APP'S - Unnecessary permission requirments??

thisNthat

Hi Guys

I have a Galaxy S2 and very happy with it overall but do people actually read the permissions granted when downloading apps from the android market, Most require completely unnecessary permissions which I can only imagine threatens your security and personal details,
Example - For Google maps app its requires to Directly call phone numbers on your phone (Services that cost you money) Also wants to read and modify all of the content (address) data stored on your phone,

Also a majority of android apps require permissions to - Read & Edit SMS and MMS messages, Add and modify calendar events and send emails to guests, Read, write and edit sensitive log data, and record Audio and video, I see alot of apps requiring to record Audio and video, These are apps that is no way need to record audio and video like a flash light app, Why is this??
The last thing I want/need is to have my calls recorded or be video recorded, Is this the case?

A lot of them look for permission to get sensitive info/data and in most cases it seems completely unnecessary for the apps that are being installed, Is it the same with Apple apps?
I've deleted most apps that I weary of.
Should I be weary? Just looking for a few opinions on this as maybe I'm being over cautious..

Thanks in advance

Atomic Pineapple

Just because the permissions are there doesn't mean they are used, a developer have asked for a permission during development to test something and the forget to remove the permission.

It actually makes sense for Google maps to require those permissions, it allows you to call numbers of places you find searching the maps and allows you to add and change data from within the app.

As long as you don't use dubious apps you'll be fine.

opinion guy

I share you concerns OP.

Many an app I want and then don't download when I see the ridiculous permissions. Still at least android makes it so transparent

Irish Halo

There is an app for that:
https://market.android.com/details?id=com.alostpacket.pocketpermissions

And a detailed post on another forum:
http://androidforums.com/android-applications/36936-android-permissions-explained-security-tips-avoiding-malware.html

paddyandy

I have been trying to have a look at google security & Android Security to find out if i can do without McAfee or Norton when my trial periods run out as i have no facility for buying the 12month security yet and i may have to wait a while .O2 wanted bank details for their card and that's not on at all .I don't allow 3rd party apps .access so should i be all right ? Android warns against o2 apps Thanks ! Phone is a neo v .

GreenWolfe

paddyandy wrote: »

I have been trying to have a look at google security & Android Security to find out if i can do without McAfee or Norton when my trial periods run out as i have no facility for buying the 12month security yet and i may have to wait a while .O2 wanted bank details for their card and that's not on at all .I don't allow 3rd party apps .access so should i be all right ? Android warns against o2 apps Thanks ! Phone is a neo v .

If you're talking about the O2 money card, you can purchase a top-up in any Payzone outlet or O2 retail store as well as using bank transfers.

If you didn't get any 3rd party apps, isn't a smartphone kind of pointless?

I've never bothered with Android antivirus software myself. As long as you apply good browsing and usage habits that you would use with a normal computer that you would to your phone you should be fine.

Android Market is a bit of a problem though. I don't install apps at random from the Market myself. If I can't find a review of it from a respectable website, then I'll just ignore it and look for an alternative.

opinion guy

Yeah but even supposedly legit apps from big name companies have dodgy permissions.

For instance imdb wants to take photos. Eh......whhy ???? I think not.

The bbc news app can acces my phone calls - meaning it can detect my phone number and imei and numbers I call. Eh......no

Pulse news reader can access my accounts known by the phone. Again no I think not.


You ask wahts the point ? I facebook and check email from phone. I use one commercial app that I need for work - the reason I got smartphone.

Apart from that they can take a hike with the info they re trying to farm.

but at least android tells you clearly what they can do. on apple you get a 15 page legal contract with this stuff burieed in it that nobody has time to read.

Professey Chin

If you want to know the purpose why not email the dev or look at their FAQ?
Using the IMDB example a quick look at the description directs you to their FAQ which explains:

Why does the app want to access my camera?
The app contains a feature that lets you take pictures of DVDs/Blu-rays or scan their barcodes as a quick way of searching. You can access this feature by pressing the Menu key.

Most of them have a reason or will remove if you let them know about it

Also im not sure about the BBC one (probably directing phone numbers in articles to allow dialing or stopping videos with incoming calls or something) but Pulse uses your google account to sync your google reader feed

GreenWolfe

opinion guy wrote: »

Yeah but even supposedly legit apps from big name companies have dodgy permissions.

For instance imdb wants to take photos. Eh......whhy ???? I think not.

The bbc news app can acces my phone calls - meaning it can detect my phone number and imei and numbers I call. Eh......no

Pulse news reader can access my accounts known by the phone. Again no I think not.


You ask wahts the point ? I facebook and check email from phone. I use one commercial app that I need for work - the reason I got smartphone.

Apart from that they can take a hike with the info they re trying to farm.

but at least android tells you clearly what they can do. on apple you get a 15 page legal contract with this stuff burieed in it that nobody has time to read.

IMDB

http://www.imdb.com/apps/android/android_FAQ/

PermissionWhy it is Required Hardware Controls:
Take Pictures and Videos
Allows application to take pictures and videos with the camera. This allows the application at any time to collect images the camera is seeing. In version 2.3, we added a feature that requires permission to access your device's camera. This feature ('ScanDVD' found in the phone options menu) allows you to scan a DVD/Blu-ray cover or barcode using your phone's camera to bring up that title's information page in the app.

EDIT: The Great Chinholio got there first!

BBC News

Read phone state and identity, explained here - http://androidforums.com/android-applications/36936-android-permissions-explained-security-tips-avoiding-malware.html

It seems to be a compatibility hangover, the market says that the app is compatible with Android 1.6.

Read phone state and identity
Phone calls

This permission is of moderate to high importance. Unfortunately this permission seems to be a bit of a mixed bag. While it's perfectly normal for an application to want to know if you are on the phone or getting a call, this permission also gives an application access to 2 unique numbers that can identify your phone. The numbers are the IMEI, and IMSI. Many software developers legitimately use these numbers as a means of tracking piracy though. This permission also gives an application to the phone numbers for incoming and outgoing calls.


WARNING: Any app targeting Android 1.5 or below (possibly 1.6 as well) will be granted this permission BY DEFAULT. And you may not ever be warned about it. It is important to pay attention to what version of Android an app is targeting to know if this permission is being granted. You can see this on the Market website in the right hand column.

Pulse Reader

This permission doesn't appear to be necessary. I thought it would be for syncing with Google Reader but the app does that by getting you to input your user/password at a standard Google login screen.