Arlo|Smart Home Security|Wireless HD Security Cameras

Reply
Discussion stats
  • 22 Replies
  • 19872 Views
  • 11 Likes
  • 9 In Conversation
Good2U
Star
Star
Just got offered the 2.0.4 update for Android (5.1). The changes list "bug fixes". Nothing more.

So why does the app now want additional permissions of location and device ID & call information?

I can't believe nothing changed, but mute permissions are required!

So which is it, Netgear?
22 REPLIES 22
Good2U
Star
Star
*more permissions, not "mute permissions"
MarkDoubleYou
Guide
Guide

Why does today's "bugfix" release (2.0.4) suddenly need access to my Android device's location? That's a new permission that tells me that there's more than just bug fixes happening here... On the surface it seems pretty shady - - an explanation is warranted!

jguerdat
Guru Guru
Guru

I agree.  Perhaps it's for a future enhancement, such as geofencing or troubleshooting why someone has issues with a particular server?  Without explanation, it's hard to guess.

demetreb
Apprentice
Apprentice

Why is the new Android OS update requesting location info AND caller ID and call history information???? There's absolutely ZERO need for arlo to require caller ID and call history from a device in order for security cameras to function unless we are tredding into the realm of government requirements to access remote cameras. Please please explain this arlo / netgear

demetreb
Apprentice
Apprentice
I don't think netgear/arlo really wants to answer this question regarding new permissions. 3 other threads and no response from Jamesc.
Good2U
Star
Star
I sent the question by email just minutes ago. Will post back what I hear.
demetreb
Apprentice
Apprentice
Please do.
I have a reeling it may be related to the "chinese" market and the country's big brother over watch, but why not have a different set of rules for that market/country vs a global/ blanket software ? If that were the case then why not state it..?
njcust
Tutor
Tutor

The Arlo Android app actually talks back to China constantly, as it is configured to use the Baidu simple notification service.  See my note below:

 

 

https://community.netgear.com/t5/Arlo-Idea-Exchange/Arlo-Android-app-uses-Baidu-Notification-rather-...

 

 

demetreb
Apprentice
Apprentice
Then arlo needs to adjust this update to reflect the needs of the western market and not blanket their updates for the chisel market. Poor decision making imo
demetreb
Apprentice
Apprentice
Chinese not chisel
MarkDoubleYou
Guide
Guide

No response from JamesC yet? His "release notes" for version 2.0.4 are suspiciously quiet, too.

Good2U
Star
Star
No responses here or via email. Terrible customer service! Probably time to post some negative reviews at Amazon, Best Buy, etc.

I would never buy or recommend this product until the permissions are explained. Also I'm not liking that the notification function is apparently routed through China!

Very troubling!
JamesC
Community Manager
Community Manager

I am working with our product managers to clarify the need/intent of these additional permissions within the Arlo Android app. I will post an update as soon as possible once I have more information.

 

I appreciate your patience,

JamesC

MarkDoubleYou
Guide
Guide
     Perhaps it's for a future enhancement, such as 
     geofencing or troubleshooting why someone has
     issues with a particular server?

 

[Netgear exec, scribbling down notes] "Oooh nice... ok, and then what should I tell them?"

TomMac
Guru Guru
Guru

move on ... nothing to see here.  🙂     It would be nice to have an answer, but don't hold your breath.

 

It is what it is, either use the app or don't is ALWAYS your choice.

--------------------------------------
Morse is faster than texting!
--------------------------------------
MarkDoubleYou
Guide
Guide

> "It is what it is, either use the app or don't is ALWAYS your choice."

 

I'm going to respectfully disagree with the "is what it is" sentiment for a few reasons:

 

1. This is no longer the product we decided to buy.

 

2. This is very personal information.

 

3. And finally, a more nuanced argument: With companies like Google I understand the tradeoff I'm making with respect to privacy: I get stuff for free, and in exchange they get to collect all kinds of information about me (thus the platitude was born that Google's users aren't their customers--we're their product). But with Netgear we most certainly are their customers--we gave them *hundreds* of dollars for this system, and when it actively and deliberately misbehaves in a way that may not be in customers' interests then we shouldn't give them a free pass.

demetreb
Apprentice
Apprentice
Mark double you. Fantastic response! Kudos!!!
I too agree.
Tomac Yes we can choose to not use the app but we didn't pay just for hardware did we?
The argument can next move to cameras remotely activating from China. The answer cannot be choose to not use the cameras. BTW ( we had to agree on the last upgarde for net gear to allow federal agencies access to cloud stored information/video. Again i commented without any arlo / negear response )
regisannoying
Aspirant
Aspirant

MarkDoubleYou wrote:

Why does today's "bugfix" release (2.0.4) suddenly need access to my Android device's location? That's a new permission that tells me that there's more than just bug fixes happening here... On the surface it seems pretty shady - - an explanation is warranted!


I noticed this too.

 

Netgear needs to be forthcoming about the intended usage of this additional information.  I'd like to hear an explanation of how this is simply a "bug fix" as they claim.

MarkDoubleYou
Guide
Guide
I use the Cyanogen variant of Android and allowed the Arlo 2.0.4 "bug fix" upgrade to go through, but I configured Cyanogen's "Privacy Guard" to prompt me whenever Arlo tries to get my location. In the last 10 minutes since I upgraded, the app asked Android for my location twice, even though Arlo isn't running in the foreground. So there you have it... this isn't some benign, unusued permission: Arlo knows where you are.
 
Looking forward to JamesC's explanation.

 

JamesC
Community Manager
Community Manager

I have received the following update:

 

This version of the Android app was released in preparation for the launch of Arlo in one of our new markets, China. In order to make the Arlo app available in China, we needed to satisfy Baidu’s SDK requirements for additional user information during app installation. During the installation process, if we determine that the user is based in China then, and only then, we initiate protocol and data exchange with Baidu server. We realized that this may be a cause of concern for our Arlo users in other parts of the world and have been actively working on a new Android app version that will remove the communications with Baidu from our worldwide app. The new Android app version will be released as soon as development and testing work is complete. The Chinese version of our Android app will continue to satisfy Baidu’s SDK requirements.

 
With regards to mobile phone data access, this is a requirement paving our way towards the development of geofencing features for Arlo.

 

JamesC
 

njcust
Tutor
Tutor

James,

           Thanks for the update, my phone is constantly talking to Baidu SNS servers in China (61.135.185.18:5287, 202.108.23.105:5287).   I can only assume that whatever logic was implemented to determine if the user is in China, could at best be characterized as flawed. I can see the benefit of a geo-fencing feature, however whoever worked on the logic to determine whether I'm in China should be kept far away from trying to figure out if I'm in or out of my house.

InigoMontoya
Initiate
Initiate

Netgear,

 

You keep using that word "bugfix". I do not think it means what you think it means.

 

-Inigo