Not only must the unethical app declare that it reads SMS messages, but it would require access to the Internet as well in order to talk to its server, which it would also have to declare. If an app seemed to legitimately require access to SMS, but also wanted access to the Internet, I'd really wonder about that.
At the same time, non-technical users might never question these sorts of declarations and just go ahead and install unethical apps. There might need to be more helpful information presented to users for each permission being requested, so that non-technical users can understand what they might be getting into. As it stands now, the user must understand the ramifications of allowing permissions based on very little information. - dave http://www.androidbook.com On Apr 13, 9:15 pm, Dianne Hackborn <[email protected]> wrote: > On Mon, Apr 12, 2010 at 11:13 PM, Djidane41771 <[email protected]> wrote: > > some of my student ask me a question, and seems sticking to it. > > this is his questions : > > if really any one can publish an app without google approval, so an > > unethical person can built app to catch sms and send it to his server? > > The user will see when installing an app that it can access their SMS > messages, and there is no way for the application to get to them without > this being reported. > > -- > Dianne Hackborn > Android framework engineer > [email protected] > > Note: please don't send private questions to me, as I don't have time to > provide private support, and so won't reply to such e-mails. All such > questions should be posted on public forums, where I and others can see and > answer them.
