Shared publicly  - 
 
Many of us like trying new apps. But take a moment to check out the ratings and permissions before installing that app. Does that calculator app really need to know your location or send an SMS on your behalf? If it’s asking for more permissions than it needs, the app could be malware. When in doubt, check out the ratings, read the comments and consider downloading another app. http://goo.gl/ITfpve #staysafe
1469
313
Jeremiah Payne's profile photoTed Chien's profile photoJohn Dangcil's profile photoMartin Sigaard's profile photo
132 comments
 
It would be great if Google Play Store policed the rogue apps a little better as well. A 2 way vigilance, seller & consumer... 
 
So, what are you saying - Google doesn't do anything to prevent or at least limit "unsafe" (harmful to cpu or privacy) apps?
 
And what about you

What are you doing to block those? 
 
Last I heard (assuming you're talking about your Google account and not your phone) +B.laine Walton you couldn't...but +Google Play is (I think) aware of that suggestion
 
This is like a department store telling it's customers "buyer beware." 
 
I think it should be Googles own house keeping to check all apps and release them There are often issues with apps especially after new versions of Chrome.
(Example: Since Chome v 30 final Googles own app "Translate for Google+" does not more function. I reported this 2 times to Google without any feedback)
Releasing seems basically not to be taken place. Therefor I prefer to use only Googles own apps. But better is nothing to use at all.
 
Typical open source. This is why I like apples AppStore. Also why a lot of times I use amazon AppStore on my S4. 
 
Always good to check. Do Google nevertheless check and not approve malware in Google Play?
 
In all fairness +Google , it would be great if there was some way to report such over reaching by an app so that you guys can remove or or make the devs re write them.
 
Comparing Google Play to the jails the iPhone and its app store are is just rediculious. The amount of bad apps on Google Play is truly neglible, but any sane user would also check anything before downloading it to their iDevice. What apple does is pure censorship.
 
Google, are you spying on people? Why do you ask to look at my pictures, bookmarks and searches I make on the web?
 
Rooting your phone without warranty loss would be nice so you can block some app permissions 
 
I love it how the majority of commenters in here don't want to be held accountable for their own actions. Sad. This is why Google has to post things like this. Which makes the world around us look very sad. Stop flying blindly people. Use your mind to think. I appreciate the fact that Google doesn't take me for granted. Companies that dictate experiences for their consumers concern me because those users tend to take the company word as fact. You are responsible for you... not someone else. 
 
Hmm, +Scott Wright - to hold google accountable for their end isn't the same as we don't keep check on ours, is it. What I really just wanted to know is why google have made it so difficult to determine WHY an app needs or demands certain access rights. That's hardly the fault of either developers or users.
 
Meh, if google really wanted to help out with the situation, they would allow us line-item denial for apps.
Perhaps that calculator really is the best one around, so I download it but deny it access to SMS and Location information. 
Not all that hard guys.
 
+Martin Sigaard They've not made it difficult by intention. It's impossible to know why without asking the developer, and hoping they don't lie, or use insanely complex code analysis technology (which I do suppose they're working on).
 
+Henrik Danielsson Look at how many years it took the Android team to figure out that maybe letting apps go rogue on the user's information area. You think it was hard to do? I don't. And I don't think more incremental access rights is hard either. I just don't think they think user first. But I would of course rather hear that from google, instead of my own ignorant speculations :)
 
+Henrik Danielsson If they ever do that, I (oddly enough) hope that it pushes the price of apps up.
I would much rather have a $10 app that does exactly what I want exactly how I want than have a 99¢ app that runs up my data-plan by broadcasting all of my information and incessently downloading ads.
 
"Not all that hard guys." Then the next Google release will be: "We give you the option to line-item veto permissions. Don't forget to check those permissions when you install an app." Same result: you take responsibility for your actions. SMH 
 
its hard to check ratings when there is no way to sort through them.....please talk to your colleagues about fixing this huge flaw.  thank you
 
Actually +Armand Salmon , It's more like going to a drug store, but expecting the store to remove any drug with harmful side effects. It's really up to the consumer to decide if he/she wants to deal with them. 
 
people who review apps have absolutely no infosec background. bad reviews are usually bogus, good reviews are usually uninformed and biased. 
 
How long until I can download kit Kat?
 
+B.laine Walton Do you not have the ability to do that from the play store on your phone? I have for months. If you want to delete multiples, hold one of them down until it changes color, select the ones you want to delete, and tap the X at the top. Deleted
 
+Robert Chapman With a black-bar warning outlining the dangers, that you can only buy after a doctor has prescribed if for you.
 
+John VanRoekel , you're missing the point. Drugs have side effects, and unless you read the label or ask your pharmacist, you won't know about them. No different than the play store. 
 
There should be a counter for number of crashes per version per download/install O:-)
 
To think that Google intentionally wants these things to happen or isn't trying to problem solve this in the context of their system is ignorance. I am just glad they Google is taking a stance and calling out consumers. ..... I am 100% sure that Android knew all along. .. They probably were shocked at how many people out there needed to have someone think for them. 
 
+Henrik Danielsson Some do, some don't.  I actually have a pretty minimal set of apps, mostly because of exactly how bad this problem is.
 
I don't know +Robert Chapman, I wouldn't readily associate the Google Play Store, (previously Android Marketplace) with a drug store. I guess that would make the 'apps' the 'drugs'? Seems like an extreme example.
 
Well, development costs money, that's why we prioritize. I think it's naive to think google doesn't prioritize their customers - the merchants - over their end users. Or even worse, thinking that a company with such vast resources isn't capable of coming up with better solutions.
 
+Robert Chapman actually, I am on-point.
A drug-store will not sell a drug that they know has harmful side-effects without first ensuring that due-diligence has been done.
The app-store will effectively sell anything with no due-diligence.
They are very different situations.
 
+John VanRoekel I don't run that many either, mostly stick to what I can get through F-Droid or similar, except for games which I get through the humble bundles.
 
oh yes, the former Android Marketplace. My fault.
Sorry +Daniel Price , I will try harder to get my "facts" right.

I'm sure you understood my point.
 
+Google Play how about filtering search results by rating... That's a quick way to filter out most of the dangerous junk out there... Its ironic that the king of internet search returns such crummy results on its own app store
 
+John VanRoekel , that may be true, but you still won't know about it unless you ask. And you can't be sure Google isn't doing things similarly. So yes, you're missing the point. 
 
Here's a question, does anybody actually no know a single person who's been affected by mal-ware from the play store in the last few years?
 
+Stephen McGann  Depends on how you define "affected"
If you define it as "Had privacy violated as an app uploaded all of their info to a third-party site" then "yes"
If you mean "Screwed up their phone so bad that they had to wipe it and start over", then well, also "yes"
So I guess it doesn't depend on the definition after all : )
 
+Quinten Kilborn I could have just answered "Yes" but I figured I would expound.
Perhaps having known several people who have had apps "go rogue" is one of the reasons that I am so skeptical of the system.
(Typo edit)
 
I think Google does a good job. My s3 will also alert me about questionable apps.
 
Well I thought removing malware from the app store was Google's job.
 
+Bennison J Suthakar Kind of.
google will remove an app if they get a bunch of complaints, which is very different from vetting it before allowing it to be sold.
 
Here is what people do not understand say you had the ability to deny individual permissions,you download that calculator app,  maybe you deny location for that calculator app but you didn't know it needs your location to auto calculate the tax for tips, the app is not working correct who will you complain to? You will probably complain to Google because you think it's a bad app. The current system works read, think, install, done and done.
 
+Marquise Richardson if an app has a legitimate need for a permission that is not intuitive, then it is up to them to:
A) Make a case for why they need that permission
B) follow good coding principals and have their app pop a clear error message in that case.  Something along the lines of "That function is not available because it requires location information to function.  Please grant permission or input a location"
 
+Marquise Richardson Ah, but it is google's job to give us the tools to do ours.
Line-item permissions are a very important (and missing) tool for us to do that job.
 
Totally agree - Google went above Apple with the ability to view granular permissions - but I need the ability to DENY granular permissions. That would be a long, long way.

For instance - Facebook turns on GPS every time I launch the app. I have 0 interest in them knowing my physical location.. why can't I prevent the app from accessing GPS? I don't care if it crashes the app because it was a corner case they (facebook dev) wasn't expecting - I'd rather have granular control over my experience with some bumps, than no control at all.
 
+Ryan Castro What version of Android are you running? Have you tried "App Oops" to control permissions at a granular level? 
 
People, google play store is not the only source to install apps. You gotta beware when you download apps from other website. Use them at your own risk. Android is for advance user only. those people who know Android will know How to install apps to block unnecessary permission. 
 
I found an app once that was supposed to be just solitaire, but it requested more permissions than the Facebook app requests. If you get what I am saying 
 
If it’s asking for more permissions than it needs, the app could be malware.

So +Google +Google Maps can you tell me why the maps app needs access to my contacts?
What does my contact list have to do with my location?
 
Why cant google control the malwary apps, then users wont have to worry?
 
If in doubt - then you don't need it.
 
+Paul Marshall That is a great point.
+Google+ Help I know that it usually isn't policy for +Google to actually answer questions that crop up in response to their PR, but could you please walk down the hall and smack them in the back of their head until they answer that one?
Thanks!
 
Some apps can potentially harm you mobile device or tablet.
 
How about this Google...why don't you prevent and enforce a standard that prevents companies from collecting data ...If they want to make it to the Play store
 
Todo cuidado é pouco, infelizmente temos de ficar em alerta quanto ao que baixamos sempre! 
Translate
 
How about you give us a tool that selectively disables app permissions?! Damn near every app in the play store requests for way too much personal information. 

Your company should be vetting apps in the play store. 
EB Harv
+
1
2
1
 
I don't see an issue with +Google 's post. There isn't any doubt that if you've taken the time to read the post and place a comment then you have the ability to do what +Google has suggested. If you think an app shouldn't have the permissions it's requesting then don't install it. It really is that simple.

If you want to be on the safe side then only download apps that have the top developer logo. That little blue diamond thingy. If that's what you're doing then I can understand being upset with +Google about this.

Should +Google be scanning each and every app submitted to the store, marketplace, or whatever they call at the time you read this. Probably so. However you know that they don't and you still make the choice to use the app store/marketplace so it inevitably falls on you. Take responsibility. And stop all this back and forth about all the minor stuff.

+Kelmend Celaj (below) "If we are, for argument's sake installing apps strictly from trusted sources like Google Play Store, we should not have to worry about rogue apps." There is no argument. I mentioned that and agreed with you before hand.

Anything aftermarket is your fault.
 
This post is attempting to absolve Google of it's responsibility to make sure that apps aren't poisoned. If we are, for argument's sake installing apps strictly from trusted sources like Google Play Store, we should not have to worry about rogue apps. PERIOD.

"Anything aftermarket is your fault" is bullshit.

If they do it for chrome apps ( http://nakedsecurity.sophos.com/2013/06/26/google-scans-chrome-web-store-submissions-for-malware/) I'd like to think they do it for the play store as well.

 
Pano kliması soğuk hava deposu fiyatları
gaziantep soğutma sektöründe hizmet vermekteyiz. Pano Klima olarak sektördeki sayılı firmalardan biri olmanın gururunu taşımaktayız. Pano klima sitemleri şirketimiz güvencesiyle montaj ve pano kliması servisi olarak müşteri memnuniyeti odaklı çalışırız. Soğuk hava deposu fiyatları alanında bizden daha hesaplı soğuk hava deposu proje örneği size sunacağımız avantajlarımız arasındadır. Ayrıca soğuk hava deposu maliyeti öğrenmek için
Translate
 
Better apps on apple they do a way better job at policing their apps
 
+Paul Marshall if you have your friend Johnny Doe's address in your contacts, you can ask Google maps for directions to Johnny's. Saves some pain getting a hold of their address and entering that in maps.
(& +John VanRoekel) 
 
+John VanRoekel I have no idea what the future plans are: I read of rumours above, haven't heard them myself yet. That said:

I believe the reason for the "all or nothing" permission model Android started with, was because it's (a) a lot more developer friendly, and could possibly be (b) more user friendly too, due to functionality not being "broken". If security weren't an issue, that is.

Imagining a compromise that could have worked: perhaps if developers had the ability to mark which permissions are optional and which are always required, they could choose which features make sense to be disable-able (is that a word?) in their app?

Anyway, enough from me. Over & out. ;)
Aku Obi
 
I always look at the ratings and comments. The pictures might be a lie. 
Translate
 
You must be very attention, Google, because soviet structures inside romanian and european companies, is asking to me, by a mail apparently from once of my sisters, to sent her by mail, not by upload on Google Drive (what I have to upload). Until yesterday, four weeks, romanian secret services falsified my internet connection, but I kept silence (especially to proof to you that silence under attack is most worst strategy to defense). In fact, NO ONE WESTERN COMPANY DETECTED THIS ISOLATION OF ME, NOT THE ATTACK FROM SOVIET STRUCTURES INSIDES IN SECRET SERVICES AND COMMUNICATIONS COMPANIES. But fire now, that I tell you: soviet agents inside western structures, they try to manipulate me to transmit the important-files by mail, not by upload to drive. You make conclusions. What mater for them is a nuclear arsenals deep hiding-proofs inside my files and seems they can ready intercept and falsify the files by mail.
 
+Google  App permissions are a serious concern for me, a major downside of the Android platform, and, in the absence of default tools to review, revoke, and limit permissions and access, a primary reason why I'm planning to downgrade my phone and switch to alternative products, lacking most of my personal data, and custom ROMed, in future.

It's also lead me to greatly reduce my (non-pseudonymous) use of Google products, and to actively seek out and use privacy-preserving alternatives.

Google are very much falling down on the job here.
 
+David Middleton What's that supported on.  I'm still using Froyo, some of the permissions management tools aren't supported, even with jailbreaking.
 
Here's a tip for Google: acquire Path (could get it for a good price), rename Google+ (what, better than plain Google?) to Googlepath and get a great interface in the bargain!
 
Very true, been caught out & then had trouble when uninstalling.
 
Hey ..I know that it get Crazy. Tell me about it.
 
+John VanRoekel The feature in Maps that depends on access to contacts, calendar and the like is when you want a link directly to a route planner to get you to a contact. I think it's all meshed together in the google now api, so that your android can tell you to get going before it's to late if you want to arrive at time. All good - and should be optional, of course, the real issue here.
 
hi.. i need to contact your jobs help desk.. can you pleae either email me on chakravarthy1165@gmail.com?? i can give you my contact number as well for a contact.. i have experience as well.. will be waiting, thanks
 
No kidding Freaken policies &terms & what ever else there is. What happen to free, no worries. Mind ur own hackers, & nosies & meanies wwjd geez
 
I agree, always look back.
 
Only yesterday I saw an app that I thought about getting and didn't get in the end because it had terrible ratings.
 
The suggestions for checking out ratings and reviews, might be a good one, and actually mean something ; if +Googledidn't allow dev and apps to be blatantly astroturfed.

The reviews and comments might be worth something, if I knew they were real. But seeing as how, I now know app developers can and are offered the option to buy fake favorable reviews and and high ratings. (not saying Google is doing the offering, but it's allowed and I hardly doubt Google isn't aware) Your rating and comment system no longer have any value to me. 
Add a comment...