Problem a malicious app could ask for the main MAID and if the user stores all his information under that ID, the app could start reading all this data ?
It is unclear to me: the single Maidsafe Anonymous ID (MAID) is the single point of entry onto the network, right? This user can then have many Proxy MaidSafe IDs (PMID). A single application would only control access to a particular PMID, but not the other PMIDs a user has? How does the user authenticate this PMID in an app, with an app-specific password?