Go Back   Android Forums > Android Discussion > Android Applications
Android Applications All the information you could ever want about Android Applications. Learn about apps and get help with them... all here! New apps can be found and announced in the Applications Announcements forum linked below.

Get excited for the Samsung Galaxy S5! Find everything you need and discuss it in our Galaxy S5 Forum!

test: Reply
 
LinkBack Thread Tools
Old March 17th, 2012, 03:39 PM   #1 (permalink)
New Member
Thread Author (OP)
 
Join Date: Mar 2012
Posts: 7
 
Device(s):
Carrier: Not Provided

Thanks: 6
Thanked 1 Time in 1 Post
Question Permission Remover App on Google Play for non rooted phones

New to Android and forum.

After getting my Android, I was getting particularly concerned with security/privacy issues and permission granted on the phone. To address this, I've looked at rooting the phone but ultimately, it looked like this could increase my security risk instead of decreasing it.

I recently found an application (Permission Remover) on Google play which can remove application on dnloaded apps WITHOUT having the phone rooted, which is exactly was I was looking for.

The way I think this app works, is that it uninstalls the app, then removes the unwanted permission, then re-installs the app without that particular permission. I've tried it and seems to work well. For some app, it will remove permissions without causing failure in the app, while for others, it might cause a failure, which is to be expected, depending how the app was coded.

My concern is this: Is it possible that when "Permission Remover" unistalls the app and removes the unwanted permissions, it adds some malicious coding before re-installing the app? Is there a way this can be verified? I have AVAST antivirus on my phone, and it did not detect any malware.

This a relatively new app (Feb 2012) and has had few dnloads <1k. I can't post the link to it, but if you search "Permission Remover" in Google Play, it is the first one in the list. Can anyone view the coding of that app and let me know if there is anything malicious?

PaulSMith02 is offline  
Reply With Quote
sponsored links
Old March 17th, 2012, 03:46 PM   #2 (permalink)
Beware The Milky Pirate!
 
El Presidente's Avatar
 
Join Date: Jan 2011
Location: Scotland
Posts: 26,585
 
Device(s): Xperia Z1, Nexus 7 3G, HTC One X, SGS3 Mini
Carrier: EE

Thanks: 14,023
Thanked 15,816 Times in 8,487 Posts
Default

Welcome to AF!

I'm sure I read somewhere that the app itself is malicious, but I can't recall if it was this app or an app that performed a similar function. I'll have a dig around and see what I can find.

Failing that, I'll get one of our app devs to take a look.
__________________
Site Rules & Guidelines / Staff List / Ask the Staff
Want to bring naughty posts to our attention? Use:
Be respectful to each other - That's what we're all about.
El Presidente is offline  
Reply With Quote
The Following User Says Thank You to El Presidente For This Useful Post:
alostpacket (March 17th, 2012)
Old March 17th, 2012, 03:51 PM   #3 (permalink)
New Member
Thread Author (OP)
 
Join Date: Mar 2012
Posts: 7
 
Device(s):
Carrier: Not Provided

Thanks: 6
Thanked 1 Time in 1 Post
Default

Great. Thanks.

Every app I was able to find on this subject were for Rooted phones... This one is particular as it works on non rooted.
PaulSMith02 is offline  
Last edited by PaulSMith02; March 17th, 2012 at 03:55 PM.
Reply With Quote
Old March 17th, 2012, 03:55 PM   #4 (permalink)
Beware The Milky Pirate!
 
El Presidente's Avatar
 
Join Date: Jan 2011
Location: Scotland
Posts: 26,585
 
Device(s): Xperia Z1, Nexus 7 3G, HTC One X, SGS3 Mini
Carrier: EE

Thanks: 14,023
Thanked 15,816 Times in 8,487 Posts
Default

No problem, whilst I'm having a look, you might want to take a look at this: Android permissions explained, security tips, and avoiding malware
El Presidente is offline  
Reply With Quote
The Following 2 Users Say Thank You to El Presidente For This Useful Post:
alostpacket (March 17th, 2012), PaulSMith02 (March 17th, 2012)
Old March 17th, 2012, 04:31 PM   #5 (permalink)
Over Macho Grande?
 
alostpacket's Avatar
 
Join Date: Nov 2009
Location: NY
Posts: 7,873
 
Device(s): GlassXE, MotoX, N5, N4, N7'12, GNex, N1, SGT10.1, Revue, Xoom, Eris, OG Droid
Carrier: TMO

Thanks: 4,582
Thanked 3,563 Times in 1,522 Posts
Default

I might be missing something but I dont see how this would work without root.

The app itself does not have install or uninstall permissions. And it's not supposed to be able to read the data of other apps. I suppose there might be some hack/workaround that I dont know about though.


After taking a second look at some stuff, I'd say it's possible it may work for some apps. Especially ones installed on the SD card. But it will break a not-insignificant percentage of apps.

Nevertheless, personally the only one of those types of apps I trust is the one by Stericson. It's still going to crash a lot of apps though -- no matter which one you use.

These are just my opinions as a dev though -- I havent used any of these.
alostpacket is offline  
Last edited by alostpacket; March 17th, 2012 at 05:15 PM. Reason: added a bit
Reply With Quote
The Following 2 Users Say Thank You to alostpacket For This Useful Post:
El Presidente (March 17th, 2012), PaulSMith02 (March 17th, 2012)
Old March 17th, 2012, 05:27 PM   #6 (permalink)
Over Macho Grande?
 
alostpacket's Avatar
 
Join Date: Nov 2009
Location: NY
Posts: 7,873
 
Device(s): GlassXE, MotoX, N5, N4, N7'12, GNex, N1, SGT10.1, Revue, Xoom, Eris, OG Droid
Carrier: TMO

Thanks: 4,582
Thanked 3,563 Times in 1,522 Posts
Default

Also, taking off my "technical hat" for a second. I would advise people as consumers to not use apps that request permission you dont like. And tell the devs you are doing so.

Using a permission blocking app can be helpful, but ultimately it's an arms race.

Bad devs use bad permissions, users block, bad devs take more, and it's a cycle that doesnt end.

I'd much rather see well-behaved apps kept in line by user feedback than this kind of arms race
alostpacket is offline  
Reply With Quote
Old March 17th, 2012, 05:45 PM   #7 (permalink)
Member
 
Join Date: Sep 2011
Posts: 135
 
Device(s): Droid Incredible 2 (stock), HP Touchpad (cm9 a2)
Carrier: Not Provided

Thanks: 5
Thanked 27 Times in 24 Posts
Default

Like ALP says. A great example of this is the Michael's app my wife was using. It wants access to contacts, Calender data, bookmarks, browser history, and the camera. It also has write permission to all of this stuff, plus the ability to email. Why the heck would you possibly need any of this just to give e-coupons? Suffice it to say, the app is no longer being used.
bioforce is offline  
Reply With Quote
Old March 17th, 2012, 06:03 PM   #8 (permalink)
New Member
Thread Author (OP)
 
Join Date: Mar 2012
Posts: 7
 
Device(s):
Carrier: Not Provided

Thanks: 6
Thanked 1 Time in 1 Post
Default

Thanks for the links to Alost info on Security. Best summary so for on Droid security!

Thanks Alost for giving users that information.

In my end, I will try to contact the developper to get information on how his app works. If I get any (positive) results, I will post back here.
PaulSMith02 is offline  
Reply With Quote
The Following User Says Thank You to PaulSMith02 For This Useful Post:
alostpacket (March 17th, 2012)
Old March 17th, 2012, 06:56 PM   #9 (permalink)
Senior Member
 
jefboyardee's Avatar
 
Join Date: Jan 2011
Posts: 3,345
 
Device(s): Rootless Ascend 2
Carrier: Stray Talk

Thanks: 365
Thanked 471 Times in 403 Posts
Default

Quote:
Originally Posted by PaulSMith02 View Post
I can't post the link to it
Permission Remover Free
Permission Remover

Wonder if they could make it so apps being installed go through it on their way in, to avoid having to uninstall-butcher-reinstall them.
jefboyardee is online now  
Last edited by jefboyardee; March 17th, 2012 at 07:03 PM.
Reply With Quote
The Following User Says Thank You to jefboyardee For This Useful Post:
PaulSMith02 (March 18th, 2012)
Old March 18th, 2012, 02:22 PM   #10 (permalink)
New Member
Thread Author (OP)
 
Join Date: Mar 2012
Posts: 7
 
Device(s):
Carrier: Not Provided

Thanks: 6
Thanked 1 Time in 1 Post
Default

Thanks jef for posting the link.

And yeah, it would/could be cool, if that is what the program is actually doing and it is not malicious...

But on second though, probably would not be the best for developpers... as when you remove permissions, that is a chance that it will stop the app from working. People would blame the developper instead of blaming the permission remover app... but it would keep developpers with only the required and basic permissions instead of always going for the cadillacs of permisions!

BTW, quick trick I've noticed. The Free App version always ask way more permissions than the paid App, if you remove permissions to match the paid app, it hasn't resulted in a broken app.
PaulSMith02 is offline  
Reply With Quote
sponsored links
Old March 18th, 2012, 02:28 PM   #11 (permalink)
New Member
Thread Author (OP)
 
Join Date: Mar 2012
Posts: 7
 
Device(s):
Carrier: Not Provided

Thanks: 6
Thanked 1 Time in 1 Post
Default

This is the response I just got from the developper regarding how his app work:

"the app is doing those steps:
creating a backup of the original program
removing the unwanted permissions
if required uninstall of the original program
install/update of the program without the unwanted permissions

best regards
elmar"

How can he do this with the permissions he's requested for his app:
Full internet Access, and modify SD card content.... however, not all of my program are on the SD card... but I is true that I can only modified my downloaded apps and not the bloatware.

Again, is there still a chance that he could be introducing malicious coding?
PaulSMith02 is offline  
Last edited by PaulSMith02; March 18th, 2012 at 02:31 PM.
Reply With Quote
Old March 20th, 2012, 08:18 AM   #12 (permalink)
Senior Member
 
amlothi's Avatar
 
Join Date: Jul 2010
Posts: 1,186
 
Device(s):
Carrier: Not Provided

Thanks: 35
Thanked 202 Times in 155 Posts
Default

Quote:
Originally Posted by PaulSMith02 View Post
After getting my Android, I was getting particularly concerned with security/privacy issues and permission granted on the phone. To address this, I've looked at rooting the phone but ultimately, it looked like this could increase my security risk instead of decreasing it.
I don't want to get the thread off track, but it didn't look like anyone has responded to this point yet.

I actually feel my phone is more secure after rooting. I'm not a dev or a programmer, it's just my opinion, but perhaps ALP or other devs could chime in here.

I don't want you to have the misunderstanding that rooting your phone allows ANY apps to have root access to your device. The Superuser app allows one to control which apps get root access. Of course, you need to be careful about which apps you allow root, because granting this access does allow apps to do virtually anything they want on your device - and that would be worse than a malicious app on a non-rooted device. So yes, you need to take caution here.

On the other hand, I'm able to 1) remove factory installed apps that may have permissions I don't agree with, 2) restrict app permissions in a more direct way (my custom ROM has this feature), and 3) use a firewall to restrict internet access to certain apps.

The major point, that we all need to be vigilant in monitoring what apps we install and what access we give them, still stands of course. However, I like the extra control that rooting gives me over apps that I've already made the choice to install.
__________________
Please search the forums.
Need Tasker Help?
Having Battery problems?
amlothi is offline  
Reply With Quote
The Following User Says Thank You to amlothi For This Useful Post:
PaulSMith02 (March 24th, 2012)
Old March 24th, 2012, 07:57 AM   #13 (permalink)
New Member
Thread Author (OP)
 
Join Date: Mar 2012
Posts: 7
 
Device(s):
Carrier: Not Provided

Thanks: 6
Thanked 1 Time in 1 Post
Default

Thanks Amlothi,

Those are exactly the two reasons why I considered root in the first place(remove unwanted permissions and remove bloatware), but I didn't because of the few articles I found (see below) that indicated that root decreased security and increased the difficulty in getting the OTA updates.

But with your post, it brings me right back to square one... considering rooting again! Thanks !

I know, I might be highjacking my own thread, but what does rooting to your data/apps... does it erase all?

And how difficult is it to do the OTA updates after rooting?

What is Rooting on Android? The Advantages and Disadvantages | Droid Lessons
Android root users passwords saved as plain text
PaulSMith02 is offline  
Reply With Quote
Old March 24th, 2012, 08:15 AM   #14 (permalink)
Member
 
Join Date: Sep 2011
Posts: 135
 
Device(s): Droid Incredible 2 (stock), HP Touchpad (cm9 a2)
Carrier: Not Provided

Thanks: 5
Thanked 27 Times in 24 Posts
Default

Quote:
Originally Posted by PaulSMith02 View Post
Thanks Amlothi,

Those are exactly the two reasons why I considered root in the first place(remove unwanted permissions and remove bloatware), but I didn't because of the few articles I found (see below) that indicated that root decreased security and increased the difficulty in getting the OTA updates.

But with your post, it brings me right back to square one... considering rooting again! Thanks !

I know, I might be highjacking my own thread, but what does rooting to your data/apps... does it erase all?

And how difficult is it to do the OTA updates after rooting?

What is Rooting on Android? The Advantages and Disadvantages | Droid Lessons
Android root users passwords saved as plain text
1) For most phones, rooting requires you to wipe your device. You would be able to reinstall your apps from the market though, along with any synced data.

2) OTA updates screw up root, a lot of mods block them for this reason. Usually there is an updated mod with the the patches from ota built in later.

3) All these articles really say is to be very careful with which programs you give root to, as a an app with root permission can do anything. As long as you only give root to very well known programs (for example, ad free android) you will be fine.
bioforce is offline  
Reply With Quote
The Following User Says Thank You to bioforce For This Useful Post:
PaulSMith02 (March 25th, 2012)
Old March 25th, 2012, 12:21 PM   #15 (permalink)
New Member
Thread Author (OP)
 
Join Date: Mar 2012
Posts: 7
 
Device(s):
Carrier: Not Provided

Thanks: 6
Thanked 1 Time in 1 Post
Default

Thanks Bioforce.

This week I'll probably make the plunge to a rooted phone...
PaulSMith02 is offline  
Reply With Quote
Old June 6th, 2012, 10:40 PM   #16 (permalink)
New Member
 
Join Date: Jun 2012
Posts: 1
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hello, new here, found this thread whilst faced with a similar decision.

I'm not confident enough at this stage to manage a rooted phone safely, so this app is appealing. I just have 2 questions about how this all concluded...

Quote:
Originally Posted by PaulSMith02 View Post
...
Again, is there still a chance that he could be introducing malicious coding?
Was it established in the end whether this could be a possibility? Did anybody end up having a look at it?


Quote:
Originally Posted by jefboyardee View Post
Permission Remover Free
Permission Remover

Wonder if they could make it so apps being installed go through it on their way in, to avoid having to uninstall-butcher-reinstall them.
These links don't work anymore. It appears that the app has now been removed from the market (although still available on the website). Does that indicate it was malicious after all?

Thanks heaps

P.S. I found the security thread really clear and helpful, thanks
Spike1234 is offline  
Reply With Quote
Old June 6th, 2012, 11:49 PM   #17 (permalink)
Carpe Cerevisi
 
iowabowtech's Avatar
 
Join Date: May 2010
Location: In The Shadows
Posts: 9,472
 
Device(s): LG G2
Carrier: VZW

Thanks: 4,727
Thanked 6,561 Times in 3,489 Posts
Default

Quote:
Originally Posted by Spike1234 View Post




These links don't work anymore. It appears that the app has now been removed from the market (although still available on the website). Does that indicate it was malicious after all?

When apps "disappear" from the market, there's a reason for it and with red flags already raised prior to removal, I wouldn't touch it with a 10 foot pole.
iowabowtech is offline  
Reply With Quote
Reply
Tags
app, block, blocking, control, permission, permissions, privacy, removal, remove, removing, root, security


Go Back   Android Forums > Android Discussion > Android Applications
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -5. The time now is 08:45 PM.
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.