World of Warcraft

Misinformation and the latest BlizzCon controversy

wow4 - Misinformation and the latest BlizzCon controversy

Disclaimer: This only relates to Android systems.

In the latest among a series of controversies, we now have Blizzard forcing us to use an app in order to access our tickets. This controversy, however, has a distinct and foul stink of misinformation surrounding it.

I saw a mod say that it's important to understand what you're giving an application access to. I agree, so I'm here to do just that. I'm also here to tell you what you're not giving it access to. It's fine to be worried about permissions that applications request, but the criticism should be based in reality.

Application permissions

The list of application permissions

There is a list of application permissions floating around that comes from the play store page. The list is as follows.

>Contacts read your contacts >Location approximate location (network-based) precise location (GPS and network-based) >Camera take pictures and videos >Wi-Fi connection information view Wi-Fi connections >Other receive data from Internet view network connections pair with Bluetooth devices full network access prevent device from sleeping view network connections read battery statistics pair with Bluetooth devices access Bluetooth settings full network access run at startup control vibration prevent device from sleeping modify system settings 

The problem with this list is that it's wrong. It's only ever present on the web version of the play store and doesn't reflect the permissions of the application once it's been downloaded, nor does it reflect the permissions listed on the app version of the play store or the permissions listed in the application manifest. I still don't know why the web version displays different permissions.

The full list of permissions as specified in the application manifest are as follows.

android.permission.INTERNET android.permission.ACCESS_COARSE_LOCATION android.permission.ACCESS_FINE_LOCATION android.permission.ACCESS_NETWORK_STATE android.permission.READ_CONTACTS android.permission.BLUETOOTH android.permission.WAKE_LOCK 

This reflects the permissions listed in the play store which are as follows.

>Contacts read your contacts >Location access precise location (GPS and network-based) access approximate location (network-based) >Other full network access view network connections prevent phone from sleeping Play Install Referrer API pair with bluetooth devices receive data from internet 

The permissions system does not work how you think it does.

The second misconception regarding permissions is that people seem to think that applications can preemptively request application permissions and directly access the resources related to them. This is completely false.

Under Android, permissions are divided into different categories because Google correctly realized that some permissions can indeed be abused to obtain a user's personal information. The permissions that can be used to obtain sensitive information have been labeled as dangerous by Google. Dangerous permissions work using an explicit request system, which means that the user must explicitly grant access to them when the app wants to utilize it. Key here is that the application will only ask for the permissions when it actually needs to use it. As soon as the app wants to access resources that require dangerous permissions you as a user will know about it.

Read:  I tried to design an idea for a new Expansion

In practice for the AXS app, this means that when you download the application and open it for the first time it will ask you for permission to use Location services. If you decline location permissions the application will continue to work without using your GPS. You will notice that it does not request access to your contacts, and indeed this is reflected in the phone settings under 'App Permissions'. The only time the application will request access to contacts is when you want to transfer your tickets to someone else.

The application continues to work without granting access to Contacts or Location services. It is only a ticket app if you want it to work like that.

The article

There is currently an article linked on the front page of this subreddit. The privacy policy is presented rather dishonestly in it. The author gives us a long list of personal data which are as follows.

first and last name, precise location (as determined by GPS, WiFi, and other means), how often the app is used, what content is viewed using the app, which ads are clicked, what purchases are made (and not made), a user’s personal advertising identifier, IP address, operating system, device make and model, billing address, credit card number, security code, mailing address, phone number, and email address, among many others.

The problem here is that without context this information isn't very useful. What this list tells us is what information the application can process. It does not tell us what the application does with the information, nor does it tell you when the information is processed.

I don't think it's very useful for me to post the entire privacy policy here, but unlike the article, I'll link the policy so you can read it for yourself. It's a really dry read, but it looks pretty much like every other privacy policy you can think of. As a side note if you use any social media then you already have bigger problems than the privacy policy of AXS.

Read:  The differences between phasing, cross-realm zones, and sharding.

I will not claim to have the expertise required to parse exactly how personal data is processed, but I will also not throw out accusations of spyware without solid evidence to support it. Truth is, the list of personal data they provide is really common among most services you already use. Sharing information with advertisers is something practically every website already does, including Reddit.

It's fine to be worried about how companies handle your personal data, but be reasonable. The list in the article does not represent the data they will send out to third parties. It's a list of personal data that can be processed in the application. A subset of that list is what will be sent out to advertisers and event organizers.

I saw someone claim that they will share credit card information including CC number and security code with third parties. If you have evidence of this then you can probably get their ability to process payments revoked by major credit card companies. They take things like this very seriously.

Source: Original link

© Post "Misinformation and the latest BlizzCon controversy" for game World of Warcraft.

Top 10 Most Anticipated Video Games of 2020

2020 will have something to satisfy classic and modern gamers alike. To be eligible for the list, the game must be confirmed for 2020, or there should be good reason to expect its release in that year. Therefore, upcoming games with a mere announcement and no discernible release date will not be included.

Top 15 NEW Games of 2020 [FIRST HALF]

2020 has a ton to look forward the video gaming world. Here are fifteen games we're looking forward to in the first half of 2020.

You Might Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *