What are the best ways to monitor what permissions apps use? I know xprivacy monitors permission usage in real time, app ops seems to track actual permission usage and you can check the manifest to see what's asked for (but not used) what are the other methods?
nutpants said:
What are the best ways to monitor what permissions apps use? I know xprivacy monitors permission usage in real time, app ops seems to track actual permission usage and you can check the manifest to see what's asked for (but not used) what are the other methods?
Click to expand...
Click to collapse
You should have xposed framework/magisk modules installed
download xprivacy, and set it to limit all
whenever an app asks for permission , xprivacy will pop up and ask whether to grant or deny
does consume some battery though
SD Maid (app control)
Do you recommend being rooted or not?
Related
Like to know if there is a program that can let me change the permissions for each application individual. For example when i install angry birds to let me choose, at the installation or after the setup, not to let it connect to internet or access my phone calls etc.
A quick search in the playstore shows an app called permissions denied. Root access is required and states that it does not work on all devices.
This one is not on the app store. Google an app called Lucky Patcher.
Just run the app, it will list all the installed apps you have, tap the app you want to change permissions for, select Open Menu of Patches, select Change Permissions, select the permissions you wish to change, reboot.
Believe you need root for this.
At the first two days that i bought the tf300 i installed and uninstalled many applications. And one of them had a feature to control the permissions on all the installed apps of the tf300. And i can't remember whta app was to install it again.
Found it
Ok thanks for the Help. Finally it was lucky patcher i was looking, but the Permissions denied app that the other guy suggested me, was fine too.
Thanks again.
I use LBE Privacy Guard and think its the best app to change permissions.
Every time i installed app it ask my to change permissions.
You can also stop send anonymus usage and error report.
DROIDWALL is a firewall that limits network traffic.
You can use white lists (disallows all programs, you select which you want to communicate) or black list (allows all programs, you select which to not communicate).
You need root to use this program.
It's in the Play store.
I'd like to pone a privacy problem.
In Android ,installed apps require permissions to operate. Permissions to access the Phone Id (also the IMEI) or the position of the device or the access to your calls seem very common in most apps on the market.
Permission for the position seems ok for a Gps navigation program but also for an alarm clock? Where do they sent my data and what use they do?
I use LBE privacy guard but it is enough?
what do you think?
Toriko said:
I'd like to pone a privacy problem.
In Android ,installed apps require permissions to operate. Permissions to access the Phone Id (also the IMEI) or the position of the device or the access to your calls seem very common in most apps on the market.
Permission for the position seems ok for a Gps navigation program but also for an alarm clock? Where do they sent my data and what use they do?
I use LBE privacy guard but it is enough?
what do you think?
Click to expand...
Click to collapse
are you a thief?? :laugh:
Most of the permissions are for ads bases on location
Batcom2
xxXismakillXxx said:
are you a thief?? :laugh:
Click to expand...
Click to collapse
No, but I'm thinking about it. Seriously, have you ever wonder why you get web searches, translations and other services for free and yet the companies that handle the sites are billionaires? Because they sell your personal data and your commercial preferences to other companies without your permission. Think about it when you post your personal data on the web.
zelendel said:
Most of the permissions are for ads bases on location
Batcom2
Click to expand...
Click to collapse
I'm not so sure about that. However if I buy an ad free app , there shouldn't be any ads. And why an alarm clock need my phone id and can access my call log? It's fishy.
Toriko said:
I'd like to pone a privacy problem.
In Android ,installed apps require permissions to operate. Permissions to access the Phone Id (also the IMEI) or the position of the device or the access to your calls seem very common in most apps on the market.
Permission for the position seems ok for a Gps navigation program but also for an alarm clock? Where do they sent my data and what use they do?
I use LBE privacy guard but it is enough?
what do you think?
Click to expand...
Click to collapse
Rule of thumb: Every app that asks for unique device numbers, location and a backchannel does so because it contains advertisement. Advertisers simply love to track customers and find out as much as possible about them in order to deliver ads that actually result in a sale (contrary to popular belief, they don't do that just to annoy the crap out of everyone).
Personally, I don't use LBE privacy guard. I haven't seen the source and that pretty much means it is as much a blackbox as the apps, it is suppose to protect me from. For me, rooting and installing a firewall to simply block the backchannel does the trick.
If u filter out apps for their permissions, u will have nothing but the system apps left on the phone! even I used to check permissions b4 downloading at the beginning. Then as I downloaded a lot of apps i was lazy enough to give a dang to wat permissions the app wants! just see through the comments (reviews) to know if there are any issues with the app! That's it.! And nowadays the app developer tries to explain the reason for each permission the app asks for. So sooner all apps are gonna be explaining their permissions! (hopefully)
zelendel said:
Most of the permissions are for ads bases on location
Batcom2
Click to expand...
Click to collapse
This is true although some use it to collect app usage information for the purpose of improving the app. Unfortunately, it can be difficult to determine exactly why a particular permission is requested.
onyxbits said:
Personally, I don't use LBE privacy guard. I haven't seen the source and that pretty much means it is as much a blackbox as the apps, it is suppose to protect me from. For me, rooting and installing a firewall to simply block the backchannel does the trick.
Click to expand...
Click to collapse
Installing a firewall won't solve the problem, because you can't stop apps that need connection : together with the access to the net they send your data. LBE allows the access for the app but block the transmission of your id together with other data.
Anyway LBE also works as a firewall. There's another app that works the same way (Pdroid) but supports only Gingerbread.
I'm using XPrivacyLua to manage and restrict applications on Android 7 and 8 but I was wondering if an app ops manager won't suffice on Android 10 and newer? I want full control over the permission an application requests not just the list Google considers dangerous.
I have found two potential candidates App Ops and Permission Manager X that looks like they should be able to do the job but how do they compare with one another and XPrivacyLua?
App Ops requires that you install either Shizuku or Island that will provide it with access to the system whereas Permission Manager X uses ADB over a TCP connection.
Can anyone provide some information in this regard?
A possible solution is to use both : a permission manager (using App Ops services) and a privacy manager (XPrivacyLua).
Sometimes, a permission manager can break an app so you should use a privacy manager to avoid it. But when it doesn't, use a permission manager.
But it remains a question. What is the best permission manager ?
App Ops is popular but it contained ads.
There is also Permission Manager X and AppOpsX, both on F-Droid and without any ads.
But i do not know which one is the best.
XPrivacyLua is the most capable perhaps. It requires XPosed framework, which was late for Android11 so i switched to AppOps. Also, EdXposed doesn't work for me, and LSPosed does require selecting target apps manually. Not sure if it's still the case now, but that was the second reason of switching.
AppOps needs Magisks Sui plugin so its "availability" is higher. It's paid like XPrivacyLua Pro. It hides device ids and phone numbers, and enforces basic permissions for careless users, which is suffiicient for me. The issues:
phone is very sluggish phone when it's "recovering configuration"
the backup skips system apps which is incredibly unhelpful
AppOpsX is too old and therefore inactive.
PermissionManagerX is what i'm going to test now, thanks for the info.
Author of Permission Manager X here. You may find this link helpful:
How does PMX compare to XPrivacyLua? Can they replace each other?
I ended up using Permission Manager X since I didn't want to root the device.
Hi there,
I am a newbie with Android and smart phones.
As an old-school tech, from Windows 3.0 to Gnu/Linux, I want for long time avoid all GAFAM stuff and keep a bit of privacy and security.
I came across the Exodus site and try to find app with zero tracker and minimum permission.
Do you care about that?
Do you use FOSS apps?
Do you have a list of usual apps that fulfill your need AND privacy?
Any help, advise, list of apps (browser, messaging, files management, maintenance, ...) are welcome.
Thank you
IMHO it doesn't matter where you fetch apps from: F-Droid, Google Play Store, etc.pp.
Apps typically request normal premissions and dangerous permissoins.
Dangerous persmissions are
READ_CALENDAR
WRITE_CALENDAR
CAMERA
READ_CONTACTS
WRITE_CONTACTS
GET_ACCOUNTS
ACCESS_FINE_LOCATION
ACCESS_COARSE_LOCATION
RECORD_AUDIO
READ_PHONE_STATE
READ_PHONE_NUMBERS
CALL_PHONE
ANSWER_PHONE_CALLS
READ_CALL_LOG
WRITE_CALL_LOG
ADD_VOICEMAIL
USE_SIP
PROCESS_OUTGOING_CALLS
BODY_SENSORS
SEND_SMS
RECEIVE_SMS
READ_SMS
RECEIVE_WAP_PUSH
RECEIVE_MMS
READ_EXTERNAL_STORAGE
WRITE_EXTERNAL_STORAGE
and only become activated if user clicks ALLOW to them: so it's on user what permissions can be used by an app.
So-called normal permissions get allowed by default without any user interaction.
jwoegerbauer said:
and only become activated if user clicks ALLOW to them: so it's on user what permissions can be used by an app.
So-called normal permissions get allowed by default without any user interaction.
Click to expand...
Click to collapse
I you sure only normal permissions get allowed by default without any user interaction? and where can I separately allow or deny them? Is there a place where all these permissions are explained and what I'll block in the app when denied?
What about tracker? Is it possible to deactivate them?
I think trackers are more intrusive than permissions. Am I right?
MrNice said:
I you sure only normal permissions get allowed by default without any user interaction? and where can I separately allow or deny them? Is there a place where all these permissions are explained and what I'll block in the app when denied?
What about tracker? Is it possible to deactivate them?
I think trackers are more intrusive than permissions. Am I right?
Click to expand...
Click to collapse
Yes, only normal permissions get allowed by default, the apps will ask for the rest of them and you can deny them if you want. Also the only way to disable trackers is with aurora appwarden or trackercontrol, but sometimes the apps with disabled trackers could crash.
@MrNice
an app only can track you if it has the related Android permission granted to do so.
The Penguin said:
Also the only way to disable trackers is with aurora appwarden or trackercontrol,
Click to expand...
Click to collapse
jwoegerbauer said:
an app only can track you if it has the related Android permission granted to do so.
Click to expand...
Click to collapse
Hummm, for me, these 2 sentences look like an oxymoron.
Could you explain?
My last 2 cents here:
An app doesn't have trackers, it only has granted permissions, but an app may behave as tracker - where it doesn't matter whatever it will track - if it got granted the related permissions.
Have a nice day.
I use Karma Firewall to log/see what's accessing the internet and block it if needed.
Many don't need internet access to be functional.
Some of the worst offenders I uninstalled.
Gookill is the worst offender, I keep Google play Services and Playstore disabled 99% of the time.
Some freeware apps are perfect. They do nothing except what they're suppose to do and never attempt internet access; keepers.
When we deny/ block certain permissions to apps, how does Android (or iOS) enforce this?
There are two ways of enforcing this setting:
1. System tells the app not to ask for the permission because the user has denied it.
2. App keeps trying to access the particular permission, and the system continuously blocks it.
For example, if we deny location permission to an app, does the app no longer request location access, or does it keep trying to access location and system keeps blocking it?
If method 1 is how it works (and I doubt it), it would be great for performance and battery life.
If method 2 is how it works (and I think this is how it works), then the app would likely continue to drain battery even more than what it would if the permission was granted.
Can someone explain how this works?
Thanks.
TheMystic said:
When we deny/ block certain permissions to apps, how does Android (or iOS) enforce this?
There are two ways of enforcing this setting:
1. System tells the app not to ask for the permission because the user has denied it.
2. App keeps trying to access the particular permission, and the system continuously blocks it.
For example, if we deny location permission to an app, does the app no longer request location access, or does it keep trying to access location and system keeps blocking it?
If method 1 is how it works (and I doubt it), it would be great for performance and battery life.
If method 2 is how it works (and I think this is how it works), then the app would likely continue to drain battery even more than what it would if the permission was granted.
Can someone explain how this works?
Thanks.
Click to expand...
Click to collapse
The first one if it's update to support the current SDK. App comunicate a request system-level (permission) and ask you to choose.
Granting / revoking permissions is done at app's level and controlled / noted by Android OS:
Permissions on Android | Android Developers
developer.android.com
Keep in mind that once an app has permission to use something, it can do so whenever it wants. While an app might have a legitimate reason for accessing your location, it could also check your location in the background every so often and send that data to advertisers - what will drain battery, of course.