We’ve had a few queries regarding the new permissions in the app version that is now rolling out. Two new permissions are added, they appear as:
This app has access to:
Read SMS or MMS
Your personal information
Read contact information
Sounds scary but in fact the app does not read any content of SMS or contacts.
Why we added these
These have been added so the app can keep track of the number of text messages sent and received, as well as the number of calls made and received. In this way the app can help you stay within your usage plan if you have a contract, or stay in control of your spending if you are on pre-pay.
The only data we access using these permissions are:
time, duration, whether it was sent or received
time, whether it was sent or received
This let’s us make pretty things like this:
We really hope these are useful to keeping track of your spending.
I think Google’s permission system is great, but it does have the disadvantage that sometimes you need quite broad permissions to do very specific things – I don’t think there’s any easy way round that, if there was a permission for every function call things would get rather unwieldy.
How to check whether an app is maliciously collecting data
To see all the data that is sent from your phone (to check if there are any malicious apps on it) this is what you can do:
- Install OpenGarden on your Android device and laptop (not built by us, but by some very cool people we’ve met)
- Turn off Wi-Fi and mobile internet on your Android device.
- If your laptop is connected to Wi-Fi your device should (perhaps after a short while) connect to your laptop via OpenGarden (they will both need bluetooth on!)
- Now all your phone’s data is routed via your computer.
- Using WireShark or a similar network monitor on your laptop to see all the network traffic.
You might have to wait for a while for some apps to fire off data, and some apps might pick up on the fact the data is being sent by another interface, I’m not sure, but this should work in many cases.