Mastodon IzzyOnDroid


Say thanks!
↓ Your product here? ↓
Das Inoffizielle Android-HandbuchAndroid kennenlernen, Tipps & TricksDas Inoffizielle Android-Handbuch
Android kennenlernen, Tipps & Tricks
Buy at Amazon for EUR 16,99
Das Inoffizielle Android SystemhandbuchTiefer ins System einsteigenDas Inoffizielle Android Systemhandbuch
Tiefer ins System einsteigen
Buy at Amazon for EUR 7,00
Die besten Android-AppsDen Androiden austattenDie besten Android-Apps
Den Androiden austatten
Buy at Amazon for EUR 5,00
 

Concerns

While some permissions can already count as concerns themselves, thats the more true for certain combinations of them.

That a web browser requires to access the Internet is quite obvious and clear. Same can be said for accessing contacts by an app to manage your contacts. But if an app has access to both, it also could upload your complete contact list to some dubious server on the net. That might be wanted (cloud backup, synchronization with the company server) or not.

What makes sense with our contact management app, might look different in other places: Why a calculator app wants to access the Internet might be explained by its "financing model" (load and display ads). But if it wants to access our contacts, the developer should explicitly explain why – a reasonable requirement is not obviously recognizable (age calculation? number of contacts per month? anagrams? value of the name in "ASCII currency"?).

Clearly determining which combinations are "clean" for what app, is nothing to be done automatically on a platform like this. So if there are concerns signalized for an app, this doesn't necessarily mean "Woah! This is an evil app!". It only shows potential trouble that app might cause, as it has the powers to do so. In many cases, it's not even the code of the app itself raising those issues, but the (selection of) ad module(s) the app is using …

Which combinations of permissions are considered “concerns” on this site?

Name Designation Permissions Description
accounts Might transmit account information INTERNET & ( GET_ACCOUNTS | READ_GSERVICE | AUTHENTICATE_ACCOUNTS | USE_CREDENTIALS ) Has access to information on accounts configured on the device, and the possibility to transfer those to the internet. Malicious apps might use this to create user profiles.
appinfo Might transmit information on apps INTERNET & ( GET_TASKS ) Can access information on installed apps, and transmit those to the Internet. Malicious apps might use this to check for vulnerabilities.
cost Might cause costs SEND_SMS | CALL_PHONE | MODIFY_PHONE_STATE | PROCESS_OUTGOING_CALLS | CHANGE_BACKGROUND_DATA_SETTING | WRITE_APN_SETTINGS Might cause cost, e.g. by initiating calls, sending SMS, or change settings of the mobile network connection.
eat_info Might intercept information RECEIVE_MMS | RECEIVE_SMS Might intercept information in a way that the user never receives it – e.g. SMS with mobile TANs, or confirmations of costly subscriptions. Malicious apps can use this to hide their trails.
ident Might transmit identification data INTERNET & ( READ_PHONE_STATE ) Has access to identifiers such as device ID (IMSI/IMEI), and the possibility to transmit this information to “other servers”. Ad modules love this, as this way they can track their targets.
location Might transmit your location INTERNET & ( ACCESS_COARSE_LOCATION | ACCESS_FINE_LOCATION | ACESS_LOCATION_EXTRA_COMMANDS ) Access to location data (exact GPS or coarse network-based), together with the Internet permission, make it easy to create location profiles: where is our target at what time, and how often? Not just interesting to ad modules.
messages Might transmit message contents INTERNET & ( READ_ATTACHMENT | READ_CONTENT_PROVIDER | READ_GMAIL | READ_SMS ) Can read message content (SMS, Mails) and has access to the Internet: potentially the former could end up somewhere in the latter, making possible results something ranging from nasty to highly embarrasing.
network Can change network connections BLUETOOTH_ADMIN | CHANGE_NETWORK_STATE | CHANGE_WIFI_STATE | CHANGE_WIMAX_STATE Can manipulate network connections (establish or disconnect WiFi/WiMax, authorize unknown Bluetooth devices). Nothing “high risky”, but definitely worth a second look.
network_access Can access networks BLUETOOTH | INTERNET Access to a network also enables an app to transfer data it can access to other hosts/servers. As this affects more than 75% of all apps requiring e.g. Internet access for advertizements, it is mostly considered “normal”.
personal Might transmit personal data INTERNET & ( READ_CALENDAR | READ_CALL_LOG | READ_CONTACTS | READ_HISTORY_BOOKMARKS | READ_OWNER_DATA | READ_PROFILE | READ_SOCIAL_STREAM | READ_USER_DICTIONARY ) Has access to personal data (e.g. contacts, calendar, call logs, bookmarks) and the Internet. With a malicious app there's the risk of your entire contact list ending up on a server of some hacker group, or even Facebook (oops).
place_spam Might place spam INSTALL_SHORTCUT | SET_WALLPAPER The requested permissions enable this app to place spam, e.g. as your wallpaper, or some shortcut on your homescreen. Doesn‘t sound dramatic, but in the past so much playstore icon proved to be a shortcut to something completely different …
recording Might transmit audio/video data INTERNET & ( CAMERA | RECORD_AUDIO ) Here we’ve got potential to have our Android device transformed into a perfect spy-tool for the dev: a malicious app could record from microphone or camera, and send the recordings to some server in the Internet. Sounds a little paranoid, admitted; but with a big data flat you might not even notice.
security Can change security settings DISABLE_KEYGUARD This app could work around security measure, and e.g. disable the screen lock – so everybody and his little sister might access your device.
write_messages Can write messages WRITE_GMAIL | WRITE_SMS Can write messages (SMS or Mails) on behalf of the user, and might even be able to get them sent (chances are not that low some other process automatically takes over the last part).

How are “concerns” displayed on this site?

This is done in different ways.

First, all calculated “concerns” for an app are displayed along with its other details – complete, without considering whether requested permissions are obviously necessary for the app in question to do its job. What's obvious to you is not necessarily obvious to everyone – but everyone should have the chance to balance potential risks for himself. And even if a given permission is needed for the app's task, it still could be abused for “other tasks” – potentially.

Second, the app lists have a little box next to each app with the number of permissions requested. This box gets a red border, if those would make up “critical concerns”. Simple network access (in above table listed as network_access) is ignored here: Thanks to our “beloved ads” we'd end up with more than three third of “red-ified boxes” otherwise, and of course we want to avoid that kind of overstimulation. Additionally, for many categories there are “white-lists” in place: Taking e.g. a navigation app, it's rather the norm it needs to access Internet (maps) and your location, so the “concern location shouldn't trigger a “red box” here.

2014-06-02