New to Android: Apps seem to be asking for a lot of permissions..

Toggle sidebar Toggle sidebar
S

SweetBearCub

Active member
Nov 29, 2010
32
0
0
Greetings.

UPS should be delivering my Optimus S into my waiting hands sometime this Thursday. This will be my very first "real" Android device, beyond a seemingly gimped emulator image of Android 1.6 I was able to run on my PC, and a highly unstable build I was able to run on my Touch Pro 2.

When I played with a few of the demo phones in stores, installing a couple free games from the Market (I don't recall the names), I noticed that I was prompted to agree to several areas that the apps wanted to access, areas that struck me as un-needed. For example, I remember one of the games wanting to access the phone/call history and the handsets' direct (as opposed to Google Voice) phone number, among others.

I'm very security and privacy conscious, and this raised a giant red warning flag in my mind.

First, is it very common to come across apps in the Market that typically ask for permissions well above only the access they truly need to function as advertised?

Second, is it possible, after downloading an app that over-reaches, to fine tune what it is and is not allowed to access before any possibly un-necessary/private data is sent to who knows where, possibly with the assistance of a system-level type of firewall app?

Third, I've read that the Market has facilities to report inappropriate apps to Google. Does this kind of data snooping qualify as something that I should report, and if I report it, will it do any good?

Thanks!
 
Last edited:
I've been on android since June and When it comes to downloading I carefully read what the app is and what its accessing...If I feel its asking for something that Im not comfortable giving i'll decline the download of that app and search for something compatable that will give me the same thing with less acess.
 
hats

***Starting to make a tinfoil hat***

Just kidding, but do you guys seriously think an app in the marketplace would try to "steal" "your" information. That developer would be SOL...
 
I thought of just canceling the download of any apps that seem to overreach as far as what sort of permissions they ask for, and it's probably the most sound option when it comes to maintaining the security of my personal data on the phone.

On the other hand, I can imagine a situation where I find only one or two apps that do what I need, and if both ask for way too many permissions, I'd want a way to use the apps while still both maintaining my security and also, I'd like to be able to let Google know of the issue so that there is hopefully less of a chance that other future users will unknowingly let their data be snooped.


vel7wil said:
I've been on android since June and When it comes to downloading I carefully read what the app is and what its accessing...If I feel its asking for something that Im not comfortable giving i'll decline the download of that app and search for something compatable that will give me the same thing with less acess.
Click to expand...
 
Tinfoil hats aside, I can see the data your phone contains being a valuable commodity. For example, unscrupulous developers could use your call log data and contacts list to spam people. I don't know for absolutely sure, but I'd guess that spammers would be willing to pay good money for that sort of data. And anything that I can do to make a spammer's life more difficult is a good thing.

Also, even if a developer isn't selling your data to the highest bidder so to speak - Doesn't it concern you (for example) that a game is asking for access to your call log data?

Also, even if all of a developers apps were banned from the Market and the devs themselves were banned from submitting more apps - Any data gathered up to that point would still be there. Some unscrupulous people are only in it for the moment, and the threat of being banned holds no sway over their conduct.


mfldmike said:
***Starting to make a tinfoil hat***

Just kidding, but do you guys seriously think an app in the marketplace would try to "steal" "your" information. That developer would be SOL...
Click to expand...
 
Last edited:
On one hand, a dev could log data, but everything on the market has QA testing prior to release, AFAIK. Non-market downloads you can worry about if you want.

Likely though they aren't logging anything. The way the Android APIs are set up require dramatic permissions to do something simple.

Just an example, if you make an app only change the ringtone of contacts, you need to access all of the contact data, not just their ringtone.
 
Is there a way to be able to see in some detail why an app is requesting the various permissions it wants, and/or to deny some permissions and allow others?


zefie said:
On one hand, a dev could log data, but everything on the market has QA testing prior to release, AFAIK. Non-market downloads you can worry about if you want.

Likely though they aren't logging anything. The way the Android APIs are set up require dramatic permissions to do something simple.

Just an example, if you make an app only change the ringtone of contacts, you need to access all of the contact data, not just their ringtone.
Click to expand...
 
mfldmike said:
***Starting to make a tinfoil hat***

Just kidding, but do you guys seriously think an app in the marketplace would try to "steal" "your" information. That developer would be SOL...
Click to expand...

It is very possible. Yesterday there was a paid app that supposedly enabled LTE on Verizon phones and it at least made it into the marketplace where someone was trying to scam a few bucks.

So while we don't necessarily need to be super paranoid, the possibility is there and we should at least read what permissions an app requests.
 
I think it's important to separate scamming money from people and stealing information. The end result of the 2 are DRAMATICALLY different. If someone wants to steal $2 from me because i purchased a crappy app, well I guess I'm kind of at fault too and hopefully i learned a lesson. Not saying it's the moral thing to do, just saying, it's only $. Like the old saying goes, fool me once ...

Now stealing information ... that's a whole different ball game.

If you do some looking THERE'S PLENTY OF GOOD INFORMATION. What you need to keep in mind is, no matter how secure the market, SOME IDIOT IS GOING TO TRY AND TAKE ADVANTAGE OF PEOPLE. Unfortunately, It's in some peoples nature to be malicious and something you need to be prepared for no matter what device you use, period. There are always going to be SCARES AND THE TIN FOIL HAT CROWD, but then again it could all come down to a simple misunderstanding where the person making the foil hat didn't understand the COMPLETELY VALID REASON the app needed to access that data and maybe blew the fire alarm too early.

If you follow along the little story i told up there you can kind of see my points illustrated ...
1) All devices are susceptible ... period
2) Sometimes people may blow an alarm and be mistaken
3) just because you don't know why the app is requesting the data, doesn't mean there's not a completely valid reason it needs access, it simply means you don't know why.

But all of this doesn't exempt you from making proper decisions. If you see something that doesn't look correct, find a safe alternative, try to contact the developer and determine is the reason it needs that access valid? Then make an educated decision. All foil hat jokes aside, you need to protect you and not count on anyone (google/apple/3rd party company) to do it for you. They may help, but ultimately, they don't care about your phone.

Cheers!
 
KSmithInNY said:
I think it's important to separate scamming money from people and stealing information. The end result of the 2 are DRAMATICALLY different. If someone wants to steal $2 from me because i purchased a crappy app, well I guess I'm kind of at fault too and hopefully i learned a lesson. Not saying it's the moral thing to do, just saying, it's only $. Like the old saying goes, fool me once ...

Now stealing information ... that's a whole different ball game.
Click to expand...

Oh I completely agree, my point was that the poster was saying why would a developer do something unscrupulous and just pointing out that it can happen in different forms. So we should be wary that there are developers out there that would take advantage in one way or another and why it becomes important for one to read app permissions when installing something.
 
gabbott said:
Oh I completely agree, my point was that the poster was saying why would a developer do something unscrupulous and just pointing out that it can happen in different forms. So we should be wary that there are developers out there that would take advantage in one way or another and why it becomes important for one to read app permissions when installing something.
Click to expand...

yep, agreed 100%
 
You must log in or register to reply here.

Similar threads

S
Apps didn't have full access to Google Photos (issue)
Replies
6
Views
2K
Android Apps
Alice- Bennett
Alice- Bennett
K
BirdUp app says "insufficient permissions"
Replies
9
Views
1K
Android Apps
Priest Magic
P
C
New to Android Central with a new Lenovo Idea Tab Pro
Replies
7
Views
2K
Lenovo Android Tablets
clhjr
C
C
  • Question Question
Question Moto G changing app permissions
Replies
4
Views
1K
Ask a Question
IsHacker
IsHacker
SennaSempre
New Android User Trying To Stop Auto Updates
Replies
23
Views
3K
General Help and How To
Drongo
D

Latest posts

Trending Posts

Members online

Total: 4,179 (members: 9, guests: 4,170)

Forum statistics

Threads
957,225
Messages
6,971,954
Members
3,163,739
Latest member
chzahid600

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom