The only one I found so far demands location permission, according to F-Droid. Why…

    • Robin@lemmy.world
      link
      fedilink
      English
      arrow-up
      31
      arrow-down
      1
      ·
      1 year ago

      The location permission is because in dense cities there are enough unique, stationary bluetooth endpoint that you can guesstimate a location.

      • JohnEdwa@sopuli.xyz
        link
        fedilink
        arrow-up
        16
        ·
        1 year ago

        And sometimes actual BT beacons made specifically for that reason. It’s one of the ways shopping centres and their apps keep track what shops people visit.

    • miss_brainfart@lemmy.mlOP
      link
      fedilink
      arrow-up
      18
      ·
      edit-2
      1 year ago

      Well then, learned something new today.

      But hey, if the app can be verified not to do anything stupid with that permission, that’s more than you can say about the closed-source offerings on the Play Store

        • rufus@discuss.tchncs.de
          link
          fedilink
          arrow-up
          6
          ·
          edit-2
          1 year ago

          Gotta sometimes depend on some other people in your life. I also depend on people not mixing toxic stuff into my groceries. The people from F-Droid are generally nice and have proven themselves. And there is more than one pair of eyes on most of the code. And automatic checks.

          (I got this one, but it’s for Linux and USB, not Android & Bluetooth: https://github.com/jnweiger/led-name-badge-ls32/ )

            • rufus@discuss.tchncs.de
              link
              fedilink
              arrow-up
              5
              ·
              edit-2
              1 year ago

              Honestly, I sometimes do. I contribute to free software, file bugreports and most of the time have a look at the code to see if I can fix it myself and hand in a patch. I tinker around with brand-new niche ideas. More often than not my (larger) contributions are to small projects and not the large ones. It’s not my hobby to fix Firefox. I think there are a lot of people like me.

              And for Linux distributions and something like the F-Droid you have some maintainers on top, who often review every patch and new version.

            • EunieIsTheBus@feddit.de
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              And that’s the issue. I totally understand that one does not want to look through tens of thousands of lines of code just to use a silly little app. Even if you can understand the programming language and even if you took your time to look into it, its really unlikely that one would find either malicious code or simply security relevant bugs just from skimming through it.

              However, if everyone just relys on others no one actually checked it. Yes it is possible to look into OS code but that alone doesn’t make it better. There has to be at least someone to check it. The open source community is such a small one already.

              It’s like buying a ticket for the train. There might be controls so almost everyone does it. But as soon as it gets common knowledge that there are never any checks some will start to not do so. And in case of software even if something gets spotted eventually it might have had enough time to cause serious damage

        • miss_brainfart@lemmy.mlOP
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          Well, it’s one of those things where I have to trust other people to do it. But at least people are actually able to do it

    • Gryzor@lemmyfly.org
      link
      fedilink
      English
      arrow-up
      18
      ·
      1 year ago

      Afaik it’s not “Android things”. Apple devices also use location to use some BT functions if I correctly recall.

    • conciselyverbose@kbin.social
      link
      fedilink
      arrow-up
      12
      ·
      1 year ago

      The problem is many more apps abuse Bluetooth for location tracking than use it for any legitimate purpose.

      Ideally they would isolate the process and allow users to do managed individual scans in an app for the purpose of handling Bluetooth devices, and only allow persistent permissions to communicate with specific devices. I’m not sure enough of the underlying protocols to know how much hoop jumping it would take to do that though.

        • conciselyverbose@kbin.social
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          There are cases where that would work (including possibly here), but I was speaking more generally to how I’d like to see the abuse of Bluetooth beacons prevented.

          I don’t think most non-technical people recognize how pervasive that shit is.