The Facebook messenger app that was introduced appears to have generated quite a bit of controversy. Facebook split out the messaging functionality into a separate app from the main one and blocked the main one's ability to manage private messages, this effectively forcing people to install the new app to keep their existing functionality.
Not inherently a problem in itself, but it seemed to stir up a bit of controversy about the permissions that the application had. It wanted access to your camera and microphone. How could that be. The level of outrage seemed to reach fever pitch on some parts of the internet about how having acces to that meant that they could spy on you and record everything you're doing. It got ridiculous, and the media didn't help - I saw this appearing via a share in my facebook feed:
HOW TERRIBLE. WE SHOULD ALL STOP USING FACEBOOK!!!
Well, yes there are plenty of reasons to stop using facebook which I'll get into later, but this really isn't one of them. And if he's a "tech expert" he needs to be fired for scaremongering. In fact the issues raised in there are applicable to the permissions that the original facebook app already had, so you'd better stop using that and several others too if you're going to avoid messenger:
Let's use a common sense critique:Did Facebook messenger overstep the mark with permissions? If you've decided to remove that, better remove these too pic.twitter.com/bFRqzz5iTC— Stewart X Addison (@sxa555) September 13, 2014
- These permissions are requested for the app because facebook allows you to take pictures/video and send them with your messages. In the case of the main facebook app, there's a recent new - OPTIONAL - feature that allows it to listen in the background to detect and post what you're watching/listening to. Even the scandal-inducing Daily Mail didn't really seem to have a problem with it. I use a separate app that does something similar to post what I'm listening to to last.fm when I'm at a venue playing music. It's a nice thing to have.
- Facebook are quite open about the function that makes use of the camera/microphone (if you're still wondering why, then here's the - entirely reasonable - official response to the concerns), but what about other apps that you use? Do you know the company behind them? If there's a chance they're a scammer or have other sinister intentions do you check them out in the same way you would when criticising a large company like Facebook? Surely that's where the real danger is - with the lone developer who might be trying to steal your identity or take other things from you.
- If Facebook really was trying to snoop in on your microphone or send pictures back to base, you'd see a significant amount of background data usage in the app (other than any auto-playing videos). This simply doesn't happen, so the scare stories are just that.
- So we established in point 1 that there are legitimate features in apps that require use of those device features, but what if you didn't want to use those features and wanted to block access to, say, the microphone, or your photos stored on the phone? Apps tend to be installed with an "all or nothing" way of operating. The current Android app permission groups are here. What worries me is that Google tested an Android feature for selectively blocking app permissions via an "App Ops" setting menu in Android 4.3 but then pulled it (actually they claimed they'd put it in accidentally) but if you want to find someone to really have a go at about security and potentially allowing spying, maybe the OS vendors such as Google should be your target... (NOTE: With a rooted Nexus 5 you can put it back, or possibly also on other rooted devices). Or maybe you should consider getting hold of a device which can run the Cyanogenmod variant of Android which has such a function called "Privacy Guard". iOS already has such functionality built in so that's a win for Apple, as nothing should be able to sneakily use your microphone unless you allow it. And in fact with the newly released iOS8 they've has gone so far as to say "The authorities can't access your data" with Android about to follow suit (reference), although whether that'll be a good thing when a high profile court case comes out where evidence couldn't be obtained from such a device is questionable.
@sxa555 it should be a requirement when you submit an app to the store to write a sentence explaining evey permission you need.— Ben Hardill (@hardillb) September 29, 2014
My other big concern regarding Google Android is the "Android OS" data usage on cell connections on Android devices. It's not a huge amount - a few Kb each week, but I do wonder what exactly it's doing. It could be a measurable cost for some very low data users if it's using some data every day with some pay-as-you-go deals offering a certain amount of data per-day for a fixed price. Any expected data usage is counted under specific apps or the play services, and I have app updates disabled unless on WiFi. So what is my phone doing talking to Google in the background? I've got location data switched off, so it can't be sending the (frighteningly accurate as it happens! Try switching GPS off and you'll see) WiFi-based location mapping back to to Google in there ... This is from my device's cell data use in the last week:
Maybe they're the ones sending my photo thumbnails back to Google for the NSA ...
My real concerns about Facebook.
- Firstly, the feed is filtered differently. Actually through the APis it doesn't appear to be filtered at all so your "Close friends" and "Acquaintances" don't get the prominence you've asked for in your feed. If you're not familiar with those options they are a great way to increase/decrease the prevalence of friends in your stream - and if you really want to "stalk" a friend then there's also the "Get Notifications" option so you get a notification for everything from them. All of these are available when you click the "Friends" button on someone's profile on the web site, in addition to the asynchronous "Follow" option for those who allow it. There are many who think that Facebook filters the feed too much, and for them using another app might be a good idea ... Except for the second problem with third party apps...
- Many people have (understandably) set their privacy options (Settings -> Apps -> Apps Others Use) to prevent access to their posts and photos etc. (NOTE: Some experimentation I've done suggests it may not always work...although you can kill off the platform app entirely from Settings->Apps->"Apps, websites and plugins" which does seem to work but stops you using FaceBook logins anywhere) It's to stop games and other rogue apps from being able to access their "friends only" information, but it also prevents "real" third-party facebook clients from seeing their posts. Maybe there needs to be two classes of app - and perhaps the "anonymous login" option for apps is enough - although there's little incentive for Facebook to do quite enough to make "real" third party clients work as it's generally easier to inject ads in their own clients the way they want...
- I wrote about a bunch of other concerns a couple of years ago, and although some things have changed since then, I did mention the app permissions thing in there. and why people would choose to restrict app permissions.
Social moving forward - is there any hope?
Ello, Goodbye. https://t.co/bvjhexNIa2 Why I’m leaving Ello (and why you should too). #venturecapital pic.twitter.com/XFQDwA3FgN— Aral Balkan (@aral) September 26, 2014
But if you really value you're privacy, I suspect that LinkedIn, also known as "The Creepiest Social Network", is probably the one to avoid ..
NB The quote in the title of this article is from Kasabian's Eez-eh single