G+_Thomas Weller Posted February 28, 2013 Share Posted February 28, 2013 can you do an episode where Gina Trapani explains some of the more scary sounding permissions that a lot of apps seems to want. Things like Phone calls -- read phone state and identity The most abused, and least understood permission of them all. Some apps need to know if your phone is about to ring. Maybe they need to save state (ie freeze what they're doing) for when the incoming call screen pops up, or they need to turn over audio control back to the OS. But this is also the one that can read, and send your IMEI and other identifying information back to some random server in Russia or God knows where. Often, these unique numbers are needed as piracy control, or to keep track of you without using any more sensitive personal information. The issue is when developers use these numbers for things like remembering your preferences for online services or app history. Remember the big wallpaper app scare? After some investigation, we learned the developer was using your device ID to keep track of your favorite wallpapers on his servers. Seemingly harmless, but not the right way to handle it. My only advice here is to be sure you trust the developers of the app when you see this one. Or take a moment to email them and ask why they need this permission. Credit: androidcentral.com Link to comment Share on other sites More sharing options...
G+_Johan Appelgren Posted February 28, 2013 Share Posted February 28, 2013 Actually, apps DO NOT need this permission to be able to pause or save state when there is an incoming phone call. I know some developers lie and claims this but it is wrong! Only apps that for example play sound in the background need this to be able to pause the audio playback when there's an incoming phone call, and then only if they need to support Android 2.1 (I think) and older. On newer versions of Android they should be able to utilize the audio focus system to pause without needing any permissions. Link to comment Share on other sites More sharing options...
G+_Zulhaimi Abdul Hamid Posted February 28, 2013 Share Posted February 28, 2013 Good idea. Should this also be a topic for Security Now? Link to comment Share on other sites More sharing options...
G+_Michael Honey-Arcement Posted March 4, 2013 Share Posted March 4, 2013 I found this http://lifehacker.com/5888034/aspotcat-shows-all-your-android-apps-permissions-services-that-cost-you-money It looks like a good auditing tool. Link to comment Share on other sites More sharing options...
G+_Johan Appelgren Posted March 4, 2013 Share Posted March 4, 2013 Would be nice if the next version of Android included better privacy controls and/or removed access to things like IMEI completely. Some parental controls would be nice as well including some way to stop younger/less tech savy family members from installing more or less malicious/abusive stuff on their devices. Link to comment Share on other sites More sharing options...
Recommended Posts