Comment by NavinF
2 years ago
You don't trust your OS to sandbox it? With a threat model like that, I wouldn't use any apps other than the browser
2 years ago
You don't trust your OS to sandbox it? With a threat model like that, I wouldn't use any apps other than the browser
If anyone is in the situation that they need to put an untrustworthy app on their android device, the "work profile" feature can segment it off further.
Insular is an app that lets you create and manage one of these profiles on the device itself: https://gitlab.com/secure-system/Insular
Work profile is really neat, yeah. I'm using Shelter for this, it's quite nice: https://f-droid.org/en/packages/net.typeblog.shelter/
Maybe you are using a fully open phone, but mine has an OS made by Google and almost every app tracks my location without my consent.
For the past 9 years, Android has allowed users to disable location permission per app. More recently, you can choose to share "noisy" location, which just provides an approximation of your location.
Google will never stop spying themselves but will give you the ability to stop their competitors from spying on you. Heh..
I'm an app dev. How exactly would I track your location without your consent?
For example, based on my IP address, nearby wifi networks, and camera footage.
2 replies →
From the AppStore:
Data Linked To You:
Purchases, Location, Search History, Usage Data, Financial Info, Contact Info, Identifiers, Sensitive Info.
Nope Nope Nope.
That explains nothing. I'm pretty sure it's talking about info that you type into form fields in the app. Same reason FB "links" your health info even though it has no access to the health info stored by your OS.
The same applies if you use their website. It'll still ask for that info with a web form.
> Same reason FB
...is not installed on any of my devices
I mean, that horse has already bolted..
https://www.nytimes.com/2024/05/31/business/ticketmaster-hac...
Yeah that has literally nothing to do with their app. If you submitted your data on their website, it'd be leaked just the same
You're implying that the data from the app is stored in a different more secure manner than the data from the website? That makes zero sense. The fact that they got hacked and is the only thing that matters, not which mode of input you provided the data they did not protect.
6 replies →