| Even the actual SSID name is probably more than an ordinary app needs to know. Unless it needs some sort of location data to provide functionality, what is the minimum set of facts that would cover app behaviour? I guess they might want to know: - if the connection is secure and/or explicitly trusted - if the connection is bandwidth-metered - if the connection can route to the internet Then, it can check those flags and decide if it wants to download those 3GB of your personal banking details or whatever. Or, perhaps better still, it registers one or more 'acceptable network profiles' based on the above fields, and the OS gives it a callback when is becomes available/unavailable. That would prevent it from polling and building a neighbourhood network map, but I suppose it could still register for all possible combinations, and beacon out to a remote host which can then geo-IP backtrack it to you-ish. I'm definitely not happy with the carefully secreted privacy options scattered around the android UI. I'm still getting used to it, and every time I poke around in a settings menu I'll probably find at least one thing I would much prefer to default off. |