Decided to read the permissions my apps grant more closely since I installed some with black?nd trust because I had them on my iPhone.
As you would expect many of these apps such as Pandora had quetionable permissions, ie pandora can send emails anonymously from your device, I'm rooted and all that good stuff so I'm looking for a way to maybe block certain app permissions.
Sent from my MB860 using XDA App
ertDeath said:
Decided to read the permissions my apps grant more closely since I installed some with black?nd trust because I had them on my iPhone.
As you would expect many of these apps such as Pandora had quetionable permissions, ie pandora can send emails anonymously from your device, I'm rooted and all that good stuff so I'm looking for a way to maybe block certain app permissions.
Sent from my MB860 using XDA App
Click to expand...
Click to collapse
LBE Privacy.
It's free and shows the specific permissions that apps ask for, and you can accept, reject, or prompt for use when they're requested. I like the prompt option because you can see that most apps don't actually use the permissions they've included. They're probably packages that are included in development for 1 or 2 functions that are completely harmless, but the packages include things that do require permissions. Hence, you need to be told about it.
Only thing about LBE that gets annoying is that it needs you to update permissions for EVERY app that gets updated. I still stick with it though because it is nice to know what's going on with your apps.
Couldn't recommend it enough.
https://market.android.com/details?id=com.lbe.security&feature=search_result
Not sure if any of you ever heard of ngmoco's Plus+ game social network on iPhone, well they were bought out by a japanese company who owns "Mobage", a mobile game network in Japan.. Now they're releasing games on Android, but every single one of their apps has every permission in the book, & they give no explanation for any of them.
Now I'd normally stay away, but they have one game I loved on iOS, Pocket Frogs, here's a link; http://0.mk/72868 check out the permissions tabs.
Is it safe? Is there any way to block all permissions in an app or disable them??
Thanks.
TL;DR, remove app permissions?
I clicked on it and the permissions they have in there now seem normal actually. Except for this one:
Allows an application to read all of the contact (address) data stored on your device. Malicious applications can use this to send your data to other people.
It looks like they might have removed quite a bit of the permission requests because in the reviews people were saying it requests "super user access" and stuff like that but when I read the permissions, that one isn't listed anymore.
Yeah, that's the one that bothered me the most, but hardly any of those are required for the app to run, it's just unnecessary & annoying for a game to have that many permissions
Is there any way to remove its permission to read contact data?
That app also requested SU access on my phone. I denied it and then immediately removed the app. There is no reason that game should require SU access.
There is a handy linux tool to list permissions that an APK uses via commandline called scanperms. I use it to check out what an app uses before installing.
URL is hxxp://tinyurl.com/cvo6dqw
Hello.
You download an app, it gives you a big list of what permissions it wants, and you can either agree to it or not use the app...
Is there someway of limiting those permissions? Or provide fake permissions?
Like in most iphone apps you can choose if you want to allow gps, contacts, etc.
I am searching for an app thats will limit those permissions prior to installing it. Won't do me any good if I want to deny contacts access but I do it after its already taken it.
Cheers and thanks
P.S. I'm using a rooted LG G2 d802 with android 4.4.2
I don't think it's possible, even Google's last Play Store update doesn't reveal every single permission when you update stuff, dunno if this limitation affects it or no.
You can use "app ops" (search for it in google play). It is a hidden menu from android os. Obviously it works after installation (iOS works the same, you first install the app and later you decide which permission accept/deny).
PoOoZaQ said:
Hello.
You download an app, it gives you a big list of what permissions it wants, and you can either agree to it or not use the app...
Is there someway of limiting those permissions? Or provide fake permissions?
Like in most iphone apps you can choose if you want to allow gps, contacts, etc.
I am searching for an app thats will limit those permissions prior to installing it. Won't do me any good if I want to deny contacts access but I do it after its already taken it.
Cheers and thanks
P.S. I'm using a rooted LG G2 d802 with android 4.4.2
Click to expand...
Click to collapse
Try to search "3c toolbox" in Google.
This app has many integrated tools within it.
You can change permission also.
Good luck
Hi guys
I recently purchased a Elephone S3 from Everbuying.com. I heard people talking about how notorious these Chinese phones are having malware installed on them, so I decided to give the malware check a go and use about 10+ popular Malware detection apps (Avast, Kaspersky, Avira, Trojan Killer, you name it) currently available on Play Store.
Out of all those, excluding warnings that doesn't really matter in this regards (Malware specific), the below two apps gave me those respective warning results.
I have done some research, but i don't think I found any relevant info in this regards. So, for all the guru out there, the question is obvious, should I be worried about these "non-deletable" apps (if not rooted)? If they ARE malicious, can I be worried free by turning off ALL permissions for the apps and in some case, disable the app (I can disable the Beauty Center, not ELE Launcher).
Thanks to you all for any input!
Malwarebytes Anti-Malware
App - Beauty Center
Message - Android/PUP.Riskware.Cooee.a
App - ELE Launcher
Message - Android/PUP.Riskware.Cooee.H
Stubborn Trojan Killer
App - Beauty Center
Message - General Trojan
App - ELE Launcher
Message - General Trojan
bagachin said:
Hi guys
I recently purchased a Elephone S3 from Everbuying.com. I heard people talking about how notorious these Chinese phones are having malware installed on them, so I decided to give the malware check a go and use about 10+ popular Malware detection apps (Avast, Kaspersky, Avira, Trojan Killer, you name it) currently available on Play Store.
Out of all those, excluding warnings that doesn't really matter in this regards (Malware specific), the below two apps gave me those respective warning results.
I have done some research, but i don't think I found any relevant info in this regards. So, for all the guru out there, the question is obvious, should I be worried about these "non-deletable" apps (if not rooted)? If they ARE malicious, can I be worried free by turning off ALL permissions for the apps and in some case, disable the app (I can disable the Beauty Center, not ELE Launcher).
Thanks to you all for any input!
Malwarebytes Anti-Malware
App - Beauty Center
Message - Android/PUP.Riskware.Cooee.a
App - ELE Launcher
Message - Android/PUP.Riskware.Cooee.H
Stubborn Trojan Killer
App - Beauty Center
Message - General Trojan
App - ELE Launcher
Message - General Trojan
Click to expand...
Click to collapse
go ahead and disable Beauty Center, as far as ELE Launcher, that seems legit. But if you don't like it, just replace it with something like Nova Launcher.
mattzeller said:
go ahead and disable Beauty Center, as far as ELE Launcher, that seems legit. But if you don't like it, just replace it with something like Nova Launcher.
Click to expand...
Click to collapse
Hi mattzeller, thanks heaps for the info! This might not be a good question, but just for my information, generally speaking, is there a way to distinguish between a real harmful malware (actively stealing personal info) and an app that has more access and integration to the phone's OS than others by looking at the information provided? In other words, is there any obvious give away sign?
Thanks again for the help!
bagachin said:
Hi mattzeller, thanks heaps for the info! This might not be a good question, but just for my information, generally speaking, is there a way to distinguish between a real harmful malware (actively stealing personal info) and an app that has more access and integration to the phone's OS than others by looking at the information provided? In other words, is there any obvious give away sign?
Thanks again for the help!
Click to expand...
Click to collapse
Well look at reviews of the app, see if it is installing other apps without your consent, or constantly nagging you to download other apps. Generally 99.99% of apps on Google play are safe. Occasionally some crapware gets on there, but if you take a look at its rating and reviews (not just the highlights) you should be good.
Sent from my SCH-R220
bagachin said:
Hi mattzeller, thanks heaps for the info! This might not be a good question, but just for my information, generally speaking, is there a way to distinguish between a real harmful malware (actively stealing personal info) and an app that has more access and integration to the phone's OS than others by looking at the information provided? In other words, is there any obvious give away sign?
Thanks again for the help!
Click to expand...
Click to collapse
Always check the apps permissions. I absolutely refuse to install an app that has permissions that it shouldn't be using. However, if the app you're about to download needs permissions related to the app features, that's OK with me.
I see so many Play Store apps that are just total spyware in my book. Flashlight apps are a good example of this. There is zero reasons a flashlight app needs to read my contacts or a data connection. Just be mindful of reviews and permissions and you'll be OK.
KernelCorn said:
Always check the apps permissions. I absolutely refuse to install an app that has permissions that it shouldn't be using. However, if the app you're about to download needs permissions related to the app features, that's OK with me.
I see so many Play Store apps that are just total spyware in my book. Flashlight apps are a good example of this. There is zero reasons a flashlight app needs to read my contacts or a data connection. Just be mindful of reviews and permissions and you'll be OK.
Click to expand...
Click to collapse
I don't worry about apps with excessive permissions, I just revoke the permissions I don't like.
Sent from my SCH-R220
mattzeller said:
I don't worry about apps with excessive permissions, I just revoke the permissions I don't like.
Click to expand...
Click to collapse
That's the best way to do it.
I do the same thing, but I see lots of people posting here that aren't too tech savvy. For them be mindful of what you download.
mattzeller said:
Well look at reviews of the app, see if it is installing other apps without your consent, or constantly nagging you to download other apps. Generally 99.99% of apps on Google play are safe. Occasionally some crapware gets on there, but if you take a look at its rating and reviews (not just the highlights) you should be good.
Sent from my SCH-R220
Click to expand...
Click to collapse
Thanks for the advice. Yes, I am aware that common source/cause of malwares are side load apps and rooted device. So I am always fairly cautious about any apps i installed via non-play store source. However, these two caught apk are installed right out of box. That kinda annoys me. I don't jump on the bandwagon and say Chinese phones are infested with malwares and I believe a lot of the time people just over exaggerate and blow some minority out of proportion.
However, the truth is, this is the first Chinese phone I got and it came with two identified malwares. To be fair, it might not be particularly malicious, but it's enough to make me have second thought about my purchase....
KernelCorn said:
Always check the apps permissions. I absolutely refuse to install an app that has permissions that it shouldn't be using. However, if the app you're about to download needs permissions related to the app features, that's OK with me.
I see so many Play Store apps that are just total spyware in my book. Flashlight apps are a good example of this. There is zero reasons a flashlight app needs to read my contacts or a data connection. Just be mindful of reviews and permissions and you'll be OK.
Click to expand...
Click to collapse
Thanks for the comment! Yes, I am quite careful about the app I get to choose to install, but I have little control over these apps that come pre-installed on these chinese phone and got detected as "malwares"
mattzeller said:
I don't worry about apps with excessive permissions, I just revoke the permissions I don't like.
Sent from my SCH-R220
Click to expand...
Click to collapse
Yap, what I did for those two apps I mentioned are turning off all permissions access to them, disable app for the one I can and turn off background data access. Hopefully it will freeze them for good and stop them from playing naughty.
Just a question though, say I do all those above (e.g. switching off permission, force stopped etc), technically speaking, can a malware still be "active and do what they "meant" to do"? I meant after all, they are meant to do something "out of control" right?
bagachin said:
Yap, what I did for those two apps I mentioned are turning off all permissions access to them, disable app for the one I can and turn off background data access. Hopefully it will freeze them for good and stop them from playing naughty.
Just a question though, say I do all those above (e.g. switching off permission, force stopped etc), technically speaking, can a malware still be "active and do what they "meant" to do"? I meant after all, they are meant to do something "out of control" right?
Click to expand...
Click to collapse
No, if you revoke the permission to view your contacts, it is the system that is blocking the apps ability to view your contacts.
Though I think you are being a little paranoid.
Everyone freaks out out all the permissions apps require, when the app actually never uses most of the permissions it asks for, at least not in the way you think. You wouldn't think the launcher needs permissions to access your contacts, but it does. How else is it going to allow you to make a call, or display an incoming all, or missed call/text badges.
I mean take a look at the litany of permissions Nova Launcher and TeslaUnread require, yet we all know the app is not malware. As long as you install from legitimate sources, you will be fine. Like I said in my first post, disable the Beauty app, the other is the Launcher. If you don't like it, install a different one.
Sent from my SCH-R220
Who would you rather have snoop in on your calls? China, or USA.. Because it is one or the other.. me personally, I will take the country in which I do not reside...
mattzeller said:
No, if you revoke the permission to view your contacts, it is the system that is blocking the apps ability to view your contacts.
Though I think you are being a little paranoid.
Everyone freaks out out all the permissions apps require, when the app actually never uses most of the permissions it asks for, at least not in the way you think. You wouldn't think the launcher needs permissions to access your contacts, but it does. How else is it going to allow you to make a call, or display an incoming all, or missed call/text badges.
I mean take a look at the litany of permissions Nova Launcher and TeslaUnread require, yet we all know the app is not malware. As long as you install from legitimate sources, you will be fine. Like I said in my first post, disable the Beauty app, the other is the Launcher. If you don't like it, install a different one.
Sent from my SCH-R220
Click to expand...
Click to collapse
Unfortunately the way things are with the permissive Android system, we have to be a little paranoid. The built in system apps like launchers and permissions can't be disabled easily unless the user is technical enough to know about rooting using apps like xposed/xprivacy.