android.permission.READ_PHONE_STATE (listed in Market as Phone calls - read phone state) is a permission that grants the application to read your IMEI (unique cell phone serial), Phonenumber, Serial of the SIM-CARD, and many more.
(For more information or Screenshots what it can do, see app "permission.READ_PHONE_STATE" in Android market)
Now, if this can be a major privacy-breach since the Developer is able to know who is using his app in person (by looking up the phone number, e.g.), or connecting user habbits over several apps to another, one could think: okay, then i won't install apps with this permission anymore.
And here comes, what i discovered within Android market:
3G Watchdog, AndroidPIT, Ethereal Dialpad, File Explorer, Ghost Commander, Google Sky Map, GPSies, Graviturn, Gym Babes, Hypnotoad to go, Mystique, My Tracks, PDF Viewer, Robo Defense FREE, Vampires Live, WikiDroyd and Worldtour
Click to expand...
Click to collapse
to name just a few recognized ones, are able to install this permission without it being listed by Android Market!
Not only this, some of them also install with WRITE_EXTERNAL_STORAGE (normaly listed as "Storage - Modify or delete SD card contents" in Market e.g.: read and write all your SD-Card data) as well!
(Please note that at least 2 of them are by Google itself! (My Tracks and Sky Map))
Now, one could think, maybe the Application needs the permission for not being properly coded; But at least Vampires Live, seems to use the secretly installed permission to recognize you, once you uninstalled and install again.
Not all of the apps have internet-access, though. But Market message says when updating:
"The application xxxx will replace the currently installed xxxx.
Existing user data will be saved."
That leaves room for interpretations. It could mean your data will be preserved - "stay saved" would be the better phrase there imo-, but it could also mean it will collect your data when updating. But i don't know. Anyone?
Of these Market fails i could name you a few dozen more, but i would be glad to hear of your experiences, and if you can second mine!
How to view permissions within market: View installed or desired application -> press Menu-Key -> Security
When installed on phone, on Homescreen: press Menu-Key -> Settings -> Applications -> Manage applications -> select the one and scroll down
Click to expand...
Click to collapse
short version:
Permissions read_phone_state and write_external_storage that do not show up when installing from market, are nevertheless installed, with many applications! - and taken use of!
please reply, somebody
Valid point.
Hi,
I think it's a good thing you brought this up. A lot of applications have weird permissions attached. If i don't trust a program or developer i make sure to block the apps data usage via firewall.
This is just fighting the symptoms and not the problem, i am very well aware of that, but i can't really do anything about it.
There was an antivirus software company that raised the same questions as you have(except for permissions being granted to an app without showing them in the market). In the end there was nothing wrong with the app in the way that it didn't send user data to the developer.
I guess you just have to accept that some developers want that data and that there are two ways to block it; use a firewall or don't install the app.
But I do believe that it's unacceptable that an application gets permissions which are not stated in the market.
The problem is really that the permission is too broad. I developed an alarm app, and the phone state permission is needed to make sure the alarm doesn't go off in someone's ear while they are on the phone. Same thing with any app with sound, like google navigation, and games i suppose.
Sent from my Droid using XDA App
Related
This free security app already picked up an app trying to access my contacts! I just installed it, didnt have too but rebooted my phone and it picked an app up trying to access my contacts!
Description
This application requires a ROOTed phone, please make sure your phone has been unlocked and ROOTed.
Welcome to use LBE Privacy Guard, the most powerful privacy protection software for Android platform.
With the state-of-the-art API interception technology, LBE Privacy Guard provides great enhancement to Android permission system, now the first time you are able to:
- Protect your privacy by controlling the permission of each application to access your sensitive data.
- Block malicious operation from Mal-wares and Trojans.
- Block unwanted network traffic if you don’t have a unlimited data plan.
- Find out which application is trying to steal your privacy by checking the security log.
- And even more...
LBE Privacy Guard - free
https://market.android.com/details?id=com.lbe.security&feature=search_result
Enjoy
Out of curiosity what was the app that was looking at your contacts?
rstuckmaier said:
Out of curiosity what was the app that was looking at your contacts?
Click to expand...
Click to collapse
+1.
It would be very useful to know.
phone.apk ?
I've already used LBE privacy on my A501 and SGS2, but on A501, it crash randomly.
This app is very useful but have battery consumption on my SGS2.
I've unistalled on all devices .... for the moment
Access to contacts does not mean the app is trying to "steal" your privacy data. You're not mentioning the app's name anyway but it would be nice to do so - there might be an explanation. Let me give you an example of completely harmless app behavior that requires access to your contacts.
Keyboard - some keyboards might offer a contact as a word suggestion when typing an email.
Nanny - a babyphone app, designed to call a predefined number in case your baby starts crying. The app offers to pick a contact instead of entering it manually - that's why it requires an access to your contacts.
Photo app - contact access is required if the program offers an option to share a photo with your friends
I can think of more but need to get back to work
but how do we know
How do we know this app is not stealing the information we install it to do.buyer beware.they give for free.with nothing in return.
Conspiracy. Giggles.
Its probably OK but well do we ever really know.
Im personally a fan of the webroot free app.
I used the beta the moment it came out and have ran it on my desire ever since and now run it on my iconia.
it doesnt touch the battery or give me slow downs, thats why i like it... because it doesnt bug me or drain the phone of power or speed. (the only noticeable thing it does is scan on sd card file operations like copy/delete)
So I'm new into the whole smartphone business.
One thing I've noticed is that you need to get lots of apps if you want any kind of good functionality of your mobile. I mean, I can't even record sound without an app, or record a phone conversation (even tho my 8 year old flip phone that that functionality innate)
In the Apps - All, there is even a innate app called "Sound Recorder" yet you cannot use it, and you have to download an app to record sound.
Anyway, now it comes to my concern. Almost all apps require some pretty ridiculous permissions such as:
read phone status, test access to protected storage or modify or delete contents of USB storage. And I'm talking about apps such as a game let's say.
I downloaded an app that shuts off music (I like to fall asleep to music) called Music Timer. It's permission is to "dirrectly call phone numbers"! Really? make phone calls? It even has approximate location.
Is it just something I must live with, sell every and any information I put on my phone to use most of the apps out there?
I even setup a corporate email (my school). Their app requires to: erase data, set password rules, etc. Erase data? ugh.
Maybe I'm missing something, since I'm all new to this smartphone business and never dealt with it.
Messerschmitt262 said:
So I'm new into the whole smartphone business.
One thing I've noticed is that you need to get lots of apps if you want any kind of good functionality of your mobile. I mean, I can't even record sound without an app, or record a phone conversation (even tho my 8 year old flip phone that that functionality innate)
In the Apps - All, there is even a innate app called "Sound Recorder" yet you cannot use it, and you have to download an app to record sound.
Anyway, now it comes to my concern. Almost all apps require some pretty ridiculous permissions such as:
read phone status, test access to protected storage or modify or delete contents of USB storage. And I'm talking about apps such as a game let's say.
I downloaded an app that shuts off music (I like to fall asleep to music) called Music Timer. It's permission is to "dirrectly call phone numbers"! Really? make phone calls? It even has approximate location.
Is it just something I must live with, sell every and any information I put on my phone to use most of the apps out there?
I even setup a corporate email (my school). Their app requires to: erase data, set password rules, etc. Erase data? ugh.
Maybe I'm missing something, since I'm all new to this smartphone business and never dealt with it.
Click to expand...
Click to collapse
1) its a nexus device so its bloat free. Not everyone wants to record things so why force it onto everyone ? If you need said function you have the choice of adding said function
2) the sound recorder apk is used when you want to record an audio to an MMS.
3) not all apps require absurd permissions though I would agree that many do go to far in asking for permissions, BUT you always have the choice of not installing them.
Though some of the app permission names are written not as clear so it appears to be overreaching. Let's take a game. It asks to modify and delete USB storage. Normal as when you save a game its needs to be able to write to the phone. The other two you mentioned on not to educated on so I won't comment on yet
4) I looked into the music timer app you mentioned and I do agree that call phone number permission should not be their but again if you don't like it don't install it and try something else
5) your school email I don't see what the deal is? Permission to delete data, what do you think happens when you delete an email? It needs permission to delete it. Password rules is their to enforce your emails/schools password rules when using exchange
Sent from my Nexus 4 using xda app-developers app
The email permissions can be due to it being a corporate mail server, so in order to prevent confidential information from being stolen, the admin can do things like remotely wipe the phone or disable the camera.
Sent from my Nexus 4 using xda app-developers app
So basically if I don't like 1 permission out of several for a specific app, then my only option is to not use the app at all and find an alternative, or if there is no alternative, live without it?
Messerschmitt262 said:
So I'm new into the whole smartphone business.
One thing I've noticed is that you need to get lots of apps if you want any kind of good functionality of your mobile. I mean, I can't even record sound without an app, or record a phone conversation (even tho my 8 year old flip phone that that functionality innate)
In the Apps - All, there is even a innate app called "Sound Recorder" yet you cannot use it, and you have to download an app to record sound.
Anyway, now it comes to my concern. Almost all apps require some pretty ridiculous permissions such as:
read phone status, test access to protected storage or modify or delete contents of USB storage. And I'm talking about apps such as a game let's say.
I downloaded an app that shuts off music (I like to fall asleep to music) called Music Timer. It's permission is to "dirrectly call phone numbers"! Really? make phone calls? It even has approximate location.
Is it just something I must live with, sell every and any information I put on my phone to use most of the apps out there?
I even setup a corporate email (my school). Their app requires to: erase data, set password rules, etc. Erase data? ugh.
Maybe I'm missing something, since I'm all new to this smartphone business and never dealt with it.
Click to expand...
Click to collapse
Yeah, the permissions suck. Luckily the Android ecosystem has developed where there's enough competition that you can usually find what you want from a dev who doesn't want to hijack your phone. There are a lot of small guys out there, but they make some of the best apps. Low on permissions, holo-themed, great support. I usually find good devs on XDA with cool projects and donate as soon as I check out and like there app (GYT is the most recent example).
HOWEVER, if you are on an deodexed ROM (so, not stock), this works great: PDroid. Free, clean, doesn't crash apps (like Permissions Denied).
I hope that this is not the wrong place for my post.
I am trying to protect an apk from being copied/extracted/backed up off the phone and installed later, on another phone.
I have to mention that the app is not (and will not be) for sale on PlayStore or on any web store, being sold along with the phone. This is why I can not use apk protection offered by GooglePlay, which is anyway cracked at his time.
But I want to take advantages on this situation: every single phone will pass trough my hands (I will install myself the app) before hitting users. How can I use this advantage in order to protect my app?
At this time my app is not visible in Running Apps drawer, is having a default Android icon and the name is disguised in something pretty innocent. GUI access by dialing a code. No worries, is not malware but only a security app regarding GSM connection security.
Also, is running as a system app, which make it invisible for apps like Astro file manager, thus impossible to copy/back up by such file manager apps. Unfortunately there are a bunch of system app managers, that can convert a system app on user app, and then copying the apk file is easy.
I know that security sucks big time when it comes about Android OS, but I am determined to find a way to protect my app.
I know also that even a licensing scheme based on IMEI, WiFi MAC or Bluetooth MAC addresses can be bypassed by some skilled crackers. This values can be spoofed or even null.
I have tried apk encryption. Doesn't work: some apps supposed to encrypt other Android apps are actually encrypting only app libraries, not the apk file itself. By encrypting apk file, the app obviously will not work.
Code obfuscation is not an option as long the app can be duplicated off the phone and installed later on another phone.
The last idea that I had: pulling some app resources (like drawables) from a server. What do you think?
At this time I'm in a dead end. I have no more ideas how to protect my app. That's why I need your help. Can you give me please some feasible ideas, based on your huge experience?
Thank you very much for your time.
theres a thread
http://forum.xda-developers.com/showthread.php?t=2279813
where we're discussing about methods to protect apps from piracy u can post it there
Sent from my GT-S5302 using Tapatalk 2
Thanks
Thx a lot sak-venom1997.
Hello Good People of XDA
I have been a i9506 owner for quite long, had a 9100 before,
I am used to root and mess with apps to customize things to my wim,
at the best of my knowledge (I lack android programming skills, but I can do things with terminal and filesystems).
All that before to say I am not totally a noob, but my lack of technical knowledge might bite me there.
System wise, I am under 4.2.2, rooted, unknow sources are not allowed, system check for apps is allowed,
I have an antivirus (more than one, but only one works each day, just to be sure I don't miss things)...
My problem is that I recently found out that some apps, actually system apps, blocked
with Titanium backup, or with gemini app manager, or app quarantine,
were actually running anyway.
They are marked as blocked in my app manager, but can still be force closed,
and they appear in battery displays (most of these under the android system block, in the list of services/apps used),
and in process running when using Ccleaner apps.
Also, my battery display show GPS is activated, while when I go into options, all boxes are off or unticked.
I thus wonder what's happening?
How is it possible to have these schrödinger apps tamed and blocked like I want them.
I want these to shut down and only work when I DO ALLOW these, for them not to suck my battery or do unauthorized chores like tracking me when I don't want.
How is it possible that they even behave like that? In i9100, I never observed that in Android 4.0.
I wonder if Google didn't change the workings for making us unable to disactivate what we don't want to work, which was pissing them off.
They already change the permissions displays in the market so permissions as intrusive as "contacts/sms message/USB stockage" are considered "not relevant/important",
while they are depending on the announced display of the app.
But I don't want to go on the "conspiracy route" (I am not like that, I am a pragmatist and I just observe facts, like these apps, with sensitive access, not being able to be deactivated), so let's focus on the technical part:
such apps were Maps, Samsung sync adapters, NFC service , Google Agenda/Contact synchronisation, sysscope, context provider, etc.
That's a lots of things that are supposed to communicate to cloud or other devices, with feels lot like a gaping flaw in the armor...
I want a phone and a tool, not something that track me or put me at risk of being stolen by somebody with technical knowledge.
Am I alone?
Thanks for any insights.
Blocked apps still working
I don't know if my title was too unclear, so I would like to change the title but am unable to do so?
Is it please possible for a moderator to do it (with the title of this post)?
Thanks by advance.
I feel like it is a true problem not being able to block some apps,
or even more, to believe they are blocked while they perfectly perform in the background,
and display activity only in secondary reports, not under their respective "buttons"/information tabs.
I wonder abourt the technical reason to such behavior.
Then delete those apps or block some of the permissions with an app (eg Privacyguard).
It's my opinion that an antivirus app (at the moment) is a waste of resources. Just think before you install something. Also if you are worried about security, you should always run the latest version of Android. 4.2.2 is an old version.
Lennyz1988 said:
Then delete those apps or block some of the permissions with an app (eg Privacyguard).
It's my opinion that an antivirus app (at the moment) is a waste of resources. Just think before you install something. Also if you are worried about security, you should always run the latest version of Android. 4.2.2 is an old version.
Click to expand...
Click to collapse
Thanks for your answer.
Well I don't want to delete system app when they might be useful at time.
I just want them to behave correctly, that is, not work when they are blocked.
That is not a solution to say "uninstall this", while the true problem is Android general behavior here.
I didn't installed system apps, they came with the thing, and all of them are not bloatware.
"NFC service" is something I want to keep for when I am ready to use it,
but I don't want to let it free and unleashed because of the opening it leaves on my phone.
Same goes for bluetooth, synced backups and so on.
I don't want backups on the cloud, so I deactivated the options, and blocked the apps.
Why are they running? It is not normal!
And my old version is maybe not secure, but actually trying 4.3 hasn't changed anything,
and I only suspect this to be some "new feature".
The antivirus is a waste for scans, I agree, still it has useful firewall features that justifies in itself its uses.
Couldn't find that one listened anywhere here specifically. I'm pretty sure my phones compromised but I'll probably just get people telling me I'm being paranoid. Just notice a lot of weird stuff going on.
I'll give some examples, but it would be cool if someone else here has an A03s and could give me a full list of the system apps to know for sure if mine has some extra ones that aren't truly factory. Because I've restore it several times and they don't go away.
Like under the apps screen under the basic ones I got apps like Android auto, webview, configapk, customization service, and something called data restore tool, device health services, group sharing, meet, nearby device sharing, quick sharing, quick share, settings..etc. which to my knowledge are pretty normal apps to see on phones right? But I seem unable to control them, if I disable them and go back and check later they mysteriously reenabled again, or after that the permissions lists will be greyed out not being able to do anything. Also there is a app called "permissions controller", as well as ones called "apps", "apps update", "tools", "app recommendations", "settings recommendations"..etc. is that normal? I never noticed that with my old samsung. They are really small file size apps with pretty generic looking icons and they don't let me disable them.
What gets more weird to me though is when I enable the system apps too. I see all kinds of suspicious looking ****.
Like for the android setup, and android system apps there are two of each, and the other two have generic looking icons, also got stuff like configuration restore, audio mirroring, auto hotspot, automation test, bluetooth/bluetooth midi service, call & text on other devices, callbgprovider, camera extensions proxy, carrier login engine, sim tool kit, cell broadcast services, clipboardsaveservice, cmh provider, companion device manager (where I have no idea where my "companion is or how to control it so I must be the one being controlled?", configupdater, csc, dcktimesyncapplication, dynamic system updates, ipservice, enterprise sim pin service, external storage, like 10 different gestural navigation bars, group sharing, iaft, ims service, settings, and logging, input devices, iothiddenmenu, keycustomizationinfobnr, launcher, locale overlay manager, service mode and service mode ril, media and devices, mdmapp, vpndialogs, mmigroup,mmsservice, mobilewips, mtp host, nearby device scanning (2 instances), network diagnostic, nsdswebapp, one handed mode, osulogin, package installer, an app called "people", private share, proxy handler, quick share agent, samsung core services? (is that a real app even? I can disable it but who wants to disable "core" system apps, so touche there if it is a program deployed by a hacker on their app naming skills lol, smart switch agent, 2 instances of software update, system connectivity resources, system uwb/wifi resources, an app called "tasks", tethering, tethering provision and tethering automation, tfstatus/tffunlock always running when I never access them, usbsettings, and theres one called wallpaper services/wallpaper and style that looks really generic which is confusing because I assumed the samsung theme manager just handled all that stuff in one? We also got wearable manager installer running, and sometimes wificalling and wifi direct or work setup will be running when I don't have any of those configured.
Sorry for the huge block of text, I'm sure I missed a bunch i missed because there's some that don't show even when you tap "show system apps", like the skms agent as one example, so got a few general questions for you, so for the file/download system I got a bunch of default apps. There's two different files apps, there's a download manager and download app, and also a storage manager, and ALSO a app called the external storage that always wants to be running but can you explain that if I have no external storage? Is the built in storage space on the a03 called external storage? I even have my drive apps and stuff disabled.
Another things that's suspicious to me is secmediastorage, secvideoengineservice, secsoundpicker, secureelementapplication, media and devices + ext storage. Like why should there be a SECOND video or audio engine running when I'm old school and don't even use cast programs/features or anything like that? In fact it's usually one of the first things I just go ahead and try disable.
I noticed a lot of weird things going on with the display though too, looking really sharp then suddenly almost looking like there's two layers of gui not exactly lined up, like off by a pixels making things look blurrier. Like the one ui home is the default factory launcher right? So why does my phone also have a app called "launcher", plus another hidden launcher or something running in the background? I can't remember the name of it offhand, something GUI..
And I understand the concept of android have a permission controller, and "core apps" but are there actually apps under the system apps named that lol? "permission controller", "samsung core apps" one called "device services"...
also is service mode suppose to be running in the background? I googled into it and know it's a genuine service, but I really don't understand why a lot of these apps are stopping and running or renabling themselves.. It's like I have zero control over my own phone and if I'm just paranoid and they are meant to be just seems like a waste of complete waste of ram/data to me.
****, I was just sitting here thinking for like a few minutes about to post and almost forgot the most suspicious ones I've noticed in last few days. all the "com." overlay apps. I guess I really saw the word "overlay" as something you should be suspicious about until the vpn I recently bought had a feature that is suppose to block web browser based overlays. Then I noticed that MOST of my com. apps are all overlay apps! Lol, ranging from google/samsung to mediatek.
I won't post all of them because there's probably 20 at least but here's a few.
com.mediatek.frameworkresoverlay
com.mediatek.settingsproviderresoverlay
com.mediatek.systemuiresoverlay
com.samsung.android.networkstaack.tethering.overlay
com.samsung.android.smartswitchassistant
com.samsung.android.wifi.p2paware.resources
com.sec.android.app.camerasaver and a camera.app.cameraapp one (camera always running in background even if background and battery saver with restricted settings enabled)
com.google.android.ondevicepersonalization.services (I never used any personalization service or see a personalization app for that matter)
com.google.android.networkstack.tethering.overlay
and there's a bunch of com.google.android.overlay.gmsconfig ones /common geotz/ gsa/ photos/
com.google.android.overlay.modules.captiveportallogin.forframework
plus a overlay broadcastreceiver, ext.services, documentsui, permissioncontroller, and sdksandbox one.. tetheringresoverlay, wcmurlsnetworkstackoverlay, locale overlay manager..etc.
Also I get my service through straight talk which I think uses verizon and I noticed when I go to connections/mobile networks and network operators and uncheck the box "select automatically" that for some reason it only wants to connect to a network operator called "Home". I just thought that was kind of a weird and generic name for a network operator. I tried to use a android hidden settings app to change that because it was blocked out and thought I messed up my phone because I no longer had data and couldn't access the menu through the app anymore, but luckily a reformat fixed it but I'm still dealing with all this crap haha.
Can someone tell me I'm not crazy and there's definitely someone that is accessing and controlling my phone without my permission and what would be the best way to go about dealing with this?
Thanks.
First things fist: Here on XDA we expect you to follow the Forum Rules:
2.5 All members are expected to read and adhere to the XDA rules.
Click to expand...
Click to collapse
If you haven't done that yet, click the link in my signature and do it now.
One of the rules you'll notice is this one:
5. Create a thread topic or post a message only once, this includes external links & streaming media.
As a large forum, we don't need unnecessary clutter. You're free to edit your message as you like, so if you do not receive an answer, revisit your message and see if you can describe your problem better. Not everyone is online at the same time so it might take a while before you receive an answer.
You can bump your unanswered question once every 24 hours
Duplicate threads and posts will be removed
Always post in an existing thread if a topic already exists, before creating a new thread.
Use our search function to find the best forum for your device.
Click to expand...
Click to collapse
You've copied this post at least once. We'll be removing the duplicate.
Now on to your question...
It is my opinion that the problem may not be with what you are observing, but with your assumptions. In the duplicate thread, you assume two possibilities:
You're being hacked
Your paranoia is justified
Have you thought there may be a third or even fourth option? Such as, maybe you don't understand that much about Android, you don't recognize what you see, you're assuming it's malicious, which combined with your own confirmation bias, has led you to the conclusion that foul play is afoot?
Nothing you have described sounds in any way abnormal. You have a Samsung device running OneUI (Samsung's framework overlaid on top of Android) that is powered by a Mediatek chipset. Everything you describe sounds completely normal to me, with over 10 years of experience in Android, most of that with Samsung devices.
My conclusion, to be frank: You are not being hacked, and your paranoia is unfounded.
OP your post gave me a headache trying to read it.
So...
Have it reflash to the stock firmware if you really think it's behaving erratically and a factory reset doesn't work. Change Google password and all others.
Then be careful what you install.
Don't put in foreign thumb drives or let others use it.