they're saying that "prominent lawmakers" == consumers.

    This is just some random journo opinion. You'd have thought it would have maybe fired up Surveymonkey or something for some attempt at a citation.

1 1 was a race-horse, 2 2 was 1 2. When 1 1 1 1 race, 2 2 1 1 2.

Working...