Like others said, it's most likely using the phone's contacts as its primary data source (which makes sense, you're encouraged to do this on Android so you don't have segmented contacts in every app) -- This definitely reads like a clickbait article from someone who has just enough rope to hang themselves.
The author's validity comes into question with how alarming the tone of this post is, and how he gave the company a week to respond to a non-important question then flamed them for not responding. His article on the Priv titled "BlackBerry Priv review: One of the best Android handsets I’ve ever used" vs Ars's post[0] on the same model from one of the more respected Android writers which is titled "BlackBerry Priv review: Android fixes the OS, but the hardware can’t compete" tells me all I need to know about this.
>The author's validity comes into question with how alarming the tone of this post is
What, exactly, is so alarming about the tone? I'd also be curious as to why an app is accessing my contacts so often. There might even be valid battery-life concerns.
>and how he gave the company a week to respond to a non-important question
It's important to the customer. I guess this is lost on the SV people who no longer believe that people from the company selling you a service should actually be accessible. But there was a time when if you had a question, like "why is your product using so many of my phone's resources?" you could have it answered. A week certainly isn't unreasonable, especially for a journalist.
>tells me all I need to know about this.
Disagree with review; dismiss article? Do you think there's some kind of agenda?
The article's tone isn't alarming, but I'd guess the OP meant alarmist, which kind of fits.
The author's argument certainly doesn't present a clear path from the inciting incident to any of the conclusions, so I also feel comfortable dismissing it. There isn't much use for emotional persuasive writing about technological issues outside of handwringing, and handwringing is boring to many of us.
You seem to be comparing a markedly positive device review by TNW to a markedly negative one by Ars and inferring that there's some agenda. What would that agenda be? The post is about the frequency with which Whatsapp polls the contacts list. The Blackberry DTEK app simply happened to be the only one that could provide that information. Blog posts usually have links to related content to drive page views, so linking to their BB review isn't exactly some shady form of advertising.
I'm not saying there's an agenda or any advertising. This is just an example of one of my pet peeves about the Android ecosystem as a developer on it, low level "power users" who don't really know what they're doing complaining about things that scare them.
I mentioned the Blackberry article not because I think it's shady advertising, but just to point that out from my perspective anyone who thinks the Blackberry Priv is a great "one of the best Android handsets" simply does either not have enough exposure to the Android ecosystem or is just someone whose opinion I don't hold highly.
OK, as you're an Android developer, I understand where you're coming from. However, Android users in 2015 pay hundreds of dollars for phones that can barely manage 4-5 hours of on-screen time. That is due to many factors, but users have a right to question if background app activity is to blame. Usually there isn't much quantitative information to work with, but in this case, we do have some. And it's sparked an informative discussion on HN, so I think people have benefited overall.
As for their opinion of the Priv, it's an opinion, and there have been varying opinions about it in the tech press. The way your comment was phrased, it sounded like your disagreement with their Priv review was a factor in your evaluation of their Whatsapp article.
> Usually there isn't much quantitative information to work with, but in this case, we do have some.
As mentioned by jc4p, that tiny bit of information has provided the author with just enough rope with which to hang himself.
Technical people know first-hand that the wrong information can easily lead you away from the source of a problem. Some (many?) slightly-technical people don't understand that screen-on time and cpu-awake time [0] are the major contributors to battery drain. If you provide a raw number for $ACTIONS_TAKEN [1] without establishing whether that number is in the normal range for that app and without tying that number to actual battery drain by correlating it to actual CPU or backlight usage, you're very likely to waste people's time on a wild goose chase.
When making reports for non- or slightly-technical people, you usually have to be careful to filter out irrelevant information.
[0] IIRC, both of which are stats that have been provided in Android for at least the past several major versions, and probably back to -at least- Gingerbread.
[1] In this case, number of times contacts have been accessed by a particular app.
This is funny, one of my pet peeves of the iPhone ecosystem has always been low level power users (bloggers) who praise the device but don't actually have a clue what are they talking about.
I'm not saying this confrontationally. Now that you have pointed it, I actually think you have a point.
There was a moment when I wasn't neither in the Android not iOS camp, and I used to follow a Apple blog because I was fond of my 3G iTouch. It was one of the most popular iOS blogs in my language and they got strong by translating tutorials on how to jailbreak your devices.
I started becoming disengaged with them when they started repeating the Apple line of "Jaibreaking is bad, mm'key?" even though they continued to post tutorials about it, because that's what drove the visits (I wanted to jailbreak my device because I can't stand the standard iOS app menu interface. Besides, my device, my rules). The "f*ck it" moment came when they did a "report" of the latest apple iPhone charger, praising it's construction, it's electrical insulation, and whatnot. I'm an EE, and could easily tell that it was all BS and they had absolutely no idea what they were talking about.
I find that this happens regularly in the apple ecosystem, people follow the Apple talk too eagerly for my taste, and don't usually have a technical clue about what are they talking about. All the retina display marketing thing is a good example. Anyway, this applies to the second tier bloggers and commenters (huge majority), first tier, even if they follow the apple line to the letter, usually know what are they talking about.
The author was challenging the technical competency of the author using Ars as a comparison. While Ars is involved in a journalistic race race to the bottom (someone used a drone/need a ghostbusters movie with 4 women in it/etc), their technical articles are very good.
I think it's a weak comparison to criticise 1 article and dismiss all others.
Because WhatsApp uses your phone book as the only way to interact with its contact list. You can't add someone to directly to your WhatsApp contact list.
It could probably access it less often by only sending deltas, but that would mean their servers would have to store your whole phone book. I don't think that's any better from a privacy perspective.
Of course Facebook Messenger doesn't do the same, it has its own contact list coming from Facebook.
Yeah, but roughly every 30 seconds is a bit too much to access... it's one thing to do so while actively using the application... it's another to run these queries all the time, and that is simply ridiculous.
Pure speculation. How do you know? It could be just as well that Whatsapp queries contacts one by one at the moment they are supposed to show up on the screen.
That way you could easily have 150 times (depending on the size of your contact list) your database accessed by scrolling once through your complete contact list.
Or the author is one of the few that has 1k contacts. In this case basically any operation that requires querying every single contact every now and then could cause this.
Also: the thumbnails you see of your contacts are accessed via URIs - could be that Android increases the counter every time you show a thumbnail of a contact. (it is part of your contacts information)
Wouldn't even call it a programmer error. Someone probably just implemented a getContacts() function that gets called often in the background without saving the data in a local database or caching - and why would you do anything other than this for very marginal performance benefits, a rise in complexity, and possible data sync issues?
Another app might access your contacts rarely but store them on their server (Facebook!?). I definitely prefer the previous scenario.
Plus, I would imagine that the contacts list is going to be the most efficient way to store and retrieve that data. It's in a database, just like anyone else's is, right?
Not to snark, but how do you know this? Do you know what actions increment the "This app accessed the contacts list" counter, and how many of those actions a comparable IM/telephony app executes? :)
If you don't have any specific knowledge of the details of the implementation, your opinion on the technical justification of a given feature isn't really all that compelling.
If you do, you should probably cite it in your comment.
We could discuss the technical side, sure. Maybe they can cache the list or create better code to do it more optimally. There might be battery and data usage considerations too, that's true.
But this article revolves around the trope of "if it's free you're the product", and altough it might be true, I don't think the 23k thing is a proof of it. That's what I meant with my comment.
I think a more reasonable explanation is that the author of the article uses WhatsApp more than he realizes. It's possible that WhatsApp is maliciously polling your contact list all the time, but it's more probable that some views access your contact list and the article's author ended up on that screen very often.
I turned off "Contacts" permission for Whatsapp to see what happens and immediately all new messages show up with numbers only, no names so it looks like contacts are used for number to name resolution and not necessarily uploaded to their servers.
And since it immediately switched them to numbers-only, it's not caching, which explains why it polls so much. It's likely they didn't want any sort of delay when opening the app, so they found a way to poll regularly without impacting battery life significantly.
Sounds pretty straightforward to me, if that's the case.
Question: Is the app traversing the permissions boundary, AND uploading over the network twice a minute?
or...
Is the app traversing the permissions boundary, and CACHING deltas on the device, for a deferred, less frequent upload of detected differences within a longer time period, perhaps phoning home once every 24 hours, to pass a message that indicates no changes, or only the current diff, OR the complete series of changes, even if there's no net difference, since the last upload?
Traversing the permissions boundary can trigger a counter, while traversing the network boundary might be an independent permissions request.
It's not clear if the author of the article has insight into these differences.
Both scenarios still have the same net effect on privacy, reducing the privacy of the user.
The difference here, being a tradeoff in possibly some low-watt brief increases in CPU load, and more expensive network/radio traffic, possibly also affecting mobile data/bandwidth caps.
I don't really understand how the privacy implications of the 23,000th access are much different from the 1st except for grabbing the info of new contacts. If you gave them permission to grab it from time to time, any access rate above once a year is about the same.
Completely agree. The access at the point when your directory is at it's maximum (or multiple if you remove some) is just as intrusive as itself and a million others.
And it's WhatsApp ffs, if you're concerned about it having your contacts what on Earth are you doing with it.
Is there any way to find this out in other versions of Android? I've been experiencing severe battery drain recently and am unable to pinpoint to the app causing it.
Google should be required to give root to any user that request it for their own device... (anyone should be able to get better control of their own device). It would be easier to control crazy permissions.
edit: I don't really know a lot about this stuff, I was just trying to understand the comment I was responding to. I think I maybe misunderstand something fundamentally.
I didn't know that they are now letting users root Nexus devices without having to use exploits and such, but I was refering to all devices that use the Android OS.
> I didn't know that they are now letting users root Nexus devices without having to use exploits and such...
If by "letting users root" you mean providing instructions on using ADB to unlock the bootloader, install a custom recovery, sideload SuperSU, and reboot into a fully rooted device, then no. Google doesn't provide these instructions, but they also don't lock the phone down to the point that you have to find an exploit and pray you don't brick the phone. No exploits necessary on a Nexus, just standard tools and instructions available on any reputable Android dev site.
I was experiencing severe battery drainage also with Cyanogenmod on my old Google Nexus 3. Turns out the culprit was Google services keeping the location service going to sleep.
Turned out a newer update of Google Services just does something wrong on unofficial builds. You can see from the preferences which application is keepign the phone awake, but I think you might have to enable the developer options.
Solution was hacky, had to install a runtime script which was called on each boot, so that the particular service was blocked. Or maybe it was just looking at the battery stats, not sure anymore.
If you're willing to use a custom rom, you can see the counts with Cyanogenmod 12.1, based on Android 5.1 (maybe in previous versions too). 17 562 times for me in less than a month.
Without diving into root, the best method is to use safe mode, and if the battery drain vanishes, start uninstalling everything until the problem goes away.
The factory battery report isn't sophisticated enough to correctly attribute blame for more indirect battery usage patterns.
if you got a new contact in your address book you might want to send him the first whatsapp message 30s later, so it better checks for new contacts all the time...
If there is no listener for of some kind in the api (android system telling all apps who want to know once there is an update), it will have to ask the system over and over again.
The author of the article has every right to know what some company is doing with the private information of the customer, but this doesn't mean he is entitled to being explained the (technical) inner workings of the application.
If Whatsapp was a bad citizen in respect to battery life I would at least understand why he is asking, but this is not the case.
What I am sure of: Whatsapp maps E.164 normalized telephone numbers from your contact list to every contact in the phones address book.
The app probably queries you phones contact database just like the standard phone or SMS app would do for every bit of information it shows.
Privacy wise it makes no difference if they read your contacts once a day or once a minute. If the want, they have your contacts either way.
Actually this is a hint that they actually might not store your contacts names, pictures, addresses etc in their own app, but only retrieve that information to display it.
The way their web client works (it communicates with the smartphone app, not with the whatsapp servers) is another hint that they might not even store your full contacts on their own servers.
Would be an intetesting article if network traffic would`ve been tracked. The difference between accessing the contact list in a 30sec intervall vs additonally sending the gathered information to their servers is a huge difference. Be it power consumption or traffic wise. Maybe its a mechanism to prevent stand by mode? I made the experience that, if i turn on power save mode i only recieve messages if i actively open whatsapp.
This is stupid. Why am I more concerned about my privacy if WhatsApp reads my contacts 23,709 times in 7 days, or just once? It's still got the same data from me.
It does seem excessive; perhaps sub-optimal or even an accidental bug. But certainly nothing for the media to freak out about..
Speculating here: by polling this often they will know exactly when you added a contact. Because they are owned by Facebook they can then message back saying that these two people are connected and then maybe show better ads.
They can also use it as a gauge to see how their advertising for whatsapp gets used.
This number seems extremely suspicious and artificially high. It's almost as if the BB DTEC application has no idea what data it's diagnosing. Given their dubious claims regarding the implementation of grSecurity I'm inclined to not believe these findings.
Why dumb? I think the dumb one is you, see, 23K times, every 2 minutes access, in what mind is that reasonable? Do you add somebody new to the contacts ever 2 minutes?
The author's validity comes into question with how alarming the tone of this post is, and how he gave the company a week to respond to a non-important question then flamed them for not responding. His article on the Priv titled "BlackBerry Priv review: One of the best Android handsets I’ve ever used" vs Ars's post[0] on the same model from one of the more respected Android writers which is titled "BlackBerry Priv review: Android fixes the OS, but the hardware can’t compete" tells me all I need to know about this.
[0] http://arstechnica.com/gadgets/2015/11/blackberry-priv-revie...