ARRL QST Android app is Potentially Dangerous
Displaying 1-5 of 5
| Jul 9th 2016, 22:01 | |
NS6QTotal Topics: 0 Total Posts: 0 |
I thought I would use the ARRL Android app to read QST. As with all Android apps I load, I did a quick review of the app's permissions. This app has the potential to be one dangerous app!!! Look at the permissions it has (things it is allowed to do behind your back). Below are some of the things it can do to you and ways it can steal from you. I put *** some of the more outrageous ones. Note: I an not saying the app does these things, just that it can (I would have to rip the app apart to lean more). Why ask for things it is not going to use? That is not a very trusting start of a relationship. I would expect the ARRL to respond by saying something like "oh but we don't use all those permissions, don't worry, be happy". That wold be like saying "Can I have you credit cards, I won't use them but can I have them anyway"? All this just to read a PDF file of a magazine on your device? 73, Mike NS6Q -------------------------------- All permissions used by the QST App: Identity *** find accounts on the device Contacts find accounts on the device Location *** approximate location (network-based) SMS *** send SMS messages Phone read phone status and identity *** directly call phone numbers Photos/Media/Files modify or delete the contents of your USB storage read the contents of your USB storage Storage modify or delete the contents of your USB storage read the contents of your USB storage Wi-Fi connection information *** view Wi-Fi connections Device ID & call information read phone status and identity Other receive data from Internet full network access *** view network connections *** send sticky broadcast control vibration prevent device from sleeping |
| Jul 10th 2016, 12:42 | |
aa6eTotal Topics: 0 Total Posts: 0 |
The League uses the commercial service of nxtbook.com for Digital QST. nxtbook's clients are asking for the privs, which is (unfortunately) a common practice in the industry. 73 Martin AA6E |
| Jul 11th 2016, 15:50 | |
W1VTSuper Moderator Total Topics: 0 Total Posts: 0 |
The League's subscriber base is too small to justify doing this service in-house. Zack Lau W1VT ARRL Senior Lab Engineer |
| Jul 18th 2016, 00:42 | |
N5TEVTotal Topics: 0 Total Posts: 0 |
Why not just allow members to log in to their ARRL.org accounts and download QST as a PDF each month? The current app is quite poor. |
| Jul 20th 2016, 18:51 | |
WB1GCMSuper Moderator Total Topics: 0 Total Posts: 0 |
If a member downloads a PDF of the entire magazine, he/she could then share that file with the rest of the world. At that point, they would be giving away the magazine. Membership would decline, funds would lost and the only substantial advocate for Amateur Radio (the ARRL) would be diminished. The app, however poor, is needed to protect copyrighted material. |
Displaying 1-5 of 5
