In a nutshell, instead of asking for specific permissions with your Google accounts like some apps do, this one has full access to everything associated with that account, which Reeve says includes: Adam Reeve of RedOwl - an information security firm - wrote this detailed post a few days ago that explains exactly how this happens.
Some iOS players of Pokémon Go are unknowingly handing full access to their Google accounts to developer Niantic on a silver platter. Pokémon Go is doing some wonderful things for the community right now (and Mike is working on that review!) but I have some bad news for you if you’re using an iPhone and you’re concerned about security. Looks like we’re safe and it was just a mistake. Google will soon reduce Pokémon GO’s permission to only the basic profile data that Pokémon GO needs, and users do not need to take any actions themselves. Google has verified that no other information has been received or accessed by Pokémon GO or Niantic. Once we became aware of this error, we began working on a client-side fix to request permission for only basic Google profile information, in line with the data that we actually access. However, Pokémon GO only accesses basic Google profile information (specifically, your User ID and email address) and no other Google account information is or has been accessed or collected. We recently discovered that the Pokémon GO account creation process on iOS erroneously requests full access permission for the user’s Google account. [ Update: In our comment section below, Molamolacolacake linked a Gizmodo article that contained the following correspondence with Niantic: Here’s why that’s more than a little uncomfortable
0 kommentar(er)
