Hi there,
I am a newbie with Android and smart phones.
As an old-school tech, from Windows 3.0 to Gnu/Linux, I want for long time avoid all GAFAM stuff and keep a bit of privacy and security.
I came across the Exodus site and try to find app with zero tracker and minimum permission.
Do you care about that?
Do you use FOSS apps?
Do you have a list of usual apps that fulfill your need AND privacy?
Any help, advise, list of apps (browser, messaging, files management, maintenance, ...) are welcome.
Thank you
IMHO it doesn't matter where you fetch apps from: F-Droid, Google Play Store, etc.pp.
Apps typically request normal premissions and dangerous permissoins.
Dangerous persmissions are
READ_CALENDAR
WRITE_CALENDAR
CAMERA
READ_CONTACTS
WRITE_CONTACTS
GET_ACCOUNTS
ACCESS_FINE_LOCATION
ACCESS_COARSE_LOCATION
RECORD_AUDIO
READ_PHONE_STATE
READ_PHONE_NUMBERS
CALL_PHONE
ANSWER_PHONE_CALLS
READ_CALL_LOG
WRITE_CALL_LOG
ADD_VOICEMAIL
USE_SIP
PROCESS_OUTGOING_CALLS
BODY_SENSORS
SEND_SMS
RECEIVE_SMS
READ_SMS
RECEIVE_WAP_PUSH
RECEIVE_MMS
READ_EXTERNAL_STORAGE
WRITE_EXTERNAL_STORAGE
and only become activated if user clicks ALLOW to them: so it's on user what permissions can be used by an app.
So-called normal permissions get allowed by default without any user interaction.
jwoegerbauer said:
and only become activated if user clicks ALLOW to them: so it's on user what permissions can be used by an app.
So-called normal permissions get allowed by default without any user interaction.
Click to expand...
Click to collapse
I you sure only normal permissions get allowed by default without any user interaction? and where can I separately allow or deny them? Is there a place where all these permissions are explained and what I'll block in the app when denied?
What about tracker? Is it possible to deactivate them?
I think trackers are more intrusive than permissions. Am I right?
MrNice said:
I you sure only normal permissions get allowed by default without any user interaction? and where can I separately allow or deny them? Is there a place where all these permissions are explained and what I'll block in the app when denied?
What about tracker? Is it possible to deactivate them?
I think trackers are more intrusive than permissions. Am I right?
Click to expand...
Click to collapse
Yes, only normal permissions get allowed by default, the apps will ask for the rest of them and you can deny them if you want. Also the only way to disable trackers is with aurora appwarden or trackercontrol, but sometimes the apps with disabled trackers could crash.
@MrNice
an app only can track you if it has the related Android permission granted to do so.
The Penguin said:
Also the only way to disable trackers is with aurora appwarden or trackercontrol,
Click to expand...
Click to collapse
jwoegerbauer said:
an app only can track you if it has the related Android permission granted to do so.
Click to expand...
Click to collapse
Hummm, for me, these 2 sentences look like an oxymoron.
Could you explain?
My last 2 cents here:
An app doesn't have trackers, it only has granted permissions, but an app may behave as tracker - where it doesn't matter whatever it will track - if it got granted the related permissions.
Have a nice day.
I use Karma Firewall to log/see what's accessing the internet and block it if needed.
Many don't need internet access to be functional.
Some of the worst offenders I uninstalled.
Gookill is the worst offender, I keep Google play Services and Playstore disabled 99% of the time.
Some freeware apps are perfect. They do nothing except what they're suppose to do and never attempt internet access; keepers.
Related
Not sure if any of you ever heard of ngmoco's Plus+ game social network on iPhone, well they were bought out by a japanese company who owns "Mobage", a mobile game network in Japan.. Now they're releasing games on Android, but every single one of their apps has every permission in the book, & they give no explanation for any of them.
Now I'd normally stay away, but they have one game I loved on iOS, Pocket Frogs, here's a link; http://0.mk/72868 check out the permissions tabs.
Is it safe? Is there any way to block all permissions in an app or disable them??
Thanks.
TL;DR, remove app permissions?
I clicked on it and the permissions they have in there now seem normal actually. Except for this one:
Allows an application to read all of the contact (address) data stored on your device. Malicious applications can use this to send your data to other people.
It looks like they might have removed quite a bit of the permission requests because in the reviews people were saying it requests "super user access" and stuff like that but when I read the permissions, that one isn't listed anymore.
Yeah, that's the one that bothered me the most, but hardly any of those are required for the app to run, it's just unnecessary & annoying for a game to have that many permissions
Is there any way to remove its permission to read contact data?
That app also requested SU access on my phone. I denied it and then immediately removed the app. There is no reason that game should require SU access.
There is a handy linux tool to list permissions that an APK uses via commandline called scanperms. I use it to check out what an app uses before installing.
URL is hxxp://tinyurl.com/cvo6dqw
I'd like to pone a privacy problem.
In Android ,installed apps require permissions to operate. Permissions to access the Phone Id (also the IMEI) or the position of the device or the access to your calls seem very common in most apps on the market.
Permission for the position seems ok for a Gps navigation program but also for an alarm clock? Where do they sent my data and what use they do?
I use LBE privacy guard but it is enough?
what do you think?
Toriko said:
I'd like to pone a privacy problem.
In Android ,installed apps require permissions to operate. Permissions to access the Phone Id (also the IMEI) or the position of the device or the access to your calls seem very common in most apps on the market.
Permission for the position seems ok for a Gps navigation program but also for an alarm clock? Where do they sent my data and what use they do?
I use LBE privacy guard but it is enough?
what do you think?
Click to expand...
Click to collapse
are you a thief?? :laugh:
Most of the permissions are for ads bases on location
Batcom2
xxXismakillXxx said:
are you a thief?? :laugh:
Click to expand...
Click to collapse
No, but I'm thinking about it. Seriously, have you ever wonder why you get web searches, translations and other services for free and yet the companies that handle the sites are billionaires? Because they sell your personal data and your commercial preferences to other companies without your permission. Think about it when you post your personal data on the web.
zelendel said:
Most of the permissions are for ads bases on location
Batcom2
Click to expand...
Click to collapse
I'm not so sure about that. However if I buy an ad free app , there shouldn't be any ads. And why an alarm clock need my phone id and can access my call log? It's fishy.
Toriko said:
I'd like to pone a privacy problem.
In Android ,installed apps require permissions to operate. Permissions to access the Phone Id (also the IMEI) or the position of the device or the access to your calls seem very common in most apps on the market.
Permission for the position seems ok for a Gps navigation program but also for an alarm clock? Where do they sent my data and what use they do?
I use LBE privacy guard but it is enough?
what do you think?
Click to expand...
Click to collapse
Rule of thumb: Every app that asks for unique device numbers, location and a backchannel does so because it contains advertisement. Advertisers simply love to track customers and find out as much as possible about them in order to deliver ads that actually result in a sale (contrary to popular belief, they don't do that just to annoy the crap out of everyone).
Personally, I don't use LBE privacy guard. I haven't seen the source and that pretty much means it is as much a blackbox as the apps, it is suppose to protect me from. For me, rooting and installing a firewall to simply block the backchannel does the trick.
If u filter out apps for their permissions, u will have nothing but the system apps left on the phone! even I used to check permissions b4 downloading at the beginning. Then as I downloaded a lot of apps i was lazy enough to give a dang to wat permissions the app wants! just see through the comments (reviews) to know if there are any issues with the app! That's it.! And nowadays the app developer tries to explain the reason for each permission the app asks for. So sooner all apps are gonna be explaining their permissions! (hopefully)
zelendel said:
Most of the permissions are for ads bases on location
Batcom2
Click to expand...
Click to collapse
This is true although some use it to collect app usage information for the purpose of improving the app. Unfortunately, it can be difficult to determine exactly why a particular permission is requested.
onyxbits said:
Personally, I don't use LBE privacy guard. I haven't seen the source and that pretty much means it is as much a blackbox as the apps, it is suppose to protect me from. For me, rooting and installing a firewall to simply block the backchannel does the trick.
Click to expand...
Click to collapse
Installing a firewall won't solve the problem, because you can't stop apps that need connection : together with the access to the net they send your data. LBE allows the access for the app but block the transmission of your id together with other data.
Anyway LBE also works as a firewall. There's another app that works the same way (Pdroid) but supports only Gingerbread.
I want to develop an app with the following design:
The app will have some permissions (for example A- read the contact list B- use the Camera C- use the GPS location)
I want the app to contain 3 Mini apps that each of the mini apps has different permission. (Each of the mini app when activated download data from my server and request permissions, and I want that each one of the mini apps could get access only to one permission)
Can I do that ? how complicated the solution would be?
Do you know any apps the behave the same?
Thanks
Joe
Please respond
I cant post on other forums
thanks
Joe McCain said:
I want to develop an app with the following design:
The app will have some permissions (for example A- read the contact list B- use the Camera C- use the GPS location)
I want the app to contain 3 Mini apps that each of the mini apps has different permission. (Each of the mini app when activated download data from my server and request permissions, and I want that each one of the mini apps could get access only to one permission)
Can I do that ? how complicated the solution would be?
Do you know any apps the behave the same?
Thanks
Joe
Click to expand...
Click to collapse
It is not possible to define permissions for 'parts' of apps, permissions defined in the manifest cover the whole app, you would have to just write these as three separate apps
clarification
zacthespack said:
It is not possible to define permissions for 'parts' of apps, permissions defined in the manifest cover the whole app, you would have to just write these as three separate apps
Click to expand...
Click to collapse
Ok, so lets assume that I want to build my own mechanism to grant to permissions to each and every mini-app, can I build that kind of mechanism? or if someone will try very hard he can use unauthorized permission?
Thanks
Joe
Joe McCain said:
Ok, so lets assume that I want to build my own mechanism to grant to permissions to each and every mini-app, can I build that kind of mechanism? or if someone will try very hard he can use unauthorized permission?
Thanks
Joe
Click to expand...
Click to collapse
The issue is how android actually handles permissions.
It does so using the normal Unix/Linux users and groups, when you install an app this app is given its own user, and the permissions it requires are related to groups which the user for that app is added to.
In this sense one apk is treated as an App thus you can not have more than one different set of permissions for the same apk
...
zacthespack said:
The issue is how android actually handles permissions.
It does so using the normal Unix/Linux users and groups, when you install an app this app is given its own user, and the permissions it requires are related to groups which the user for that app is added to.
In this sense one apk is treated as an App thus you can not have more than one different set of permissions for the same apk
Click to expand...
Click to collapse
but If I build my own mechanism in the app code? for example I design the app that every miniapp should get its input through a main service, can I assure that the miniapp wont get input it doesn't need? or it wont be a problem for my "vendor" to pass my service and get the permission it needs
I hope that I'm clear
Joe
Hello Everybody,
I would like to ask a question about Android Apps permissions:
If I deny one permission for a particular App, does that mean the App has zero access to the denied permission?
Or is there a possibility for the App to bypass the permission restriction and access the user Data anyway?
Is our Data really safe and respected by Apps whe we deny certain App permissions?
I would like to have a good understanding about the accuracy of Android Apps permission restrictions.
Please let me know.
Thank you
What permissions an app has is determined by app's developer. These are by default granted, but can get revoked by user - what may lead to fact that app no longer works.
Each app runs in a sandboxed VM therefore basically it only has access to the data tied to it, means app A can never access app's B data. User data like photos, musics, videos etc.pp typically can get accessed by all apps because they aren't specific to an app.
jwoegerbauer said:
What permissions an app has is determined by app's developer. These are by default granted, but can get revoked by user - what may lead to fact that app no longer works.
Each app runs in a sandboxed VM therefore basically it only has access to the data tied to it, means app A can never access app's B data. User data like photos, musics, videos etc.pp typically can get accessed by all apps because they aren't specific to an app.
Click to expand...
Click to collapse
Thank you for taking some of your time to explain this to me. I appreciate it.
When we deny/ block certain permissions to apps, how does Android (or iOS) enforce this?
There are two ways of enforcing this setting:
1. System tells the app not to ask for the permission because the user has denied it.
2. App keeps trying to access the particular permission, and the system continuously blocks it.
For example, if we deny location permission to an app, does the app no longer request location access, or does it keep trying to access location and system keeps blocking it?
If method 1 is how it works (and I doubt it), it would be great for performance and battery life.
If method 2 is how it works (and I think this is how it works), then the app would likely continue to drain battery even more than what it would if the permission was granted.
Can someone explain how this works?
Thanks.
TheMystic said:
When we deny/ block certain permissions to apps, how does Android (or iOS) enforce this?
There are two ways of enforcing this setting:
1. System tells the app not to ask for the permission because the user has denied it.
2. App keeps trying to access the particular permission, and the system continuously blocks it.
For example, if we deny location permission to an app, does the app no longer request location access, or does it keep trying to access location and system keeps blocking it?
If method 1 is how it works (and I doubt it), it would be great for performance and battery life.
If method 2 is how it works (and I think this is how it works), then the app would likely continue to drain battery even more than what it would if the permission was granted.
Can someone explain how this works?
Thanks.
Click to expand...
Click to collapse
The first one if it's update to support the current SDK. App comunicate a request system-level (permission) and ask you to choose.
Granting / revoking permissions is done at app's level and controlled / noted by Android OS:
Permissions on Android | Android Developers
developer.android.com
Keep in mind that once an app has permission to use something, it can do so whenever it wants. While an app might have a legitimate reason for accessing your location, it could also check your location in the background every so often and send that data to advertisers - what will drain battery, of course.