I was sent this article by my mother to today about the Facebook messenger app
In short, it’s about the crazy set of permissions the Facebook messenger app asks for.
Snopes has a list of the implications of these permissions. Apparently this has parents freaked out all over the place. I took the opportunity to explain that Facebook already has access to most of that information anyway and how the safe project prevents that type of information disclosure. We’ve got another believer now.
Can safe help mitigate mic and camera usage for nefarious purposes? It seems to me that’s a no, but I’m curious.
Not at launch, but ANT Technology (@dyamanaka ;-)) allows us to build towards that in the form of SAFE OS, booted off the network.
This vastly reduces the amount of vulnerable code a user has to run, and could provide a trusted layer to act like a firewall between apps and hardware based on fine gained permissions.
The issue here is not so much the infastructure facebook messenger is built upon but rather peoples’ willingness to use it despite having a high degree of control of their system. Permissions granted to apps are generally take all or none. Any number of apps probably have more permissions than you realize.
I understand that. This whole controversy is bringing the issue to light to the masses though.
While you are right this specific controversy is not about the Facebook infrastructure, I was able to use it to explain just how much information Facebook has access to regardless of the app. It was quite inspiring to watch my families eyes when it clicked. I’ve been telling them this for years, but this finally made it “real” for them.
This is where SAFE OS can change things. ATM permissions are granted or not, and the app is therefore able to force permissions that a user doesn’t want. There is a program already that allows users to use an app as if they have granted permissions, but actually serves the app with useless information when it accesses the features the user did not want to offer.
This is what I meant by “fine grained”, perhaps there’s a better way of saying not just “fine grained” but also putting the user in control of what data she shares with an app.
We have the same issue with the “click here to Agree” rubbish we all accept whenever we install any piece of software, purchase any goods etc. Those agreements should IMO be unenforcable, because it is not possible for any individual to read, let alone understand them, and even if they did it is simply impractical to avoid products on a take it or leave it contractual basis that gives power over the one side. If the system is to be fair, the user must have an equal negotiating position, which she patently doesn’t. This is the so called “free” market, that offers an uneven degree of control and choice to some, so saying it is universally free is not true.