That permission is pretty new, so the app might not have been updated for it.

Trust is earnt. I can reasonably have a default level of low trust for practically any app. This isn’t some blind anger stance. Its not blanket mistrust or some kind of ignorance. It is healthy scepticism. Totally reasonable in today's environment.

Plenty of app developers have muddied the water enough that apps should have a lower level of trust given to them. Stealing data is a reasonable fear now. It is not reasonable to assert otherwise.

It is therefore reasonable for a person to wonder why geolocation is requested but then be suspicious why it doesn't seem to need it. Regardless of the underlying technical reason. Those technical reasons are part of informed consent. If I don't have informed consent, do I really have consent?

Its also not a sad state at all. Its healthy. Its part of the modern landscape that someone can be suspicious and rightly so. If not, you're setting people up for misfortune. Is there some reason you want people to blindly trust like this? That seems almost abusive to me.

I don't know about others, but thanks to a combination of protocols, google and law-enforcement my trust on phones and anything connected to it is basically zero, despite being quite secure on a technical level.

> Assuming you’re right, it’s really sad that multiple sibling posts assume that the app was doing something shady and selling the user’s data. It shows, in general, how little trust people have in apps on their own phones.

This is almost all apps. Your default assumption should be that anything on the big app stores is being as malicious as they can get away with -- especially if it is a forced install leveraging some product you have already purchased that could easily be sent over a standard protocol.

The Canon printer configuration app has the same sort of soft geo-permission lock. Sniff the network traffic right as you enable it, and you'll see your data happily find its way to their servers.

_Maybe_ the app is fine, but in the cases I've checked big corporations abusing your privacy is the norm.

Trust is earned not granted. You don't trust a random stranger walks by, why should anyone trust apps created by some random organizations? Especially given some calculator and similar apps came with a privacy statement, how much trust do you believe we should have in apps on our phones?

It's sad that so many apps can't be trusted, leading to a lack of trust in apps in general. But that's not our problem.

I could not agree more.

Can you tell if that's all it does? I don't know what all geolocation covers in Android terms, but it would certainly be a superset of just scanning for BlueTooth.

I would be curious if it does any or all of:

- Fetching GPS coordinates, which are typically to many decimal places. - Making API requests to external servers that you don't own.

A tool like MobSF (https://mobsf.github.io) might be very enlightening to understand what a given app does, or at least can do. I've tinkered a bit with an iOS app in it, but not Android so far.

Also, proxying your device through Burp Suite or ZAP could also be interesting to see what traffic occurs, especially if the developers weren't picky about valid TLS certificates.