Related
Hello everyone. I am coming from windows mobile which I have been using since 2003. I really like Android but I had a few questions and concerns.
1. I realized that apps have access to personal data and are able to access internet and dial. Should I be concerned? How can I be assured that an app developer is not after my bank info and such?
2. Why are so many apps running in the background when I haven't opened them?
I am already using advanced task killer but when i look at the apps running there's a full list even tho I didn't open them.
3. Is there a file explorer on android?
Any tips and tricks would be appreciated.
sammyluva said:
Hello everyone. I am coming from windows mobile which I have been using since 2003. I really like Android but I had a few questions and concerns.
1. I realized that apps have access to personal data and are able to access internet and dial. Should I be concerned? How can I be assured that an app developer is not after my bank info and such?
Google confirms identities of developers. Use your best judgement. Is it possible? Yes. If an app has been out for a while and has lots of high ratings then I'm inclined to trust the developer. If Google does discover malicious software in their market they have tools to remotely remove such apps from everyones phone, kinda creepy but it's there for a good reason and it's all part of the decision you make about whether to trust the platform and the community that surrounds it.
2. Why are so many apps running in the background when I haven't opened them?
I am already using advanced task killer but when i look at the apps running there's a full list even tho I didn't open them.
That's the HTC/Sprint way. Get an app called Autostarts. You will be amazed at what runs automatically and autostarts will allow you to decide what runs and when.
3. Is there a file explorer on android?
Yes. One is not included in the stock rom but they are easy enough to find.
There are Terminal Emulators which equate to cmd in win, and there are file explorers too. Root Explorer is my personal favorite.
Any tips and tricks would be appreciated.
Click to expand...
Click to collapse
elevenchars
nebenezer said:
elevenchars
Click to expand...
Click to collapse
What do u mean?
Sent from my PC36100 using XDA App
sammyluva said:
What do u mean?
Sent from my PC36100 using XDA App
Click to expand...
Click to collapse
search "10chars"
Text in quotes doesn't count...
1. Just use common sense like was said.
2. If you use the main apps that came with the phone you are fine. It can be apps you download that run in the background that hurt the battery life.
3. Astro file manager is by far my favorite app.
sammyluva said:
1. I realized that apps have access to personal data and are able to access internet and dial. Should I be concerned? How can I be assured that an app developer is not after my bank info and such?
Click to expand...
Click to collapse
How did you prevent apps on WM from accessing this info? Answer..you didn't, the fact is that WM programs are even more scary because they don't even tell you what they are accessing.
sammyluva said:
2. Why are so many apps running in the background when I haven't opened them?
I am already using advanced task killer but when i look at the apps running there's a full list even tho I didn't open them.
Click to expand...
Click to collapse
Same answer as why are so many services running on your desktop when you have no programs running. Operating systems have all kinds of services running beside the app you are watching.
sammyluva said:
3. Is there a file explorer on android?
Click to expand...
Click to collapse
Uh...did you check the program icons?
1.) As stated, doesn't hurt to check the number of DLs an App has or checking through some of the comments. Can find out if an App is giving a specific phone issues too ... thus saving you time from bothering to check it out. Trust it or don't check it out. Understandable why some people would see that and wonder ... but then again your info is already out there ...
2.) They just do. Even some **** that might not make sense, it just does for it's own reasons. Task killing can be good and bad. Or just good. Or just bad. Depending on who you ask so think on it before you decide to start murdering Apps or leaving em running.
3.) Astro File Manager is "what's up" but there are others. But that 1 is legit though.
Thanks for all those that replied but I didn't really get a satisfying answer to the first 2 questions. It seems like some of the people on here are just confused as well but are defending android in thinking that I am against the operating system. As I said in my original post I like the OS but i had some concerns that i wanted to learn more about.
Ramiss, you asked how I knew what info WM accessed? You are right they don't disclose accessing any data which means to me they are not. If they did and I found out then I could take them to court but when a company discloses that they are accessing your personal data and you agree to it then you have no say in how that info is used since you gave them permission. Also I never had an app running that I didn't open or give it permission to run in the background during my years with WM.
I have the evo since Friday and I've downloaded a couple of apps where I saw the disclosure of the kind of access these apps have and I was just thinking whats the point of having the apps if you have to worry abt it accessing important info. Then I got an email from Marketplace telling me the activities of my friends on facebook marketplace. The email went further to tell me some of the activities of my friend's friends. The point is its accessing personal data I didn't give it access to, which is scary.
I came on here to ask the people that know the OS better but it seems like there are some confused people on here. So I did a little research and found the article below which basically concurs that there is a problem with apps on android accessing personal data.
http://www.computerworld.com/s/arti...apps_pose_privacy_threat_says_security_vendor
So my question is, are there preventive ways to protect against apps using personal data? Of course other than abstaining from downloading apps. Like an app that would block access to personal data or tell a person what each app accessed and did with it. Please if you can not give an educated answer then don't reply. Thanks.
sammyluva said:
Ramiss, you asked how I knew what info WM accessed? You are right they don't disclose accessing any data which means to me they are not. If they did and I found out then I could take them to court but when a company discloses that they are accessing your personal data and you agree to it then you have no say in how that info is used since you gave them permission. Also I never had an app running that I didn't open or give it permission to run in the background during my years with WM.
So my question is, are there preventive ways to protect against apps using personal data? Of course other than abstaining from downloading apps. Like an app that would block access to personal data or tell a person what each app accessed and did with it. Please if you can not give an educated answer then don't reply. Thanks.
Click to expand...
Click to collapse
Actually my point was that Windows Mobile programs could easily access personal information, you just weren't aware of it. For example, try downloading a windows mobile program that handles your contacts (Pocket Informant comes to mind). Does the OS give you a warning that this new program will access your contacts? Not as far as I can remember! Whereas Android apps must disclose what they access, that is a rule from Google.
The way to protect an app from not accessing something is to not use it. This is the reason the access list is disclosed - so you have a choice not to continue.
As others have said you need to make your own decision based on the popularity of the app, the comments made and perhaps a quick Google search. Trust me, if an app is malicious there is a good chance you would know about it by reading the comments.
Edit: The end of that article you posted gives you the answer:
Android's security model requires that applications declare the permissions they will be using prior to installation by the user. An informed user can use these declarations to decide if they want to install an application or not, according to SMobile. However, the fact remains that there is no means available for a user to know for sure that the application they just downloaded is doing only what the user sees it doing, it said.
Click to expand...
Click to collapse
Since android is not really the securest OS in the mobile landscape, I'm wondering, are there any apk-scanners or something? Definitly, I want to protect my contacts and other info from the outside world. No matter what.
Also, android is smoking hot, and really vuln.
If there's nothing to protect my phone, I'll switch back to winmo for now.
Check out Lookout Mobile. Works with WinMo and Android. Very good app to have. Ive used it on my HD2 since first week I had it. Can even find your phone if you lose it and Nuke all your data, back it up online, make your phone "scream" if you misplace it. Its LOUD though haha.
donkeypunch85 said:
Check out Lookout Mobile. Works with WinMo and Android. Very good app to have. Ive used it on my HD2 since first week I had it. Can even find your phone if you lose it and Nuke all your data, back it up online, make your phone "scream" if you misplace it. Its LOUD though haha.
Click to expand...
Click to collapse
lol, yes, seen that app before when I was google-in'
just doubting if it can find rootkits etc.
Some funny features haha, I'll give it a try thanks
Actually, a rootkit for Android was recently demostrated at Defcon (don't have link sorry, just google it).
The current state of Android builds we have anyways aren't very secure because all of them have really dodgy full access permissions on key system files (esp the rooted builds), so currently any app could request root access and do stuff without you realising (with the exception of the Cyanogen-based builds, since that's the only one I'm aware of with a working copy of the Superuser Permissions app).
Today, I turned on my phone to discover a strange new widget/icon on my homescreen that looked like a blue magnifying glass and was labelled 'Search'.
Of course, being suspicious I removed the widget. I then looked through the list of installed widgets and apps, but nothing unusual was there.
Later when I opened the internet browser, the usual google homepage looked a bit different - identical, tabs and all, except for the search button appearing the same as in the widget and the Google logo missing (as if it hadn't loaded yet).
I've reset my homepage to Google, but in my history the bogus sites are:
start.infospace.com
searchmobileonline.com
Scanned with both AVG and Avast, but neither picked anything strange up.
I have since found out that this is adware that some free apps on the Market are using to generate revenue. In my case I have since confirmed it came from Brightest Flashlight Free, an app with over 1 million downloads and 5 star average.
Here's an article explaining it *http://www.pcworld.com/article/245305/sneaky_mobile_ads_invade_android_phones.html*
Just though I'd warn everyone, as I'm a very careful / savvy user and only use very popular, respected apps, but still got it. Personally I think adding phantom widgets and hijacking your browser homepage with a fake google look-a-like is disgusting and bordering on criminal, as no warning or notification is made that this is going to happen, where it came from and how to remove / fix it.
AXIS of Reality said:
Today, I turned on my phone to discover a strange new widget/icon on my homescreen that looked like a blue magnifying glass and was labelled 'Search'.
Of course, being suspicious I removed the widget. I then looked through the list of installed widgets and apps, but nothing unusual was there.
Later when I opened the internet browser, the usual google homepage looked a bit different - identical, tabs and all, except for the search button appearing the same as in the widget and the Google logo missing (as if it hadn't loaded yet).
I've reset my homepage to Google, but in my history the bogus sites are:
start.infospace.com
searchmobileonline.com
Scanned with both AVG and Avast, but neither picked anything strange up.
I have since found out that this is adware that some free apps on the Market are using to generate revenue. In my case I have since confirmed it came from Brightest Flashlight Free, an app with over 1 million downloads and 5 star average.
Here's an article explaining it *http://www.pcworld.com/article/245305/sneaky_mobile_ads_invade_android_phones.html*
Just though I'd warn everyone, as I'm a very careful / savvy user and only use very popular, respected apps, but still got it. Personally I think adding phantom widgets and hijacking your browser homepage with a fake google look-a-like is disgusting and bordering on criminal, as no warning or notification is made that this is going to happen, where it came from and how to remove / fix it.
Click to expand...
Click to collapse
Good call mate! I downloaded the AirPush Detector, AdFree Android, and Addons Detector thats mentioned on the post, and they found some on my SG2.
I will give all offending apps a one star rating, and this will get these dev's to act!!
Thanks
If you're going to give these apps one star ratings, don't forget to put a very scathing review up as well. A single star rating either way isn't going to bother these people much, but if you put a really negative review up as well, it adds a little impact.
In my experience, a brutal review tends to get devs attention fairly quickly, especially those who care about the rep of their apps
... and I wondered from where that magnifying glass appeared on my homescreen.
By the way, the icon sucks
I installed one crappy app from the market but unistalled everything fishy in the moment I saw that icon ...
This has happened to me 2x wish I knew what app it was. I normally only download popular ones too.
Sent from my GT-I9100 using XDA App
I have the magnifying glass too. I didn't notice it at first because I use TWLauncher 4.5 and it only added itself to the stock launcher. I guess its time to do some forum searching or uninstall all my add based apps.
You guys (especially OP) need to use programs like Lookout or ESET and stay away from ****ty apps like AVG (Which is also **** on PC).
GRiM-UK said:
You guys (especially OP) need to use programs like Lookout or ESET and stay away from ****ty apps like AVG (Which is also **** on PC).
Click to expand...
Click to collapse
Lookout doesn't find the search adware widget.
I had that icon too.. it even changed the default search engine on my browser..
Sent from my GT-I9100 using xda premium
AXIS of Reality said:
Today, I turned on my phone to discover a strange new widget/icon on my homescreen that looked like a blue magnifying glass and was labelled 'Search'.
Of course, being suspicious I removed the widget. I then looked through the list of installed widgets and apps, but nothing unusual was there.
Later when I opened the internet browser, the usual google homepage looked a bit different - identical, tabs and all, except for the search button appearing the same as in the widget and the Google logo missing (as if it hadn't loaded yet).
I've reset my homepage to Google, but in my history the bogus sites are:
start.infospace.com
searchmobileonline.com
Scanned with both AVG and Avast, but neither picked anything strange up.
I have since found out that this is adware that some free apps on the Market are using to generate revenue. In my case I have since confirmed it came from Brightest Flashlight Free, an app with over 1 million downloads and 5 star average.
Here's an article explaining it *http://www.pcworld.com/article/245305/sneaky_mobile_ads_invade_android_phones.html*
Just though I'd warn everyone, as I'm a very careful / savvy user and only use very popular, respected apps, but still got it. Personally I think adding phantom widgets and hijacking your browser homepage with a fake google look-a-like is disgusting and bordering on criminal, as no warning or notification is made that this is going to happen, where it came from and how to remove / fix it.
Click to expand...
Click to collapse
personally i feel you should report this app to Google straight. No chances should be given for developers of such nasty lowdown apps.
I personally dont use any of the antivirus stuff but have my host file update for removing ads and use LBE security to block applications access to the internet.
Thanks
Thanks... very usefull information
Installed LBE and now monitoring apps
Thanks for the heads up and the useful apps recommended.
All clean here, but glad I checked.
Further good reasons not go down the pirate route kids - get that Blackmarket and Mobilism app off ya devices
Mobilism app isn't malware.
I use Avast and adaway and they seem to be effective enough although no doubt malaware is a cause for concern.
666fff said:
Mobilism app isn't malware.
Click to expand...
Click to collapse
I'll take your word for it. It allows you to test pro versions or other paid apps, and if you like them, you go to Android's market and buy the "proper" goods.... Sure. That's all right then.
How much does eset cost? Could only see free 30 day trial
Sent from my GT-I9100 using XDA App
B3311 said:
I'll take your word for it. It allows you to test pro versions or other paid apps, and if you like them, you go to Android's market and buy the "proper" goods.... Sure. That's all right then.
Click to expand...
Click to collapse
That's what I use it for. I like to trial an app properly. If I like, buy from the market, if it's crappy, delete.
The same happened to me, I only realised when a lot of my google searches were US based and not UK. When I clicked on the "privacy" link at the bottom of the Google page (or what I thought was google, it just had a different search icon) it brought up info about a different company, it wasnt the usual google privacy disclaimer.
In the end I think I had to uninstall all the recent apps because I wasnt sure which had done it and had to clear data on the browser to remove it.
My Samsung Galaxy Note has also been invaded by this searchmobile pest and I am looking for a lasting solution, or an app that can identify which app invited the malware. "free iPads" have also appeared annoyingly frequent.
So I'm new into the whole smartphone business.
One thing I've noticed is that you need to get lots of apps if you want any kind of good functionality of your mobile. I mean, I can't even record sound without an app, or record a phone conversation (even tho my 8 year old flip phone that that functionality innate)
In the Apps - All, there is even a innate app called "Sound Recorder" yet you cannot use it, and you have to download an app to record sound.
Anyway, now it comes to my concern. Almost all apps require some pretty ridiculous permissions such as:
read phone status, test access to protected storage or modify or delete contents of USB storage. And I'm talking about apps such as a game let's say.
I downloaded an app that shuts off music (I like to fall asleep to music) called Music Timer. It's permission is to "dirrectly call phone numbers"! Really? make phone calls? It even has approximate location.
Is it just something I must live with, sell every and any information I put on my phone to use most of the apps out there?
I even setup a corporate email (my school). Their app requires to: erase data, set password rules, etc. Erase data? ugh.
Maybe I'm missing something, since I'm all new to this smartphone business and never dealt with it.
Messerschmitt262 said:
So I'm new into the whole smartphone business.
One thing I've noticed is that you need to get lots of apps if you want any kind of good functionality of your mobile. I mean, I can't even record sound without an app, or record a phone conversation (even tho my 8 year old flip phone that that functionality innate)
In the Apps - All, there is even a innate app called "Sound Recorder" yet you cannot use it, and you have to download an app to record sound.
Anyway, now it comes to my concern. Almost all apps require some pretty ridiculous permissions such as:
read phone status, test access to protected storage or modify or delete contents of USB storage. And I'm talking about apps such as a game let's say.
I downloaded an app that shuts off music (I like to fall asleep to music) called Music Timer. It's permission is to "dirrectly call phone numbers"! Really? make phone calls? It even has approximate location.
Is it just something I must live with, sell every and any information I put on my phone to use most of the apps out there?
I even setup a corporate email (my school). Their app requires to: erase data, set password rules, etc. Erase data? ugh.
Maybe I'm missing something, since I'm all new to this smartphone business and never dealt with it.
Click to expand...
Click to collapse
1) its a nexus device so its bloat free. Not everyone wants to record things so why force it onto everyone ? If you need said function you have the choice of adding said function
2) the sound recorder apk is used when you want to record an audio to an MMS.
3) not all apps require absurd permissions though I would agree that many do go to far in asking for permissions, BUT you always have the choice of not installing them.
Though some of the app permission names are written not as clear so it appears to be overreaching. Let's take a game. It asks to modify and delete USB storage. Normal as when you save a game its needs to be able to write to the phone. The other two you mentioned on not to educated on so I won't comment on yet
4) I looked into the music timer app you mentioned and I do agree that call phone number permission should not be their but again if you don't like it don't install it and try something else
5) your school email I don't see what the deal is? Permission to delete data, what do you think happens when you delete an email? It needs permission to delete it. Password rules is their to enforce your emails/schools password rules when using exchange
Sent from my Nexus 4 using xda app-developers app
The email permissions can be due to it being a corporate mail server, so in order to prevent confidential information from being stolen, the admin can do things like remotely wipe the phone or disable the camera.
Sent from my Nexus 4 using xda app-developers app
So basically if I don't like 1 permission out of several for a specific app, then my only option is to not use the app at all and find an alternative, or if there is no alternative, live without it?
Messerschmitt262 said:
So I'm new into the whole smartphone business.
One thing I've noticed is that you need to get lots of apps if you want any kind of good functionality of your mobile. I mean, I can't even record sound without an app, or record a phone conversation (even tho my 8 year old flip phone that that functionality innate)
In the Apps - All, there is even a innate app called "Sound Recorder" yet you cannot use it, and you have to download an app to record sound.
Anyway, now it comes to my concern. Almost all apps require some pretty ridiculous permissions such as:
read phone status, test access to protected storage or modify or delete contents of USB storage. And I'm talking about apps such as a game let's say.
I downloaded an app that shuts off music (I like to fall asleep to music) called Music Timer. It's permission is to "dirrectly call phone numbers"! Really? make phone calls? It even has approximate location.
Is it just something I must live with, sell every and any information I put on my phone to use most of the apps out there?
I even setup a corporate email (my school). Their app requires to: erase data, set password rules, etc. Erase data? ugh.
Maybe I'm missing something, since I'm all new to this smartphone business and never dealt with it.
Click to expand...
Click to collapse
Yeah, the permissions suck. Luckily the Android ecosystem has developed where there's enough competition that you can usually find what you want from a dev who doesn't want to hijack your phone. There are a lot of small guys out there, but they make some of the best apps. Low on permissions, holo-themed, great support. I usually find good devs on XDA with cool projects and donate as soon as I check out and like there app (GYT is the most recent example).
HOWEVER, if you are on an deodexed ROM (so, not stock), this works great: PDroid. Free, clean, doesn't crash apps (like Permissions Denied).
Hello Good People of XDA
I have been a i9506 owner for quite long, had a 9100 before,
I am used to root and mess with apps to customize things to my wim,
at the best of my knowledge (I lack android programming skills, but I can do things with terminal and filesystems).
All that before to say I am not totally a noob, but my lack of technical knowledge might bite me there.
System wise, I am under 4.2.2, rooted, unknow sources are not allowed, system check for apps is allowed,
I have an antivirus (more than one, but only one works each day, just to be sure I don't miss things)...
My problem is that I recently found out that some apps, actually system apps, blocked
with Titanium backup, or with gemini app manager, or app quarantine,
were actually running anyway.
They are marked as blocked in my app manager, but can still be force closed,
and they appear in battery displays (most of these under the android system block, in the list of services/apps used),
and in process running when using Ccleaner apps.
Also, my battery display show GPS is activated, while when I go into options, all boxes are off or unticked.
I thus wonder what's happening?
How is it possible to have these schrödinger apps tamed and blocked like I want them.
I want these to shut down and only work when I DO ALLOW these, for them not to suck my battery or do unauthorized chores like tracking me when I don't want.
How is it possible that they even behave like that? In i9100, I never observed that in Android 4.0.
I wonder if Google didn't change the workings for making us unable to disactivate what we don't want to work, which was pissing them off.
They already change the permissions displays in the market so permissions as intrusive as "contacts/sms message/USB stockage" are considered "not relevant/important",
while they are depending on the announced display of the app.
But I don't want to go on the "conspiracy route" (I am not like that, I am a pragmatist and I just observe facts, like these apps, with sensitive access, not being able to be deactivated), so let's focus on the technical part:
such apps were Maps, Samsung sync adapters, NFC service , Google Agenda/Contact synchronisation, sysscope, context provider, etc.
That's a lots of things that are supposed to communicate to cloud or other devices, with feels lot like a gaping flaw in the armor...
I want a phone and a tool, not something that track me or put me at risk of being stolen by somebody with technical knowledge.
Am I alone?
Thanks for any insights.
Blocked apps still working
I don't know if my title was too unclear, so I would like to change the title but am unable to do so?
Is it please possible for a moderator to do it (with the title of this post)?
Thanks by advance.
I feel like it is a true problem not being able to block some apps,
or even more, to believe they are blocked while they perfectly perform in the background,
and display activity only in secondary reports, not under their respective "buttons"/information tabs.
I wonder abourt the technical reason to such behavior.
Then delete those apps or block some of the permissions with an app (eg Privacyguard).
It's my opinion that an antivirus app (at the moment) is a waste of resources. Just think before you install something. Also if you are worried about security, you should always run the latest version of Android. 4.2.2 is an old version.
Lennyz1988 said:
Then delete those apps or block some of the permissions with an app (eg Privacyguard).
It's my opinion that an antivirus app (at the moment) is a waste of resources. Just think before you install something. Also if you are worried about security, you should always run the latest version of Android. 4.2.2 is an old version.
Click to expand...
Click to collapse
Thanks for your answer.
Well I don't want to delete system app when they might be useful at time.
I just want them to behave correctly, that is, not work when they are blocked.
That is not a solution to say "uninstall this", while the true problem is Android general behavior here.
I didn't installed system apps, they came with the thing, and all of them are not bloatware.
"NFC service" is something I want to keep for when I am ready to use it,
but I don't want to let it free and unleashed because of the opening it leaves on my phone.
Same goes for bluetooth, synced backups and so on.
I don't want backups on the cloud, so I deactivated the options, and blocked the apps.
Why are they running? It is not normal!
And my old version is maybe not secure, but actually trying 4.3 hasn't changed anything,
and I only suspect this to be some "new feature".
The antivirus is a waste for scans, I agree, still it has useful firewall features that justifies in itself its uses.