Clicky

Android Apps Can Also Upload Photos Without Explicit Permission

By  |  1 Comment

On the heels of iOS apps getting caught uploading user contacts and photos, Google’s Android operating system for phones and tablets is under fire for a similar vulnerability. As it turns out, if an Android app has access to the Internet, it can upload your photos without asking permission.

According The New York Times Bits blog, almost any Android app is capable of access user’s photos without them knowing.

To test the idea Bits had an Android developer create a custom app. The app billed itself as a simple timer that asked for permission to use the web. After the app was granted permission it uploaded the user’s latest photo to a remote server.

Android Apps access to Photos

Android allows apps to access your photos and upload them without permission.

When Bits asked Google about the situation, Google said that the unrestricted access to photos was a design choice.

In the past Android stored photos on microSD cards. Apps would have to ask for permission to use each card, which could get complicated if the user had multiple cards. Then, as Android devices changed to rely more on internal storage the apps didn’t need to ask for permission.

With the new details coming out, the Google spokesperson said the company is “considering adding a permission for apps to use images.” That way users would know just when apps are accessing their photos.

It’s unclear if any apps in the Android Market currently use this trick to upload photos without user permission, but, given the amount of malware on the platform, it wouldn’t be hard to imagine a few apps out there do.

Google is already under fire for privacy issues realting the to Google’s new privacy policy which is in effect starting today. The new privacy policy has drawn a lot of criticism because of the way Google is storing and using information recorded by users of Google services.

Hopefully Google will force apps to ask permission before uploading your photos to the Internet. Most users aren’t switching SD cards and many phones have internal storage, so the change would have a minimal negative impact on users.

Shawn is a tech junkie who spends most of his time reading and writing about it. You can follow him on Twitter, @shawn_i.

1 Comment

  1. Tracy Cooper Jr.

    03/01/2012 at 1:22 pm

    You know what I would really like to see? The ability to pick and choose what permissions an app can have rather making it be an all or nothing deal. I should be able to install an app and decide if I do or do not want it access to my location. The choice should not come down to “If you don’t want to give it access then don’t install it.”

Leave a Reply