I’ve been building some android apps using the website ibuildapp.com But the thing is that each app requires so many permissions despite the app does not use these features. My question is, can the app send personal information to their servers?
<uses-permission android:name="android.permission.READ_CONTACTS" /> and other like this that read phone state and identity, there might be a problem - NoName 2012-04-06 00:05
Are you asking if the app can send information to ibuildapp.com servers, or servers in general?
Apps should request permissions only when they need them to provide major functionality. I don't know anything about ibuildapp.com, but if it's requesting a lot of permissions it goes high on my "suspect" list.
permission.READ_CONTACTS, permission.READ_CALENDAR, permission.READ_PROFILE, among others, are not to be handed out lightly! The full list of permissions is listed at Android.Manifest.Permission javadoc, along with documentation.
I'm an iBuildApp team developer, so I can answer your question. :)
The only reason why we ask all these permissions in every app is that this is how our service works at the current moment. It has great number of widgets (i.e. page types / functions), every widget has it's own permissions needed. One of our features is that you can manage your app on the fly (modify content, change pages' types etc.), while in most cases there is no necessity to rebuild native app: all the changes will be visible in already built ones. This means that all the modules are built in inside an app (while, as mentioned before, every widget needs it's own permissions).
So in the main: yes, if an app (I assume not specifically our app, but any app) asks for some permissions then it can potentially use them in "bad" way. But as for us: no. We're not interested in your personal data. We're only interested in providing an excellent service.
Hi i'm ibuildapp android developer. You can unzip recieved apk file and edit manifest file. As soon as you've done zip it.