Like most people, I have a flashlight app on my smartphone. It was a free download. It's handy to always have a flashlight in my pocket. I use it often while setting up on stage.
Yesterday I noticed that it was storing 8.2 MB of data (beyond the 6.7 MB the app itself takes up). I found that surprising. What on earth would a flashlight be storing? For that matter, why is a program that simply turns on a light 6.7 MB in size?
Then I checked the app's settings. Shockingly, I had given this flashlight the following permissions:
- read phone status and identity
- take pictures and videos
- read, modify and delete my USB storage
- change system display settings
- full network access: receive data from internet, view network connections, view wi-fi connections
- retrieve running apps
- control flashlight and prevent phone from sleeping
- modify system settings
Holy crap! This flashlight can take photos without my knowledge, monitor all network activity, know what other apps I have, and even reconfigure my phone.
I then checked other apps on my phone. I have a compass app that I actually paid for. It has permission to take photos and has full network access. Why does it need any of that to tell me which way is North?
Another one is called "Earth", a map utility. It has permission to find, use, add
and delete accounts on the device.
AT&T installed an app that (I think) lets me use my phone as a TV remote. It can take pictures and videos, send, receive and edit text messages, record audio, read and modify my Contacts, read and modify my calendar, read and write web bookmarks.
It's true: there's no such thing as a free lunch. Those "free" apps may be nothing more than a trojan horse.