Facebook’s scary Messenger app highlights iOS security vs. Android security

“Now that Facebook has pushed their new Messenger app on the public, some semi-scary info has come out in the form of what the app actually has access to,” Take To Task writes. “It also highlights iOS’ security model vs. Android’s security model”

“Android’s security model is simple. When you go to download something, you’re provided with a list of items the app wants access to. You have to agree to that. It’s an “umbrella” agreement, meaning a yes is a yes to all. It now can do many of the things in that scary Huffington Post list. The end. The way to avoid the problem is to not download the app,” Take To Task explains. “iOS has a much more… à la carte security model. You are presented with a dialog box that Messenger wants access to your *whatever*. You then have to explicitly give an ok there, or you can deny it if you accidentally hit ok in the Messenger app. So, Messenger can only access things IF you have given it access TWICE. Things that Facebook generally wants access to include photos (can’t submit a photo if it can’t get to them), contacts, etc. If you’re like me, you say yes to the photos, but no to the contacts. I like that level of control to my security.”

“Android is more like openness and freedom, whereas iOS is more like a walled-garden or gated community,” Take To Task writes. “Last time I checked, however, many people actually want to be, and pay for, a safer, gated community. I’m in the latter camp AND I’m an IT guy.”

Read more in the full article here.


  1. This is a non-story. All apps regardless if platform have to do the same thing to provide the same functionality. The media is blowing this way out of proportion and just looking for web traffic to support their ad habit.

    1. No, it’s not a non-story, particularly when you can’t restrict Android from accessing many, many parts of your phone and data if you want to use the app. Pair that with the fact that 99% of all mobile malware is for Android, and that criminals have already used Android devices to create botnets, and it can be pretty scary to use and Android phone.

      I got into an argument with one Android guy who insisted that his phone was more secure than my iPhone because he could install all these apps to protect himself. My response was why should I have to install anything? I shouldn’t need anti-virus software for my phone.

      1. Agree 10000%. Windows/Android guys always pretend “more secure” is safer. I always head back to the neighborhood analogy.

        North Philly is more secure. Doors have deadbolts and lots of locks. Windows have bars. Everyone probably has a gun. People still get killed and robbed pretty regularly.

        Plumsteadville (yup, a real place) is less secure. Windows have no bars. Far less locks on the door. Most people don’t even lock doors. Yet, nobody feels threatened and nothing happens there.

        In the end, common sense SHOULD prevail. That means iOS and Mac users *should* still be wary of something fishy and… you people in Plumsteadville should lock some doors.

        1. I have a Windows 8 (Lumina 520) because it costs just a little more than a flip phone. I am don’t use a mobile phone much. From a security point of view, I find it disturbing that most apps require access to personal data that seems totally unrelated to the apps function. While I try to minimize personal info available on this phone, convenience and human nature trumps security concerns at times. In the long run it is probably cheaper to go back to a flip phone or go iPhone.

    2. as the writer says he wanted Facebook to access his photos but not his contacts and he could that with iOS but not Android. It might not be the ‘same functionality’ but with iOS you have control of how much functionality you want to give, with Android it’s just a blanket yes or no for everything.

      Surely more choice is better than less?

    1. You don’t need to delete the app from your iPhone, you can keep the app and simply deny permission to whatever you don’t want…

      This article is exactly about that, geez.

  2. The implication in the very use of “gated community” is complete disinformation bull. Any gated community I’ve ever seen is a relatively small area. The massively large and integrated Apple eco-system is NOT a gated community. It’s more like a large, interesting city, where one can wander indefinitely, finding new and interesting things to do and use… because as fast as you can explore, new capabilities and apps are being added even more quickly.

  3. I even wish I had a finer control on Facebook App in the iPhone.
    For example, photo access so I can upload photos. That’s it. I don’t want facebook friend’s photos showing up in my contacts.
    If I want to assign a photo to a contact, I sure as he’ll don’t want Facebook doing it.

  4. This Android problem is called the Android Pileup Flaw. A company called Arxan has formally defined it and treats it as a serious vulnerability. (I do not work for Arxan.)

  5. The reviews on the App Store are astonishingly negative.

    Over 1500 reviews and the average is 1 star. Many reviewers wished they could’ve submitted zero stars.


    1. Foursquare just did that. They just changed it so that to check-in, which was the main use for many people, you have to switch over to their new app Swarm. The Foursquare app is now essentially a Yelp competitor. Really angered a lot of people for whom the whole check-in game was the entire point of using Foursquare.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.