I was listening to This Week in Google Episode 54 and they talked about new concerns over application security. To give a little background, Android had a recent issue where a wallpaper app was sending user data to some server in China.  After the app was pulled from the Android Market, Google did an investigation and it turned out the app was in fact safe (but not necessarily coded as cleanly as it should have been).  

So, on to the reinventing BlackBerry application security. They started talking about how the user has no understanding as to why an application needs certain access rights. This is a black box on all platforms. Most user just okay through the install process and don’t give it a second thought. For example, why does a wallpaper need access to internet, phone, contact list? (and the list goes on). Quickly, the real issue was narrowed down to internet access and suggestions started coming. Maybe the user should be prompted each time an application wants to access the internet with what URL, etc. This sounds nice in theory, but reminds me of Windows Vista UAC. It evolved to having a UAC model so the user appoves the sites an app can go to on the Internet.

The entire time, I was sitting there dumb founded, thinking HOLY COW! BlackBerry does this today. If you install an app like Pandora you authorize it to go to http:// or http://pandora.com. By default only Pandora.com is selected. The same applies to Google Voice and many other applications. I had to laugh because BlackBerry is regarded as being secure and outdated, but as the toy OS’s evolve they need to adopt the security of RIM. This Week in Google is one of my favorite podcasts next to SMRPodcast, but it was funny that no one on the show said RIM has somewhat solved this issue. Just goes to show that the old dog still has many tricks.