Hello again readers! Dear Berry is here once again with a mailbag full of BlackBerry questions and woes. Today's question comes from ICEMAN9 who asks:
Here's a question that I know many people have. When you are giving permissions to apps, what permissions are you really giving the app (ie. Shared Files, E-Mail/Pin Messages, Device ID, etc.)? What does each of these really mean? Why does the app need to have access to them? Are we compromising our privacy by doing so? I understand that if an app (ie. Maps) needs to access your location, but why do other apps need to if they are not location based?
That is a very important question. Simon Sage compiled a list of what the application permissions mean on BlackBerry 10 which you can review as well as the behaviors that are unacceptable (including what information is collected) which can be found here.
You can also find the entire list of permissions and their explanation at this link. However, I will endeavor to create a more detailed list for you.
To answer your questions here is a short list I compiled below though it is not a complete list of all the reasons why a developer requires them.
- Location - Applications that are not location based but require the permission may utilize Ad Services. For example, the recently released application Chive On requires this permission because of the ad service as it is a free application.
- Shared Files - It allows the app access to the storage on your device, SD card and the cloud. This is used in cases where the application would need to save or access files on your device, such as a camera application. In that case then another permission allowing the camera application would also be included. In the case of Chive On, so that it can save images from the app to your device. In the case of utility applications, it lets them save a backup on your device. For example, SMS Backup uses Shared Files so that it can save the backup of all your text messages onto your device or SD Card and also restore this information. As such it also uses the Text Message permission so that it has access to these messages. It also asks for Email and PIN permissions because it offers the ability to email the backup file and so your device needs the permission enabled to trigger the email popup box.
- Device ID - again this permission can be used in conjunction with Ad Services. In other instances, some developers make their application locked to a specific pin when purchased for security. This permission allows it to access that information to ensure the application is only running on the device it is supposed to. Also, some developers when creating a beta version of their app for testing will ask you for your PIN so that the testing version will only work on that specific device. This permission allows them to see this information to confirm. However, that is not to say some developers out there do not use this PIN to start sending advertisements for their other apps. In that case, you can contact them or simply delete the app (however, that is very rare lately). Another use for accessing this permission is the ability for the app to know if you have your phone set to 24hr or 12hr clock or timezone.
- Connect to BBM/BBM Contact Invites/Profile Updates - These are permissions that simply grant the application the ability post to BlackBerry Messenger. One of the requirements of the Built for BlackBerry program was that it be social and integrate within the system. Being able to share images, documents, updates, posts, etc. in BBM was one of the services offered and that is what these permissions were for. For example, sharing the app with your BBM contacts or updating your status that you purchased it. Another example, is with Blaq and that it allows you to update your BBM status with your tweet. This is how it is able to do so.
- Calendar - This allows applications to add, view, or delete appointments. A great example of this is Evernote and how it adds reminders and can place items for follow up.
- Internet - allows the application to send or receive internet data. For example, the banking application Check requires this to be able to use the internet to pull your personal data off their servers.
- Contacts - Allows this app to access contacts, including viewing, creating, and deleting. For example, there are a plethora of contact backup applications in the storefront. The application ContactsImEx uses this permission to access the contacts to allow for backup on your device or SD card. It also can merge duplicate contacts which is also why it needs this permission and asks for access to the Shared Files permission so that it can access your device to store this backup file.
I hope this has helped answer your question. For people who are skeptical or uncomfortable over an applications permission you can write to the developer or you can go into Settings > Security & Privacy > Application Permissions and turn off the features you do not want them to access, if available. If the application stops responding then you will know it is required to run.
In addition, BlackBerry instituted a new program to ensure app security in BlackBerry World. Two new logos will now appear as part of the vetting process to show it was scanned by BlackBerry Guardian and Trend Micro. These programs will analyze and scan applications for potential malicious behavior. If you are nervous about an application accessing your personal information be sure to look for these logos beneath the app description before downloading.
Calling all BlackBerry developers! Fee free to join the conversation and let us know your thoughts or any advice you can offer on this important question in the comments below.
See you next time!
Have a question about BlackBerry etiquette? Need advice on how to cope with your BlackBerry addiction? Dear Berry has you covered and there's no question too big or problem too small. Submit any of your BlackBerry woes by email to firstname.lastname@example.org or on Twitter @DearBerryCB.