I don't claim to be any expert.Īlso I should clarify that I’m just mentioning these things as GENERAL principles related to security/permission management because it seemed absent to me initially. Sorry if this comes off overly-argumentative or fear-mongering. Is putting out a good (even awesome) product enough make a dev trustworthy? I think you know the answer if you have been following comments about ES file Explorer on that other android forum. And yes there are often barriers other than email (SMS notifications, phone notifications) but somehow people still get their accounts hacked and their identities stolen so to my thinking we should not give up any of these barriers lightly. When you combine all the above with the ability to mine personal info not only from incoming/outoing/historical emails but also from device storage, it seems a little scary to me. * Email is also one of the primary means which we receive notifications about of suspicious activity on credit cards, bank accounts etc (which could be easily intercepted by someone with access to your email account). * many accounts with email on record can have a password email reset link emailed to the email of record (so anyone with access to email can reset the password). * email is sometimes used as part of identify verification related to other accounts. It's easy to imagine that someone savvy enough to develop email client can develop programmatic rules for recognizing sensitive info and forwarding it to external storage location and the human is notified only when enough pieces of sensitive info on a given individual are collected.Įmail is involved in a lot of activites related to security of other accounts: As for "too busy", it doesn't have to be a human scanning your emails. More importantly I can't do anything about the NSA but I CAN control what programs I install on my phone and I would never consider existence of NSA as any basis to conclude that I should be less careful when reviewing permissions of apps installed to my phone. Regarding the NSA, my level of concern that they will steal my identity or try to hijack financial accounts is pretty low.
0 kommentar(er)
