Read the Fine Line when Using Android Apps

by Shaleen S
Most of us are using android phones and its application. Some of the apps request special permission to access contacts, or other functions of the phone., and the users are aware of that. But there are also apps that require no permission at all. The term no permission seems to be counter intuitive. One will think that this app is really safe to use. But it’s exactly the opposite. This “no permission” apps have full access to the device and can share and use the data from the phone in any form they want. Most of it travels via the web browser of the phone.

Paul Brodeur, who works for “Leviathan Security Group” was successfully able to create a test app with no permission access. He was then able to extract out all the hidden and non hidden files from the phones memory and the SD card. If an app can do that, it is a matter of great concern. People buy SD cards just to store more information on the phone. An an app with no permission access can take everything. In addition he was able to see which apps were installed on the phone too. Phones that used GSM services from AT&T and T-Mobile were easily vulnerable to the test app. Paul stated that such apps can be an easy game for people with malicious intent. All this can happen without the user knowing about it.

However, the app developers have to worry more about such problems in order to avoid big lawsuits against them as opposed to the consumers using the app. A report created by “TheVerge.com”, showed that the gallery app that cam per installed with android phones had stored full addresses associated with the photos. Further digging showed that the photos that were tagged using Picasa had that problem. Picasa was purchased by Google in 2004, and it was caching the locations of the photos for no reason. This type of information is not given in Google, or Picasa’s agreement.

There is a group of believers that such tests and runs can actually help create more secured apps than before. Once one has the information about the weak spots, they can fix it. And as it turns out that the users of these apps can’t really do a lot to avoid that, but the best practice is to read the permission access information before installing the app since they specify the requirements needed in order for the app to run on the device.

Reference:

Gahran, Amy. “‘No Permission’ Android Apps Can See and Share Your Data – CNN.com.” CNN. Cable News Network, 23 Apr. 2012. Web. 28 Apr. 2012. <http://www.cnn.com/2012/04/23/tech/mobile/no-permission-droid-apps/index.html>.

4 thoughts on “Read the Fine Line when Using Android Apps

  • April 28, 2012 at 8:42 pm
    Permalink

    This really opened up my eyes on the apps that are out there for the Android Play Store. I didn’t know the reason behind viruses on smart phones before, but now it gave me more knowledge about it. During CIS 310 class last quarter, my professor asked us to read an article that talked about Apple keeping geotagging on the iPhone itself. They did not specify the need or use of this database, but it is kind of dangerous to know what one can do with all these information extracted from these smart devices.

  • April 28, 2012 at 11:31 pm
    Permalink

    Interesting in that I didn’t really think about apps on phones having viruses and not being safe. I would think that apps that are posted on the Android Play Store would have gone through some check before being place in the store. I would wonder why GSM devices would be harm the most from these test app then of all of the devices out there.

  • April 29, 2012 at 1:56 am
    Permalink

    I never knew there actually were malicious apps out there that can do so much. Like the previous comment, I too would have figured that apps available on the play store would at least be looked at before being available, but I could imagine that being very time consuming. After reading this, I don’t think I will be downloading any “no permission” apps at all, just to be on the safe side.

  • April 29, 2012 at 3:48 pm
    Permalink

    This is a really good article since almost everyone has a smartphone. Apps are of really concern since they are installed on your phone and accessing it all the time. Some apps tell you what they are accessing to but I believe that they are using more than that. One needs to be aware of this kind of apps and review its terms of agreement before installing them. Good article to rise awareness of what we install on our phones.

Comments are closed.