-
After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.
Android permissions explained, security tips, and avoiding malware
- Thread starter alostpacket
- Start date
I've noticed this permission pop up a lot recently. I don't know if it's new or if I just never noticed it before.
Is it legit?
Is it legit?
Upvote
0
It's a scary way of saying the app can use any external storage on your device.
Upvote
0
I am not sure if this is the right forum but I will put my question here. I am looking for a list of all the Android permissions for each of the four protection levels. I would appreciate it if somone could point me to the right resource.
Regards
Regards
Upvote
0
Hiya and welcome to android forums!
I couldn't find a thread here, but I did find an article explaining all of the permissions, it's in the hide/show tag since it's fairly long
I couldn't find a thread here, but I did find an article explaining all of the permissions, it's in the hide/show tag since it's fairly long
This list was initially prepared by alostpacket who talks about android security in greater detail. The list is not definitive by any means and will be updated as and when it is needed.
Services that cost you money
Services that cost you money
Upvote
0
What is the four protection levels you are talking about? i havent noticed those before.
on a side note, android has typically had a bad condition of lumping permissions together, which can hurt honest developers. fortunately, they have been doing a better job being more exact about what the application is asking to do lately.
on a side note, android has typically had a bad condition of lumping permissions together, which can hurt honest developers. fortunately, they have been doing a better job being more exact about what the application is asking to do lately.
Upvote
0
Hi winston, I've merged your thread in to the massive thread artaxerxes mentions. If you check the OP, you should find all the info you need.
If you're stuck with anything though, please ask!
Upvote
0
Protection levels denote what is required for an app to obtain a permission.
There are basically 3 levels, the first two being very similar.
Signature
- Only apps signed with the same key as the ROM will be granted these. For a regular app to get this it needs to be signed by the same key the ROM developer used to sign the ROM.
System
- Only System apps will be granted these, for an app to get this it would need root.
Dangerous
- All apps can request this. A user grants this kind of permission when installing. These are the kinds of permissions most commonly known to users and what most people are familiar with (e.g. FULL_INTERNET_ACCESS or READ_PHONE_STATE)
(The 4th type is just called signature_or_system and an app can be either one to request the permission)
Note this is off the top of my head and I haven't looked into permissions in awhile but hope to refresh some of this info soon
Almost all apps that come from Google Play will only be requesting permissions with the protection level of dangerous. Exceptions include root-requiring tools, Google apps, etc.
However, many regular apps may protect their OWN permission by using the system (or signature) protection level.
Say for instance I have an app that downloads RSS feeds. Well maybe I want them to be searchable by the system app Google Search.
What I do is write a custom permission and set the protection level to system. Then I can control which apps have access to my ContentProvider (content providers are ways of sharing info between apps).
Thus the RSS my app downloads is searchable by Google Search (because it is a system app) but not any normal, non-system apps.
Upvote
0
I've checked my app permission, and almost all of it have medium till high dangerous level, even this android forum app. Is there anything else we can do to avoid this phissing? You know it's non sense if we uninstall every app that we need but do such a thing.
Regard
HMP
Regard
HMP
Upvote
0
So I've found a permission from the new update of the Maps app. It's called "Activity Recognition". Is this permission new? What does it entail?
Upvote
0
Sounds a bit like an unfortunately named custom permission for Maps.
i.e. Maps grants that permissions to other apps so they can request map data.
just a guess though, haven't looked at it yet.
Upvote
0
Thanks for a great explaination.
I do not allow hardware controls that say "you give us permission to use the camera and/or audio, at any time, without your confirmation". To date I have found several of these.
I don't even allow the CHASE bank app because it wants to review my contacts.
Can you offer any suggestions on how not to allow or how to protect and still use these apps?
Even google play update asks for this permission.
I won't update google play!!
Thanks,
BNRusso
I have more time than money..........I hope!!
I do not allow hardware controls that say "you give us permission to use the camera and/or audio, at any time, without your confirmation". To date I have found several of these.
I don't even allow the CHASE bank app because it wants to review my contacts.
Can you offer any suggestions on how not to allow or how to protect and still use these apps?
Even google play update asks for this permission.
I won't update google play!!
Thanks,
BNRusso
I have more time than money..........I hope!!
Upvote
0
I wouldn't worry about Google Play, but I never trusted Chase even before smartphones
Google Play is pretty essential to update for the usability of your phone. Many apps make use of "Google Play Services" (my new, yet to be released app included)
Anyways, for more fine-grained permission control you will probably need to root. You might look into CyanogenMod as a ROM, or just check out Permission Denied (or similar apps) in the Play store.
Upvote
0
I wouldn't worry about Google Play, but I never trusted Chase even before smartphones
Google Play is pretty essential to update for the usability of your phone. Many apps make use of "Google Play Services" (my new, yet to be released app included)
Anyways, for more fine-grained permission control you will probably need to root. You might look into CyanogenMod as a ROM, or just check out Permission Denied (or similar apps) in the Play store.
My phone seeme to be working fine without the google play services update.
Please explain a bit more.
How is someone looking at my contacts CHASE, anywhere near as malicious as allowing google play service update or flashlight app to use my camera at anytime without my permission.
I don't understand. What am I missing?
Thanks again,
Upvote
0
The reason a flashlight app would need to access your camera is because the flash function is part of your camera app. (And to use that led as a flashlight the app needs to access the camera's functions...)
Upvote
0
Indeed it's all about context. As Lordvincent 90 said, A camera app would need to turn on your LED light without turning on the camera, so that permission makes sense in the context of how that app should function.
However a Chase app has no legitimate reason (that I can think of) to know your contacts other than to spy* or advertise to you.
* (By spy I mean collect data for a credit rating or something similar)
Google Play (and Google Play Services) have legitimate need for your contacts for 2 reasons that I can think of:
1) I believe you can gift your contacts an app, book, or song, etc.
2) Google Play services probably helps all of Google's apps manage syncing your contacts. Gmail does this already, so it just a way for Google Voice, Google+, Google Maps, and others to handle integration with that.
I'm sure they collect some data regarding your contacts but I don't think it is very much. I think the primary goal here is to enable features across all of Google services.
I do encourage people to read Google's Privacy Policy when they get the chance though. It's good to know, and it isn't as scary as some people think.
Ultimately though, you need to decide what level of privacy works for you. If you find most Google apps work without updating the Play store or Google Play services, and that is what you want, then that is perfectly OK.
Hope that helps :santaclaus:
Upvote
0
I don't know the Chase app specifically (do they just do credit cards, or are they a bank, too?). If Chase is a bank, sometimes you can use the camera to scan in and deposit a check.
Upvote
0
Indeed you are correct, my bank app does this too. And it is an excellent feature. And the reason it need to capture without notice is that it uses a detection system to "see" the check.
But I think bnrusso was referring to Chase requesting contacts.
Upvote
0
Phone calls
read phone status and identity
What is the story on this one? I was told it gives full access to the phone.
read phone status and identity
What is the story on this one? I was told it gives full access to the phone.
Upvote
0
AFAIK it's to indicate if there's a phone call in progress or not. Media player apps often have this permission, so that they know to stop playing when you're making or receiving a phone call.
There are other phone permissions that give much more access to the phone, such as call monitoring and recording.
Upvote
0
Thanks for clearing that up. I was just told wrong. Been missing out on some cool stuff just because of misinformation.
Upvote
0
yep it happened.. FB now wants me to get the messenger app with all its spooky big brother permissions included.. eeek
Upvote
0
I recently installed two permission blocker apps on my device to compare what each will list for apps on my device. I chose A.I.Type in this example.
The two apps revealed a different set of permissions. One app didn't not reveal that A.I.Type has 'record audio' permission while Permission Blocker (Rooted) listed this permission.
I used Permission Blocker to remove the "record audio" permission.
Question: Any ideas why two different permission blockers list a different set of data? - both with root access and says it can modify user-installed apk's.
Is there a way to really confirm if record audio has been blocked for A.I.Type (recompiled apk) - other than the app isn't crashing with this access removed? The second permission blocker doesn't show any changes made to the app.
The two apps revealed a different set of permissions. One app didn't not reveal that A.I.Type has 'record audio' permission while Permission Blocker (Rooted) listed this permission.
I used Permission Blocker to remove the "record audio" permission.
Question: Any ideas why two different permission blockers list a different set of data? - both with root access and says it can modify user-installed apk's.
Is there a way to really confirm if record audio has been blocked for A.I.Type (recompiled apk) - other than the app isn't crashing with this access removed? The second permission blocker doesn't show any changes made to the app.
Upvote
0
BEST TECH IN 2023
We've been tracking upcoming products and ranking the best tech since 2007. Thanks for trusting our opinion: we get rewarded through affiliate links that earn us a commission and we invite you to learn more about us.
Smartphones
Best Android Phones
See All- Google Pixel 8 Pro Check Price
- Samsung Galaxy S23 Ultra Check Price
- Samsung Galaxy Z Fold5 Check Price
- Google Pixel 8 Check Price
- Samsung Galaxy S23 Check Price
Upcoming
See All
Best iPhones
See All- Apple iPhone 15 Pro Max Check Price
- Apple iPhone 15 Pro Check Price
- Apple iPhone 15 Plus Check Price
- Apple iPhone 15 Check Price
- Apple iPhone SE (2022) Check Price
Upcoming
See AllTablets
Best Tablets
See All- Samsung Galaxy Tab S9 Ultra Check Price
- Apple iPad Pro (2022) Check Price
- Apple iPad Air (2022) Check Price
- Apple iPad Mini (2021) Check Price
- Microsoft Surface Pro 9 Check Price
Upcoming
See AllLaptops
Best Laptops
See All- Apple Macbook Pro Check Price
- Apple Macbook Air (2023) Check Price
- Dell XPS 13 Check Price
- Acer Chromebook Spin 714 Check Price
- Dell Alienware m18 (2022) Check Price
Upcoming
See AllTelevisions
Best TVs
See All- Samsung The Frame TV Check Price
- Samsung Neo QLED 4K QN90C Check Price
- LG G3 OLED Check Price
- LG A2 OLED Check Price
- ROKU Plus Series Check Price
- Samsung S90C OLED Check Price
- SunBriteTV Veranda 3 Check Price
Upcoming
See AllGame Consoles
Best Game Consoles
See All- Nintendo Switch OLED Check Price
- Microsoft XBOX Series X Check Price
- Sony Playstation 5 Check Price
- Microsoft XBOX Series S Check Price
- Nintendo Switch Lite Check Price
Upcoming
See AllWearables
Best Wearables
See All- Oura Ring 3 Check Price
- Apple Watch Series 9 Check Price
- Google Pixel Watch 2 Check Price
- Samsung Galaxy Watch 6 Classic Check Price
- Fitbit Inspire 3 Check Price
- Amazfit Amazfit Band 7 Check Price
- Apple Watch SE Check Price
- Apple Watch Ultra 2 Check Price
Upcoming
See All
Similar threads
