The internet, particularly (and ironically) Facebook, is ablaze with those swearing off use and uninstalling Facebook’s Messenger application. The primary cause of concern is the terminology used in Google’s Android devices (although the permissions are the same on iPhone products) and their Application Permissions. Such statements as “Allows the app to take pictures and videos with the camera. This permission allows the app to use the camera at any time without your confirmation” sound absolutely horrible. Whatever lawyer penned that statement didn’t think that out very well. The better way to state it would have been “The app will be able to take a picture when you ask it to, without prompting you each and every thing camera on the phone in Messenger”. That, however, isn’t a very legally written statement. I’m not a lawyer, I am a nerd.
So, let me get down to the brass tacks – let’s dissect the Application Permissions of the Messenger application, line by line.
Specs: We are using the full version of the permissions of the Messenger app (version 12.0.0.21.14) on a Samsung Galaxy S4 running Android 4.4.2 on Sprint (yeah, I know).
Phone Calls
Facebook Messenger App Permissions: Phone
directly call phone numbers “This may cost you money”
read phone status and identity
The Myth: The general myth here is that “they” would have access to take over your phone calls, your call log, and basically eavesdrop on your personal conversations. While the NSA can probably do that anyways, that is not what this is for.
The Facts: In the Messenger application, you can initiate a call to users who have added a phone number to their Facebook and have the Messenger application installed. The warning notes that if you pay for calling minutes that you will be responsible for financing that usage (not Facebook or Messenger). Reading the phone status and identity gives the application the ability to determine to the network if you are active and eligible to receive and make calls.
Texting
Facebook Messenger App Permissions: Texting
edit your text messages (SMS or MMS)
read your text messages (SMS or MMS)
receive text messages (MMS)
receive text messages (SMS)
send SMS messages “This may cost you money”
The Myth: This has apparently been assumed that this gives “them” the right to have access to reading your personal text messages. There has even been a fun offshoot of this myth in that Facebook actually targets ads based on your text messages. That is hilarious, but there is more of this later on the blog.
The Facts: Upon initial activation, an SMS is used to confirm your phone number when submitted to Facebook. Beyond that initial step, you are capable of sending text messages to users via the Messenger application should they not have the application installed. This requires you to have given the application access to your contacts to function.
Camera
Facebook Messenger App Permissions: Camera
take pictures and videos
The Myth: The internet rumors say that your camera (video) can be accessed at any time by “them”, which would make for one heck of a story. This was also a part of Batman’s amazing way to find the Joker in “The Dark Knight”. I don’t even feel bad if you didn’t see that movie and I ruined the plot for you. Shame on you for not seeing it already.
The Facts: In the application, users have the capability to send images or videos from their existing gallery, or to initiate the camera to shoot or record a brand new one. This allows the application to access them from your device, or to use the camera to snap a new one.
Microphone
Facebook Messenger App Permissions: Audio
record audio
The Myth: The internet rumors say that your microphone can be accessed at any time to record anything you say or do. This, like the text messaging portion, has been accused of sensing context of verbal communications in the vicinity of a cell phone and using that context to target ads. For example, I was part of a conversation where an individual claims to have been talking to his co-worker about Company X, and then when he went home, he logged on to Facebook, and sure enough, Company X had an ad on his wall.
The Facts: Similar to the pictures and videos above, users of the application are capable of recording voice messages to send to another user versus textually constructed ones. If the myth were true, this would consume a tremendous amount of phone resources as well as a noticeable bump in data usage.
Location
Facebook Messenger App Permissions: Location
approximate location (network-based)
precise location (GPS and network-based)
The Myth: Well, clearly, this would enable “them” to follow your every step, and also that Facebook would target ads based on your geographic location.
The Facts: Users have the ability (upon changing this in their settings) to attach location information to messages when sent. Again, this is an option, but it is built in to the interface and must be included here. Since most battery-conscious users generally have the GPS turned off, they will pull an “approximate location”, while those with it on, will generate a “precise location”. In regards to the Myth, that isn’t necessarily far-fetched, however that isn’t based on the app. In general, geotargeted ads are based on the physical location of the device – even if approximate.
Contacts
Facebook Messenger App Permissions: Contacts
read call log
read your contacts
read your own contact card
The Myth: Of course, “they” would have access to all of the above and use it for malicious purposes.
The Facts: The Messenger app is essentially a very juiced up and integrated messaging application. You can sync this up with your contacts list – either at initial setup or later in the settings. This requires connection to your phone’s contacts. It is also an essential piece of the Messenger app growing its marketshare.
SD Card
Facebook Messenger App Permissions: SD Card
modify or delete the contents of your SD card
read the contents of your SD card
The Myth: With access to the phones memory, there is unlimited access to photos, videos, the cache memory of other apps, passwords, browsing history, etc.
The Facts: To maximize the load speed of the application, it utilizes the cache memory area of your phone. By default, this includes the removable memory card, but can also include the onboard memory. Caching this information requires both writing to the card (adding new stuff) and reading (obtaining the data) to and from the card or memory. This is very common for applications to do this. Alternatively, the application could force you to pull the data each time you load the application, however that would be a tremendous draw on bandwidth and phone resources.
Accounts
Facebook Messenger App Permissions: Location
find accounts on the device
read Google service configuration
The Myth: There isn’t much of a malicious theory as to what this does, but the ambiguous questioning of why this access is needed has raised some misinformed eyebrows.
The Facts: Quite simply, this allows the Messenger application to access the Facebook account on the phone. This is vital to the functionality of the Messenger application. The Facebook app communicates with it constantly.
Network
Facebook Messenger App Permissions: Location
change network connectivity
Download files without notification
full network access
receive data from Internet
view network connections
view Wifi connections
The Myth: The app is stealing my internet and allowing unlimited access to my phone and network!
The Facts: Regardless of using WiFi or your cellular service, the application requires data to function. This permission allows the application to use those services. This also allows the application to remain connected when it alters its connection between WiFi and cellular service. This is especially helpful for users who walk, drive, ride a bus or don’t have a tremendously great WiFi connection to begin with. The scariest there is “download files without notification”, however that simply means the application can download images and write them to cache, such as profile pictures, items in the newsfeed, and the images that give the application its look and feel (UI). This is NOT related to push updates of the software as a whole, as this is handled by the permissions in Google Play and App Store.
The “Other” Stuff Listed
Facebook Messenger App Permissions: Location
run at startup: This allows the application to automatically start up and run in the background when the phone is turned on.
draw over other apps: This setting allows the Chat Heads to appear on your phone and be “drawn over” anything else.
control vibration: This allows the application to alert you via “Vibration” of a new message.
prevent phone from sleeping: This keeps the screen active while the application is in use, including while typing.
change your audio settings: This allows adjustments to the volume within the application to affect the entire device.
read sync settings: This allows the application to detect if Sync is enabled on the device.
install shortcuts: This gives permission for the application to automatically create an icon on the home screen.
The “Evil” Portion of the Messenger App
I guess if this is to be a fair evaluation of the Messenger app and its impact on your Privacy, my only qualm about it is that it is linked to a web-based service – Facebook. Being a large entity, and used by billions of people worldwide, profiles themselves are susceptible to unauthorized access. If Facebook security is a concern, I would suggest reading my blog about creating a strong and unique password.
In regard to resources, the application is a bit of a hog. Depending on the version you are running, the application typically will consume just under 40MB of storage which is rather responsible, however, when the application is in use, it can utilize a large amount of resources. For newer smartphones, this is not necessarily an issue, however on older devices, it is worth noting. This can be said for many other applications and is not an indictment of the Messenger application.
The topic of battery consumption is a notable issue in regards to the Messenger application. For now, this application is an accessory to Facebook, not a requirement in using the Facebook app. Should you decide that the native inbox of the Facebook application is enough (and really, it is), you can do your battery life a favor and remove this application. In the Facebook application itself, at least for a short time, can and will handle your personal messages in a far less gadget-laden fashion. It is noteworthy however that the messaging service will be removed from the Facebook app, and going forward, you will need the Messenger app installed to conduct that function via a mobile device on Facebook.
Factual Summary of the Facebook Messenger App
To be blunt, this application has no malicious intent. Like any application ever made, plus those still in development, and even those still on a napkin as a lunchtime concept, there is the inherent risk of some flaw and at some point, there being unwanted access to personal data. Most of us unconsciously accept that risk and blaze forward. If that risk is too great, the conversation is likely not “Do I need the Facebook Messenger App?”, it should be “Why do I have a Smartphone, or a cell phone at all?”. A cell phone is an amazing device that does amazing things. We take the reward end of the risk-reward debate nearly 100% of the time when it comes to technology. Sure, the risk is there, but what in the world are all of my friends up to right now. And now. And now.
In my humble and educated opinion – install away, my friends.
