DEV Community

[Comment from a deleted post]
Collapse
 
nektro profile image
Meghan (she/her)

The glancing at how apps may be accessing your phone has been on Android since Android 6.0 and since iOS 8...

this is a massive breach of security and privacy imho. I don't know the extent to which each operating system allows apps to observe/interfere with other apps, but the fact any amount it is even possible I very much disagree with.

  • Twitter knows what apps I have installed on my phone
  • you can inject custom lenses into Snapchat
  • you can install browser ad blockers for Chrome and Safari through app installs

Now while these specifically aren't terrible use cases, I always assumed operating systems treated all 3rd party software as malicious so I don't know why any of is available to developers.

This does not include IPC set up between the developers of both apps. But from what I've seen Android, iOS, Windows, etc allow developers access to APIs much wider than IPC.

Collapse
 
omarrodriguez15 profile image
Omar Rodriguez

Not sure where the breach of security is here, please do explain maybe I am misunderstanding. All apps are sand-boxed. To my knowledge, again correct me if I am wrong with some documentation, there is no way to "inject" anything into other apps. You can make things available and communicate between apps via IPC but other than that no.

Also being able to see what apps are accessing is a huge security plus in my opinion I don't want a game that I download to have access to my text messages? Seeing what an app has access to is a passive observation of the apps permissions nothing more nothing less.

Collapse
 
rhymes profile image
rhymes

Unfortunately reading the list of installed apps is a common practice on Android, there's a public API.

Android probably suffered a lot, security wise, by the fragmentation. I still don't know why Google allows such APIs though.

For a number of reasons, including this one, I'm considering switching to iPhones the next time I have to change smartphone. Not super happy about it but I'll adjust ๐Ÿ™„

Collapse
 
omarrodriguez15 profile image
Omar Rodriguez

Why is seeing a list of installed apps bad ? How is this any different than any other operating system ?

 
rhymes profile image
rhymes • Edited

Because I can profile you with such data. If you have Tinder you're most probably single. If you have an app to register your menstrual cycle you're most likely a woman below a certain age range. If you have an app to track your running, that's another thing I know about you and so on. I can also see if you have any of the apps of my competitors installed.

I reasonably suspect that most people do not know about this and even if they won't care they still are not even asked if they can be profiled in this way.

We say that data is anonymous but you can learn a lot about a person from which apps they have installed (and how the list changes over months and years).

It should at least be an explicit permission. The mobile apps now have to explicitly ask to the user "hey can i access your photos?", I wonder what would happen if asking "hey, can i read the name of all the apps you have installed?" was mandatory ;-)

 
omarrodriguez15 profile image
Omar Rodriguez

Ahh that's a very good point thanks for enlightening me. I do like the suggestion of adding it as an explicit permission.

Collapse
 
nektro profile image
Meghan (she/her)

Sadly iOS allows it as well ๐Ÿ˜ž and if the next iPhone whatever doesnโ€™t have a headphone port when my 6s dies then Iโ€™m going right back to android ๐Ÿ™

 
rhymes profile image
rhymes

Sadly iOS allows it as well ๐Ÿ˜ž

Are you sure? As far as the mobile devs I work with told me this feature is not available for iOS, maybe in the latest version?

if the next iPhone whatever doesnโ€™t have a headphone port when my 6s dies then Iโ€™m going right back to android

Yeah, tough some Android phone makers are removing it too :(