Go Back   Android Forums > Android Discussion > Android Applications
Android Applications All the information you could ever want about Android Applications. Learn about apps and get help with them... all here! New apps can be found and announced in the Applications Announcements forum linked below.

New Forums: Nexus Player | Nexus 9
Like Tree50Likes

test: Reply
 
LinkBack Thread Tools
Old January 30th, 2012, 07:45 AM   #401 (permalink)
Hiding behind a mystery
 
Roze's Avatar
 
Join Date: Jan 2010
Location: Where the Sakura grows
Posts: 9,847
 
Device(s): Moto Atrix [lovin'] Nexus One [Lost] LG Vu [Lost]
Carrier: Not Provided

Thanks: 809
Thanked 2,192 Times in 1,489 Posts
Default

Quote:
Originally Posted by tcat007 View Post
Any security apps warn you if you download any of the apps mentioned in this article? Symantec: Android Market having its largest malware infection ever - SlashGear
Here's the list of the apps that Symantec flagged:


The only iApps7 on the market is Heart Live Wallpaper. All of their other apps have been pulled by Google.

This is Heart Live Wallpaper permissions:





Redmicaps apps are just PLAIN SUSPICIOUS. Any SEXY girl apps should NEVER be downloaded. This is where melwares are usually found :/ Permission is very similar to the wallpaper one. Only two of the 4 apps reported are on the market.


Advertisements
__________________
Sign up with Dropbox using my referral and get an additional 1/2GB on top of the 2GB you get for signing up http://db.tt/YbULMZX

Many thanks,
Roze
Roze is offline  
Reply With Quote
The Following User Says Thank You to Roze For This Useful Post:
Rico ANDROID (January 30th, 2012)
sponsored links
Old January 30th, 2012, 08:05 AM   #402 (permalink)
Senior Member
 
Rico ANDROID's Avatar
 
Join Date: Mar 2011
Location: In Cell Phone SIMetery
Posts: 3,791
 
Device(s): GALAXY NOTE 2 .(aka T.E.D.6)....ROOTED!
Carrier: A Bentley Carries Me

Thanks: 4,610
Thanked 1,720 Times in 1,285 Posts
Default

Great alerting everyone! very detailed and apreciated!
Rico ANDROID is offline  
Reply With Quote
Old February 1st, 2012, 08:50 AM   #403 (permalink)
Member
 
Join Date: Jul 2010
Location: American Expat now living in Thailand
Posts: 212
 
Device(s): Samsung Galaxy S GT-I9000 and Asus TF201 Prime w/ICS
Carrier: Not Provided

Thanks: 69
Thanked 14 Times in 12 Posts
Send a message via Skype™ to LateNiteMike
Default

Thanks for the original posting. As noted by many already, it's full of very useful information.
By the number of viewers to this posting it is quite obvious that many in the Android community are concerned about the types of issues mentioned. With more and more articles being written regarding security and security issues regarding Android apps, I think it's time to consider a way for all Android users to be able to alert other Android users of harmful and/or suspicious apps. Apps that are out there in the marketplace just waiting to snare the unaware and/or unsuspecting down-loaders.
So, with that said......
I would hereby like to suggest a new 'Sticky' (or another method) for making the Android community fully aware and easily notified of any and all apps that might be 'questionable'. By questionable I mean apps that have been known to include malware, spyware, or any type of known malicious activities after being downloaded to an Android device. This would include a way to denote a level of threat to your device, from a level Ten that is merely a battery burner, to a level One that would include malicious spyware/malware.
It would be a master listing of apps that have caused problems for those who have downloaded them along with a way to correlate the info. Info that could alert the Android community.

I realize that there are comments available to read with apps listed in the Market, and some info can be derived from the comments posted,....but I think it's time to have one main source available to every Android user that would be THE 'GoTo' listing for apps that are 'questionable' and that all of us should be aware of....before we downloaded them.
This is just something I think who's time has come, and this is just a basic conceptualization of an idea, but I think it is something that is needed now and probably needed even more as more apps hit the market.
So, wadda ya think??? Is this something worth considering? Something needed and useful to the entire Android community?
Any ideas or suggestions? How can we do this? What's the best format?
__________________
LateNiteMike
LateNiteMike is offline  
Reply With Quote
Old February 2nd, 2012, 02:30 PM   #404 (permalink)
New Member
 
Join Date: Feb 2012
Posts: 3
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Thumbs down

Hi. I just need to pour a load out as im getting pissed with this Android app system.

I noticed Android market now need to receive SMS and if I didnt want that I could just uninstall and then use the old version that came with the phone.

So I did exactly that... uninstalled the crap...but then discovered that first time you use market again - all of Googles apps has changed status to "allow automatic updates" (excl. sky map).... and futher more - after using market one time... it updates itself to the new version I didnt wanna use... automatically.

Seriously - Google maps need to call telephonenumbers? Android market needs to receive SMS? Facebook needs to read, edit, receive and send SMS/MMS

If any of you Google people read this - i swear my next phone dosnt use Android.
rostad is offline  
Reply With Quote
Old February 2nd, 2012, 02:33 PM   #405 (permalink)
Hiding behind a mystery
 
Roze's Avatar
 
Join Date: Jan 2010
Location: Where the Sakura grows
Posts: 9,847
 
Device(s): Moto Atrix [lovin'] Nexus One [Lost] LG Vu [Lost]
Carrier: Not Provided

Thanks: 809
Thanked 2,192 Times in 1,489 Posts
Default

Sorry to hear about that rostad

Quote:
Originally Posted by rostad View Post
Seriously - Google maps need to call telephonenumbers?
This is so you can directly call a place (restaurant/hotels/stores) directly from the map app.
Roze is offline  
Reply With Quote
Old February 2nd, 2012, 04:00 PM   #406 (permalink)
Senior Member
 
tcat007's Avatar
 
Join Date: Jan 2011
Location: Texas
Posts: 1,723
 
Device(s): Nexus 7, 16gb (GrooveIP, T-mobile Hotspot device)
Carrier: none

Thanks: 66
Thanked 259 Times in 239 Posts
Default

If you are rooted you can go back to an earlier Market and remove the updating. But yes, "most" permisions are so that an app can actually do what it advertizes. Apple apps do the same thing, as do PC apps... I wouldn't worry too much if it's popular with a decent rating.
tcat007 is offline  
Reply With Quote
Old February 2nd, 2012, 04:12 PM   #407 (permalink)
Moderati ergo sum
 
lunatic59's Avatar
 
Join Date: Jun 2010
Location: Pennsylvania
Posts: 25,304
 
Device(s): Galaxy Note 10.1 (2014), Nexus 4, Galaxy S II, Captivate, Nexus 1, Nook Color, Asus Transformer T-1
Carrier: AT&T

Thanks: 8,536
Thanked 13,568 Times in 7,423 Posts
Default

Quote:
Originally Posted by rostad View Post
Hi. I just need to pour a load out as im getting pissed with this Android app system.

I noticed Android market now need to receive SMS and if I didnt want that I could just uninstall and then use the old version that came with the phone.
I understand your frustration. Permissions can be a tough concept to wrap your head around in Android. It does make sense, though is you examine it closely.

Quote:
So I did exactly that... uninstalled the crap...but then discovered that first time you use market again - all of Googles apps has changed status to "allow automatic updates" (excl. sky map).... and futher more - after using market one time... it updates itself to the new version I didnt wanna use... automatically.
Not only is there a setting to auto update each app individually, you can set a global default in the market. If you open the market and then go to menu>settings you need to turn it off there. Since doing that, none of my Google apps (or any others I don't want to behave that way) auto update.

Quote:
Seriously - Google maps need to call telephonenumbers? Android market needs to receive SMS? Facebook needs to read, edit, receive and send SMS/MMS

If any of you Google people read this - i swear my next phone dosnt use Android.
Those apps use those services. Without the proper permissions, it wouldn't work as advertised. FWIW, Google is much more transparent about the permissions that each app uses. While it may be a good thing in the long run, it does tend to spook people when they see all these warnings when installing or updating an app. I assure you, other smart phone platforms behave the same way.
__________________
_
If the information is useful, Like the post, if the person was helpful, Thank the member.
RULES: Lest we forget | This part of signature intentionally left blank.
_________________________________________________

No Ivory-Billed Woodpeckers were harmed in the composition of this message.
lunatic59 is online now  
Reply With Quote
The Following User Says Thank You to lunatic59 For This Useful Post:
OfTheDamned (February 3rd, 2012)
Old February 3rd, 2012, 04:26 AM   #408 (permalink)
New Member
 
Join Date: Feb 2012
Posts: 3
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by Roze View Post
This is so you can directly call a place (restaurant/hotels/stores) directly from the map app.
So why cant I just install the update leaving the option for Google to call telephonenumbers off? I dont want the feature yet theres no way I can turn it off is there?


Quote:
Originally Posted by tcat007 View Post
If you are rooted you can go back to an earlier Market and remove the updating. But yes, "most" permisions are so that an app can actually do what it advertizes. Apple apps do the same thing, as do PC apps... I wouldn't worry too much if it's popular with a decent rating.

Im not rooted and I dont want to. Getting to old to use hours and hours tweaking my phone.

Now - dont get me wrong here. It's not that I think Google is gonna make long distance calls using my phone - what i fear is that i sometime in the future will get some malicious software installed that will take advantage of the option.
And I dont want any program to do anything like that (or read/write/edit sms/mms messages either)


Quote:
Originally Posted by lunatic59 View Post
I understand your frustration. Permissions can be a tough concept to wrap your head around in Android. It does make sense, though is you examine it closely.

Not only is there a setting to auto update each app individually, you can set a global default in the market. If you open the market and then go to menu>settings you need to turn it off there. Since doing that, none of my Google apps (or any others I don't want to behave that way) auto update.
It should still be possible to turn off anything that could cost me money or could violate my privacy dont you think?

And just for the record. I have turned off the auto update in the market. But if you uninstall the android market and uses the version that came with the phone it will make Google programs auto update no matter what you want or select. And it will update itself after u uses it the first time.

So these apps dosnt really work the way they where intended and that just confirm that I should be worried.
rostad is offline  
Reply With Quote
Old February 3rd, 2012, 05:07 AM   #409 (permalink)
Over Macho Grande?
Thread Author (OP)
 
alostpacket's Avatar
 
Join Date: Nov 2009
Location: NY
Posts: 7,928
 
Device(s): GlassXE, MotoX, N5, N4, N7'12, GNex, N1, SGT10.1, Revue, Xoom, Eris, OG Droid
Carrier: TMO

Thanks: 4,611
Thanked 3,583 Times in 1,530 Posts
Default

Quote:
Originally Posted by rostad View Post
So why cant I just install the update leaving the option for Google to call telephonenumbers off? I dont want the feature yet theres no way I can turn it off is there?
The default behavoir of Google Maps is that it doesnt call numbers. The permission is for a feature they have yet to implment. All it does is open the dialer and enter the number for you, you still have to hit the call button. Any app could do that, -- it doesnt require a permission.


Quote:
Originally Posted by rostad View Post
Now - dont get me wrong here. It's not that I think Google is gonna make long distance calls using my phone - what i fear is that i sometime in the future will get some malicious software installed that will take advantage of the option.
This, for all intents and purposes, is not possible. Malicious apps can't "steal" the permissions of Google apps.

Quote:
Originally Posted by rostad View Post
And I dont want any program to do anything like that (or read/write/edit sms/mms messages either)
The Market has a receive SMS feature most likely as a security precaution. This is actually probably only used to receive purchase receipts regarding billing, or as a kill switch for malicious apps if discovered (Google has only used the kill switch once)


Quote:
Originally Posted by rostad View Post
It should still be possible to turn off anything that could cost me money or could violate my privacy dont you think?
Depends upon what you mean by violate your privacy. The app system doesnt allow for user to turn on or off permissions as they see fit. This has both pros and cons and is a long topic in and of itself.

However, you can opt out of Google's data collection and ad targeting.

Quote:
Originally Posted by rostad View Post
And just for the record. I have turned off the auto update in the market. But if you uninstall the android market and uses the version that came with the phone it will make Google programs auto update no matter what you want or select. And it will update itself after u uses it the first time.

So these apps dosnt really work the way they where intended and that just confirm that I should be worried.
The Market is the one app that deals with money and saving people's credit card data and other such sensitive and secure actions, leaving auto-update on is a must.

However I have never had a problem turning off auto-update on any other app (with the exception of a strange game that they have since fixed).


Anyways, I can't speak for Facebook, but Google apps are the safest around, and the concerns you expressed, while always diligent to ask about, aren't anything to actually worry about with regards to Google's apps.

Anyways, I hope that helps alleviate your worries -- I can understand where your coming from, but can assure you in these cases (with the exception of facebook) that you need not worry.

the gears under the hood are very safe
alostpacket is offline  
Last edited by alostpacket; February 3rd, 2012 at 03:58 PM.
Reply With Quote
The Following 4 Users Say Thank You to alostpacket For This Useful Post:
El Presidente (February 3rd, 2012), lunatic59 (February 3rd, 2012), OfTheDamned (February 3rd, 2012), scary alien (February 3rd, 2012)
Old February 3rd, 2012, 09:02 AM   #410 (permalink)
Moderati ergo sum
 
lunatic59's Avatar
 
Join Date: Jun 2010
Location: Pennsylvania
Posts: 25,304
 
Device(s): Galaxy Note 10.1 (2014), Nexus 4, Galaxy S II, Captivate, Nexus 1, Nook Color, Asus Transformer T-1
Carrier: AT&T

Thanks: 8,536
Thanked 13,568 Times in 7,423 Posts
Default

Quote:
Originally Posted by rostad View Post
And just for the record. I have turned off the auto update in the market. But if you uninstall the android market and uses the version that came with the phone it will make Google programs auto update no matter what you want or select. And it will update itself after u uses it the first time.

So these apps dosnt really work the way they where intended and that just confirm that I should be worried.
As alostpacket explained, the Market app is the exception for auto updates. If you uninstall the Market and then reinstall it, you will reinstall it with all its defaults and that means auto update will be the default app setting. It's not surprising then that the Google apps will be set to auto update after you've turned them off. If you disable the default auto update settings in the market app, and then turn it off for each Google app, I assure you, they won't auto update. You can even turn off notifications in the market so you'll never see another update notification if you'd like.

Quote:
Originally Posted by alostpacket View Post
The Market has a receive SMS feature most likely as a security precaution. This is actually probably only used to receive purchase receipts regarding billing, or as a kill switch for malicious apps if discovered (Google has only used the kill switch once)
It can also be used for apps that require authentication beyond the market. The Paid versions of some office suites require a product key as well as market authentication which they send by sms.
lunatic59 is online now  
Reply With Quote
The Following 4 Users Say Thank You to lunatic59 For This Useful Post:
alostpacket (February 3rd, 2012), El Presidente (February 3rd, 2012), OfTheDamned (February 3rd, 2012), Slug (February 3rd, 2012)
sponsored links
Old February 3rd, 2012, 03:59 PM   #411 (permalink)
New Member
 
Join Date: Feb 2012
Posts: 3
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by lunatic59 View Post
As alostpacket explained, the Market app is the exception for auto updates. If you uninstall the Market and then reinstall it, you will reinstall it with all its defaults and that means auto update will be the default app setting. It's not surprising then that the Google apps will be set to auto update after you've turned them off. If you disable the default auto update settings in the market app, and then turn it off for each Google app, I assure you, they won't auto update. You can even turn off notifications in the market so you'll never see another update notification if you'd like.
.
Ive had my fun with computers since 1989 and ive seen and heard all kind of people assuring me that this and that cant be done. Im even more worried now when people starts to ensure me theres nothing to worry about because its 100% safe. Theres no such thing as 100% safe

So Im saying once again. I dont uninstall and re-install the market app - im simply deleting the updates and returning to the basic version of android market that came with my phone. It then turns all the Google apps to auto update without my approvel. It then updates itself. And after it updates itself to the newst version - the auto update = off is still there.

Theres no way i can prevent that yet you keep telling me i shouldnt be worried because everything is under control?
rostad is offline  
Reply With Quote
Old February 4th, 2012, 11:27 AM   #412 (permalink)
New Member
 
Join Date: Feb 2012
Location: Edmonton AB
Posts: 5
 
Device(s): Samsung Galaxy 10.1 with Wifi
Carrier: Not Provided

Thanks: 3
Thanked 0 Times in 0 Posts
Default

I found this very informative. Thank you.
scheri is offline  
Reply With Quote
Old February 4th, 2012, 04:55 PM   #413 (permalink)
Moderati ergo sum
 
lunatic59's Avatar
 
Join Date: Jun 2010
Location: Pennsylvania
Posts: 25,304
 
Device(s): Galaxy Note 10.1 (2014), Nexus 4, Galaxy S II, Captivate, Nexus 1, Nook Color, Asus Transformer T-1
Carrier: AT&T

Thanks: 8,536
Thanked 13,568 Times in 7,423 Posts
Default

Quote:
Originally Posted by rostad View Post
Ive had my fun with computers since 1989 and ive seen and heard all kind of people assuring me that this and that cant be done. Im even more worried now when people starts to ensure me theres nothing to worry about because its 100% safe. Theres no such thing as 100% safe
There are a great many members here who have a good deal of experience with technology. We have developers, IT professionals and communications specialist who frequent these forums and some are staff. We are not saying that Android in general or the Market's behaviors are 100% safe. What we are saying is that they are reasonably safe and, as long as you understand the principles and act accordingly, you are at no greater risk than any other mobile platform. 100% safe would be to not use any modern communications technology, which is eminently impractical.

Quote:
So Im saying once again. I dont uninstall and re-install the market app - im simply deleting the updates and returning to the basic version of android market that came with my phone. It then turns all the Google apps to auto update without my approvel. It then updates itself. And after it updates itself to the newst version - the auto update = off is still there.

Theres no way i can prevent that yet you keep telling me i shouldnt be worried because everything is under control?
I understand now what you are doing. I do not know exactly what the specifics of a rollback do, but it may restore original/default preferences for the apps, since the auto update feature was not part of earlier versions of the market app. You will have to check with Google's developers to find out specifically gets restored when you uninstall updates.

The market is designed to auto update for the reasons explained. There are ways to prevent it, but I personally don't know what they are. The rooting community will, however, since some custom roms might break with a market update. I don't think you should be worried about the permissions you listed, or the behaviors you described. They are reasonable and normal.
lunatic59 is online now  
Reply With Quote
Old February 8th, 2012, 01:39 PM   #414 (permalink)
New Member
 
Join Date: Sep 2011
Posts: 5
 
Device(s):
Carrier: Not Provided

Thanks: 1
Thanked 0 Times in 0 Posts
Default

And let's not forget, Google's own apps (e.g gmail) can get to all your phone's contact data, i.e all your private telephone numbers and contact info. What they use it for is anyone's guess.
Yep, you agreed to that the first day you used android.
humpity is offline  
Reply With Quote
Old February 8th, 2012, 02:50 PM   #415 (permalink)
Hiding behind a mystery
 
Roze's Avatar
 
Join Date: Jan 2010
Location: Where the Sakura grows
Posts: 9,847
 
Device(s): Moto Atrix [lovin'] Nexus One [Lost] LG Vu [Lost]
Carrier: Not Provided

Thanks: 809
Thanked 2,192 Times in 1,489 Posts
Default

Quote:
Originally Posted by humpity View Post
And let's not forget, Google's own apps (e.g gmail) can get to all your phone's contact data, i.e all your private telephone numbers and contact info. What they use it for is anyone's guess.
Yep, you agreed to that the first day you used android.
Your Gmail IS your Google account. Google has the option that allows you to sync you contact to your google account. If you don't want Google to know anything about you, then don't put a Google account in (i.e. gmail), don't sync your contact with Facebook (contact avatar) or Gmail (contact phone number and info), don't sync with Calendar or anything Google related. You have the option to NOT use the Google products. If you aren't going to be using anything Google related...then why would you want an Android? Android gives you the ease of access to all of the data that you have ALREADY stored in the various Google products.
Roze is offline  
Reply With Quote
Old February 8th, 2012, 03:19 PM   #416 (permalink)
Senior Member
 
tcat007's Avatar
 
Join Date: Jan 2011
Location: Texas
Posts: 1,723
 
Device(s): Nexus 7, 16gb (GrooveIP, T-mobile Hotspot device)
Carrier: none

Thanks: 66
Thanked 259 Times in 239 Posts
Default

Yes, you just have to "trust" Google... if you look at your Dashboard https://www.google.com/dashboard/ they store just about every move you make. But switching to Gmail for all my personal and business accounts is the best thing I did 2 years ago. No more "lost" emails and such easy access to anything anywhere... yeah a bit scary if Google gets hacked very badly. But no more so (actually less so) than if your bank get hacked.
tcat007 is offline  
Reply With Quote
Old February 12th, 2012, 08:48 AM   #417 (permalink)
New Member
 
Join Date: Jan 2011
Posts: 9
 
Device(s):
Carrier: Not Provided

Thanks: 1
Thanked 0 Times in 0 Posts
Default

Can anyone clarify for me the position with stock apps on non-rooted phones? I have an app I don't want and don't use on my phone and have never agreed to any permissions. I got fed up with it constantly coming up saying I had an update available that I thought what the hey, I'll just install the update and be done with it, it's a small update. So then it comes up with a monster list of permissions, 50% of which are not at all necessary to the function of the app (GPS location requested for a sound recording app). I say no to the update, but it makes me wonder if since the app is already there on my phone from stock did I somehow agree to give this app all those permissions anway as part of the Google Terms of Service? I didn't spot it in there, but I didn't read every single word. Will an app provided with a new phone that you didn't ask for have all the permissions set as accepted anyway? Cheers.
RoseRodent is offline  
Reply With Quote
Old February 12th, 2012, 11:00 AM   #418 (permalink)
New Member
 
Join Date: Feb 2012
Posts: 1
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

nice info..useful made me aware of the threats that can harm my phone..; good work..keep updating...
Chiragi Vyas is offline  
Reply With Quote
Old February 12th, 2012, 01:57 PM   #419 (permalink)
New Member
 
Join Date: Feb 2012
Posts: 4
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

Okay I'm a newbie....When I download or update an app and go to permissions and it gives an explanation of the permission then at the botttom it has "ok'. Does that mean I automatically give it permission when I download the app or must i ckick it to give or revoke permission?
tomboy257 is offline  
Reply With Quote
Old February 13th, 2012, 12:32 AM   #420 (permalink)
Over Macho Grande?
Thread Author (OP)
 
alostpacket's Avatar
 
Join Date: Nov 2009
Location: NY
Posts: 7,928
 
Device(s): GlassXE, MotoX, N5, N4, N7'12, GNex, N1, SGT10.1, Revue, Xoom, Eris, OG Droid
Carrier: TMO

Thanks: 4,611
Thanked 3,583 Times in 1,530 Posts
Default

Quote:
Originally Posted by tomboy257 View Post
Okay I'm a newbie....When I download or update an app and go to permissions and it gives an explanation of the permission then at the botttom it has "ok'. Does that mean I automatically give it permission when I download the app or must i ckick it to give or revoke permission?

When you download and install is when you agree to the permissions. Once installed, apps generally* do not need to re-request permissions


*only a very few (one, I think) related to your Google Account gets re-requested on first use.
alostpacket is offline  
Reply With Quote
sponsored links
Old February 13th, 2012, 07:14 AM   #421 (permalink)
New Member
 
Join Date: Feb 2012
Posts: 4
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thanks...I've read your description of the various permissions and also wonder if some of them aren't kinda leagal ways of saying " we warned you this might happen" should you get a infection or hacked?
tomboy257 is offline  
Reply With Quote
Old February 13th, 2012, 07:51 AM   #422 (permalink)
Hiding behind a mystery
 
Roze's Avatar
 
Join Date: Jan 2010
Location: Where the Sakura grows
Posts: 9,847
 
Device(s): Moto Atrix [lovin'] Nexus One [Lost] LG Vu [Lost]
Carrier: Not Provided

Thanks: 809
Thanked 2,192 Times in 1,489 Posts
Default

Quote:
Originally Posted by RoseRodent View Post
Can anyone clarify for me the position with stock apps on non-rooted phones? I have an app I don't want and don't use on my phone and have never agreed to any permissions. I got fed up with it constantly coming up saying I had an update available that I thought what the hey, I'll just install the update and be done with it, it's a small update. So then it comes up with a monster list of permissions, 50% of which are not at all necessary to the function of the app (GPS location requested for a sound recording app). I say no to the update, but it makes me wonder if since the app is already there on my phone from stock did I somehow agree to give this app all those permissions anway as part of the Google Terms of Service? I didn't spot it in there, but I didn't read every single word. Will an app provided with a new phone that you didn't ask for have all the permissions set as accepted anyway? Cheers.
What stock apps are you referring to? Any app that is installed on your phone, have already been granted permissions. It's a condition for being installed. Sucks when you don't want the app but there's nothing you can do unless you root your phone to uninstall those stock apps. What phone do you have? Vanilla Android is pretty bare bone when it comes to pre-installed apps. As you mentioned a recorder app, I would say that it's an OEM's UI overlay (Sense, TouchWiz, MotoBlurr etc).


Quote:
Originally Posted by tomboy257 View Post
Thanks...I've read your description of the various permissions and also wonder if some of them aren't kinda leagal ways of saying " we warned you this might happen" should you get a infection or hacked?
Unless it's a stock app, all apps that you install, do so with caution and good judgement. If you don't trust a permission that an app need, then don't install it. Contact the developer to get more information on why those permissions are needed. Is the developer's response sufficient for you? If not, go look elsewhere. There are tones of similar apps with just as good reviews out there. As an Android user, you're given full control and discretion of what gets installed on your phone. In the end, you are responsible for your own action and what you installed.
Roze is offline  
Last edited by Roze; February 13th, 2012 at 07:59 AM.
Reply With Quote
Old February 13th, 2012, 09:09 AM   #423 (permalink)
Over Macho Grande?
Thread Author (OP)
 
alostpacket's Avatar
 
Join Date: Nov 2009
Location: NY
Posts: 7,928
 
Device(s): GlassXE, MotoX, N5, N4, N7'12, GNex, N1, SGT10.1, Revue, Xoom, Eris, OG Droid
Carrier: TMO

Thanks: 4,611
Thanked 3,583 Times in 1,530 Posts
Default

Quote:
Originally Posted by tomboy257 View Post
Thanks...I've read your description of the various permissions and also wonder if some of them aren't kinda leagal ways of saying " we warned you this might happen" should you get a infection or hacked?

I've never gotten that impression from permissions, and to be honest I'm a bit surprised to even hear it. Though I see what you're saying. Think about it this way though:

Everything is about context.

These are safeguards put in place to help you decide what to download. Only you can protect yourself. In all things, not just software.

The Internet doesn't have these safeguards. The postal mail in the US doesnt have permissions preventing scam artists from sending you a letter. Your phone company doesnt stop fake phishing calls.

The Android Market is a bit chaotic and wild - but that's part of what makes it great. But if users are going to ignore that an app called "Super Happy Fun Bikini Dance Game" wants a dozen permissions, then what can anyone do?

Additionally, this type of "permission" system is relatively new. But it's a big step in the right direction.

Windows and OSX didn't traditionally have permissions. Even now, neither system does anything but protect system files. iOS has a permission system but from what I know of it, it's a bit more limiting.

Living in an increasingly digital world means users HAVE to learn a little bit about how to protect themselves. In the same way we all learn not to open those scam postal letters that promise we won $1 million if we just deposit $100.

Also with regards to legal disclaimers:

Pretty much every piece of software you can buy for any platform ever comes with a legal disclaimer that they are not responsible for certain things. My own apps even have this.

Hopefully that makes sense. This is all also why I believe strongly about educating users on what it all means. There are some apps out there that claim to remove viruses or block permissions, but they are just tools, and often give a false sense of security. But ultimately, these tools work better with an educated user wielding them.
alostpacket is offline  
Reply With Quote
The Following User Says Thank You to alostpacket For This Useful Post:
lunatic59 (February 13th, 2012)
Old February 15th, 2012, 04:10 AM   #424 (permalink)
New Member
 
Join Date: Jan 2012
Posts: 6
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

I have found the whole thread very informative, but what I cannot understand is why the android market does not let us search by permissions. I spend ages looking for an app that has permissions which I find acceptable. At the moment I am looking for a barcode scanner that does not give away nearly every detail on my phone.

At the moment I can restrict my search on the market by apps, books, movies, all prices, free, paid, safe search, popularity and relevance. Why don't they also add a list of permissions, that I could choose via radio buttons, of permissions that I won't accept?

This could work to a developers advantage where they omit some of the permissions on paid apps. People would probably pay £1 for an app that doesn't read all their contact data for example.
autopilot1 is offline  
Reply With Quote
Old February 15th, 2012, 08:45 AM   #425 (permalink)
Hiding behind a mystery
 
Roze's Avatar
 
Join Date: Jan 2010
Location: Where the Sakura grows
Posts: 9,847
 
Device(s): Moto Atrix [lovin'] Nexus One [Lost] LG Vu [Lost]
Carrier: Not Provided

Thanks: 809
Thanked 2,192 Times in 1,489 Posts
Default

Quote:
Originally Posted by autopilot1 View Post
I have found the whole thread very informative, but what I cannot understand is why the android market does not let us search by permissions. I spend ages looking for an app that has permissions which I find acceptable. At the moment I am looking for a barcode scanner that does not give away nearly every detail on my phone.

At the moment I can restrict my search on the market by apps, books, movies, all prices, free, paid, safe search, popularity and relevance. Why don't they also add a list of permissions, that I could choose via radio buttons, of permissions that I won't accept?

This could work to a developers advantage where they omit some of the permissions on paid apps. People would probably pay £1 for an app that doesn't read all their contact data for example.
I am assuming you are referring to Barcode Scanner?

Barcode Scanner is one of the most trusted app on the market and if you check their website, they will explain why they need all of these permissions and it does make sense. A lot of apps use Barcode Scanner as their scanning app.
Roze is offline  
Reply With Quote
The Following 2 Users Say Thank You to Roze For This Useful Post:
alostpacket (February 15th, 2012), Rico ANDROID (February 15th, 2012)
Old February 15th, 2012, 01:24 PM   #426 (permalink)
New Member
 
Join Date: Jan 2012
Posts: 6
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hi Roze, yes Barcode Scanner was one of many, but I have found the Barcode Scanner particularly inaccurate over its pricing. I just tried it on a few items in my cupboard, and the barcode on the goods must be for an outer rather than a single item because the prices need to be divided either by 12 or 10 to become accurate. However, how will you know how many packs make an outer?

The problem is the way some of the permissions are described - they often sound worse than they really are. For example the one that searches your contacts, as the Barcode Scanner admits it is used for making the codes and nothing else. However unless you search each app back to their website you are never going to be sure exactly how the information is going to be used.

Multiply doing that for over 100 barcode scanner or qr code apps and it would take days to check every one.
autopilot1 is offline  
Reply With Quote
Old February 17th, 2012, 08:42 PM   #427 (permalink)
Over Macho Grande?
Thread Author (OP)
 
alostpacket's Avatar
 
Join Date: Nov 2009
Location: NY
Posts: 7,928
 
Device(s): GlassXE, MotoX, N5, N4, N7'12, GNex, N1, SGT10.1, Revue, Xoom, Eris, OG Droid
Carrier: TMO

Thanks: 4,611
Thanked 3,583 Times in 1,530 Posts
Default

update: 2/17/12

-updated the info about how to find permissions and the market screenshot

-added links to each section
alostpacket is offline  
Reply With Quote
The Following 4 Users Say Thank You to alostpacket For This Useful Post:
luke27fr (March 2nd, 2012), lunatic59 (February 18th, 2012), NickanM (March 12th, 2012), Roze (February 17th, 2012)
Old February 22nd, 2012, 04:03 AM   #428 (permalink)
New Member
 
Join Date: Nov 2011
Posts: 5
 
Device(s):
Carrier: Not Provided

Thanks: 3
Thanked 2 Times in 2 Posts
Thumbs up

Quote:
Originally Posted by alostpacket View Post
update: 2/17/12

-updated the info about how to find permissions and the market screenshot

-added links to each section
This is a great thread and original article. On another android tablet site (where I am a mod) I keep a malware & security FAQ thread up to date & reference this thread as the defacto standard on the subject. Great job.

Will you also be updating your original post to include info on Google Bouncer?
janner43 is offline  
Reply With Quote
The Following User Says Thank You to janner43 For This Useful Post:
alostpacket (February 22nd, 2012)
Old February 22nd, 2012, 06:27 AM   #429 (permalink)
Over Macho Grande?
Thread Author (OP)
 
alostpacket's Avatar
 
Join Date: Nov 2009
Location: NY
Posts: 7,928
 
Device(s): GlassXE, MotoX, N5, N4, N7'12, GNex, N1, SGT10.1, Revue, Xoom, Eris, OG Droid
Carrier: TMO

Thanks: 4,611
Thanked 3,583 Times in 1,530 Posts
Default

Yep -- good call!

I had known about Bouncer but not thought to add it. But yeah the next big update will be a content update to both my app and all my guides.

This will include:

Info on Bouncer:

New permissions
- BT Admin
- NFC
- CHECK_LICENSE

And at least a few others I am forgetting off the top of my head.

(btw feel free to check out my app version of this guide, I just released the tablet HC/ICS version yesterday)

Link: PocketPermissions (v2.0) - The app version of my security guide (updated)
alostpacket is offline  
Reply With Quote
The Following User Says Thank You to alostpacket For This Useful Post:
Rico ANDROID (February 25th, 2012)
Old February 25th, 2012, 09:17 PM   #430 (permalink)
New Member
 
Join Date: Feb 2012
Posts: 2
 
Device(s):
Carrier: Not Provided

Thanks: 1
Thanked 2 Times in 1 Post
Smile made my day and i will sleep eaiser :-)

I know its over two years since your post on this subject but I had to thank you for giving me all the information I was looking for in one easy to read post. You would think by now there would be more done about it and it would be safer but there isn't. I have shared this link with all my friends as it has give me peace of mind and will make me sleep alot easier and give me more confidence in downloading apps and using my tablet. You should receive a medal for helping people and explaining this topic in such a manner that all can understand and learn. My hat is off to you sir and I wish you all the best in life. If karma is real then your life should be fruitful and long lived.
If every one could know this information then no one would download the app thus giving them no reason to create these tricks. Once again my hat goes off to you good sir.
Kind regards, Bobbie stringer. England
bobbiestringer is offline  
Reply With Quote
The Following 2 Users Say Thank You to bobbiestringer For This Useful Post:
alostpacket (March 5th, 2012), Rico ANDROID (February 25th, 2012)
sponsored links
Old March 5th, 2012, 09:42 AM   #431 (permalink)
Junior Member
 
Join Date: Mar 2012
Location: In a state of confusion.
Posts: 35
 
Device(s): Huawei S7 (104)
Carrier: Not Provided

Thanks: 66
Thanked 18 Times in 5 Posts
Money

Hi!

thank you for helping me with my paranoid thinking in this eminent thread. Registered and paid a month premium thanks to alostpackage. I think I just love you...

( Dont tell my hubby...... )
NickanM is offline  
Reply With Quote
The Following 2 Users Say Thank You to NickanM For This Useful Post:
alostpacket (March 5th, 2012), Rico ANDROID (March 5th, 2012)
Old March 5th, 2012, 10:35 AM   #432 (permalink)
Senior Member
 
Rico ANDROID's Avatar
 
Join Date: Mar 2011
Location: In Cell Phone SIMetery
Posts: 3,791
 
Device(s): GALAXY NOTE 2 .(aka T.E.D.6)....ROOTED!
Carrier: A Bentley Carries Me

Thanks: 4,610
Thanked 1,720 Times in 1,285 Posts
Default

Quote:
Originally Posted by NickanM View Post
Hi!

thank you for helping me with my paranoid thinking in this eminent thread. Registered and paid a month premium thanks to alostpackage. I think I just love you...

( Dont tell my hubby...... )
That Alostpacket is so lovable!
Rico ANDROID is offline  
Reply With Quote
The Following User Says Thank You to Rico ANDROID For This Useful Post:
alostpacket (March 12th, 2012)
Old March 6th, 2012, 10:06 AM   #433 (permalink)
Senior Member
 
KlaymenDK's Avatar
 
Join Date: May 2009
Location: Denmark
Posts: 1,221
 
Device(s): HTC Desire Z (rooted, CyanogenMod v7.1; Revoked ClockworkMod) HTC Desire (rooted, Oxygen rom; Revoke
Carrier: Not Provided

Thanks: 31
Thanked 132 Times in 100 Posts
Question Can Android apps secretly copy photos?

It's been a long time since I posted here, feeling mostly in control of my Android. But recently, various press have started published articles such as this:
New York Times: Et Tu, Google? Android Apps Can Also Secretly Copy Photos
But naturally they're in "captain-dummy-talk" mode so the hard details are mostly lacking. Hence I come here to ask:

Can Android apps in fact secretly copy photos merely based on the permission "Full internet access"?
Or is it an inflated misunderstanding, and you do in fact also need other permissions such as "Modify/delete SD card contents" (which I believe is required to obtain read access)?
__________________
Don't forget to hit the "Thanks" button when someone helps you!!!
How To Ask Questions The Smart Way
-- 010\001\111 --
KlaymenDK is offline  
Last edited by KlaymenDK; March 6th, 2012 at 10:06 AM. Reason: borken link (inaccurate preview!)
Reply With Quote
Old March 6th, 2012, 12:30 PM   #434 (permalink)
Over Macho Grande?
Thread Author (OP)
 
alostpacket's Avatar
 
Join Date: Nov 2009
Location: NY
Posts: 7,928
 
Device(s): GlassXE, MotoX, N5, N4, N7'12, GNex, N1, SGT10.1, Revue, Xoom, Eris, OG Droid
Carrier: TMO

Thanks: 4,611
Thanked 3,583 Times in 1,530 Posts
Default

Good to see you Klaymen!


Anyways, actually - reading files from an SD card does not require any permission. It's considered "unprotected storage" - so sadly that article is not incorrect. Dripping with the spite of the journalist and a bit of sensationalism, but not incorrect.

So, in theory, yes they could send pictures. In practice, it's not that simple. It would be hard to go unnoticed.

However I do believe this is why Android has moved to a more "internal" storage design. This allows for more things to be placed in "protected" storage. Though photos take from the camera have not moved into protected storage (yet).

This really was done on purpose, and is pretty much the same for all computing platforms. (Windows, OSX). There is only separation between user accounts.

There is a limit to what you can reasonably enforce at the file level. When you think about it, there are a lot of issues that arise when trying to protect hundreds (possibly thousands) of photos/files.

Imagine someone takes thousands of photos and swaps SD cards all the time: How would Android protect the images if the person were to take the SD card out like a camera and plug it into their printer?

Anyways, with the newer devices I'd expect to see some "tinkering" in this area -- maybe in jellybean.
alostpacket is offline  
Reply With Quote
The Following 5 Users Say Thank You to alostpacket For This Useful Post:
KlaymenDK (March 6th, 2012), lunatic59 (March 6th, 2012), NickanM (March 7th, 2012), Rico ANDROID (March 12th, 2012), Roze (March 6th, 2012)
Old March 6th, 2012, 02:07 PM   #435 (permalink)
Moderati ergo sum
 
lunatic59's Avatar
 
Join Date: Jun 2010
Location: Pennsylvania
Posts: 25,304
 
Device(s): Galaxy Note 10.1 (2014), Nexus 4, Galaxy S II, Captivate, Nexus 1, Nook Color, Asus Transformer T-1
Carrier: AT&T

Thanks: 8,536
Thanked 13,568 Times in 7,423 Posts
Default

Quote:
"Android apps do not need permission to get a userís photos, and as long as an app has the right to go to the Internet, it can copy those photos to a remote server without any notice, according to developers and mobile security experts. It is not clear whether any apps that are available for Android devices are actually doing this."
That roughly translates into there are mobile security companies trying to scare you into thinking their product is necessary to protect your privacy. And, there aren't any apps currently doing this.

My take on it is that these so called security apps are not doing anything that a little diligence and care can do, and many of them have been tested to be rather ineffectual. If, in the future, any apps do in fact start sending files without your permission or notice I would guess that a.) they'd get a lot of press and b.) Google would pull them from the market.
lunatic59 is online now  
Reply With Quote
The Following User Says Thank You to lunatic59 For This Useful Post:
alostpacket (March 12th, 2012)
Old March 6th, 2012, 02:35 PM   #436 (permalink)
Senior Member
 
KlaymenDK's Avatar
 
Join Date: May 2009
Location: Denmark
Posts: 1,221
 
Device(s): HTC Desire Z (rooted, CyanogenMod v7.1; Revoked ClockworkMod) HTC Desire (rooted, Oxygen rom; Revoke
Carrier: Not Provided

Thanks: 31
Thanked 132 Times in 100 Posts
Default

Thanks for the hello. Makes me feel all warm and fuzzy.
Perhaps that first point --about the SD being considered unprotected storage-- ought to be mentioned in the first post, but I concede that (ironically) it's not a permission per se.

Could you go into greater detail about why it would be hard to go unnoticed? I imagine an observant user might notice a peak in traffic, but other than that ... I am disinclined to agree, as much as I would love to.

About the file systems, well, yes and no. Agreed, there's only so much (which is hardly anything) you can do as long as the file system is straight old FAT, and even *nix file system are a little dodgy on the access control when you've moved the drive to another host. But locally (i.e. on a single Linux-based device), it certainly ought to be rather simple to do better than what we have ... but this is a whole 'nother discussion (one I considered looong ago when it was evident that apps could benefit from a better organised file system hierarchy).

Finally, another thank you for taking time to enlighten us!
KlaymenDK is offline  
Reply With Quote
The Following User Says Thank You to KlaymenDK For This Useful Post:
alostpacket (March 6th, 2012)
Old March 6th, 2012, 04:37 PM   #437 (permalink)
Over Macho Grande?
Thread Author (OP)
 
alostpacket's Avatar
 
Join Date: Nov 2009
Location: NY
Posts: 7,928
 
Device(s): GlassXE, MotoX, N5, N4, N7'12, GNex, N1, SGT10.1, Revue, Xoom, Eris, OG Droid
Carrier: TMO

Thanks: 4,611
Thanked 3,583 Times in 1,530 Posts
Default

Quote:
Originally Posted by KlaymenDK View Post
Thanks for the hello. Makes me feel all warm and fuzzy.
Perhaps that first point --about the SD being considered unprotected storage-- ought to be mentioned in the first post, but I concede that (ironically) it's not a permission per se.

Could you go into greater detail about why it would be hard to go unnoticed? I imagine an observant user might notice a peak in traffic, but other than that ... I am disinclined to agree, as much as I would love to.

About the file systems, well, yes and no. Agreed, there's only so much (which is hardly anything) you can do as long as the file system is straight old FAT, and even *nix file system are a little dodgy on the access control when you've moved the drive to another host. But locally (i.e. on a single Linux-based device), it certainly ought to be rather simple to do better than what we have ... but this is a whole 'nother discussion (one I considered looong ago when it was evident that apps could benefit from a better organised file system hierarchy).

Finally, another thank you for taking time to enlighten us!

I thought I mentioned it in the guide but I may have just implied it. I'll take note to make it more clear.

You're right in that there is some level of enforcement they can and do perform. Contacts, for example are in protected storage. But when they built the system they had to consider a number of factors. Like you stated FAT file systems being one. Another being that they can't encrypt SD cards for fear they would be unreadable once removed. Another is the number and size of the files. Finally I think it's good to consider the evolution of Android. The G1 had what, like 256MB of internal? 512? And 4 GB SD card?


Anyway will write more soon gtg
alostpacket is offline  
Reply With Quote
The Following User Says Thank You to alostpacket For This Useful Post:
NickanM (March 7th, 2012)
Old March 8th, 2012, 10:09 AM   #438 (permalink)
New Member
 
Join Date: Sep 2011
Location: Canada
Posts: 14
 
Device(s): Samsung Galaxy S2, ASUS Transformer Prime
Carrier: Not Provided

Thanks: 2
Thanked 3 Times in 2 Posts
Default

First, alostpacket- your app was the first thing I ever downloaded from the market when I bought an android, and it's invaluable! And the updated version just takes it over the top- I really think that google should be throwing tons of money at you and baking that functionality into the OS itself :-)

Couple general security questions for you, and the collective wisdom of the forum: First, how safe in general are keyboard replacements? I'm frustrated with my stock one, but the possibilities associated with trusting someone else to potentially see what I write makes me hesitate. Some keyboards like SwiftKey are "editor's choice" in the market, and seem to have robust privacy policies, but I'm wondering what the take is on these things from the more security-conscious android users.

Second, can someone explain more clearly what kind of information exactly gets stored in sensitive logs? It every minute action stored (i.e. including things like key presses when entering a password for example), or is it more system-related information? I've been VERY wary of installing anything that wants that permission, and have shied away from even highly rated apps like Evernote because they require it (much to my frustration). However, there are some services that don't really have alternatives. I've noticed a number of streaming services that want that permission for example (and up here in Canada there aren't many good alternatives to things like Netflix or Rdio- both of which have that permission). Is there a particular reason why a streaming service would need access to those logs?

Third (though related to the last question), to what degree are apps vulnerable to being hacked by other apps or programs to take advantage of their permissions? For example, if I decided to trust Netflix to access my logs so I can stream video (and lets assume I download the correct app to begin with and not something masquerading as Netflix :-)), would it be possible for a different program to spoof the connection, or somehow link into it and get to my logs through that app? Is that even something that can be done theoretically?

Thanks!!
MiscBec is offline  
Reply With Quote
The Following User Says Thank You to MiscBec For This Useful Post:
alostpacket (March 9th, 2012)
Old March 9th, 2012, 11:26 AM   #439 (permalink)
Over Macho Grande?
Thread Author (OP)
 
alostpacket's Avatar
 
Join Date: Nov 2009
Location: NY
Posts: 7,928
 
Device(s): GlassXE, MotoX, N5, N4, N7'12, GNex, N1, SGT10.1, Revue, Xoom, Eris, OG Droid
Carrier: TMO

Thanks: 4,611
Thanked 3,583 Times in 1,530 Posts
Default

The reason those apps request the permission is for debugging if something goes wrong. However, that isn't a GOOD reason to request it. They can easily write their own logs. The READ_LOGS permission gives them access to all the other logs.

I'd write to any app maker using that and complain.

Common things you will see "leaked" into the global log include:

-Network coordinates
-GPS coordinates
-Network IDs
-WiFi IDs
-Contact information (phone numbers, addressses, email addresses)

The number of apps that put this information in the global logs is staggering. So that's what makes this a permission that should not be granted. It was actually never intended for publicly released applications, but rather for developers.

So ultimately, while I think those apps are unlikely to be doing anything nefarious to you, I'd still complain to them.


hope that helps and thanks for the kind words about PocketPermissions! I agree Google should pay me truckloads of cash
alostpacket is offline  
Reply With Quote
Old March 9th, 2012, 03:35 PM   #440 (permalink)
Hiding behind a mystery
 
Roze's Avatar
 
Join Date: Jan 2010
Location: Where the Sakura grows
Posts: 9,847
 
Device(s): Moto Atrix [lovin'] Nexus One [Lost] LG Vu [Lost]
Carrier: Not Provided

Thanks: 809
Thanked 2,192 Times in 1,489 Posts
Default

I read a comment on one of the AC's article about sending in crash report:

Quote:
we developers actually get very little information from the report sent, the Log report only shows the error and nothing else. We DONT see what phone, version, carrier etc. writing in the comments what you were doing can also help because we can only see the comments
How true is this statement?
Roze is offline  
Reply With Quote
The Following User Says Thank You to Roze For This Useful Post:
alostpacket (March 9th, 2012)
sponsored links
Old March 9th, 2012, 03:45 PM   #441 (permalink)
Over Macho Grande?
Thread Author (OP)
 
alostpacket's Avatar
 
Join Date: Nov 2009
Location: NY
Posts: 7,928
 
Device(s): GlassXE, MotoX, N5, N4, N7'12, GNex, N1, SGT10.1, Revue, Xoom, Eris, OG Droid
Carrier: TMO

Thanks: 4,611
Thanked 3,583 Times in 1,530 Posts
Default

This is mostly true. We're supposed to get info about the type of device and version of Android it was running but it always shows as "other"

However, we do get what is called a stack trace. This is the line number and methods (functions) that caused the error. This is very helpful for tracking down bugs.

For example, here's one of mine from PocketPermissions:

(in case you are wondering, this happens if a user uninstalls an app while using PocketPermissions, then presses the back button to go back to my app.)

Quote:
Caused by: java.lang.NullPointerException
at com.alostpacket.pocketpermissions.fragments.AppDet ailFrag.displayContent(AppDetailFrag.java:306)
at com.alostpacket.pocketpermissions.fragments.AppDet ailFrag.continueFragment(AppDetailFrag.java:507)
at com.alostpacket.pocketpermissions.fragments.BaseFr ag.checkForModelOrLoad(BaseFrag.java:146)
at com.alostpacket.pocketpermissions.fragments.BaseFr ag.onResume(BaseFrag.java:136)
at android.support.v4.app.FragmentManagerImpl.moveToS tate(FragmentManager.java:917)
at android.support.v4.app.FragmentManagerImpl.moveToS tate(FragmentManager.java:1080)
at android.support.v4.app.BackStackRecord.run(BackSta ckRecord.java:622)
at android.support.v4.app.FragmentManagerImpl.execPen dingActions(FragmentManager.java:1416)
at android.support.v4.app.FragmentActivity.onPostResu me(FragmentActivity.java:413)
at android.app.Activity.performResume(Activity.java:3 883)
at android.app.ActivityThread.performResumeActivity(A ctivityThread.java:2114)
... 12 more
alostpacket is offline  
Reply With Quote
Old March 10th, 2012, 11:36 PM   #442 (permalink)
Junior Member
 
Join Date: Mar 2012
Posts: 24
 
Device(s):
Carrier: Not Provided

Thanks: 1
Thanked 1 Time in 1 Post
Default

Wow great guide but you forgot the deault permisson modify battery statistics
androidgirl22 is offline  
Reply With Quote
Old March 11th, 2012, 03:48 PM   #443 (permalink)
The PearlyMon
 
EarlyMon's Avatar
 
Join Date: Jun 2010
Location: New Mexico, USA
Posts: 46,461
 
Device(s): M8, LTEvo, 3vo, and Shift - Evo retired
Carrier: Sprint

Thanks: 42,774
Thanked 57,265 Times in 23,020 Posts
Default

Documenting that's cleared up in your thread -

what is default modify battery statistics permissom
EarlyMon is offline  
Reply With Quote
The Following 2 Users Say Thank You to EarlyMon For This Useful Post:
alostpacket (March 12th, 2012), Shengxin (March 19th, 2012)
Old March 12th, 2012, 08:23 PM   #444 (permalink)
Over Macho Grande?
Thread Author (OP)
 
alostpacket's Avatar
 
Join Date: Nov 2009
Location: NY
Posts: 7,928
 
Device(s): GlassXE, MotoX, N5, N4, N7'12, GNex, N1, SGT10.1, Revue, Xoom, Eris, OG Droid
Carrier: TMO

Thanks: 4,611
Thanked 3,583 Times in 1,530 Posts
Default

Yep the battery permission is mostly innocuous. But I will add it to my notes for permissions to add to the list.

thanks! and thanks to EM/xyro for helpin out
alostpacket is offline  
Reply With Quote
Old March 18th, 2012, 07:43 AM   #445 (permalink)
Member
 
Andima's Avatar
 
Join Date: Jul 2011
Gender: Male
Posts: 449
 
Device(s): Samsung Galaxy S3 GT-i9300
Carrier: Not Provided

Thanks: 212
Thanked 42 Times in 38 Posts
Default

This is really a good guide! Thanks mate!
__________________
Android Gadgematic My droid blogs.
Andima is offline  
Reply With Quote
Old March 19th, 2012, 04:00 PM   #446 (permalink)
Member
 
Join Date: Mar 2012
Posts: 102
 
Device(s): Samsung Galaxy Lenovo IdeaPad
Carrier: Not Provided

Thanks: 3
Thanked 17 Times in 17 Posts
Default

Thanks a lot for the introduction. The information is very useful.
Shengxin is offline  
Reply With Quote
Old March 26th, 2012, 02:51 AM   #447 (permalink)
New Member
 
Join Date: Mar 2012
Posts: 3
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

tq for sharing.
i need ur help.can u give me some example of logs for android?
other then iptables log.
mieramohamad is offline  
Reply With Quote
Old March 26th, 2012, 07:01 AM   #448 (permalink)
New Member
 
Join Date: Mar 2012
Posts: 4
 
Device(s):
Carrier: Not Provided

Thanks: 3
Thanked 0 Times in 0 Posts
Default

great sticky can i just ask one question what if a program nees phone calls read phone state and identitity?
1hamster is offline  
Reply With Quote
Old March 26th, 2012, 01:07 PM   #449 (permalink)
Over Macho Grande?
Thread Author (OP)
 
alostpacket's Avatar
 
Join Date: Nov 2009
Location: NY
Posts: 7,928
 
Device(s): GlassXE, MotoX, N5, N4, N7'12, GNex, N1, SGT10.1, Revue, Xoom, Eris, OG Droid
Carrier: TMO

Thanks: 4,611
Thanked 3,583 Times in 1,530 Posts
Default

Quote:
Originally Posted by mieramohamad View Post
tq for sharing.
i need ur help.can u give me some example of logs for android?
other then iptables log.
When it comes to the READ_LOGS permission they are primarily referring to the ADB log, also know as LogCat.

This is master log all apps use for debugging. The problem is, some apps put info into the master log that they shouldn't.
alostpacket is offline  
Reply With Quote
Old March 26th, 2012, 01:09 PM   #450 (permalink)
Over Macho Grande?
Thread Author (OP)
 
alostpacket's Avatar
 
Join Date: Nov 2009
Location: NY
Posts: 7,928
 
Device(s): GlassXE, MotoX, N5, N4, N7'12, GNex, N1, SGT10.1, Revue, Xoom, Eris, OG Droid
Carrier: TMO

Thanks: 4,611
Thanked 3,583 Times in 1,530 Posts
Default

Quote:
Originally Posted by 1hamster View Post
great sticky can i just ask one question what if a program nees phone calls read phone state and identitity?
Most of the basics about that permission are discussed in the first post. However, let me know if there is a specific question you have about it, and I would be glad to try and help
alostpacket is offline  
Reply With Quote
Reply
Tags
anti-virus, antivirus, applications, apps, best practices, guide, malware, market, permissions, protection level, safety, security, spam, virus


Go Back   Android Forums > Android Discussion > Android Applications
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


LinkBacks (?)
LinkBack to this Thread: http://androidforums.com/android-applications/36936-android-permissions-explained-security-tips-avoiding-malware.html
Posted By For Type Date
[HOW TO] FAQ on viruses, malware & browser security - Page 2 This thread Refback April 25th, 2012 08:55 AM
newest submissions : Android This thread Refback December 31st, 2011 04:22 AM
Was interested in knowing why an app might need access to who I call, stumbled upon this. Very informative. This thread Refback December 31st, 2011 03:58 AM
Android This thread Refback December 31st, 2011 01:11 AM


All times are GMT -5. The time now is 07:10 AM.
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.