Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Their site is also intentionally crippled so you need the app to do some things. For example, to upload pictures, the primary function of the site...

And with the app comes the tracking and stealing of personal information, often using more or less dark patterns to trick the user.

From what I understand, an app that has no rights to pictures, contacts and location and so on, can still get info about the WIFI and put together a pretty good picture of your movements.



On Android, Location needs to be enabled for an app to access ambient wifi (scan of all nearby APs). On iOS, there is no API for ambient wifi, though their location API does use it behind the scenes.

On both iOS and Android, an app can access connected wifi even with location disabled.


I was under the impression that on iOS an app without access to the location API still could get the name of the WIFI and perhaps the SSID too?


> site is also intentionally crippled so you need the app to do some things

I don't have a citation for this, but it's pretty clear that they do this to make automation harder.


I actually feel like the mobile app has some limitations as well to try to keep users in the app. They limit usage of URLs and such.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: