I was wondering if there is any way to modify an apps permissions on BAMF or by using any root app. I believe cyanogenmod offers this feature and I was curious I'd BAMF or a general app could do this as well. Thanks.
Also I'm aware that you can use sdk tool to do this if you feel like extracting if to your computer but if possible Id like to find an app that can do this and save a little time.
there are two apps that i know about, lbe privacy guard, and permissions, or permission dog. cant remember that last name. i personally use lbe and find that it works in most cases such as denying an app access to messages or contacts and such and network access. permissions work the same way i think but it requires a reboot to apply affects and i think it denies a category throughout all apps, not just a certain one
Related
Hi Guys,
I have a question/idea. Maybe its already done and you give me a hint on how to install it.
There are a bunch of apps that I really like but I dont like their security requirements like accessing Contacts, System settings, account data.
I agree that some may need it for their functionality, but some apps abuse it or have unnecessary rights.
I wonder if someone could write an app that intercepts those requests and returns dummy or empty data. For example, the app wants access to my contacts, it gets a dummy contact or an empty list returned but not my real list etc. Making the app think its is getting live data. The new app should allow to choose which app will get real and which get blank data or dummy data for sensitive things like accounts, contacts, system stuff.
That way the app would still work but my data is safe.
I guess it would almost have to work like a Rootkit hooking into system functions and figuring out the calling app.
Does this exist? Would this be something for CM7?
I read a lot of ppls reviews out there saying I am not installing this app until you remove such and such security right. This should be the best solution.
Let me know.
spacev said:
Hi Guys,
I have a question/idea. Maybe its already done and you give me a hint on how to install it.
There are a bunch of apps that I really like but I dont like their security requirements like accessing Contacts, System settings, account data.
I agree that some may need it for their functionality but some apps abuse the it or have unnecessary rights.
I wonder if someone could write an app that intercepts those requests and returns dummy or empty data. For example the app wants access to my contacts, or it gets a dummy contact or am empty list etc. Making the app think its is getting live data. The app should allow to set which app will get real and which get blank data for sensitive thing like accounts, contacts, system stuff.
That way the app would still work but my data is safe.
I guess it would almost have to work like a Rootkit hooking into system functions and figuring out the calling app.
Does this exist? Would this be something for CM7?
I read a lot of ppls reviews out there saying I am not installing this app until you remove such and such security right. This should be the best solution.
Let me know.
Click to expand...
Click to collapse
This should be in Q&A.. And there is an app for this.. LBE or LBE Lite.. Also, yes it is a function of CM7. While I'm answering though, I will say that I block almost all permissions that are unnecessary and I've never had a problem with any of the 125 apps I use.
LBE vs CM7
Well, as outlined above, CM7 and LBE are the two best options. I figured I might as well outline the pros and cons of each.
CM7 Application Permission Removal:
Pros - Built-in, no popups, technically faster.
Cons - Not all-in-one interface per say, more annoying to set a large number of apps permissions.
LBE:
Pros - Available on more phones, popups allow you to decide on a situation by situation basis whether to grant permissions, all in one interface, nice looking UI.
Cons - Not built in, popups CAN be annoying, different color scheme from stock android.
P.S. I'm not sure if this happens for everyone, but it probably does just because of security system conflicts in CM7 and LBE, but LBE doesn't seem to be able to start and run on CM7, so you can't have the best of both worlds
thanks guys for the quick responses!
I am trying LBE and so far like what I am seeing
THANKS!
My dad just got his EVOLTE and is worried about all the permissions on apps. I tried to explain to him how any why they work but he is still worried. I remember reading about CM7 and the ability to control what permission the apps can really have access to. Is there any app that will do something similar and have the ability to revoke any permission from any app on the phone?
He is unrooted but I can root the phone if need be.
Thanks
I heard that app developers can potentially access all your photos. Is this right and how can you keep them private?
ummm not that I'm aware of. where did you hear this from? :silly:
I don't know if that is true or not, but I suspected something similar reading the permissions before downloading apps as well. I noted modifying the SD card in many of them, a few included WIPING it. Now if they have that kind of power, I would be hesitant. I suppose Google has something in place that prevents that kind of abuse, but seeing how Quickpic can replace the default Gallery app, I do think it is possible. However, transmitting that data back to them may not be allowed or possible. Until I finish learning the SDK thoroughly, I cannot say yea or nay on it. I would suggest asking google about a specific app and see what they say first, and then consult someone who knows how to read the .apk files to see what they can discover.
Wallace_Brownie said:
I heard that app developers can potentially access all your photos. Is this right and how can you keep them private?
Click to expand...
Click to collapse
If you're that worried, don't store them on your device. If the DroidWall app "really" works, it should block all internet communication on apps that you select.....a wall of fire is the purpose.
Sent from my Amazon Gindle Fireoid
Mephisto_VI said:
I don't know if that is true or not, but I suspected something similar reading the permissions before downloading apps as well. I noted modifying the SD card in many of them, a few included WIPING it. Now if they have that kind of power, I would be hesitant. I suppose Google has something in place that prevents that kind of abuse, but seeing how Quickpic can replace the default Gallery app, I do think it is possible. However, transmitting that data back to them may not be allowed or possible. Until I finish learning the SDK thoroughly, I cannot say yea or nay on it. I would suggest asking google about a specific app and see what they say first, and then consult someone who knows how to read the .apk files to see what they can discover.
Click to expand...
Click to collapse
If I rememeber correctly, the android permission to access the sd card gives full read write privileges to the app, there is no partial access. Most apps need this permission to save data, cache etc to your sd card.
If you have a linux OS running computer you can modify file permissions for write and delete as root only, while allowing all users to read. That way if you want to delete or modify the file, you'll have to use superuser permissions. Of course that requires a rooted phone then....
Sent from my HTC Desire HD using xda app-developers app
Mephisto_VI said:
but seeing how Quickpic can replace the default Gallery app, I do think it is possible. .
Click to expand...
Click to collapse
Use hide it pro from play store. It can hide pictures and videos from any gallery app.
Mephisto_VI said:
I don't know if that is true or not, but I suspected something similar reading the permissions before downloading apps as well. I noted modifying the SD card in many of them, a few included WIPING it. Now if they have that kind of power, I would be hesitant. I suppose Google has something in place that prevents that kind of abuse, but seeing how Quickpic can replace the default Gallery app, I do think it is possible. However, transmitting that data back to them may not be allowed or possible. Until I finish learning the SDK thoroughly, I cannot say yea or nay on it. I would suggest asking google about a specific app and see what they say first, and then consult someone who knows how to read the .apk files to see what they can discover.
Click to expand...
Click to collapse
They said that they can't, and that's why they won't put SD cards in their own line.
Since I first responded, I came across Avast! Anti-virus for Android. It has a built in firewall you can customize per app. I do believe it requires root to utilize it though. Once I nosed around the settings, I was impressed with it. Now to see how well it works before I recommend either way on it. Oh, if you are going to use it, root first then install Avast.
Sent from my (rooted) LG-P870 using xda app-developers app
I know it has been a bit since the last response. I did find a few more programs since then though. Addons Detector examines programs and their permissions and puts several lists together in an easy to read format for you. Its good for when you have forgotten which program had what permissions or didn't catch what they were when installing. It also has an extra option (paid) that I am still evaluating: a live monitor. Notifications of how many addons are added upon installing a new app. Could be beneficial for the security conscious or the, for lack of a better term, paranoid users.
Sent from my LG-P870 using xda premium
Hi - I'm new to Android (and not that well versed with WM5 yet either), but have also been concerned when I saw all these apps that require access to full network, contacts, phone ID and number, etc.
While I understand using the Avast! firewall would prevent apps accessing the internet and sending my data, would those apps then cease to run if they couldn't access what they wanted?
Thanks,
Dylan.
I'm always very careful about what apps I install and their permissions, but I got this doubt for a long time. I already know what some Android permissions do and which of these are potentially dangerous.
Now let's assume an app asks for permissions to read my contacts, access the internet, read the identity of the phone, read the user position, etc.
When I use an app (mostly games) I always turn off wifi, bluetooth, gps and sometimes even the sim via airplane-mode. Now that app can easily collect all the data it wants but would never be able to send them. Am I correct?
My doubt is, when apps can send data? Is it only when the app is effectively running (also in background) or can do the same while, for example, updating the app via Google Play?
If it doesn't, I would probably download most of the apps I discarded because of their stupid permissions...
App permissions are always headache!
apps will always ask for various stupid permissions.even though they not require such permissions.
I think,,
how the apps collect and send data is upto the developer!!
Even though you put ur phone in AirPlane mode.the apps may or may not collect the contacts details frm your phone & may update to their server when data connection is detected..
Some applications will run in background as a seevice, even though they are not opened or running in foreground.
when u install an app you must be aware of the permissions granted.dont install apps that requires suspicious permissions.
if u are rooted there are some apps which can block permissions requisted by apps.
good luck....
motoshan said:
if u are rooted there are some apps which can block permissions requisted by apps.
Click to expand...
Click to collapse
I already heard of such apps but never found one. Could you please tell me some of them?
Thanks for the answer, anyway it really sounds like "I don't know and we'll never know"... it's sad
Is there anybody really sure about what the apps can do and give a nice rest to my neverending question?
Yes.. I already mentioned.
the permission requirements by the app can be explained only by the developer of that particular app.
I had developed an app myself 9 months before.which requires gps location along with hardware control permission etc...
as a developer of this app I can steadly says that my app will update ur device location soon after u switch on ur data conn.
you can find some apps and their reviews here... http://www.howtogeek.com/115888/
Oh, so my hopes are totally crushed.
Looks like they are more problematic than I imagined. I'll keep skipping 90% of the apps on the market.
Thanks a lot for that link!
Edit: I'd add, Jesus Christ, how funny to see that on Android spyware is legalised:
"Angry Birds Space – along with many other apps – has permission to view the device’s serial number and monitor the phone numbers you call."
Without root, I'm really missing xprivacy. Wanted to know if there was anything that could do the same thing , or something similar.
I heard something about running apps in a sandbox on your phone. But I could never find it.
I tried app advanced permission Manger, buy usually makes the app crash, I remove a lot of permissions.
Before anyone says it, I know marshmallow will have this feature built in.