Myspace — I mean Facebook — is at it again in a full court press with their Messenger app. You may remember the app and its conteoversy. You can’t check your FB messages without it. Unfortunately, you have to give it a lot of permissions that give both Facebook and even relatively inesperienced hackers access to a lot of the data from your phone. Sam Fiorella wrote an article about it in HuffPo:
The Insidiousness of Facebook Messenger’s Android Mobile App Permissions
Facebook has gone out of their way to argue that the fears are unfounded, but the truth is, there is more reason to avoid the app than need to use it. I personally haven’t tried them, but there are workarounds that allow you to avoid this insecure application:
An iPhone trick to avoid Facebook Messenger and keep chatting
Just so you know, here are the details of what the Terms of Service (TOS) allow the Messenger app to access on your phone. The more ya know, y’know?Allows the app to change the state of network connectivity
~Allows the app to call phone numbers without your intervention. This may result in unexpected charges or calls. Malicious apps may cost you money by making calls without your confirmation.
~Allows the app to send SMS messages. This may result in unexpected charges. Malicious apps may cost you money by sending messages without your confirmation.
~Allows the app to record audio with microphone. This permission allows the app to record audio at any time without your confirmation.
~Allows the app to take pictures and videos with the camera. This permission allows the app to use the camera at any time without your confirmation.
~Allows the app to read you phone’s call log, including data about incoming and outgoing calls. This permission allows apps to save your call log data, and malicious apps may share call log data without your knowledge.
~Allows the app to read data about your contacts stored on your phone, including the frequency with which you’ve called, emailed, or communicated in other ways with specific individuals.
~Allows the app to read personal profile information stored on your device, such as your name and contact information. This means the app can identify you and may send your profile information to others.
~Allows the app to access the phone features of the device. This permission allows the app to determine the phone number and device IDs, whether a call is active, and the remote number connected by a call.
~Allows the app to get a list of accounts known by the phone. This may include any accounts created by applications you have installed.
Whatever you choose to do, it’s better that you know the extent of the rights you sign over to the application before you do. We are way too naive and blindly trusting. Here’s a media release that was part of the campaign to quell fears of the TOS permission grant of Messenger: