New Facebook app update demands unreasonable privacy access – The Tech Curmudgeon

The Borg meet the One App in the Facebook app’s latest privacy permissions.

Internet and Social MediaThe Tech Curmudgeon has got a Facebook app on his smartphone, probably like nearly everyone else in the English-speaking world. But the Tech Curmudgeon hasn’t updated it to the latest app, and he won’t. In fact, when his current version of the Facebook app stops working, the Tech Curmudgeon will purge the app from his phone entirely rather than update to the next version. And when his phone finally dies and the Tech Curmudgeon has to get a new one, he’ll probably purge the Facebook app from that one too, all because Facebook’s recent update has asked for permissions no one in their right mind would give Facebook.

See, the Tech Curmudgeon have set up his phone not to update every app automatically. When an app update is ready, the Tech Curmudgeon’s phone asks him if it’s OK before updating the app, so the Tech Curmudgeon has a chance to read through the reasons for the update. Most of the time updates are due to bug fixes or the addition of a new feature that the Tech Curmudgeon thinks is useful, and he gives the phone the go-ahead to update. But once in a while the reasons for the update aren’t obvious, or the update comes with new permissions that the Tech Curmudgeon has to approve before the update kicks in.

That’s what happened with Facebook’s latest update. First, Facebook wanted the Tech Curmudgeon to let their app modify his call records. If they just wanted to read the logs the Tech Curmudgeon might be OK with it. But why on Earth would Facebook need to write to the call logs? The Tech Curmudgeon can’t imagine any reason for that other than Facebook wants to become The One App, replacing contact list, phone log, browser, email, everything. And the Tech Curmudgeon isn’t exactly keen on letting Facebook, of all companies, more power over his phone than absolutely necessary.

Second, Facebook wanted the Tech Curmudgeon to give them the right to access and modify his calendar. You know, given how useful the Tech Curmudgeon has found Facebook’s “upcoming birthdays” notices, he can see why some folks might appreciate calendar updates from Facebook. But the Tech Curmudgeon made a conscious decision to keep the distractions on his phone to a minimum, and he doesn’t want that kind of stuff cluttering up his calendar. More importantly, the Tech Curmudgeon doesn’t want Facebook reading his calendar for whatever purpose they think they can make money off of. The Tech Curmudgeon has all sorts of personal stuff on his calendar, and it’s not unheard of for the Curmudgeon family to put vacations and outings that any Facebook hacker with half a brain could sell to an enterprising burglar for a tidy sum.

Given their privacy issues and the fact that they’re a massive hacking target, would you trust Facebook with that kind of insider information on your life inner workings? Is it worth worrying about coming home some night to find that a burglar bought your Facebook-accessed schedule from a Russian mob hacker for a couple of grand? The Tech Curmudgeon certainly doesn’t think so.

Third, Facebook wanted the Tech Curmudgeon to let their app send emails to people on his behalf. Um, hell no. You see, the Tech Curmudgeon have at least one brain cell that mostly functions, so no, he’s not going to give Facebook permission to hack his personal email accounts. What would they be sending on the Tech Curmudgeon’s behalf? And what happens if (when) the app has an exploit that can be used to gain access to Facebook? What’s to keep a stalker or disgruntled former employee from hacking the app in an attempt to ruin the Tech Curmudgeon, and without the Tech Curmudgeon even knowing it’s happening? The Tech Curmudgeon admits he’s being a bit paranoid, but if you can’t imagine hackers giving a shit about your phone, here’s a link about phone malware and another about cell phone botnets. Oh, and while Android is more susceptible since it’s open source, don’t for an instant think that iOS is immune.

Each of these would be bad enough on their own, but now take each and every one of the Tech Curmudgeon’s concerns above and ask yourself this question: how bad would this be if Facebook had access to my employer’s information?

The Tech Curmudgeon doesn’t use his phone for work, what if he did? Suddenly Facebook has access to the Tech Curmudgeon’s work schedule, the titles to all his meetings, and the text of the meeting notices. Now Facebook has access to all of the Tech Curmudgeon’s suppliers and customers’ phone numbers, extensions, and call durations. Now Facebook can send company emails without the Tech Curmudgeon knowing they were doing so, and with the Tech Curmudgeon’s name attached to the emails. And now the Tech Curmudgeon’s personal paranoia above becomes an issue of industrial espionage and corporate intelligence.

Given their privacy issues, would you trust Facebook with that kind of insider information on your company’s inner workings? If you answered “Yes,” then you have. No. Fucking. Clue. Oh, and the Tech Curmudgeon want your employer’s name so he can short their stock and make a killing in the market when they implode due to your stupidity.

Facebook is like the Borg. Existence like you know it could well be over if you give Facebook access to all the private information on your phone that they want, especially if you use Facebook on the same phone you use to access your work calendar and email. But resistance is not futile. It’s as simple as refusing to click “OK” when you’re asked to let Facebook have access to your private information.

And it’s as easy as purging the One App from your phone when it will no longer take “No” for an answer.

One app to rule them all, one app to find them
One app to bring them all and in the smartphone bind them.

3 replies »