A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community’s icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
it was enabled on my phone and it never asked me
Permanently deleted
There are 2 possibilities:
UI bug or you’ve given it access to your contacts. There are 0 other possibilities.
You know a weirdly large amount about something you can’t possibly know about or have sources for.
This is my job. I’m a staff level software engineer who previously worked at Google. My entire career has been writing Android apps.
Permissions are integral to phone app development and contacts is a specific permission that is heavily locked down.
So yes: I can possibly know and I have literally read the source code.
Unless you’re trying to insist that Discord developed a new 0 day that lets them bypass both Android and iOS operating system locks and then decided to use it to scrape contacts while giving you an option to turn it off?
Cause if that’s your supposition you’ve got a bad case of magical thinking.
Discord, to my knowledge, is closed source, and has not had a source code leak. So taking your word for it, if you’ve seen Discord’s source code, then you work for Discord?
Access to Contacts has to go through the Android API, which means the user has to explicitly grant permission for Discord to access that specific functionality. That’s what the comment you’re replying to meant: access to contacts is protected at the operating system level and they’ve seen the source code on the OS side. Permissions might have been granted by the user reflexively, just muscle memory, when setting up Discord, but it absolutely had to have happened if Sync Contacts was enabled. Unless there’s some kind of bug where Discord enables the in-app setting without actually having the permissions to access contacts–I guess that could be possible. It couldn’t actually see any contact info in that instance, but it would try. If I go into Discord settings and try to enable the Sync Contacts option my phone displays the built-in Android permissions prompt with the text “Allow Discord to access your contacts?”
Thanks for the reply. I wouldn’t have thought they meant Android source code but that makes sense lol. Also this is the kind of reply I think OP would have appreciated more than just someone saying “you’re wrong, you must have done something wrong.”
That’s the bug exactly. It’s kind of a UI glitch; but I found out through Samsung bungling my permissions preferences through a One UI (OTA System) update, that it actually does enable the in-app setting by accident and that this is going to access your contacts if the permission is presently GRANTED, but not throw up a prompt asking for permission if the permission is already DENIED.