Samsung is migrating SmartThings to a new app: “Samsung Connect.” This app requests permissions to access all contacts and files on my cell phone. This is highly intrusive.
I have contacted Samsung three times asking for explanations of why these permissions are necessary. Specifically, I asked “Why does SmartThings need to know the phone number of my dentist to turn on my kitchen lights?”
In each case I have received a nonsensical reply. Here is how Tony responded a few days ago: “Contacts are a permission the app asks for because it wants to verify user information for the app as well as save your login credentials.” Huh? That makes no sense. How, exactly, does the Samsung Connect App use my contacts to verify my user information? I don’t think that information is even in my contacts list.
SmartThings knows a lot about me. It knows when I am home. It knows when I watch television, eat breakfast, and open my garage door. It has access to my cameras, thermostat, and door locks. Samsung needs to place the privacy of the SmartThings community above all else. Until they can offer a coherent and logical explanation of why the new Samsung Connect App requires unrestricted access to EVERYTHING on my cell phone, I am not going to switch to the new App. Indeed, Samsung’s behavior is causing to wonder whether the company is trustworthy at all.
I welcome responses from the SmartThings community, as well as an “official” response from Samsung. Hopefully Samsung will come forward with a real explanation, and not the nonsensical drivel they have shared so far. The replies that I have received have only increased my concern about their intent.
why am i still getting updates to the ‘classic’ app? this isnt going away? what is the roll out plan for the new version? i am holding off a lot of set up work because i feel functionality will be lost in the conversion.
The ironic thing about this post is that the Samsung connect from what i can see is only on Samsung phones. They have so much baked into the phone with other services if you think the Smartthings integration is requireing to much you really need to look at the other Samsung services on the phone. I guarrentee they already have your contacts through other means.
The new app is just the Samsung Connect app that has been on the last few generations of phones. So the install base is much larger. They just need to get all of the Smartthings specific functioanlity baked into it. At this point there are allot of gaps specific to Smartthings users.
Yes, I’m sure they have our contacts. I know they have mine, because I had a Samsung account for my Note 3 (which I loved). I gave Samsung access so they could back up my phone.
However, to ask for access to everything to use SmartThings is chilling, particularly after the recent Facebook fiasco. Think about what SmartThings has access to in your home. In my case, it has access to my security cameras, my thermostats, my garage door, and the locks on my doors. It even knows when my dogs are walked.
Combine those data with everything on my phone (because the app wants access to ALL FILES), and Samsung can sell anybody my whole life’s story. Top that off with BS explanations from Samsung about why all of this is necessary, and I think we have valid reasons to worry.
The samsung connect app has been around for a lonnnng time. It is what connects to my car for my hands free bluetooth connection… hence the need for contacts… This is not just for your smartthings platform. They added smartthings to the app that already functioned for other things
The fact that the Samsung app explicitly tells you that it needs to access your Contacts, and that you must give it permission to do so…and the fact that we have no reason (at least not yet) to think that they’re selling that information to anyone…makes comparing this with the Facebook fiasco very much an apples-to-oranges thing.
(ActionTiles.com co-founder Terry @ActionTiles; GitHub: @cosmicpuppy)
It’s sad that SmartThings has been criticized multiple times in the past for not having sufficiently granular access control (security options to grant to SmartApps and shared household access, etc.) and now they’ve definitely made the situation much worse by combining too many functions into one App which has no option to block specific Android access requests, except to fail to execute.
The new “smartthings (Samsung connect)” app isn’t just the old Samsung connect app With a new name – – it has a very new rules engine specifically for IOT. It’s just that a lot of it isn’t done yet. For example, “location.mode” and security.mode” are new.
I’m really sorry to see the text “SmartThings is optimized for Samsung smartphones.” I loved my Samsung Note 3, and my Note 7 might have been the best phone I ever owned, other than occasionally catching fire. After the Note 7 fiasco, I switched to the Google Pixel.
I wondered why Samsung bought SmartThings. It looks like they intended to motivate (i.e., force) the SmartThings user base to switch to Samsung phones. If “some of its features may be restricted on smartphones manufactured by other companies” then I may be forced to switch platforms.
Arrgh… I’ve spent 2 years building my SmartThings platform. Does any other platform offer the functionality and user community of SmartThings?
I understand you being paranoid, but this is what Samsung says:
※ App permissions
The following permissions are required for the app service. For optional permissions, the default functionality of the service is turned on, but not allowed.
[Required access permissions]
• Contacts: Verify user information that will be delivered while transferring files.
• Location: Find nearby devices using Bluetooth or BLE.
• Storage: Save and use plugins and app data, and transfer content and files via the app.
• Phone: Check for app updates, identify the user’s country, and transfer content and files via the app.
[Optional access permissions]
• Camera: Scan QR codes.
• Microphone: Used to provide voice control function using microphone.
Be also aware that due to how Android permissions work, permissions are more or less global per category (like phone or contacts).
And they deserve it. Facebook was designed to extract as much info as possible from your phone/computer without you knowing. NSA/Mosad/KGB/etc had a dream and it was fulfilled by Facebook. Have people give them info about themselves, their family, their friends including pictures for face recognition and call/message logs.
This is different and they are upfront on it. I would not boycott.