The Meitu selfie app unlocks your anime beauty and personal data

Meitu has been taking off — everywhere I look on my Facebook, Twitter, I see pictures run through the app.

But do you actually check to see what permissions it asks for? A crazy amount it seems. I just checked on Google Play (https://play.google.com/store/apps/details?id=com.mt.mtxx.mtxx) and these are the current permissions

Version 6.1.0.2 can access:
Device & app history
  • retrieve running apps
Location
  • approximate location (network-based)
Phone
  • read phone status and identity
Photos / Media / Files
  • read the contents of your USB storage
  • modify or delete the contents of your USB storage
Storage
  • read the contents of your USB storage
  • modify or delete the contents of your USB storage
Camera
  • take pictures and videos
Wi-Fi connection information
  • view Wi-Fi connections
Device ID & call information
  • read phone status and identity
Other
  • receive data from Internet
  • view network connections
  • change system display settings
  • full network access
  • change your audio settings
  • run at startup
  • reorder running apps
  • control vibration
  • prevent device from sleeping
  • Google Play licence check

For the most part, these aren’t too much of a concern but these two might be:

Phone
  • read phone status and identity
 Device ID & call information
  • read phone status and identity

These relate to reading the device information such as the IMEI and call information. I’m not too concerned about the call side — you can block this with later version of Android’s permission manager (and I use that a lot with different apps), but I’m not sure if I can block attempts to read phone status.

Their justification of this to track usage in China because it is blocked, I guess does make sense, but am I the only one who thinks doing it this way leaves it way too open for abuse and misuse?

Source: The Meitu selfie app unlocks your anime beauty and personal data