Don’t Call It A Security Hole: Android Apps Can Access All Of Your Naughty Photos
As most of you probably wont know — being primarily Android users and all — there’s been a lot of commotion these past couple of days regarding Apple’s mobile platform. Apparently, any and all iOS applications can easily access locally stored photos saved onto a device without a user’s consent. Sounds scary, right?
Before you point and give a Nelson “Ha-ha,” it would behoove you to know that Android applications are capable of doing the exact same thing. A little differently, mind you, but largely the same thing. In the coming days this news will no doubt make just as big of a splash as its iOS counterpart, sending the uninformed consumer into a tissy. But before you run out and throw your phone into the dumpster, you should know that this isn’t exactly a security hole. It’s just how the operating system works.
And not to sketch you out even further, but it’s actually the same way the operating system on your computer works too. Yup. Windows. OSX. Mac. PC. Because your computer stores pics locally on your hard drive (and Android stores them on a micro SD or internal storage), technically it would be possible for just about any application on your PC to also gain access to your photos — just like Android (and iOS). Does that mean your new Twitter application is uploading your racy pics to some dark warehouse in the South Americas? I would hope not.
This is exactly what Google addressed to TheVerge in a statement,
We originally designed the Android photos file system similar to those of other computing platforms like Windows and Mac OS. At the time, images were stored on a SD card, making it easy for someone to remove the SD card from a phone and put it in a computer to view or transfer those images.
As phones and tablets have evolved to rely more on built-in, non-removable memory, we’re taking another look at this and considering adding a permission for apps to access images. We’ve always had policies in place to remove any apps on Android Market that improperly access your data.
As we move away from micro SD card slots in our phones (HTC One X) and to nothing but non-removable storage, Google could soon be implementing some kind of firewall, or just added permission settings for users who want to keep their photos locked down. Let’s hope it’s not at the cost of features like Android’s intents. We’ve already seen the problems fear and added security can create. Just take a look at the TSA.