A warning about Pecron!

[aussiesam]

I've been looking into Pecron power stations for a while, because of their low prices and good reviews. But aside from their support and quality control issues I just discovered something very disturbing. As I was considering whether or not to pull the trigger on the 1500lfp, I decided to download the Pecron app to see what features I would be getting. Before I could even use the app I was asked to accept their terms, I opened the privacy policy and was shocked to discover that it was a total trojan horse. The amount of data it wants to collect is insane, they want to know what OS you are running , language, user ID, android ID, google advertising ID, all the regular spyware stuff, but it gets worse! The app wants to record your wifi passwords, scan your network and collect all data about OTHER devices on your network. It wants your IP address, location, IMEI, mac addresses , wants to know what devices connect to your phone using bluetooth, your mobile phone number, wants to know what domain addresses (websites) you are visiting and says it might use third parties to obtain MORE DATA about you.. and this goes on and on.

This is a complete trojan horse. I'm done with Pecron because of this and I encourage you to look into this agreement for yourself and warn others to not use their app. Mind you all your data will be collected and sent to china and who knows who else will have access to your data and network from that point on.

 

[Steve_S]

Do you know that Samsung for example does exactly the same crap when you use their Smartplugs with the APP. They even want full access to your photo's and "everything" on the phone. Some APPS are Terribly "Invasive" and have a horrible potential for abuse. This applies to ANY Private Corporate... I have a few non-Chinese products (see Samsung) that have APPS which "demand" too much access.

Fortunately, because I am Very Rural & Remote and my Cell does not have DATA Services but connects to my internal network via WiFi I can & do control it... (EX MicroSoft Core Enginneer EMCSE, CBE & ECNE)

Even with many SmartBMS, they will require GPS Access for BlueTooth use and folks freak about that BUT it is for location service for Bluetooth and nothing nefarious like some Conspiracy Nuts make it out to be (they don't understand the tech for Chicken Little mode engaged).

EDIT:
Just because an APP requires X amount of info, does not mean it is for nefarious purposes.
Services like Google know far more about you than you can imagine even in your wildest dreams... and not only that "one" company.
Example, for anyone with Grammarly installed, it reads everything you write & provides aggregated data to you & others who buy it.

 

[wpns]

Some of these are just lazy app developers looking at the granularity of the permissions, checking “everything” to get the app working, and never (being paid to) go back and reduce the permissions to only those that are actually nessesary.

Boss “Does it work?”
Dev “Yes, but it’s not finished.”
Boss “Ship it!”

 

[Andrewr05]

"Never attribute to malice that which can be adequately explained by stupidity"

That being said, think about the simplest reason as to why this may be doing this.

If you want your device to connect to your wireless internet, how are you going to give your dumb device with no keyboard internet your WiFi password?
Some implement the WPS functionality, but other devices just send the WiFi password over Bluetooth or WiFi to the device and let it connect regularly.

That's what the app is doing and honestly they all do it this way (power stations, wifi lightbulbs etc), you connect to the device through a " Wi-Fi-direct" connection or a Bluetooth connection and then you inject your personal Wi-Fi connection's credentials to the device and then it switches over to that network.

And as far as picture/file access?
I honestly doubt that that is nefarious as well, is there just some situations where you want to do send feedback to the manufacturer or a bug report or something like that and you need to attach a screenshot.

Not everything is evil communist China stealing all of your info.

And even if it were? Your phone is already literally doing that anyways.

If anybody out there believes that Google or Apple wouldn't give your data to the police or the government and turn you in instantly then I've got a bridge to sell you.