• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Help Increase in apps that request more permissions then needed?

babybackribs

babybackribs

Newbie
Lately it seems more and more apps are requesting access to user data even if there is no obvious reason why those data would be useful or even a necessity for the app to work like intended.

My guess was targeted adds. But people I've spoken with of this matter claims that even several paid apps request access to more personal data then they need. As i never tested those apps myself I can not say if it is correct or not.

Is standard Android taking a turn for the worse when it comes to integrity of personal data? And what can be done to avoid this? (not being forced to do the most obvious, stopping the use of all such apps.)

How much data mining can they actually do via all the apps we all download and install? Just thinking of this gives me a bad feeling. If several apps's data collection ends up at the same company (that is likely to happen - we don't know if those companies behind apps are selling data) analysis of those big data is almost endless.

For Pc more and more people are taking measures to avoid this. But it seems that smartphones are the new big thing for data collection. In the search for apps that will make our life a little easier we tend to loose all sense of critical thinking. We happily give access to whatever those apps are asking for, in the search for one more genius app that we can find use for.

Is Android platform pimping out everyone of us to anyone with deep pockets?

Is the sale of collected data starting to turn more profit then the app itself?

And what can be done to counter act this?
 
What happened to the Linux alternative for smartphones?
Think it was Ubuntu that made a Linux version for smartphones a few years back. Before they tried to launch Ubuntu phone via crowd funding. After the Ubuntu phone project did not meet funding goal I never heard anything about it.
Is it still an alternative - like is there apps made for that? Will it even work with smartphones of today? It would be nice with an alternative to OS to the big three. Seems all there is now is Android, iOS and windows smartphone.

Anyone tested Linux for smartphones lately?
 
The obvious answer to this would be to simply not install or update an app that asks for more permissions that what you think required, unless you find a reason why it absolutely needs it.
 
Yes you are right - but it is getting harder by the days to find good apps that do not ask for extended permissions.
Even several apps that costs money are "pimping you out" by asking for wide permissions.

If I had thought of this before I got the LG G3 I might have ended up with the Blackphone instead. But then again that phone is also based on Android and I am starting to feel the need for something that heads in a little different directions. After all, the last couple of years we really seen the value of protecting our valuables. If it wasn't for that certain whistle blower we all would still think all or data is useless for other and that we don't have anything to fear.

Well at least we now know that is not the case - bad guys will use any information they can get their hands on.
 
Last edited:
Well, what apps are you talking about anyway? So far I have a lot of apps that don't seem to have unnecessary permissions.
 
Well what apps? Naming all of those apps does not change the nature of this matter. It is a lot of apps that ask for access to a lot more then what they need access to regarding to working properly - I can only imagine the reason for that is to somehow violate my privacy. Either by selling pin pointed adds or worse selling my data to the highest bidder or collect the data and make use of those that in way that really does not benefit me.

Should Facebook really have access to read, copy and whatever with all my contacts? What do Facebook need my phone numbers for? Or why would twitter need to track me with GPS?

Why would The weather channel app need access to your device and call information? Why would it need to know the names of all nearby WiFi devices, or my GPS location? And there are a long list of apps that asks for access like this. The list could easily be long - but that is not the point to single out each and every app that does ask for wide access. It is more to point out that I think it is time this stops.

Yes we can argue that weather channel app has legit reason to ask for all this - for to share weather related photos and what not. But is that all they do? What about the future? Do we know if the structure of the firm behind the weather channel app changes? Do each and every one of us know if the app owners changes and with them their policy and means to meet the required earnings? No we do not know - and we shouldn't be pimping our self out for a free app, even if it seems we do need that app so much. We don't need such apps. We did fine without it 10 years ago and we will be fine that day after tomorrow.

For me personally this strange app behavior is not really a problem, only an annoyance. Like it is for you and most of us. I am a plain old fart same as the next guy. I don't do million dollar deals before breakfast or have high level access to anything, I don't surf anything interesting to anyone - except those with a neck for plain, boring people like me - the advertisers. They care what all of us do, what we read, which sites we frequent and the route we take to work, church and back. And to tell you the truth I find I am already exposed to enough commercial in my life, I don't need to make their job even more easy by giving up what they want.

I guess this alone is a really good reason to do root your phone - put a lock on your data and stop being a chump.
 
Last edited:
I am in fact so old that I do remember well the days before Google. How one daily or at least weekly/bi weekly got an automated response someones inbox was full and the email could not be delivered. I remember the early days of Google, the famous - do no evil area. Where Google took each and every opportunity to tell us all how good they where and how the establishment of hi rolling companies was taking advantage of the little guy. We all welcomed Google and for us it seemed like David vs Goliath. We all stood by cheering Google on, hoping for a victory. Ignorance is a bliss :)

And in those first months or even year of Gmail it was regarded as a "quality badge" to be one of the lucky ones that had a gmail email address. Imagine never having a full inbox? And an inbox that was always growing. Never had we seen such a deal. And all this for free? Amazing. Gmail was free - Google was the savior.

People was stunned. And Gmail was the ultimate proof that you where special - more so then your random IT guy. You where the chosen one. One of thew few with an invite.

Little did the majority know that the "free" gmail account came with a price. The price of no privacy. The price of letting others read all your personal and even work related emails. In a time where we all trusted our governments, and snail mail, AKA regular postage letters where consider very personal and off limit for all but the receiver. In a time where no one had ever breached protocol or made such a big change affecting so many people in such a small amount of time.

Reading other peoples letters where a big no no and an unthinkable act for each of us - we learned that as a child. Letters are personal. So much so it was even a Federal offence to gain access to other peoples writings if done purposely. If you with knowledge and intent did read other peoples mail - you went to jail. Google was one of the companies that changed all that. Now if you invade peoples privacy, you go to your bank laughing rather then end up in jail. Invasion of privacy is a money making "factory". Close to running your very own currency press. Need more cash? Sell even more info. Or find ways to exploit the existing data in ways large corporations will pay even more for.

Slowly very slowly did someone notice a change in adds. Until one day someone got proof. Google was reading all of our email. Our private emails! All those emails we thought where secure communication only accessible for receiver and maybe, but not likely - the occasionally criminal super-minds. But it was unthinkable that a private company (later even publicly traded company) should even come to think about reading all of peoples private writings . This kind of privacy violations was so far out no one even thought of that possibility. Stupid ramblings to a girlfriend. Lame receipts for your online shopping. Your flight schedule or your mothers secret apple pie recipe. Or for some business related information that should not be accessible to anyone outside the company. It was not your secret anymore. One company read it all. Each and every letter. And they didn't stop with just the reading. They started to make profiles. To collect even more data. And without our knowledge Google changed the way and the rules. For the very first time a several hundred years old "gentleman agreements", Federal law and commonly agreed upon behavior was abandoned in the name of adds and higher earnings.

Did anyone say do no evil? Well we all know that is not Google.
 
Last edited:
What really grinds my gears is when an app that has nothing to do with text messaging wants to send, receive, and read text messages on my phone. The Facebook app is a perfect example of this. Also, don't think that you are kept safe by not downloading a certain app. Many times, the system apps that come pre-installed on your phone require more permissions than they need in order to work properly. I'm not just talking about carrier bloatware that can be removed without causing problems either. Why do you think that phones that would have cost $500 or more two years ago can now be had for less than $100. They have shifted from making money by selling you a product to making even more money by selling your privacy. The companies that buy your personal information are like sponsors that pay a large portion of the cost of your device.
 
It used to be that we were the customers, the plan we paid for was the service, and the phone we bought was the product. Now big corporations are the customers, who pay for the service of having access to our personal information, and we are the product.
 
Something else that I have noticed lately is that after browsing on different online stores, I now get bombarded with ads for the products that I was looking at but didn't purchase.
 
Another thing that aggravates me is the way that Google 'simplified' app permissions in the play store. What they really did was make it more difficult to find out exactly what an app has access to. Now apps can say that they don't require any 'special' permissions but still access the internet and read what accounts are on your device. The only way to protect your self from this invasion of privacy is to either avoid using computers and smartphones, or to pay careful attention to what apps on your phone are doing and use xposed modules like xprivacy and lightning wall to deny apps access to the internet and or feed them fake useless data. Also, whenever I find an app I like that doesn't require unnecessary permissions, I always copy the apk to my SD card and computer hard drive so that when I get a new device I don't have to get a newer version from the play store that requires new, unnecessary, intrusive permissions. I rarely ever download apps from the play store anymore for this reason.
 
I hear you and I do agree. And that is why I think it is time to look for alternative OS. I think our privacy should not be a commodity that people are making big bucks on.

So what alternatives are out there as of now? What about that Ubuntu for smartphones? Did that turn into more projects like we see in the Linux world?

Would starting from scratch with a stripped down version of Android be sufficient in regards to privacy?
Or are Google already earning too much money by doing things behind our backs that Android as a platform should be obsolete?

It used to be that open source was a way of securing the absence of evil doing. But as the code base grows even larger it becomes a challenge so hard that even the eyes of "the many" are having a tough time reading codes to avoid explore's. We remember the openSSL heartbleed. How long have things been out of hand?

I am not saying that closed source are a better way - that just make it even tougher to spot wrong doing. But the more I think about this the more I feel like going trough old boxes for that very first Nokia 3xxx. Or even make do completely without cellphone and smartphones. Which is almost impossible these days - and if you do drop the idea, your are the freak.

And it shouldn't have to be like that - we should be able to find a less evil alternative.
 
Last edited:
There are reasons for some of the permissions, stemming from what users have fed back to the companies.

A long time ago, people wanted Facebook to see who their contacts were so they would be easy to find. Facebook has the option to search people by phone number, so yeah, the app does need the contact info access for that to work. Although with Facebook, it's easy to go around with since you can just not use the app and use the mobile browser. Even should the app be installed, as long as you aren't logged in, it won't be able to do anything.

Twitter obviously has the check-in feature. So obviously it needs GPS access. Easy work around is use a different twitter app, or stick to using the mobile browser.

There are ways to not use apps. Or simply, choose who you trust.

As for data mining, its due to the changing ecosystem of revenue. These companies need income to exist, and if they are losing income through traditional means, they need to change their practices into something that will bring in money. In this case data mining. In most ways it's not the companies screwing consumers, but its consumers screwing companies, forcing them to screw consumers. Like how telcos removed unlimited internet because revenues were dropping since people hardly called or texted via the traditional methods anymore. Everything went through internet because its "free". So they changed revenue to higher internet charges.

As you said before, the way to fix this is simply to root. Losing warranty is just the price you pay for more control, simply because nothing is truly free.
 
I get your point - a small firm making apps for a living need revenue to make it. Either we pay for their apps or they will get it their revenue from other sources.

But here is where I think we should really see another alternative. Like in the world of Linux there are so many distros to choose from that you will find one that is better suited to your needs then the others.

That is what I wish for in the mobile OS world too. More choices. So we could have some distros focusing on privacy.
With easy access to do changes. And with no "evil-corp" running in the background, hiding in the shadows.
 
Seems there are more people then just me that have the same train of thoughts.
Most of us know Blackphone. Well that was yesterday. Today meet GranitePhone.
Everything is encryptet and security is everything.

The OS is Android based, or a fork of Android.
No more spyware, adware or three letter agencies listening in or capturing data.

M-i-t-m attack? Noe anymore :D


 
That's a phone with privacy in mind, like the BlackPhone, but if you go installing and using promiscuous social apps like Facebook on it, don't think it would be any better.

Do you trust the corporation behind the GranitePhone? BTW who actually makes this and where does it come from, China? Looks like it's only a concept at the moment.

EDIT:

It's from Brazil apparently.
http://www.cnet.com/news/brazilian-company-reveals-security-minded-granitephone/
"You can't change the rules, you can't access the camera, you can't install apps,"

So effectively it's a dumb-phone and not a smart-phone. Not going to be doing anything social or leaking any private data thru third-party apps, except what you do via the browser, that's it.



Nokia 3310....you can't change the rules, you can't access the camera(because it doesn't have one), you can't install apps!
150px-Nokia_3310_blue.jpg



BTW: I moved this thread to Applications, as it's not really a question any more. Any problems, PM me. :)
 
Last edited:
Nice responses to a question that I was wondering myself. Having avoided smart phones until recently I was surprised at what access apps wanted. In short, I've deleted every app from Samsung's store as they all required more than was necessary, as well as most were written by the same real or fictitious person. Why does a flashlight app need access to my location or personal contacts? Even in the Google app store I found a flashlight app but felt is was better off not to have one then to install it as it required more access than was good.

Whether apps are acquiring too much control there will be a backlash and soon. Otherwise Google and Android may find itself fighting a major PR problem that Apple IOS will win.
 
It's not so much as a problem of Google as a problem on the end user. Obviously the only permission a flashlight app needs is camera permissions (for access to the flash hardware). If you see an app that violates privacy and seems to ask for too much, don't download it, and report it to Google.

This whole privacy thing has blown out of proportion to the point that people are starting to rely on others for their privacy (makers of blackphone and granitephone), when in fact you're just trading one (Google server) for another (Black server). The best thing to do about privacy is simple common sense. Don't put anything you don't want others into get on something others can access. And read permissions. IMHO, it has nothing to do with smartphones. It's what you put on your smartphone that matters.
 
dmitche3 said:
Nice responses to a question that I was wondering myself. Having avoided smart phones until recently I was surprised at what access apps wanted. In short, I've deleted every app from Samsung's store as they all required more than was necessary, as well as most were written by the same real or fictitious person. Why does a flashlight app need access to my location or personal contacts? Even in the Google app store I found a flashlight app but felt is was better off not to have one then to install it as it required more access than was good.

Whether apps are acquiring too much control there will be a backlash and soon. Otherwise Google and Android may find itself fighting a major PR problem that Apple IOS will win.
Click to expand...

Apple has a different solution to their PR, it's a need to know basis, and the public doesn't need to know. Facebook on iOS does exactly the same as it does on Android. However with Apple iOS.....
...."Pay no attention to that man behind the curtain!"
pay_no_attention_to_that_man_behind_the_curtain_0.jpg
 
For what it's worth I use an app called XPrivacy (look it up if you are interested) and Afwall+.

XPrivacy allows me to close down permissions that I don't think an app needs needs after I have installed the app!

Afwall+ is a firewall that I use to prevent call home shenanigens from all kinds of apps!

Both are free.

I am not connected in any way with either app but I thought you all might gain some benefit from both of these apps.

XPrivacy is tricky to install. And it does not run on ALL Android versions. Be forwarned. NOT for your run of the mill end user as you can seriously mess up your apps with it at a low level.

Oh...my Android is rooted.

Carlos
 
You must log in or register to reply here.
Back
Top Bottom