Holy shit WhatsApp is the most abusive dark-pattern app I've ever touched.
2
46
149
Conversation
The account setup process prompts for a bunch of permissions it shouldn't need with plausible fake reasons to give them, including permission to harvest all your SMS messages.
2
4
40
Then it won't let you message anyone without exposing your contacts to it. You have to get them to message you first to create an open chat to bypass, or get a third party to share a contact link to you.
1
3
41
It gets worse. Then, it won't let you listen to voice messages you've already received without giving it permission to access all your data - presumably it wants to save to a file then play from the file.
2
1
27
Replying to
never mind that apps literally have an internal folder where they can store data and play audio from
2
1
They also have one in the profile's shared storage directory they can write to by default.
API 30+ removes the ability to request blanket storage read/write access to shared storage though. Case-by-case requests were supported since Android 4.4 (5.0 for directory access).