# Apps requesting weird permissions



## Wolveryeti (Feb 2, 2013)

So this Google maps app I was going to download wants me to:

Ability to make calls on my phone without permission
Allow it to record audio on the mic of my phone without permission
Access to all my call logs

What the fuck? Is anyone aware of a program that will let you manage permissions on Android? I'm now worried that there are other back doors on my phone that are installed by default.


----------



## elbows (Feb 2, 2013)

There are loads, search for permission on the app store. I'm afraid I cant recommend any one in particular since I havent used any of them for ages.

The fact you noticed this one is a good sign. What do you mean by 'installed by default'?


----------



## elbows (Feb 2, 2013)

Having had a quick glance many of them suffer from strange english in their app store description. Avast! Mobile Security comes from a known provider so maybe go with that one.


----------



## Wolveryeti (Feb 2, 2013)

elbows said:


> There are loads, search for permission on the app store. I'm afraid I cant recommend any one in particular since I havent used any of them for ages.
> 
> The fact you noticed this one is a good sign. What do you mean by 'installed by default'?


Basically snooping Samsung firmware that I signed up to by not reading the ridiculous, boring, gazillions-of-words-long legal document that you are asked to read when installing a firmware update and ticking the box instead.


----------



## Hocus Eye. (Feb 7, 2013)

I didn't notice that it asked permission to make phone calls. Who is it going to call? As for 'recording' audio perhaps that is just the use of the microphone to take audio input for the use of GPS directions.

I always feel uncomfortable granting numerous permissions to apps, but there is no alternative if you want apps. A mobile phone without apps would be like a bike without a bell and lights. I wonder if there is a mudguard app.


----------



## editor (Feb 7, 2013)

What are these apps and why are you installing them?


----------



## Tankus (Feb 7, 2013)

Best of luck for it on my N7


----------



## Fez909 (Feb 7, 2013)

Wolveryeti said:


> So this Google maps app I was going to download wants me to:
> 
> Ability to make calls on my phone without permission - searching for a business often gives a phone number. this allows you to call them without leaving the app.
> Allow it to record audio on the mic of my phone without permission - used for voice search
> ...


 
Is this the proper Google Maps app, btw? I don't think I've ever seen "without permission" before, as you're giving permission here.


----------



## Fez909 (Feb 7, 2013)

Hocus Eye. said:


> I didn't notice that it asked permission to make phone calls. Who is it going to call? As for 'recording' audio perhaps that is just the use of the microphone to take audio input for the use of GPS directions.
> 
> I always feel uncomfortable granting numerous permissions to apps, but there is no alternative if you want apps. A mobile phone without apps would be like a bike without a bell and lights. I wonder if there is a mudguard app.


 
There are apps which let you revoke permissions that the app needs, but obviously the functionality may be reduced or may crash in this instance. You also need root, I think.

I'd advise everybody to NOT install apps, even if there's no alternative, when you are worried about the permissions.  A lot of the more respectable app developers on Android are sensitive to criticism on privacy and see it as something that puts them above Apple (where I believe anything is available to any app). If we stop caring about what permissions they ask for, then we normalise this behaviour, and we make it easier for more scrupulous developers to take advantage, and then the platform is ruined.

What you can and should do is email the developer and ask them why the permissions are needed. Ask them to put it in the information on the app download page, which a lot of them already do.  You'll probably find there's an innocent explanation for the permissions, but it could be a genuine mistake on their part and they may release an update with a permission refused (I've seen this happen). If they refuse to do this, leave a comment in the reviews saying that you're not happy with the permissions and you've rated it low due to safety concerns.  Others will see and notice this, and may do the same.


----------



## elbows (Feb 7, 2013)

Fez909 said:


> A lot of the more respectable app developers on Android are sensitive to criticism on privacy and see it as something that puts them above Apple (where I believe anything is available to any app).


 
No, on iOS you explicitly grant specific permissions to apps, and you have a lot of granular control over this on a per app basis in the iOS settings. eg you can, at any time, decide not to let a particular app use your location, contact, calendar, reminders, photos, bluetooth sharing, twitter or facebook account anymore, with individual control over each of these for each app that can be switched on or off at any point.


----------



## editor (Feb 7, 2013)

Wolveryeti said:


> Ability to make calls on my phone without permission
> Allow it to record audio on the mic of my phone without permission
> Access to all my call logs


1 The ability to make calls is so that you can call a business directly from within the app (useful if you've searched for a business)
2. The mic is used for voice searches
3. Not sure about that one


----------



## Fez909 (Feb 7, 2013)

elbows said:


> No, on iOS you explicitly grant specific permissions to apps, and you have a lot of granular control over this on a per app basis in the iOS settings. eg you can, at any time, decide not to let a particular app use your location, contact, calendar, reminders, photos, bluetooth sharing, twitter or facebook account anymore, with individual control over each of these for each app that can be switched on or off at any point.


 
Is this a new thing, as it never used to be the case.  When searching about this, I only see information which contradicts what you say:




			
				http://palizine.plynt.com/issues/2011Oct/android-vs-ios/ said:
			
		

> In iOS, there is no concept of explicit permissions. Thus, there is no way of restricting the actions that an application can perform. The application does not reveal what permissions the application requests for or accesses to the user. All the applications have equal access to all the iOS device resources and can use them without the permission of the user. Hence, once an application has been installed on the device, it can perform any operation under the pretext of performing an actual action.


 



			
				http://stackoverflow.com/questions/5822830/android-like-permissions-in-ios said:
			
		

> Only Notifications and Location Services require user permission, which is *automatically* asked to the user the very first time your application attempt to use the corresponding API.


----------



## editor (Feb 7, 2013)

Fez909 said:


> Is this a new thing, as it never used to be the case.


They copied it off Android. 
http://www.slashgear.com/ios-6-makes-apps-ask-for-permission-before-accessing-your-data-14234065/


----------



## Kid_Eternity (Feb 7, 2013)

All sounds a little dodgy.


----------



## Fez909 (Feb 7, 2013)

editor said:


> They copied it off Android.
> http://www.slashgear.com/ios-6-makes-apps-ask-for-permission-before-accessing-your-data-14234065/


 
Ah, that's good then.

Cheers!


----------



## elbows (Feb 7, 2013)

editor said:


> They copied it off Android.


 
I dont think that begins to do the details justice at all.

Both approaches had severe problems and limitations. After a wave of negative publicity about what some apps were doing, Apple vastly expanded their privacy notification and enable/disable system with iOS 6 (it did exist before then, but only for stuff like notification, location and photos). I suppose its similar to Android in some ways, but its hard to think of them as similar really since Apples involve popups and switches and Androids approach is based on letting users know what permissions an app wants before you download it, but not giving you any granular control once its installed - take it or leave it.

Until iOS 6, Androids approach certainly gave the user a lot more information, but no ability to still use an app but deny it one or more permissions, not without using 3rd party tools which may exist (?)

The only reason Apples older, limited privacy stuff didnt completely bite them in the butt is that iOS has never allowed access to a variety of things that are possible on android in the first place, and Apple have the app approval process to keep out most malware. For example I'm sure you cant have apps make phonecalls or send text messages automatically on iOS, and there is very little in the way of a filesystem that all apps can access (most stuff is sandboxed). So most of the scandals about privacy were to do with contact lists, which loads of apps were grabbing in their entirely, even some 'respected' ones.

I think its up to Google to make the next move now, since I'm not convinced many users think enough about permissions when installing apps, and some later notifications about what apps are trying to do when used would be helpful for less careful users.


----------

