ToolKit for EverQuest Smartphone app (Now on iPhone and android)

[Daywolf]

Quote:

Originally Posted by Stepper [You must be logged in to view images. Log in or Register.]

Not digging those permissions on Android. No install for me.

Identity

• find accounts on the device

Calendar

• read calendar events plus confidential information
• add or modify calendar events and send email to guests without owners' knowledge

Contacts

• find accounts on the device

Location

• approximate location (network-based)
• precise location (GPS and network-based)

Photos/Media/Files

• read the contents of your USB storage
• modify or delete the contents of your USB storage

Storage

• read the contents of your USB storage
• modify or delete the contents of your USB storage

Camera

• take pictures and videos

Other

• receive data from Internet
• view network connections
• run at startup
• prevent device from sleeping
• control vibration
• full network access
• control flashlight

----------------------------

I gotta admit, I think that's one of the longest permission lists I've ever seen [You must be logged in to view images. Log in or Register.]

[bunglusu]

Quote:

Originally Posted by Daywolf [You must be logged in to view images. Log in or Register.]

Identity

• find accounts on the device

Calendar

• read calendar events plus confidential information
• add or modify calendar events and send email to guests without owners' knowledge

Contacts

• find accounts on the device

Location

• approximate location (network-based)
• precise location (GPS and network-based)

Photos/Media/Files

• read the contents of your USB storage
• modify or delete the contents of your USB storage

Storage

• read the contents of your USB storage
• modify or delete the contents of your USB storage

Camera

• take pictures and videos

Other

• receive data from Internet
• view network connections
• run at startup
• prevent device from sleeping
• control vibration
• full network access
• control flashlight

----------------------------

I gotta admit, I think that's one of the longest permission lists I've ever seen [You must be logged in to view images. Log in or Register.]

Same kind of permissions as instragram, gmail, tinder, facebook, etc etc etc. Apple wouldnt approve malicious software, neither would android.

[Daywolf]

Quote:

Originally Posted by bunglusu [You must be logged in to view images. Log in or Register.]

Same kind of permissions as instragram, gmail, tinder, facebook, etc etc etc. Apple wouldnt approve malicious software, neither would android.

I'm not claiming it's malicious, still a heavy list nonetheless for an app which could externally be susceptible to an attack. As for the ones you mentioned, yeah I don't have/use those. Well apart from gmail as you can't get rid of it, apart from disabling it. Gmail is a nice little security risk.

[Qtip]

Downloaded the app. Very, very cool having everything eq related in one place with easy access.

[Swish]

Quote:

Originally Posted by bunglusu [You must be logged in to view images. Log in or Register.]

Same kind of permissions as instragram, gmail, tinder, facebook, etc etc etc. Apple wouldnt approve malicious software, neither would android.

Why do you need people's locations? If you don't (and you don't), why not take that shit out?

[bunglusu]

Quote:

Originally Posted by Swish [You must be logged in to view images. Log in or Register.]

Why do you need people's locations? If you don't (and you don't), why not take that shit out?

The GPS feature is if someone wants to tag their location, while posting a screenshot. (no different than yelp check in). If you are too paranoid to download app, that is fine, i am not holding a gun to your head. There are thousands of registered users who have not had a single issue with app.

i simply made this app, as a toolkit for people who play everquest. nothing more nothing less.

[Daywolf]

Quote:

Originally Posted by bunglusu [You must be logged in to view images. Log in or Register.]

i simply made this app, as a toolkit for people who play everquest. nothing more nothing less.

Yeah well I play EQ here, so I just gotta say something about it. Most of my installed apps are a few [select] permissions and some with none (and yes I have/use a commercial Android compiler), while others disabled to run unless I say so. I hate that it's a Linux based system w/o Linux based hardened security. I am "paranoid", paranoid I tell you, and if you knew what I/O know you would be too! hah

[mev]

Quote:

Originally Posted by bunglusu [You must be logged in to view images. Log in or Register.]

Apple wouldnt approve malicious software, neither would android.

Apple and Google provide very little scrutiny on malicious software that goes into their app stores. A security researcher once submitted an app with hooks into it to see what kind of testing Apple folks did before it got approved, and they found that the app was tested for about a minute, IIRC. Doing any sort of rigorous security analysis would likely take months, even if Apple and Google could hire enough security people to analyze all of the apps that are submitted (which they can't).

Quote:

Originally Posted by bunglusu [You must be logged in to view images. Log in or Register.]

Same kind of permissions as instragram, gmail, tinder, facebook, etc etc etc.

1. Google and Facebook are large, and a lot of people use their apps, so there is a high degree of certainty that their apps aren't malicious. With only 8k users, if you were doing something malicious, they might never notice.

2. Those apps actually have a reason for using a lot of permissions (eg, Google Now integration, integration between Gmail and Calendar, photo attachments, etc). Since your app serves static content, there is no need for any of those permissions except for network communication (to pull data from the wiki and p99auctions). That also likely means it wouldn't be too difficult for you to tighten up the permissions if you wanted security and privacy minded individuals to use your app.