Results 1 to 17 of 17
  1.    #1  
    Caught this article on the Wall Street Journal about apps datamining your phone and sending the info to third parties. This article mainly pertains to apps on the Iphone and Android, but I notice some apps on there that are also on the Pre, namely Angry Birds and Pandora.

    Hopefully someone can verify that the pre version of the apps talked about in this article either do or do not datamine the pre.

    source: IPhone and Android Apps Breach Privacy - WSJ.com

    I just realized that this is posted in the wrong area could a mod please move it to the correct area....sorry
    Last edited by victorkruger; 12/20/2010 at 09:28 AM.
  2. #2  
    this is a problem i see in webOS more than in the mentioned iOS or android. As in webOS you are only warned that an app is sending location based info, but not if it's accessing your contacts or other data on the phone.

    in android e.g. it warns of storage access, phone call reading, sms sending...
    *heise mobil - Macht hoch die Tür! or
    *heise mobil - Macht hoch die Tür!

    What do other users think of this problem, wouldn't it be nice if you see in the webOS app catalog what functions are used, besides location based api-calls)?
  3. #3  
    Quote Originally Posted by gizmo21 View Post
    this is a problem i see in webOS more than in the mentioned iOS or android. As in webOS you are only warned that an app is sending location based info, but not if it's accessing your contacts or other data on the phone.

    in android e.g. it warns of storage access, phone call reading, sms sending...
    *heise mobil - Macht hoch die Tür! or
    *heise mobil - Macht hoch die Tür!

    What do other users think of this problem, wouldn't it be nice if you see in the webOS app catalog what functions are used, besides location based api-calls)?
    Why is webos more prone than iOS?

    iOS also gives no details regarding any functions.. And in android most users treat that as they do a EULA , yep like it's not even there. the issue isn't about users consenting it's about info is gathered via the UDID... There's actually more concern by iOS bc of the info that is tied to your devices UDID.



    -- Sent from my Palm Pre using Forums
  4. #4  
    So far I think webOS market share is small enough that the sleazy app developers aren't doing webOS apps. Same reason virus creators didn't bother with OSX until they hit a critical market share point. The generally accepted rule in this area is 10% market share whether it is developing legitimate apps, or malware.

    Once a platform hits 10%, it tends to show up on the radar of developers. Until then, the list of webOS developers is small enough that the community can do a pretty good job of policing. IMHO.
  5. #5  
    Quote Originally Posted by victorkruger View Post
    Caught this article on the Wall Street Journal about apps datamining your phone and sending the info to third parties. This article mainly pertains to apps on the Iphone and Android, but I notice some apps on there that are also on the Pre, namely Angry Birds and Pandora.

    Hopefully someone can verify that the pre version of the apps talked about in this article either do or do not datamine the pre.
    One thing to note is that while Angry Birds was sending information to a 3rd party - they claim the info was not used to identify individual users. Furthermore they made changes based on the WSJ investigation and the latest software (Angry Birds Seasons) includes a link to their privacy policy. I read the policy and it seems reasonable.

    Note also that neither Angry Birds NOR Pandora were implicated in grabbing contacts or other info that would be off limits.
  6. #6  
    Quote Originally Posted by gizmo21 View Post
    this is a problem i see in webOS more than in the mentioned iOS or android. As in webOS you are only warned that an app is sending location based info, but not if it's accessing your contacts or other data on the phone.

    in android e.g. it warns of storage access, phone call reading, sms sending...
    *[url= mobil - Macht hoch die Tür![/url] or
    *[url= mobil - Macht hoch die Tür![/url]

    What do other users think of this problem, wouldn't it be nice if you see in the webOS app catalog what functions are used, besides location based api-calls)?
    wow, to say webOS has this problem is simply coming from lack of knowledge, in webOS, app devs do not have access to the phone logs, contacts, photos...., apps can only get this info on a one request one response basis, in other words if an app needs a contact it will ask the user to pick that contact from the contacts apps and return only that contact, same with photos, so there is no need to "warn" the user that their contacts are going to be accessed since the manually give this access each time they pick an address.

    call logs are totally locked with absolutely no access to devs.

    calendar is also locked, unless the calendar entry was created by the app.

    so in webOS devs have almost no access to your info
  7. #7  
    just wanted to add that, apps cannot send or read SMS messages themselves these messages go through the SMS app. And the same goes to placing calls they must go through the phone app.

    location is the only API that devs use which is open hence the request and notification that the app is using location based services
  8. #8  
    Quote Originally Posted by abegee View Post
    wow, to say webOS has this problem is simply coming from lack of knowledge, in webOS, app devs do not have access to the phone logs, contacts, photos...., apps can only get this info on a one request one response basis, in other words if an app needs a contact it will ask the user to pick that contact from the contacts apps and return only that contact, same with photos, so there is no need to "warn" the user that their contacts are going to be accessed since the manually give this access each time they pick an address.

    call logs are totally locked with absolutely no access to devs.

    calendar is also locked, unless the calendar entry was created by the app.

    so in webOS devs have almost no access to your info
    Does this apply to PDK apps as well? Or are their potential data file access options where this data could be obtained via OS?
  9. #9  
    PDK apps, have a little more freedom but they also operate in a jail/sandbox,

    I don't know the exact limitations of the sandbox but I'm pretty sure, phone logs, contacts.. Are locked.

    here is an example of a dev asking to get root access and Palms reply

    http://developer.palm.com/distributi...sandbox#p40212

    a post by Ben saying that even PDK apps run in a sandbox

    http://developer.palm.com/distributi...sandbox#p24501


    the fact that webOS is not allowing angry birds to access this stuff may be the reason it is charging for the app on webOS but it is free on android
    Last edited by abegee; 12/20/2010 at 11:22 AM.
  10. #10  
    Quote Originally Posted by abegee View Post
    PDK apps, have a little more freedom but they also operate in a jail/sandbox,

    I don't know the exact limitations of the sandbox but I'm pretty sure, phone logs, contacts.. Are locked.

    here is an example of a dev asking to get root access and Palms reply

    Forums webOS • View topic - Request for Next Official Kernel - USB Modules

    a post by Ben saying that even PDK apps run in a sandbox

    Forums webOS • View topic - Question for unwiredben


    the fact that webOS is not allowing angry birds to access this stuff may be the reason it is charging for the app on webOS but it is free on android
    it may have been the reason for the delay in releasing the update and SEASONS as well
  11. #11  
    Quote Originally Posted by abegee View Post
    the fact that webOS is not allowing angry birds to access this stuff may be the reason it is charging for the app on webOS but it is free on android

    Really? I doubt that based on the recent privacy policy I read and the way that they responded to the WSJ investigation. I suspect rather that the small number of webOS phones makes the ad revenue not high enough aggregately vs. the $2 each user pays.
  12. #12  
    Quote Originally Posted by Unclevanya View Post
    Really? I doubt that based on the recent privacy policy I read and the way that they responded to the WSJ investigation. I suspect rather that the small number of webOS phones makes the ad revenue not high enough aggregately vs. the $2 each user pays.
    I didn't know the free versions had ads
  13. #13  
    Quote Originally Posted by abegee View Post
    I didn't know the free versions had ads
    Angry Birds Android to top $1 million per month in ad revenue

    A snippet from the article:

    The Android version was launched with an ad-based model. The application is available for free, but generates revenue from in-application advertisements.

    Though both models generate revenue, the ad-based model is preferable to the paid app model, according to Rovio.One deciding factor is updates which are necessary to keep fans interested in the game. With iOS, updates are available for free to those who already purchased this app. All revenue for Rovio is generated on this first purchase only. With Android, revenue is generated throughout the life of the game from the original version and through all future updates advertising is present.

    So how successful is the ad-based model? Rovio did not state in this video but Vesterbacka has been quoted as saying By end of year, we project earnings of over $1 million per month with the ad-supported version of Angry Birds . One million per month is not too shabby, especially when you consider that the Android version only became available in October.
  14. #14  
    Quote Originally Posted by Unclevanya View Post
    Really? I doubt that based on the recent privacy policy I read and the way that they responded to the WSJ investigation. I suspect rather that the small number of webOS phones makes the ad revenue not high enough aggregately vs. the $2 each user pays.
    Definitely, ad supported apps aren't posible with the current user base.

    Back on topic, althought the technologies used in webOS are more security hole friendly (I'm talking about the web-based SDK), the security model adopted by Palm makes it exactly the opposite.

    -- Sent from my Palm Pre using Forums
    Newness Developments apps:

  15. #15  
    sry my english is not the best, what do you mean by:

    Back on topic, althought the technologies used in webOS are more security hole friendly (I'm talking about the web-based SDK), the security model adopted by Palm makes it exactly the opposite.
  16. #16  
    What you can do is to help scan the source to these apps under /media/cryptofs and report any bad behavior.

    Then help add those hosts to Max Blocker patch.

    Maintainers wanted for Max Blocker patch. PM if interested.
  17. #17  
    I have Verizon with a GPS that is so crippled that if an app tried to transmit my location it would think I am in Sweden.

    WebOS users need to pay close attention to the Location Services app in your utilities. There are several check boxes that do the following:

    Auto Locate: You will be asked for authorization when an application requests your location.

    Background Data Collection: Allows Google to automatically collect anonymous location data it improve the quality of location services.

    Geotag Photos: Stores the GPS coordinates of your location when you use the camera.

    I usually set all of the Location Services OFF and turn them on only when requested.
    Last edited by not-yet-pre; 12/20/2010 at 06:37 PM.
    Palm m130 > Verizon Trēo 650 > Verizon Trēo 755p > Verizon Palm Prē Plus > TouchPad > Verizon Palm Prē 2
    ~ The Future's Just Not What it Used To Be ~

Tags for this Thread

Posting Permissions