
Dont install the javelin browser – permissions abuse - skynetv2
A few weeks ago, the developer of javelin browser, Steven Goh, posted on this site about the new browser he was developing.<p>https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=8368199   nubela<p>I wanted to show support for his work, and installed the browser and tried it out.<p>Today I received an email from the developer on my WORK email promoting his IndieGoGo campaign.<p>The app discovered all the email addresses on my device (which includes my work email) and sent it back for later use.<p>And there is no unsubscribe option in the email.<p>first he steals my email address and uses it for marketing purposes without even asking me permission
and then he doesnt even provide me with an option to unsubscribe.<p>This is why I am always hesitant to try new apps or apps that I feel are asking too many permissions. They abuse your trust.
======
Shizka
And here is an answer from the developer. He does seems to be sorry about it.
[http://www.reddit.com/r/Android/comments/2u9zkx/dont_install...](http://www.reddit.com/r/Android/comments/2u9zkx/dont_install_the_javelin_browser_permissions/co6muur?context=3)

I do however find this highly suspicious and I do not condone the actions of
the developer.

~~~
techrat
Unfortunately his apology carries no weight as he's been called out on it
before.

[http://www.reddit.com/r/Android/comments/2236jy/i_am_the_dev...](http://www.reddit.com/r/Android/comments/2236jy/i_am_the_developer_behind_javelin_browser_it_has/)

------
angrycat
Developer of javelin is definitely a scumbag, mining contact information off
of users devices and sending emails to peoples work accounts without any
warning advertising his "private" browser. The browser is actually based off
of an open source android browser called Lightning which he never credited at
all until people found out and started calling him out on it. With such shady
practices I would not trust my privacy with that app.

Personally I have been using Frost
[https://play.google.com/store/apps/details?id=com.crowbar.be...](https://play.google.com/store/apps/details?id=com.crowbar.beaverlite)
as a private browser for the last 3 years and have been very happy with it.

------
techrat
Also all over Reddit now.

[http://www.reddit.com/r/Android/comments/2u9pol/developer_of...](http://www.reddit.com/r/Android/comments/2u9pol/developer_of_javelin_browser_now_spamming/)

[http://www.reddit.com/r/Android/comments/2u9zkx/dont_install...](http://www.reddit.com/r/Android/comments/2u9zkx/dont_install_the_javelin_browser_permissions/)

------
Arallu
Found an email in my spam folder for this shady dude. Glad I've moved on to
another browser.

~~~
orph4nus
This morning I found the mail in my spam folder of my WORK email as well.
Uninstalled it yesterday after reading this post.

------
bhhaskin
Reminded me of how LinkedIn would scan your contacts and invite them all...

~~~
skynetv2
i had couple of embarrassing situations like that, the latest one seems to be
researchgate.

now i wonder if this javelin guy took my address book too sending emails to
others saying I recommended it

------
greenyoda
_" I wanted to show support for his work, and installed the browser and tried
it out.

Today I received an email from the developer on my WORK email promoting his
IndieGoGo campaign."_

How can you be sure that this isn't a coincidence? Of course it's possible
that the browser app could have stolen your contact information, but maybe
they got your work address from another source a long time ago (which still
doesn't make the spam acceptable). But just because one event precedes another
doesn't imply that there's any causal relationship.[1]

[1]
[https://en.wikipedia.org/wiki/Post_hoc_ergo_propter_hoc](https://en.wikipedia.org/wiki/Post_hoc_ergo_propter_hoc)

~~~
skynetv2
ummm ... heres what the email says

"Hi, I am Steven Goh the developer of Javelin Browser and you are receiving
this email because you have tried Javelin before."

I thinks its pretty clear why I got this email.

------
v1tyaz
Hard to have sympathy for people who install closed-source applications with
inappropriate permissions and get burned by it. Still, the developer is an
idiot for doing it and should not be trusted.

------
Zekio
that guy have poor ethics if he does that...

------
superobserver
Trust no one. Ever.

------
hackread
thanks

