The ever-growing platform such as Android will certainly always be at the center of the radicalized views regarding the privacy and end-user security. In a system, as great as Google’s Android is, with more than 2 billion users, around 10 million active developers and hundreds of hardware manufacturers, we need a strict set of rules when it comes to what an app can or can’t do on one’s handset.
A casual Android user rarely pays a greater attention to app permissions. They mostly install the app and just move through the installation procedure as fast as possible and accept everything in the random predicament of confirmation tapping.
But, app permissions are important. They’re there from the start, a tad stricter now than they were back in the days, but very significant — now more than ever.
”Why?”, you might you ask. Well, there are various reasons and we made sure to provide you with the in-depth explanation of app permissions and why you should take a better look next time a pop-up appears on your favorite gadget’s screen.
What are Apps Permissions on Android?
App permissions are, simply put, system boundaries applied to all apps executable on an Android-powered device. Every app functions in the limited-access sandbox and every sensor and peripheral function has the dedicated permission concerning capabilities and information sharing.
Some apps will install immediately and ask you for every permission individually later on; others will show you all permissions before you install them but you’ll need to enable them manually, nonetheless. It all depends on the developer’s choice and the gravity of the access they ask for.
Only the later way was at disposal in the pre-Marshmallow Android era but without the runtime permission-granting included. And it’s safe to say that wasn’t reliable at all, as it provided a fruitful ground for various malversations of malevolent developers.
Google decided that enough is enough and made the permissions stricter. Namely, with the introduction of Android 6.0 a.k.a Marshmallow, the things changed for the better and stayed that way until this day.
What’s the price of granting the full access to an app?
Firstly, the Play Store has a privacy and safety standards which are fairly imposed on all developers. However, there are more than a few reports about data leaks, location-tracking fiascos, and all-around inconsistency in the security barriers of the Android software ecosystem.
So, it’s wise to act with caution with every new app you download and install. Some folks might say these are lowkey ”tinfoil hat” assumptions, but a lot of apps will track your location and take sensitive data for various purposes.
Some will sell your private data to the highest bidder for the advertising purposes, others, the less harmful ones, are focused on stealing your credentials. The antivirus solutions are, basically, a non-consistent way to protect from these threats. You first and the last line of protection are App Permissions, so don’t grant them until you double-check why the app at hand requires them.
The focus is on 5 main permissions most of the time:
- Location – a malicious app will track your location. Even if you don’t want it to do it without a dire need.
- Phone – a malicious app can make calls directly, without your consent. Usually, you need to press the Dialer button, but there are ways to override that, allegedly. Also, it can, in the worst case scenario, gain access to your credentials.
- SMS – the same as above, just with SMS and MMS messages.
- Contacts – an app can read and make changes to your Contacts. You have an idea why this can lead to a privacy infringement.
- Storage – an app can access your storage (both internal and SD).
Now, to be perfectly honest, most of the apps will neither steal your data or money. Google makes sure the vast majority of apps is in-depth code checked before it can find its place in the Play Store.
However, we tend to advocate the ”better safe than sorry” approach, so make sure to double-check the App permissions, especially with the unfamiliar apps.
How to inspect and disable App Permissions for all installed apps?
This is rather simple and the approach is the same with all but scarce Android UIs which deviate from the norm. Just open Settings > Permissions. There you can open each section and disable everything you find suspicious.
Also, you can open Apps (Applications or Application Manager) in Settings and check what permissions are granted to all respective apps.
After a thorough look up, you should be able to find and disable all unwanted permissions. Also, you can reset the App data and thus remove all permissions you previously granted it.
With that, we can wrap it up. We certainly hope that this was an insightful read and that we shed at least some light on this fairly important but rather neglected Android’s security module.
Feel free to share your thoughts on the subject in the comments below. We look forward to hearing from you.