Sign up to our newsletter
The latest security news direct to your inbox
Facebook’s Messenger app has people worried about their privacy – lots of people. A list of Permissions appears to show the app could be taking video of users in secret, according to the Washington Post.
Users of both the iPhone and Android versions of Facebook’s app have found the main app altered so that a second app – Messenger – is required to send person-to-person messages.Without the extra app, the function is removed – sparking further concerns over Facebook privacy.
Security-wise, there are serious issues with Messenger – clearly visible on Android, where apps are required to list Permissions showing what they are allowed to do.
Cosmopolitan writes, “Basically, it can control your whole phone. And, most scarily of all, CALL PEOPLE.”
Metro noted that the app – which attempts to take over SMS functions as well as in-app messaging – can record users with their camera, and send texts without permission.
“As we’ve said, our goal is to focus development efforts on making Messenger the best mobile messaging experience possible and avoid the confusion of having separate Facebook mobile messaging experiences,” a Facebook spokeswoman said.
“Messenger is used by more than 200 million people every month, and we’ll keep working to make it an even more engaging way to connect with people.”
The full list of Permissions is here:
But there may be another explanation, the FT says. The split may herald a move towards person-to-person messaging – after Facebook’s failed purchase of Snapchat.
“Snapchat over-indexes with the very segment where Facebook has cited falling engagement: teenagers,” said Geoff Blaber, of CCS Insight. “The continued introduction of new services, either organically or by acquisition, is essential to maintaining user engagement.”
Video functions were added to Snapchat recently, as were text messages and video calling.
Users are already concerned over the list of permissions granted to Facebook’s main app – which has expanded. Many apps – such as Facebook’s, have come under fire for Permissions which change after the app has been installed. For instance, Facebook now requires the ability to turn a smartphone’s Wi-Fi connection on and off.
Protecting against apps which ask for further permissions after install is difficult. Apps built to go online update frequently, for perfectly valid security reasons – and often without alerting the users, at least not as clearly as the alerts on Android’s built-in Permissions menu.
“As Facebook users have noted over the last few weeks, for example, their Android app is now demanding access to SMS / MMS, calendar events, and WiFi control,” commented The Register.
Author Rob Waugh, We Live Security