Hi, I'm looking for an app that can create a list of apps based on the permissions of my choosing.
All of the programs that give insight in permissions / danger levels etc are somewhat static in the way they operate. It is either showing the permissions of a single app, or all apps with that one permission, or are using their own method of calculating the danger level of an app.
I for one think it is much more interesting to see which apps are posing a threat to my privacy or the privacy of my contacts, while others find it interesting to see which apps can cost you money.
If it would be possible to choose one or more permissions to create the list, rather then let the app do it for you, it then would be possible to look at the permissions from different perspectives (possible costs, privacy, security etc).
Perhaps some pre-defined perspectives can be delivered as well, but the main goal should be that you can select any number of permissions and then a list is presented with all the apps that have those permissions.
Any one know of such a program or is interested in developing one?
Hi,
My top recommendations:
LBE
http://market.android.com/details?id=com.lbe.security.lite
Permissions denied
http://market.android.com/details?id=com.stericson.permissions
Both give good overviews, and the ability to change permissions, but LBE also acts as a permission firewall also, and blocks and notifys you of any strange behavior from any apps and then proceeds, or denies the apps request, thus giving you complete control.
highly recommended.
Hope it's a start.
Regards
Edit:
Another one for consideration:
http://market.android.com/details?id=com.a0soft.gphone.aSpotCat.
Cheers
Another one:
YOu can select which permissions to check. For instance internet + reading sms is dangerous, but reading sms isn;t dangerous on it's own.
This apps let;s you choose your own set of what you mark as dangerous
https://market.android.com/details?...EsImNvbS52ZGVzbWV0LnBlcm1pc3Npb25tb25pdG9yIl0.
backhead92 said:
Another one:
YOu can select which permissions to check. For instance internet + reading sms is dangerous, but reading sms isn;t dangerous on it's own.
This apps let;s you choose your own set of what you mark as dangerous
https://market.android.com/details?...EsImNvbS52ZGVzbWV0LnBlcm1pc3Npb25tb25pdG9yIl0.
Click to expand...
Click to collapse
This sounds like what I'm looking for. I will give it a try, but I also mailed the dev why the app needs the permission to read the phone state & identity and internet access (even the paid version).
Reason for asking is this: I have installed over 150 apps and I recently noticed that when ever I make a call, my 3g-connection becomes active. Up when I start the call, up/down after the call. I really want to know which apps does this and to narrow down the list of apps that could do this it feels a bit strange to add yet another one which has the potential of doing it;-)
I already have aSpotcat, but the reason for my (re)quest(ion) was that I want to see all the apps that have the permission to read my phone state/identity or contacts and also have internet access. The combination of these permissions pose a much bigger threat than just the permission to read my contacts.
With aSpotcat you have to do this manually per permission or app.
The description of LBE is something I look forward to when I will root my Nexus S.....if I ever dare;-)
Thx for all the suggestions so far!
Thanks for the description. Gonna try all the apps and see which one suits my purpose.
i know permission explorer
I would recommend pdriod its super powerful and completely free right here
http://forum.xda-developers.com/showthread.php?t=1357056
Related
Worrying article on how apps are using personal information.
www.theregister.co.uk/2010/09/30/suspicious_android_apps/
I'm sick that they had to go too such lengths to find out. We need a better net architecture to enable a proper firewall to work.
Sent from my HTC Desire using XDA App
Also, app naming FAIL!
Well, since they only tested 30 apps and won't release the names of the ones they tested, only saying that they are "the most popular", personally I don't buy it.
And the information these apps are sending out is primarily geolocation. Well, no ****. If an app wants your location and you don't think it should have it, it's either using it for ads or you should decline to install the app and just send an email to the dev asking him why he needs that information.
tjhart85 said:
Well, since they only tested 30 apps and won't release the names of the ones they tested, only saying that they are "the most popular", personally I don't buy it.
And the information these apps are sending out is primarily geolocation. Well, no ****. If an app wants your location and you don't think it should have it, it's either using it for ads or you should decline to install the app and just send an email to the dev asking him why he needs that information.
Click to expand...
Click to collapse
Agreed... geolocation is pretty obviously straight forward. I don't know about the 'transmissing every 30 seconds' thing though.
Any thoughts ont he transmitting sim card and IMEI info?
http://www.youtube.com/watch?v=qnLujX1Dw4Y
Also discussed here:
http://forum.xda-developers.com/showthread.php?t=795702
With explanation where to get it from http://www.appanalysis.org/
A very well-written reply by "Steven Knox" on The Register, demonstrating how this 'research' is simply a pile of intentionally-misleading statistical rubbish:
By selecting only from applications that access both personal data and the internet, they're overstating the significance of their study by about 3x. Furthermore, their summaries blur this distinction unnecessarily.
Specifically, their FAQ says "We studied just over 8% of the top 50 popular free applications in each category that had access to privacy sensitive information in order to get a sense of the behaviors of these applications." Since there were 22 categories at the time they did the study, that would imply (22*50=1,100 * 8% =) 88 applications. However, they actually only tested 30, because of the 1,100 top 50 applications only (from the PDF) "roughly a third of the applications (358 of the 1,100 applications) require Internet permissions along with permissions to access
either location, camera, or audio data." -- meaning that the other 742 apps don't have the necessary permissions to play badly. The clause "..that had access to privacy sensitive information in order to get a sense of the behaviors of these applications." from the FAQ is grammatically ambiguous in this case (it may refer to "applications" or "category"), and not specific enough to indicate that over 2/3 of the applications are (relatively) safe by dint of not having the necessary permissions.
They also didn't include in their study apps from 10 of the 22 categories, but they don't explain whether that was due to a) there not being any or enough applications in those categories that required internet and personal data permissions, b) a conscious choice to focus on the other 12 categories, or c) the results of random selection (with an explanation of why they did not use a stratified sample).
Once you factor back in the applications they ignored, the numbers don't look quite so bad. Assuming their sample was representative, 2/3 of the 358, or about 239 applications of the top 1,100 of the time use personal data suspiciously. That's about 21.7% or just over 1 in 5 -- still significant, but a far cry from 2 out of 3. In fact, the worst case maximum is actually 358 of 1,100 or just under 1 in 3 (32.45%) because they are as mentioned above the only ones that actually acquire the permissions necessary to do anything "suspicious".
I understand why both the researchers and the reporter used the 2/3 figure -- you all believe you have to sell the point as hard as possible*. But the real story is that it's likely that at least 1 in 5 Android Apps use private data "suspiciously" -- and that number is still high enough to cause concern and to justify the further use of tools like TaintDroid. It's a pity you didn't trust the facts enough to avoid the unnecessary sensationalism.
*I am assuming, here, that Mr. Goodin did actually read and digest the paper as I did, rather than simply picking out the figures from the study, the FAQ, or a press release.
Click to expand...
Click to collapse
good spot. But one in ten woolf be too many. The point is we should have more fine grained control and transparency off what apps do over the net, and we can't, by design.
Sent from my HTC Desire using XDA App
We need to develop a shim that reports modified IMEI/SIM data for different apps. IMO, very few apps need that information. We may not be able to keep all those apps from sending our private information, but we can make that information useless if it appears that we all are using the same IMEI/SIM...
patp said:
...The point is we should have more fine grained control and transparency off what apps do over the net...
Click to expand...
Click to collapse
agreed....
if you are rooted. With Root Explorer go to /data/system/ and open accounts.db you might be surprised what you find in it... Some people it will be fine for but mine it shows my exchange email and password in plain text and a few others show up as plain text has well...Its not geo they are worried about (for the most part) and...this file has been known about for awhile
Don't worry though unless your downloaded android specific virus holding apps you wont have any problem. And if your getting all your apps legally through the market then its no big deal =) and if your pirating them...well I don't feel bad for you...
echoside said:
if you are rooted. With Root Explorer go to /data/system/ and open accounts.db you might be surprised what you find in it... Some people it will be fine for but mine it shows my exchange email and password in plain text and a few others show up as plain text has well...
Click to expand...
Click to collapse
Opened it, my accounts are there, but no passwords....
rori~ said:
Opened it, my accounts are there, but no passwords....
Click to expand...
Click to collapse
my gmail is somesort of encrypted but doesnt look that great.
Exchange shows up
facebook doesnt show anything at all aha
Thats why I said some might not have anything. Awhile back when I first heard about it one of my friends had two or three right there in plain English I didn't have a phone at the time to check...
Its been reported before but kind of just brushed over no biggy. To go real conspiracy theorist....I think apple is submitting all these articles...
ButtonBoy said:
We need to develop a shim that reports modified IMEI/SIM data for different apps.
Click to expand...
Click to collapse
Great idea
The source code/instructions for TaintDroid are now out:
http://appanalysis.org/download.html
Anybody found a (recent) kernel with built-in TaintDroid-support?
Read full article here
What is your opinion?
Dont like it. I want my phone to be MY phone. My phone should work for me not google and not some mysterious random company. My private life should not be reduced to some advertising opportunity for a business. Why people accept this I do not know. It dosent matter if an XDA developer will find a way to stop it. It shouldn't be happening in the first place.
OK, so I'm a WM developer, not Android, but if the program turns on the GPS receiver, surely the GPS LED would givaway the fact that it has been triggered. On a Kaiser the right LED flashes orange every other GSM connection flash.
Alternatively, it could just grab the CellID from the GSM connection. Not as accurate, but it can still be used as a crude location pointer. In cities it is probably accurate to a couple of hundred metres.
As the article mentions, Google have a pretty strict policy on what apps can do with users data, but whether they are adhered to is another matter.
It would be quite difficult to stop it, if the Android equivalent of WM's 'GPSAPI.DLL' exists in ROM, as you can't modify it to overide any calls to the functions within it.
On android, it is not possible for a user application to ENABLE GPS (if it was turned off in settings). The only apps that can do so are those in /system, which requires root to write to, or the app to be installed on the ROM itself.
I personally leave GPS off all the time, and do actually read all permissions used before installing an app. In the past, I have actually decompiled applications and removed their GPS/location permissions and "spy code", but now I just use another app that doesn't need excessive permissions.
In Android, permissions do block access to both network location and GPS location, using separate permissions, so it's possible for an app to use network location, but not get access to gps. But I see no need for it, when IP address gives a country/very rough location (enough for a dev to know his/her user base's nationality demographics)
Really don't like that.
I pay for the phone, the bandwidth and the calls.
I do not to be harassed by people trying to sell me stuff on my own telephone, and I especially not want to give an anonymous company my own private data!
stephj said:
OK, so I'm a WM developer, not Android, but if the program turns on the GPS receiver, surely the GPS LED would givaway the fact that it has been triggered. On a Kaiser the right LED flashes orange every other GSM connection flash.
Alternatively, it could just grab the CellID from the GSM connection. Not as accurate, but it can still be used as a crude location pointer. In cities it is probably accurate to a couple of hundred metres.
As the article mentions, Google have a pretty strict policy on what apps can do with users data, but whether they are adhered to is another matter.
It would be quite difficult to stop it, if the Android equivalent of WM's 'GPSAPI.DLL' exists in ROM, as you can't modify it to overide any calls to the functions within it.
Click to expand...
Click to collapse
Unfortunately, on most Android devices you don't get the amber LED to indicate GPS usage. But as pulser_g2 has said, if you have GPS turnt off then only /system apps or root apps will be able to use it.
Pulser, what app do you use to check them out for malicious code?
incredulous said:
Unfortunately, on most Android devices you don't get the amber LED to indicate GPS usage. But as pulser_g2 has said, if you have GPS turnt off then only /system apps or root apps will be able to use it.
Pulser, what app do you use to check them out for malicious code?
Click to expand...
Click to collapse
I use apktool to disassemble the APK, then check the permissions inside AndroidManifest.xml.
Notepad2 used to view the smali code, and AstroGrep (windows) or just a recursive grep on linux, and I look for "http" and "location", since you'd be amazed what you find when recursively grepping the code for "http"
Let's just say I have found pages containing lists of authorised IMEIs for applications, I've found callback code to give a remote server information etc...
I tend to notify the developer if there is anything at issue like IMEIs... But often they do nothing
Get familiar with apktool, and learn to read smali, which is like intermediate java code, slightly more like machine code, but mainly like java...
As for what you do once identifying such an app, I suggest just not using it. It is possible to remove such callback code, but it's complex and much easier to use an alternative.
As the-equinoxe said, I own the phone, and therefore anything going on it has to obey MY rules. So regardless of what an app's license agreement says, my device has its own licence agreement, saying that "pushing an APK to this device via the market/gtalk service hereby provides consent for it to be disassembled and decompiled, and scrutinsed by geeks before installation..."
HTH
If you don't like it, then don't install the fart app that needs access to your GPS.
Any app that needs access to your location but doesn't have an obvious reason to do so is using it for advertising purposes.
Don't like it, don't use the apps. It really is pretty simple and it doesn't require you to decompile the app!
If your personal information is so private, don't give it away to someone who EXPLICITLY asks for it.
Any app that needs access to your location but doesn't have an obvious reason
Click to expand...
Click to collapse
Main problems are other types of apps. Apps that need access and then exploit it. For example a weather app needs internet to download weather and at the same time it can send bunch of personal data to it's developer, without user knowing it.
AFAIK there is no effective way to get rid of that problem, other than manually analyzing each application at the market.
Maybe solution would be a policy in Market that will require application to ask user before sending any personal data or else application gets banned from the market. But again it will require someone to check application manually if it's sending data.
I can see a solution that would work.
Android would need to use a UAC style prompt, saying "allow once or always", and same for deny. Like SuperUser apk does.
If an app couldn't use the permission without express approval, controlled by the individual intent or method/subroutine in use, you could easily see when an app was actually using a permission, and allow it one individual GPS reading.
The only problem with this? It would be really annoying for 99.9% of users, and ultimately there would be ways to cheat the system.
The above suggestion where apps request permission would work in an ideal world where every developer can be trusted implicitly.
But this is no ideal world, and even if it were on the scale of xda (few hundred apps), there would be no way to check it happened. And then it would be unenforced, and in my view, and unenforced rule is worse than no rule, since users would be led to believe it was enforced, and thus protecting them.
Bottom line? Trust nobody, write your own apps, and apktool everything. Until then, just be careful what apps you install and give GPS access to... don't use that third party weather app if you don't trust it...
Ok, I'm a Noob on here. I just got a Android phone & I am interested in various apps from the Android Market but when I read the permissions that most of the apps have listed as to what they can do to the phone and to your privacy I am quite concerned. Is this really an issue as people seem to download apps without worrying about what the app is or could do without your knowledge. I have searched on here & elsewhere & no one seems to be address the issue. Am I just being paranoid?
I have seen that a lot of these apps will prevent the phone or tablet from going into sleep mode, is this true?
Thanks hope I haven't stepped on any toes by asking this, but I can't seem to find anything on the subject. So far I have decided not to download much a select few apps.
Rebel60 said:
Ok, I'm a Noob on here. I just got a Android phone & I am interested in various apps from the Android Market but when I read the permissions that most of the apps have listed as to what they can do to the phone and to your privacy I am quite concerned. Is this really an issue as people seem to download apps without worrying about what the app is or could do without your knowledge. I have searched on here & elsewhere & no one seems to be address the issue. Am I just being paranoid?
I have seen that a lot of these apps will prevent the phone or tablet from going into sleep mode, is this true?
Thanks hope I haven't stepped on any toes by asking this, but I can't seem to find anything on the subject. So far I have decided not to download much a select few apps.
Click to expand...
Click to collapse
No worries, no toes are being stepped on.
I agree that the permissions required by apps can sometimes look worrying.
But the description is often misleading. Some times it just looks very intrusive but that permission is needed for something alot more simple. It's a broad topic.
Also alot of users are just not concerned by this or just go with the crowd.
Write the developer and ask him what the permissions are needed for, if his apps description is unclear on that or the permissions seem unrelated to the apps purpose.
When it says, prevents your device from sleeping, it is most likely used to prevent the screen from turning off or dimming while something is progressing on screen. It is also needed to ensure that the cpu finishes the current operation if you press the devices sleep button, so it doesn't stop at some random point which might lead to problems for the app.
If there is a specific app and its permissions you are worried you could just SEARCH and then make a thread and ask about it.
If rooted, search for "PDroid" on XDA to control permissions, or search for "Betterbatterystats" to find programs producing wakelocks and preventing deep sleep.
Sent from CDMA V6 SC GNexus w/Liquid & Franco.kernel
Aerocaptain said:
If rooted, search for "PDroid" on XDA to control permissions, or search for "Betterbatterystats" to find programs producing wakelocks and preventing deep sleep.
Sent from CDMA V6 SC GNexus w/Liquid & Franco.kernel
Click to expand...
Click to collapse
But then don't complain if the apps malfunction as a result of interferring with permissions or wakelocks.
Also this is kinda missing the question of the thread.
Dark3n said:
But then don't complain if the apps malfunction as a result of interferring with permissions or wakelocks.
Also this is kinda missing the question of the thread.
Click to expand...
Click to collapse
Trying to figure out how either of the options I listed does not address the concerns in the OP......
I think you should re-read the OP. Perhaps slower.
Betterbatterystats- used to indicate apps that are using wakelocks that prevent or interrupt deep sleep. Does nothing else. Does not stop them or even hinder them in any way. Its simply a tool to identify problem apps. How does that interfere with the apps themselves?
Pdroid-gives the ability to block (or regulate) unwanted actions from the apps specified by the user. Basically solves the permissions concern in the OP. And does not require root access to operate. The whole point of this software is to interfere with the users apps. If a program is looking into my contacts, I'd like to be able to stop it. If a downloaded app stops functioning because it wants access to my contacts for no discernable reason, delete the app. This app is only needed because of the plethora of greedy sometimes malicious developers releasing software that invades user privacy.
Rebel60, feel free to peruse these threads and see if either is the right fit for you.
http://forum.xda-developers.com/showthread.php?t=1357056
http://forum.xda-developers.com/showthread.php?t=1179809
Sent from CDMA V6 SC GNexus w/Liquid & Franco.kernel
Aerocaptain said:
Trying to figure out how either of the options I listed does not address the concerns in the OP......
I think you should re-read the OP. Perhaps slower.
Betterbatterystats- used to indicate apps that are using wakelocks that prevent or interrupt deep sleep. Does nothing else. Does not stop them or even hinder them in any way. Its simply a tool to identify problem apps. How does that interfere with the apps themselves?
Pdroid-gives the ability to block (or regulate) unwanted actions from the apps specified by the user. Basically solves the permissions concern in the OP. And does not require root access to operate. The whole point of this software is to interfere with the users apps. If a program is looking into my contacts, I'd like to be able to stop it. If a downloaded app stops functioning because it wants access to my contacts for no discernable reason, delete the app. This app is only needed because of the plethora of greedy sometimes malicious developers releasing software that invades user privacy.
Sent from CDMA V6 SC GNexus w/Liquid & Franco.kernel
Click to expand...
Click to collapse
How is viewing aquired wakelocks helping the OP understand what aquiring a wakelock does, and why the app did it? It's not about who, but what and why. Any type of wakelock an app aquires prevents deep sleep and a wakelock can not be used to interrupt a device that is in deep sleep.
Again the question was not about blocking permissions, but why some apps want all those permissions and why no one seems concerned with the obvious privacy issue.
While PDroid does not require root to operate, it does require it to be installed, so in the end it still needs a rooted device.
Why did you install an app that needs a worrying permission for no discernable reason anyways?
Thanks for the general developer insult. Developers really are the greediest folks *sarcasm* of them all.
Where did you take that from? How many developers of greedy apps did you ask about the permissions they request?
You can't really make that assumption as just a requested permission doesn't do anything at all by itself and what the app is actually doing with it, is unknown without sourcecode.
...and now i jumped aboard the off topic train, damn
In most cases, it does not matter why an app uses wakelocks. The fact that it does alone is important. It allows the user to identify the trouble app and either tinker with its settings to reduce the wakelock or delete it altogether if the app is not important to the user. Generally speaking, if I would like to maximize my battery endurance, the need to minimize wakelocks is a necessity. After several months of use, a user may not remember every setting he/she setup in their apps. Utilizing betterbatterystats, one could identify the apps that use short sync intervals such as email syncing every 15 minutes or weather syncing every 30 minutes and change them to longer sync periods which would dramatically decrease those pesky wakelocks and save some battery life. Both of those simple examples illustrate in general terms, how important knowledge of wakelocks could be to the battery hungry user. This of course is only one of many applications this program can be used for.
My Pdroid example, once again was a generic sample of the many ways app privacy is a concern. There are a ton of apps on the market that uses the internet even though the internet isn't needed to run the program. Yes more than not, the app is either varifying license files or uploading "anonymous user stats," however that is not all cases and users should be able to control that app and the information it transmits.
Finally, yes I looked up your information and noticed the developer notation and knew you would be offended by my developer comment. But I did not mean to insinuate that you were in that minority. I am unfamiliar with your work. Android is an open source platform and users should have full control over their devices. That is why I through those options out there. Anyone that disagrees with my full control statement should move to the iPhone and enjoy its closed platform.
Rebel60, I hope you find a way to fully utilize your device without fear of privacy infringement or apps that excessively deplete your battery. There are many people on XDA with a passion for these devices. And many different opinions. Take the time to evaluate your options and pick the right solution for you.
Sent from CDMA V6 SC GNexus w/Liquid & Franco.kernel
Aerocaptain said:
In most cases, it does not matter why an app uses wakelocks. The fact that it does alone is the issue. Generally speaking, if I would like to maximize my battery endurance, the need to minimize wakelocks is a necessity. After several months of use, a user may not remember every setting he/she setup in their apps. Utilizing betterbatterystats, one could identify the apps that use short sync intervals such as email syncing every 15 minutes or weather syncing every 30 minutes. Both of those simple examples illustrate in general terms, how important knowledge of wakelocks could be to the battery hungry user. With that knowledge one could change their sync intervals and save precious battery life.
Click to expand...
Click to collapse
True, it would definitely help a user identifying battery drainers and in those cases it does not matter why the wakelock was aquired if it is what causes the drain. But the question was not about batteries, but about what/why wakelocks are and the description of the wakelock permission itself.
While BetterBatteryStats being a great tool, it does not answer that question. (Hence my offtopic remark)
Aerocaptain said:
My Pdroid example, once again was a generic sample of the many ways app privacy is a concern. There are a ton of apps on the market that uses the internet even though the internet isn't needed to run the program. Yes more than not, the app is either varifying license files or uploading "anonymous user stats," however that is not all cases and users should be able to control that app and the information it transmits.
Click to expand...
Click to collapse
While bug reports or anonymous statistics are one part of it, i think most of the internet permission needs come from ads that are displayed. I don't use ads, so i'm a bit unfamiliar on that topic.
If solely googles licensing service is used, the internet permission is not needed, just the 'CHECK_LICENSE' permission (which is an extra permission just for that purpose).
It is also often used to update the welcome dialogs with news, if a dev does not want to release a new version everytime he wants to tell his users something.
Aerocaptain said:
Finally, yes I looked up your information and noticed the developer notation and knew you would be offended by my developer comment. But I did not mean to insinuate that you were in that minority. I am unfamiliar with your work. Android is an open source platform and users should have full control over their devices. That is why I through those options out there. Anyone that disagrees with my full control statement should move to the iPhone and enjoy its closed platform.
Click to expand...
Click to collapse
I'm not denying that there are greedy and or malicous devs out there. It was the 'plethora of greedy sometimes malicious developers' that threw me a bit off. I see you meant it differently, as you wrote 'in that minority'. As english is not my main language, i might have understood it a bit too harsh too .
Most of my work falls into the 'Tools' category, if you have question about them (or the permissions ), write me a PM.
I fully agree that everyone should have full control over their devices and i also think that users should have the possibility of choice (i.e. apple selecting apps that are published vs androids more or less freedom of apps, though one might have to sort through a 'plethora' of useless apps, i wouldn't trade it for apples store).
[I needed all those big quotes to reflect what i'm responding to as you seem to edit your posts alot after you made the. Makes it a bit difficult to answer ]
Thanks
Dark3n said:
No worries, no toes are being stepped on.
I agree that the permissions required by apps can sometimes look worrying.
But the description is often misleading. Some times it just looks very intrusive but that permission is needed for something alot more simple. It's a broad topic.
Also alot of users are just not concerned by this or just go with the crowd.
Write the developer and ask him what the permissions are needed for, if his apps description is unclear on that or the permissions seem unrelated to the apps purpose.
When it says, prevents your device from sleeping, it is most likely used to prevent the screen from turning off or dimming while something is progressing on screen. It is also needed to ensure that the cpu finishes the current operation if you press the devices sleep button, so it doesn't stop at some random point which might lead to problems for the app.
If there is a specific app and its permissions you are worried you could just SEARCH and then make a thread and ask about it.
Click to expand...
Click to collapse
Thanks for the answer. I think this best answers what I was concerned about. A lot of apps say that they can dial numbers in your contacts, alter settings, and a lot of other things that make me hesitant to download the app.
My phone is not rooted, although I would like for it to be, but am afraid I will brick it if I don't do something right. I don't know anything about wavelocks etc.
Rebel60 said:
Thanks for the answer. I think this best answers what I was concerned about. A lot of apps say that they can dial numbers in your contacts, alter settings, and a lot of other things that make me hesitant to download the app.
My phone is not rooted, although I would like for it to be, but am afraid I will brick it if I don't do something right. I don't know anything about wavelocks etc.
Click to expand...
Click to collapse
Whether your new to android or a veteran, XDA has all of the information you'll need to educate yourself. Rooting is not for everyone and should only be attempted by someone comfortable with the process. It does however open huge doors to more control and customization with your device. My advice to you is first get to know the Android platform for a few months. In the meantime do some research and see for yourself the pros and cons of rooting. There are dozens of threads with people that are in the same situation as you. Learn from them and talk with them. If you have a direct question about android, feel free to PM me. I'd be more than happy to help in any way I can. Good luck & enjoy your device.
Sent from CDMA V6 SC GNexus w/Liquid & Franco.kernel
Rooting is pretty simple if you invest some reading time. Just make sure to search alot before asking .
Also be aware that giving an app root access is equivalent to granting every possible permission there is and more.
I'm sure most users are not fully aware of that.
So allowing an app root access is a huge trust investment in the dev, don't do it for fishy looking apps .
Read the description
Try reading through the apps full description. A lot of developers will explain why their app needs those scary sounding permissions.
If they don't explain, you could always contact the developer (seems almost like google requires app listings to include a 'contact the developer' link somewhere).
Why some apps ask permissions to access Location, Contacts, Camera, Logs, Mic, even if the dont use it or need it??
ouefcoque said:
Why some apps ask permissions to access Location, Contacts, Camera, Logs, Mic, even if the dont use it or need it??
Click to expand...
Click to collapse
They are either malicious, being run on an older version of android, or the developer just chose to put them there (even though you think they may not be used, they actually are even though the app may not seem to need them - be cautious and aware).
Either that or the developer is just lazy. They might have just ticked all the boxes to get the app working and then not bothered to go back and clean up their mess
A little long-winded but..... I like a widget on my desktop to show what is coming up on my calender. Seems simple to me but when I install the widget it informs (scares) me that it has permission to read/alter information on all my calenders, read all my contact info, and change information on my contacts calenders. Seems more than excessive to me but by searching more on these forums I'm learning:
1) Apps/widgets can require further reaching controls than I 'would like them to have' for tasks with the features I want. So I am really trusting the developer of the app to be careful with the permissions I grant them.
2) Which developers I choose to trust. Here I rely on trusting the masses and reading reviews from informed, more experienced people than I.
I'm still newer to Android and today realized the permissions that apps request. Before I was quick to just accept & go. I was about to install an app that is requesting a LOT of permissions. Phone calls, hardware controls (pics/vids at any time), and network communication (SMS I believe). My questions are simple.
1. Do certain custom mods, like Synergy? Do some mods already implement certain things into itself to disable some of these features? I understand this is a mod-by-mod basis if so. Does Synergy do anything to disable this crap, anybody know?
2. How worried do I have to be about this? Will the app literally take pics and send them out without my knowledge? Or is it only the pics I take it can send out? How does this work?
3. Which of the permissions that apps request do I really need to keep an eye on and watch out for? AKA, what could take info/pics that I dont want it to?
4. Is Anti-Virus software REALLY necessary since I'm all rooted and such? I read articles saying it's useful and others saying it doesn't even provide much protection, and the chance to get something is quite rare if you only use google play/android market?
Thanks in advance for any and all help. I ditched Apple and AT&T for this thing, and with it being rooted, I am unbelievably happy I made the switch to both VZW and the S3! AWESOME phone, screen size, and customization!
Edit: Posted wrong forum....Shoulda been Q&A forum. Devs plz move.
1. Not sure. I haven't played with synergy.
2. What kind of app is it? This is huge into what kkind of permissions it needs. If its a live wallpaper app it shouldn't be asking to be able to read your contacts or send SMS. You just gotta think what does this app do and why does it need this permission. A launcher app like Apex or Nova needs A LOT of permissions. To be able to make calls and send SMS and work the camera as a launcher can do all of those. Does a game need the ability to do that though? No. It may ask to read your contacts so it can share crap with your friends though. It can be hard when you look at permission apps ask for to decide it its legit or not. If you can't decide just don't download.
I try to only download hugely popular apps that I know aren't malware. If its got over 100k downloads chances are it is a safe app.
Permissions are tricky and until you realize all an app can do you wont understand why it wants to do some things. It took me a good year of downloading apps and reading about things toto get a great grip on permissions.
The biggest thing is common sense. What does the app do and why should it need this permission. An SMS app needs permission to the camera and to send SMS that cost money and read your phone book and such. But if I download a live wallpaper or a weather widget...why would they need such abilities. That should raise a HUGE red flag. Anytime you see "can send SMS that may cost you money" in permissions try to figure out why it needs that. Cause the last thing you want is to DL it and tomorrow have $600 in txt fees.
I don't believe in anti virus on my phone. Yeah you can get em and some love em. But really. If you just use common sense and don't download suspicious things you shouldn't need one. I refer back to only download trusted apps. If it has less the 1k downloads. Be wary. It may be a new app that a dev just launched. Or it could be a reason for the lack of downloads. Look at reviews ALWAYS. Yes many are from morons. But some are helpful. Also if you want a popular game go straight to the devs for it in the market. Many times bogus apps are posted that spoof popular apps like angry birds. Download the one with millions of downloads. Not the one with a thousand.
The more you use your device the more you'll understand. I download plenty of apps from XDA with very few downloads in the market and have been safe. But this comes from knowing and trusting a developer. That's why these forums rock. You can get in on an app in its infancy and help test it and make it grow.
--Sent from GlaDos baked potato
Google is eventually going to have to step in and put a stop to this, but more and more apps are requesting permissions that they have no business requesting. It is unfortunate, especially when the intrusive app is one you would like to have.
I choose to completely disregard any app that asks for permissions it is obvious it doesn't need. The exception being internet access for ads, as incorporating ads into an app can be a legitimate way for an app developer to generate revenue. (And the unsightly ads can be removed with an ad blocker like AdAway, so it's kind of a win-win).
However, if there is an app that you just "need" to download or would just like better control of your phone, you could download an app called "Permissions Denied." This app let's you decide what permissions are granted to each app.
i use LBE Privacy Guard to help manage my permissions. You can mark certain apps as trusted and deny specific permissions for other apps. Also lets you know when a specific app is trying to access certain functions. Only had it for a couple days but liking it so far.
i used to run an anti-virus, AVG to be specific, but after a while just decided to get smarter about what i install and have been going without one.