-
After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.
Android permissions explained, security tips, and avoiding malware
- Thread starter alostpacket
- Start date
The quick answer is no
The long answer is - there are some spywares there that are still available on Google Play.Always check permissions when installing new apps, and check user comments !
Hi,
I am not sure if this is the correct place to post but I had my S3 stolen a couple of days ago and wondered if anyone can help - my network Vodafone have blocked the phone but I just wanted to know if anyone can tell me if the thief can still access my content/text messages/e-mails or can he not?
I hadn't yet setup any of the security features!
Thanks to anyone who can advise me!!
I am not sure if this is the correct place to post but I had my S3 stolen a couple of days ago and wondered if anyone can help - my network Vodafone have blocked the phone but I just wanted to know if anyone can tell me if the thief can still access my content/text messages/e-mails or can he not?
I hadn't yet setup any of the security features!
Thanks to anyone who can advise me!!
If you had Lookout or AVG on it, you can switch on the GPS remotely and track it.
pandata000
Newbie
No. There are still malwares on Google Play. Always check needed app permissions when you install new app ! It's the best way to protect yourself. One of the latest malwares used another scheme - when you install it, it downloads a separate apk. However you should agree with the permissions of this separate apl in order to install it. So, it's still safe !
If you have permission troubles you can check Anti Spy Mobile Free ot PermissionsDog - they will make analysis of all permissions that are needed by your apps.
Ok, I got my first tablet today, will likely be getting a few apps from Google Play tomorrow, and need some info......
From what I read - when you go to download/install an app you have to give your ok seperately for each permission the apps request, is that right ?
Do most people automatically agree to all the permissions ?
Will the apps work if you don't agree to all the permissions ?
Should there be any real concern when getting apps from legit sources like Goodle Play, Amazon apps, or getjar.com ?
From what I read - when you go to download/install an app you have to give your ok seperately for each permission the apps request, is that right ?
Do most people automatically agree to all the permissions ?
Will the apps work if you don't agree to all the permissions ?
Should there be any real concern when getting apps from legit sources like Goodle Play, Amazon apps, or getjar.com ?
Metroid Prime
Oil Can!!! Oil Can!!!
Yeah, the app needs permission from you before you install and run the app. I don't know if most people do that, but it's always good to read the permissions first and to read the comments and look at the rating before doing so. If you don't agree to the permissions then you can't download the app. I don't think there's much concern, but even with legit sources it's always good to do some research and to raise a brow at fishy apps.
You cannot grant permissions individually. You either must accept all permissions the app is requesting or not install the app.
I would say that most people do accept the permissions without first reading them the same way most people accept the license agreement on software when installing applications on their PC. Most of the time it's safe enough.
There should always be a concern, but it's very slight. Use common sense with the permissions (if it looks screwy, then you might want something else) and read the reviews on Google Play. Malicious stuff get's called out pretty quickly.
If find an app you want, but aren't sure, ask here. We're here to help.
You cannot grant permissions individually. You either must accept all permissions the app is requesting or not install the app.
I would say that most people do accept the permissions without first reading them the same way most people accept the license agreement on software when installing applications on their PC. Most of the time it's safe enough.
There should always be a concern, but it's very slight. Use common sense with the permissions (if it looks screwy, then you might want something else) and read the reviews on Google Play. Malicious stuff get's called out pretty quickly.
If find an app you want, but aren't sure, ask here. We're here to help.
Thanks, that good to know that it not something that happens often, but it's safer to err on the side of caution and know what to watch for !
Hey Rico ANDROID,
So sorry for the delayed reply- somehow I didn't get the email for the thread, and simultaneously got swallowed whole by work there for awhile! The app I had been looking at was ReLaunch- Launcher by 5primes. Since writing that post I also noticed it in the Google Play Books app (though it being a Google app it doesn't seem as odd there).
Rico ANDROID
Android Expert
Hi Misc, no prob at all. Thanks for the info! I will check it out!
alostpacket
Over Macho Grande?
Hey all, I just published an update to Pocket Permissions and will update this guide shortly (this week hopefully)
Rico ANDROID
Android Expert
Hey AlostPacket! I look forward to checking it out! FYIJ This well respected folder , your discussion has made the ANDROID FORUMS "FORBES500" fav watering hole list!
Click HERE: Or the pic to go to the article
alostpacket
Over Macho Grande?
OK finally updated!
About 40 permissions added here. 82 permissions total in this guide (213 in PocketPermissions).
I limited the ones here to only permissions that apps can ask for without root. (forum limits how much I can fit in two posts )
About 40 permissions added here. 82 permissions total in this guide (213 in PocketPermissions).
I limited the ones here to only permissions that apps can ask for without root. (forum limits how much I can fit in two posts
)
StanGetsIt
Newbie
Handcent SMS:
Keep an eye on it, it uses almost every permission available to ask for
Earth live wallpaper
plasma live wallpaper
Subsrate live wallpaper
flying balls live wallpaper
matrix live wallpaper
ALL Live wallpapers are "safe", save draining your battery - matrix is the worst
AK Notepad - I dont use it
Opera Mini 5 - supreme security risk, man-in-the-middle stuff - UNINSTALL ASAP
Coin Flip - adware, no worse than Angry Birds
Keep an eye on it, it uses almost every permission available to ask for
Earth live wallpaper
plasma live wallpaper
Subsrate live wallpaper
flying balls live wallpaper
matrix live wallpaper
ALL Live wallpapers are "safe", save draining your battery - matrix is the worst
AK Notepad - I dont use it
Opera Mini 5 - supreme security risk, man-in-the-middle stuff - UNINSTALL ASAP
Coin Flip - adware, no worse than Angry Birds
StanGetsIt
Newbie
That depends. Rooted? Then you CAN individually block the permission from being accepted - LBE PRivacy Guard, really really works well.
Caveat for LBE - TURN IT OFF BEFORE UNINSTALLING, otherwise some of the blocked permissions could stay blocked!
Caveat for LBE - TURN IT OFF BEFORE UNINSTALLING, otherwise some of the blocked permissions could stay blocked!
Handcent and Opera are threats??
And you never heard that a rash of live wallpaper hit last year that was the delivery method for malware?
And you never heard that a rash of live wallpaper hit last year that was the delivery method for malware?
You may be mistaking Opera's proxy for IP spoofing or phishing.
From the wiki
Read the entire entry.
It's really quite safe.
From the wiki
Read the entire entry.
It's really quite safe.
alostpacket
Over Macho Grande?
I think Stan may have been replying to a post further up/back
Great thread, just got finished with it.
In general I will install apps from what I consider to be reputable companies even if their Permission Requests are a little suspect. For apps from unknown developers I rely on comments and a quick Google search.
You definitely do have to wonder though about certain app permissions.
For example, both Dunkin Donuts and Starbucks apps require Call_Phone and Dunkin also requires Read_Contacts, Send_SMS, Write_SMS. I trust both of these companies not to call 900 numbers on my behalf
and if Dunkin wants to see my contact list so be it. Having the ability to have my coffee cards scanned from my phone is worth it. However I really start to wonder if some companies are collecting data for not the greatest reasons.
Somebody in an earlier post made a suggestion to allow searching with the ability to uncheck certain permissions. Or else allowing certain permissions to be selected as an extra level of warning. That is the best way to dissuade developers from requesting unnecessary permissions, have it lead to less search results.
In general I will install apps from what I consider to be reputable companies even if their Permission Requests are a little suspect. For apps from unknown developers I rely on comments and a quick Google search.
You definitely do have to wonder though about certain app permissions.
For example, both Dunkin Donuts and Starbucks apps require Call_Phone and Dunkin also requires Read_Contacts, Send_SMS, Write_SMS. I trust both of these companies not to call 900 numbers on my behalf
and if Dunkin wants to see my contact list so be it. Having the ability to have my coffee cards scanned from my phone is worth it. However I really start to wonder if some companies are collecting data for not the greatest reasons.Somebody in an earlier post made a suggestion to allow searching with the ability to uncheck certain permissions. Or else allowing certain permissions to be selected as an extra level of warning. That is the best way to dissuade developers from requesting unnecessary permissions, have it lead to less search results.
alostpacket
Over Macho Grande?
Great thread, just got finished with it.
In general I will install apps from what I consider to be reputable companies even if their Permission Requests are a little suspect. For apps from unknown developers I rely on comments and a quick Google search.
You definitely do have to wonder though about certain app permissions.
For example, both Dunkin Donuts and Starbucks apps require Call_Phone and Dunkin also requires Read_Contacts, Send_SMS, Write_SMS. I trust both of these companies not to call 900 numbers on my behalf
Somebody in an earlier post made a suggestion to allow searching with the ability to uncheck certain permissions. Or else allowing certain permissions to be selected as an extra level of warning. That is the best way to dissuade developers from requesting unnecessary permissions, have it lead to less search results.
Well said, and a good idea! I may have to add something like that to PocketPermissions
I agree too, that some of those permissions are too "all or nothing" such as the SEND_SMS permission. However I think Google just recently split that into 2 separate permissions. 1 normals SEND_SMS, which requires users confirmation before sending, and another SEND_SMS_NO_CONFIRMATION, which, as it says on the tin, requires no confirmation. This is a step in the right direction.
However, Google tends to have a policy of preferring compatibility to security (in general), which means, that even though they split the permission, the extra protection will take awhile to take effect. Many apps will happily use the older permission and be granted full/no confirmation permission as long as they don't make use of the new SDK.
As for splitting the Contacts permissions, there is already a way for apps to let users pick a contact without the permission. Unfortunately, developers/publishers do not like this experience because it takes the user to the contacts/people app, and out of their app.
From a usability perspective, it should be fine. However many apps prefer to give a user a complete experience without ever leaving their app.