App can make phone calls without your knowledge!

Cash-Strapped.T32

Pardon me, just going over the last page & I noticed a couple of posts I'd missed where Crab makes an interesting point I'd like to pick up on.

As I'm sure I've said before though, I'm no more a "fan" of any OS than another, well, except maybe WinXP - That should never die imo.

And I'm no cheerleader for Google itself, they messed me about royally a while ago trying to reactivate an old Gmail account (it still is active as I can send emails to it, but I can't access it as I can't get through their idiotic security & no-one there apparently can read an email.
So yes, not a fanboy of any persuasion.

Crabman wrote: »

because Google decided to release Apps to the Android market without checking them properly. ~ ~ Of course, Google had no issues harvesting its own revenue out of it whilst providing no support whatsoever. It's what Google does best.

Crabman wrote: »

It's widely accepted that Apple carry out more thorough checks than Google before releasing apps to their customers.

I see what you're driving at, but imo the emphasis is the wrong way around.
It's not so much Google who released those apps, as the malicious devs who developed them in order to get your money; Google by nature have to run their Android operation as a business and are really only providing a portal to pre-existing content; Other than official Google apps which are safe anyway, they aren't producing these apps themselves.

Now, it might be argued that this difference is irrelevant - if they host it, it's their responsibility in all respects, but for 2 reasons I do feel some sympathy for Google in this instance.

1) Not blaming Apple per-se, but their i-Tunes model has taken off so well that these days, it's expected that there is a "hub" for all smartphone software - You can't get away from it.
Us, high-tech ultra geeky computer users have to actually visit the website of a developer in order to download a program or heaven forbid, buy it on hard media. This is normally preceded by actually reading up on the company who wrote it, and ascertaining for yourself if the program is useful, safe, private, etc.. Simple common sense I'd say.

However some well paid exec somewhere decided that smartphone users are apparently so stupid or impatient that this is beyond them, they must be presented with a single pre-prepared menue of delicacies, all laid out in a little list and pre-screened by "someone" out there in the ether to make sure that you won't hurt yourself with a one or two-line description the size of a postage stamp.
Can you imagine the outrage if all these people had to browse to a developer's page? It might might cost them all of 30 seconds that could be spent on facebook!

Unfortunately, this hub model is now so widely accepted that I doubt that any company could make a competitive go of an alternative smartphopne product without an app-store of some kind, so it's become a sort of necessary evil - Google have to host these apps now whether they actually like it or now.


This then leads onto reason 2.
Has it occurred to anyone that there might simply not be a good way to make sure that every app is "safe"? - And here we man safe as in it won't dial or text to premium-rate #'s.

I take it as a starting point that I actively want my OS to be able to access phone-specific functions. Cutting off apps from the phone or SMS system means that things I require are impossible, make the device useless to me.

However, what sort of magic "code" could Google possibly use to ensure that this access is never, ever, misused by rogue devs?
You can't screen-out premium rate numbers in the OS as these might differ from county to country, or be required by the user.
You can't re-write the OS so all apps make you manually type texts or hit "dial" as this might break the functionality of the app.

Are we suggesting that an employee of google first downloads a copy of every single app that is submitted, and then what? Keeps it on their phone for a month or two to make sure some, unknown "bad thing" doesn't happen down the line?

From a practical standpoint I'm not sure if there is a 100% sure fire way to screen out all such apps, if you accept that there are legit, and valid reasons why the OS might access phone/sms functions, which I already have.
(I use a couple of apps daily that do this, one of which is my sole reason for using an Android phone)


Apple do it by totally cutting off their apps from these potentially risky functions which is *an * option I guess, but that same approach means an iPhone is utterly useless to me.


Running a subroutine that searches the code in submitted apps, and then comparing it to known "scam" numbers is possible, but I imagine this is already done, and it's the "new" numbers that actually get through the net & cause problems, as it's so quick & easy for scammers to set them up.

Buzby

Surely the bottom line is that it is the consumer who is the fall guy when a misbehaved app access their line of credit. Users need to be vigilant - but fot those who like an easy life, Apple's iOS has certainly provided a welcome element of security for those who ae willing to pay for it. For those tha are not, they need to take their own precautions. Ignorance is no excuse.

bubblesmoney

IPhones are not any more secure. Just google and you will find enough posts about SMS being sent without phone owners knowledge on iPhones too. See http://www.google.com/search?q=iPhone+sending+texts+without+my+knowledge&btnG=&hl=en&client=ms-android-samsung&site=webhp&sa=2

So any smartphone can be a victim to such things

Plus if you see the videos linked by me earlier you will see demos of how the iPhone and iPad browser is less secure than Android browser with respect to linking to fake websites being harder to detect on iPhones

DUTR

bubblesmoney wrote: »

IPhones are not any more secure. Just google and you will find enough posts about SMS being sent without phone owners knowledge on iPhones too. See http://www.google.com/search?q=iPhone+sending+texts+without+my+knowledge&btnG=&hl=en&client=ms-android-samsung&site=webhp&sa=2

So any smartphone can be a victim to such things

Plus if you see the videos linked by me earlier you will see demos of how the iPhone and iPad browser is less secure than Android browser with respect to linking to fake websites being harder to detect on iPhones

Don't you think it's a miracle that thegoodman missed all these, or could it be he is being selective?
Talk about bite the hand that feeds you? Slags off google all the time yet uses google for all his searchings :j