Why does a flash light need to know my call history?

So, I recently (November) finally got a smartphone with an Android OS. It's a pretty sleek phone.

However, I haven't found many apps for it yet. The biggest issue is that, frankly, I refuse to download a bunch of stuff. I really, really don't care for some of the things these apps ask of me. I get why some of them need internet access (though I wish Google would come up with a different way to notify of this that separates "This app uses internet to download ads" vs. "This app uses internet to steal your identity"...), but why does a flashlight application need to know my call status and phone history? Why does the Amazon App Store need a blood sample to run?

I know a bit of it is just me being paranoid... in the age of CarrierIQ (of which my phone, supposedly, lacks), I suppose it doesn't really matter too much... but I don't have to like it.

Try emailing the developer? Should be a link in the market.

amazon app store works just fine on my tablet. no issues with blood samples or whatever. never had any issues with any other apps either.

Remember that iOS apps have ALL of those permissions. Every one of them. And they don't even ask.

Anyway, if you want, there are ways to turn off individual permissions for individual apps, but remember that it will sometimes not make them work correctly. Cyanogenmod has that built in, and I'm sure there are other ways.

[quote name='Clak']Try emailing the developer? Should be a link in the market.[/QUOTE]

The issue isn't just one developer though - it's pretty wide spread...

[quote name='DurbanBrown']amazon app store works just fine on my tablet. no issues with blood samples or whatever. never had any issues with any other apps either.[/QUOTE]

Obviously, the "blood sample" was tongue-in-cheek, but the Amazon App store is pretty invasive.

http://androidcommunity.com/amazon-...s-you-stay-if-you-want-to-keep-them-20110614/

It requires pretty much every permission the phone can grant, runs in the background at all times and cannot be killed short of deleting the app (which removes your ability to use any apps you've downloaded from the store, paid or free).

[quote name='mkelehan']Remember that iOS apps have ALL of those permissions. Every one of them. And they don't even ask.

Anyway, if you want, there are ways to turn off individual permissions for individual apps, but remember that it will sometimes not make them work correctly. Cyanogenmod has that built in, and I'm sure there are other ways.[/QUOTE]

I'm not worried about what the iOS platform does... I don't have an iOS device.

Interested in this "Cyanogenmod" - is it something that requires one to root their device?

you ordered one of those? my friend had bought one at this strip club and would just leave it sitting around in his room

[quote name='UncleBob']I'm not worried about what the iOS platform does... I don't have an iOS device.

Interested in this "Cyanogenmod" - is it something that requires one to root their device?[/QUOTE]

Right, I'm just saying, at least Android lets you know what your apps are doing.

Cyanogenmod does indeed require that you root your device. Android is open source, so modders take the pure form of Android (before your carrier and the phone manufacturer load it down with bloatware and disable things like tethering) and add useful (and always optional) features to it. I definitely recommend it if you have a phone that supports it and you're not worried about your warranty. I did it to an Incredible and my Nexus One a little while ago.

Yeah - one day I'll likely root my phone - but right now, it's under warranty, so I'm going to hold off. No major reason for me to do it now anyway. Tethering is the only reason, but, of course, it's against the ToS with my carrier without subscribing to the service anyway... which I do. I figure $34/month for unlimited data on my phone or other devices (via WiFi or tethering) on the best network in this area is more than a fair price.

Google needs to do a better job of specifying exactly what each app can do. I know it seems scarey when an app wants permission to see your location for example, but that's usually to target ads to you in a certain language. The way it describes the permissions does nothing but scare people, especially those who are paranoid about such things already. It's all pretty harmless though, and most of the time there are legitimate reasons for an app to request the permissions it does.

Again though, email the developer.

[quote name='Clak']Google needs to do a better job of specifying exactly what each app can do.[/QUOTE]

This.

I love that Android shows you want the app has permission to do, but the permissions are pretty over simplified. It'd be nice for there to be a better breakdown of "what this does" categories. However, too much might scare people off more.

I wish that developers could or would explain what their apps do with each permission.

Uses Internet. Reason: advertising.
Uses SMS. Reason: turns the flashlight on when you get a new text message

(Wouldn't that be interesting)

Many do, actually.

Yeah, I've noticed that in many descriptions. Sadly, I'm awfully paranoid... if someone has really written a program that captures my online purchase data and sends it to them, I don't expect them to say "Uses Internet. Reason: To steal your identity." Though, I bet if someone made an app that said that, there'd be someone who would download it...

I'd like to see something where Google could whitelist a specific advertising script from specific advertising partners (which, likely, would end up being limited to Google). If your app uses this script, then it gets flagged with the permission something like "Uses internet for approved advertising access only." You could still use a non-whitelisted advertising vendor, but that would require the "Full Internet" permission.

Likewise, for the SMS example given above, it'd be nice if there was a "Read SMS Status Only", "Read Incoming/Outgoing SMS" and "Send Outgoing SMS" permissions" (which there /kinda/ is for that last one, though it is also tied into another permission). Something similar could be added for phone calls and what not.

Reading/Writing external storage... This is a big one for me. I'd love to see a permission set up that is like: You're downloading a program like, say, Songify. Obviously, this needs permission to access your memory card so it can save the songs it creates. But, instead of giving it permission to access the entire card, why not make the permission for a specific directory on the card? "Read/Write access to the / directory on your external memory: This program will be able to access, create and share data on your external memory , but will be limited to data stored within the /Songify directory on your external memory."

I find the permission lists useless because it seems like every app has several unrelated permissions. IMO it's most likely a result of sloppy programming.

Ultimately those permission lists are just something the app store uses to cover its butt.

What do you mean unrelated permissions? Just to give an example of something that I recently saw that freaked me out before I looked into it. NovaLauncher(a home screen replacement for ICS), needs permission to make calls, which of course seems alarming at first. Then I checked into it, and that's used if you put a direct dial shortcut on the home screen, and only then. Some of the permissions for this app may seem unrelated, but understand that the more an app can do, the more permissions it's probably going to have by necessity.

If an application asks for too many permissions, you simply move on. If the application comes from a trusted developer or has a high rating it looks promising, you might look into it, but when it comes to something like a flashlight, there are plenty of them out there.