BNMC Blog

Tip of the Week: Do You Know What Your Android Permissions Actually Mean?

Tip of the Week: Do You Know What Your Android Permissions Actually Mean?

Downloading an application on an Android device is fairly simple: access the Google Play store, find the app you want to download, and press the button that says install. However, it is also too easy to simply hit ‘Allow’ once the app starts asking for ambiguously-worded permissions. Today, we’ll examine what these permissions actually mean.

It is important to understand that these permissions are not ambiguous by accident. Due to the various responses that different users will have to a request to access certain parts of the device (like the camera, for instance), developers have taken to describing the possible effect of an application’s access, instead of simply saying what it will be accessing.

Therefore, you may find yourself giving your applications permission to access and even alter more than you realized, simply because the permissions your apps have requested didn’t give you a clear idea of what they entail. This can be risky, especially if the app in question was created by an unscrupulous developer seeking access to your information.

If you see the following permission requests, know that they are considered and classified as “Dangerous.” The reasons that these permissions could put your security at risk are included.

  • Phone permissions -- These permissions give an app the ability to interact with your calls and call history however the developer wants it to. As a result, the app can make calls (including those that use Voice over Internet Protocol, or VoIP), as well as read and edit your calls list. An app with these permissions can also read your network information to collect data on the calls that you have made, and can even redirect your calls or hang up the phone. Essentially, phone permissions give an app control over the primary function of a cellular phone. While this may sound frightening, it is important to realize that this permission is often asked for so that any app you may be using when you receive a call can be paused. As a result, this is a permission that many games and multimedia apps will ask for.
  • SMS permissions -- These permissions give an app the ability to both send SMS messages and read any that are incoming. Not only does this present some obvious privacy concerns, it also means that a criminal could leverage this access to add paid services to your account without your consent.
  • Contact permissions -- As with any of the permissions on this list, there are completely aboveboard reasons that an application would require access to your contacts, as well as the ability to edit them. However, in the wrong hands, your contact list becomes a resource for a spammer to pull their next victims from. It is also important to consider that these permissions grant access to any accounts that your apps use, including Facebook, Google, and others.
  • Calendar permissions -- With these permissions granted, an app can read, edit, and create events in your calendar. However, this also means that an app can review your calendar without restriction, with the ability to edit or remove anything they want.
  • Camera permissions -- These permissions, perhaps obviously, allow an app to utilize your phone’s built-in camera to capture images and video. However, these permissions don’t specify that the app has to necessarily be in use to do so, allowing the app to potentially record your life whenever it wants.
  • Microphone permissions -- Just as the camera permissions allow an app to capture visual content, microphone permissions allow an app to use the onboard microphone to capture sounds and audio. Also like camera permissions, there is nothing that says the application has to be in use for it to do so, and so an app could potentially record anything your device could pick up at any time.
  • Storage permissions -- If granted these permissions, an application can read and write information to your phone’s storage, whether it's in the onboard storage or an added SD card. Like other permissions with the “Dangerous” label, this also means that the app can edit and remove files from your data storage. This is another common permission, as just about every app you download will likely need to store a small amount of your usage data. This includes services that save your login information, like Netflix, to games that store your progress, like Candy Crush Saga.
  • Location permissions -- These permissions allow an app to read your location at any time. Based on what the app is looking for, this location is either very exact (coming from GPS data) or a more general one (based on local Wi-Fi hotspots and cellular base stations). This could create a problem, as a criminal could potentially obtain your location history from the app and use it to establish your behaviors.
  • Body sensor permissions - These are not seen quite as often as other permissions, but you are apt to see them if you use certain accessories (like fitness trackers) and their associated apps to track your health data. These permissions allow the app to access that data. However, there permissions are not related to your device’s native movement tracking abilities.

It is important to remember that most applications that request these permissions are doing so simply in order to do what you want it to do. A messaging application without SMS permissions isn’t going to be able to do its job. Social networks, especially Instagram, need access to the camera in order to take the photos that you edit and share.

However, you should always consider why an app might request certain permissions, and if there is actually any reason that those permissions are necessary for the app to function. If the same messaging application were to ask for body sensor information, it wouldn’t be a bad idea to seek out a different app for your needs.

Make sure you subscribe to the BNMC blog for more IT tips and best practices!

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, December 17 2018

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Tip of the Week Best Practices Technology Email Cloud Privacy Malware Business Network Security Hackers User Tips Business Computing Software Microsoft Google Tech Term Computer Internet IT Services Mobile Devices Hosted Solutions Ransomware Efficiency Small Business IT Support Communication Smartphone Data Android Managed IT Services Backup Productivity Windows Browser Internet of Things Innovation Data Recovery Managed IT Services Saving Money Data Management Business Continuity Cloud Computing Hardware Windows 10 Data Backup Productivity Business Management Workplace Tips Microsoft Office App Cybersecurity Mobile Device Encryption Artificial Intelligence Passwords Gmail Remote Monitoring Facebook Server Office 365 Outsourced IT Windows 10 Word Upgrade Disaster Recovery Vulnerability Smartphones Applications Network Chrome Managed Service Provider Money Infrastructure IT Support Phishing BYOD Website Tip of the week Employer-Employee Relationship Analytics communications Save Money Robot Big Data VoIP Data storage Settings IT Management Company Culture Government Users YouTube Maintenance Google Drive Risk Management Managed Service Content Filtering Social Media Bandwidth Miscellaneous Office Tips Antivirus Printing The Internet of Things Mobile Security Paperless Office Automation End of Support Access Control Virtual Reality Business Intelligence VPN Data loss Data Security Unified Threat Management Spam Computing Telephone Systems Server Management Outlook Business Technology WiFi Touchscreen SaaS Operating System desktop Virtual Private Network Quick Tips LiFi Holiday Hosted Solution Firewall Administration Employee-Employer Relationship Managing Stress Mouse Alert Display Development Wireless Two-factor Authentication Avoiding Downtime Information Apple Education Vendor Management HIPAA Laptop Monitors Storage Scam Licensing Automobile Dongle Heating/Cooling Multi-Factor Security Onboarding Chromebook Business Growth Wires Hard Disk Drive Password Assessment Time Management Printer Slack Legal Solar Dell Break Fix Print Toner Social Engineering Websites Unified Communications Drones Work Cabling Search Black Friday Content Windows 8 Smart Tech WannaCry Networking Cooperation Service Level Agreement Google Maps Servers Google Calendar Cybercrime Digital Signage Hacker Router Voice over Internet Protocol Emergency Downtime Mobile Device Management Hotspot Internet Exlporer Network Management Monitoring Deep Learning Compliance Dark Web Marketing Safety IT Technicians Optimization Cyber Monday Gadgets Streaming Remote Computing Connectivity Staff Leominster Legislation Troubleshooting Network Congestion Alt Codes Modem FinTech Language Value Digital Payment SharePoint Spying Bring Your Own Device Regulations Microsoft Excel IoT Digital Techology Analysis Wi-Fi Budget Mirgation Recycling Disaster Managed IT Smart Technology Halloween Human Error Writing Social Information Technology Augmented Reality Collaboration K-12 Schools Statistics Tablet Computers Typing Humor Cookies MSP How To Lenovo Current Events Computing Infrastructure Professional Services Downloads Dark Data Update Best Practice Social Networking Mail Merge Blockchain Star Wars Document Management VoIP Spyware Unified Threat Management Chatbots eWaste Uninterrupted Power Supply Shortcut Distributed Denial of Service Scary Stories Device Retail Politics Apps Wearable Technology File Sharing Network upgrade Bluetooth Comparison Running Cable LED Cryptocurrency Nanotechnology Computer Care Firefox IBM Superfish IT solutions Going Green Alerts USB PowerPoint Customer Service Google Docs Motherboard Cables Solid State Drive Address Permissions Buisness Fraud Cost Management Identity Theft User Error Virtual Desktop Identity Continuity Patch Management Managed IT Service Sports Mobility Office Samsung Hacks Tech Support Google Wallet Smart Office Specifications Co-Managed IT Bitcoin Screen Reader Training Charging Customer Relationship Management Corporate Profile Law Enforcement BDR G Suite Supercomputer CrashOverride Electronic Medical Records Notifications Physical Security Motion Sickness Twitter Staffing Regulation Upgrades Gadget Administrator Emoji Taxes IT Budget Web Server what was your? Crowdsourcing Personal Information Botnet GPS 3D Printing Cortana IT Consultant Mobile Computing Cameras Tracking Machine Learning Meetings Processors Unsupported Software Printers Virtualization Cleaning CCTV Computer Repair Relocation Webcam Mobile Data How To Work/Life Balance Error Recovery Health Private Cloud Point of Sale Ben McDonald shares Travel Black Market

What Our Clients Say

  • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
  • 1
  • 2
  • 3