Application Awareness Day


Last Updated:

  1. jamor

    jamor Well-Known Member This Topic's Starter

    Joined:
    Apr 13, 2010
    Messages:
    3,688
    Likes Received:
    761
    It's officially application awareness day! ;)

    I just wanted to get a discussion going on why certain permissions are needed for certain apps. I believe a lot of people including myself have been guilty of ignoring strange permissions..

    What are they doing with these permissions? Who are these developers? What are the implications of each permission?

    I've gone through all of my apps to see what they are accessing and I have to admit - I am a bit surprised. Should I have been paying attention when I first downloaded them? Sure.. but let's admit, a lot of us just think that app is so cool so we ignore them.

    Some surprises/confusion:

    95% of apps - full internet access (not sure of the implications of this).
    Air Horne - Your location
    Backgrounds - read contact data, write contact data
    Barcode Scanner - read browser's history and bookmarks, read contact data, write contact data.
    Zedge - read contact data, write contact data
    NFL Mobile - read SMS or MMS, Send SMS messages
    Google Translate - read contact data, full internet access

    Some other trends I've seen in apps:
    "modify system settings"
    "modify/delete SD card contents"


    I think a lot of us are new to Android or aren't in computer science and don't realize the implications or know exactly what a permission is capable of. We are just so excited that we have such a cool platform that can do almost anything.

    Hopefully we can help each other out and prevent ourselves from being attacked, used for spam, hacked gmail accounts, logged keystrokes (banking), have information stolen or worse yet, our friends and family's contact information stolen (read/write contact data?)..

    So what do you guys think? Are 99% of these developers innocent, or are we getting ourselves into trouble accepting apps with strange permissions?

    What does each permission entail and what can we deem red flags? When should a rooted user never allow superuser permission? Is a rooted user at more risk than a non-rooted user? How do we know if a developer is reputable or not?

    I just don't think the "just read the permissions and use your best judgment" line cuts it anymore... I think the community needs more education.
     

    Advertisement
  2. CureMS

    CureMS Well-Known Member

    Joined:
    Aug 7, 2010
    Messages:
    106
    Likes Received:
    20
    I'm certainly no expert and I don't even know some of the apps you mention but here are a couple of thoughts:

    95% of apps want full internet access for purposes of updates if nothing else
    Google Translate - I expect it needs internet access to do the translating and it may want to access your contacts for potential language recognition. This is strictly a guess but many languages have varying translations based on the particular country.

    Just a couple cents worth of my thoughts.
     
  3. OfTheDamned

    OfTheDamned The Friendly Undead VIP Member

    Joined:
    Oct 29, 2009
    Messages:
    9,692
    Likes Received:
    8,365
    This one is typical of an app that stores content on the SD card. Key Ring comes to mind. It has to store the barcodes and store information.

    I agree with you completely. In many cases reading the comments on an app can be very informative and in other cases you can always contact the developer and ask questions about why an app needs access to a certain part of the phone. If they won't answer your question then it may be something you want to avoid.
     
  4. NightAngel79

    NightAngel79 Bounty Hunter Administrator Moderator

    Joined:
    May 11, 2010
    Messages:
    22,332
    Likes Received:
    7,598
    great thread idea jamor!!

    bump, hehe
     
    jamor likes this.
  5. Thefoodman52

    Thefoodman52 Well-Known Member

    Joined:
    Dec 1, 2009
    Messages:
    2,314
    Likes Received:
    329
    I think common sense plays a part in determining if an app is harmful as well. A game doesn't need to read contact data, or your MMS/SMS, it's a game. Just actually read those warnings of permissions before you hit the big gray 'install' button.
     
  6. jamor

    jamor Well-Known Member This Topic's Starter

    Joined:
    Apr 13, 2010
    Messages:
    3,688
    Likes Received:
    761
    That's a good idea actually. I'll send out a couple e-mails and see what they have to say. If they don't have a good answer or don't respond, just uninstall.

    thanks! The lack of responses kind of worries me and reaffirms that the community is still in the dark as to how much power the developers have when we use our apps.

    Hopefully some smarties will catch this thread and can shed some more insight.

    You guys are right that we should e-mail the developers and use common sense when reading the permissions - but it still doesn't answer the question as to how much access to our information do they really have and how far can they go with each permission, especially if you are rooted.

    After all, David Barksdale of Google proved that Google employees have access to anything regarding our information. They could go into our e-mail accounts and get passwords for bank accounts if they really wanted to. I'm not saying this happens - but things like this are in the realm of possibilities. (In this case he just stalked teen girls).
     
    NightAngel79 likes this.
  7. NightAngel79

    NightAngel79 Bounty Hunter Administrator Moderator

    Joined:
    May 11, 2010
    Messages:
    22,332
    Likes Received:
    7,598
    jamor likes this.
  8. jamor

    jamor Well-Known Member This Topic's Starter

    Joined:
    Apr 13, 2010
    Messages:
    3,688
    Likes Received:
    761
    Oh this is exactly what I was looking for!! Thanks alostpacket!! (and nmayer.. I guess :rolleyes:;))

    awesssommee. I can't believe that isn't stickied.

    Pretty much answers all my questions..



    I guess Christmas does come early sometimes.. you shall be awarded N number of free thankses nmayer.
     
  9. NightAngel79

    NightAngel79 Bounty Hunter Administrator Moderator

    Joined:
    May 11, 2010
    Messages:
    22,332
    Likes Received:
    7,598
    Don't forget Roze, if it wasn't for her sig i won't have ever saw that thread:D
    N number of thanks huh? I like the sound of that, lol
     
    jamor likes this.

Share This Page

Loading...