How to enable permissions on your phone. Insecure permissions in Android applications. Understanding Dangerous Permissions

Permissions determine what data or functionality is available to an application from Google Play. They can be configured when installing the program on a device running Android 6.0 and later. For example, sometimes apps request access to contacts or location information. You can also configure permissions after installation.

Advice. To find out your Android version, open your device settings and select About the phone, About the tablet or About the device.

New applications

Some applications from Play Store request access to data before installation. On a device running Android 6.0 or higher later version you can also configure permissions while working with the program.

Applications installed on the device

If you update an installed application, its permissions may change.

Applications for Android OS 6.0 and later versions. You don't need to confirm or provide permissions. The application will ask for them the first time it needs access to data or functionality.

Other applications. You do not need to grant permissions if you have done so previously. If the application requires additional rights, the system will prompt you to accept or reject the update.

To check for all new versions yourself, disable the auto-update feature. How to do this is described below.

Select the appropriate instruction.

How to disable auto-update for an individual application

How to disable auto-update for all applications

Instant apps

You can allow or deny access to data or features while using the application. To view Instant App permissions, follow these steps:

Setting Permissions

You can change application permissions in your device settings. Please note that sometimes blocking them leads to errors in the program.

Note. If you are using Google account In an educational, government, or commercial organization, an administrator can manage some permissions using the Device Policy application.

Installed application

Instant app

If you encounter errors in the application, follow the steps below.

The inviolability of confidential data and the safety of the privacy of owners of Android devices directly depend on installed applications, to be more precise, the permissions that are granted to them.

Many users who assign certain permissions to new applications on Android may become confused, not having sufficient knowledge of certain concepts and processes. Why does an application that does not perform the corresponding tasks request access to the camera, phone book, and even quick messages? The answer is clearly ambiguous.

We suggest mentioning the scandal that arose last year related to Facebook Messenger permissions. If you pay attention to all the permissions it asks for this program, you can come to the conclusion that she can manage her personal life without your knowledge.

As it turned out later, the root of the problem lay in the intricacies of the architecture of Android programs, since applications with different purposes request extremely similar permissions. To operate, for example, a flashlight, you need to obtain permission to take photos and videos without appropriate confirmation from the user. The bottom line is that the LED diode, which is used as a flashlight, is an integral part of the smartphone camera circuit. If the program has access to the flashlight, it means that photo and video recording is also open to it, which is why the request for these permissions appears.

However, self-interested application creators also include in the list of permissions those that allow you to count on profit thanks to donations (internal purchases). Such cases can be quite risky if you do not have a password for making purchases in the Market. Obtain permissions for functions such as program history, phone book, location identification, specific to clients social networks, browsers, navigators. But under no circumstances should they be present in games, or, as stated earlier, in “flashlights”.

Exercise extreme caution in relation to free applications, since they can transfer personal data to third parties or are “stuffed” with advertising inside and out. It is recommended to carefully research the required permissions when installing programs to avoid becoming a victim of deception. Also remember the fact that spending a dollar on an app is a wiser move than giving dozens of permissions to other free alternatives.

Don't install applications that are not particularly important to you. Taking the time to carefully review all required permits will help ensure that risks are minimized as much as possible.

Sometimes the user should consider whether specific application issue this or that permit.

As you know, in order for an Android program to function normally, it needs to obtain the appropriate permissions. Some applications require read access to the file system, others also need write access, others want to know information about the user’s location, others want to transfer data via Wi-Fi in any volume... This article will look at those permissions that should only be granted to an application only if you are 100% sure of it.

Sleep time management

Any smartphone and tablet goes into “sleep” after a certain time. This allows the processor to turn off half of its cores, thereby beginning to save energy. Most applications are unable to wake up the device and their work is suspended. Unless the program has received permission to operate even during “sleep”.

Such permission can be granted mail client or messenger. Social media clients should also receive it. However, such permission should not be given to everyone.

If he receives it malware, then she will be able to carry out any calculations even in the background. For example, in supposedly sleep mode, the smartphone will send spam mailings or even mine cryptocurrency because of this application. In some cases, this will cause the device to heat up. And almost always such actions of a malicious program reduce the time battery life.

Location based on GPS data

Now almost all smartphones are Android based equipped with a GPS chip. Its readings affect what kind of advertising is displayed in the browser and other applications. Also geographical coordinates are needed in search results, where stores closest to the user will be displayed first, and then all the others. Of course, you will have to provide permission to receive GPS data. navigation programs, containing a map. But why does Flashlight, downloaded from Google Play, require such permission?

As you may have already understood, you should not grant location permission to absolutely all applications. Small utilities can do without it. Even online store clients can work just fine without this permission - you'll just have to enter your city name yourself.

It should be remembered that each access to GPS chip readings consumes a certain amount of energy. Therefore, it will be better if only some programs can make such requests.

Location based on GSM module data

The Android operating system can determine location not only using a GPS chip. Approximate information can be obtained thanks to the towers cellular communication. Of course, this will only allow you to find out your area or block. But even this may be enough for malicious applications. Be sure to watch what programs you grant permission to determine your location via GSM communication!

Access to system autostart

Do not grant such permission under any circumstances unless you are 100% sure of the application developers! Usually access to Android autostart ask all sorts of optimizers trying to increase battery life.

The problem is that when granted such permission, the application may change the configuration files operating system some changes. For example, you can easily prevent an antivirus from running. Or order the system to run some malicious code at startup.

Permission to access OS autostart should only be granted to time-tested tweakers. For example, those discussed in our selection.

Full Internet access

Nowadays, many applications require unlimited access to the World Wide Web. It seems that outside the network coverage area modern smartphone will refuse to work at all. In reality, of course, it is quite possible that the appropriate permission may not be issued to everyone who asks for it.

Messengers and social network clients must be able to receive messages at absolutely any time. But if a request for constant access to the Internet is issued by some calculator, then you need to think ten times. It is possible that this is some kind of malicious utility or virus. The program may request such permission in order to occasionally use the smartphone as a bot. It can also regularly transmit user location data to the network if it has received such permission. In short, it is necessary to provide access to world wide web only to those applications that really deserve it.

Vibration control

A completely harmless, at first glance, solution. However, attackers don't think so. They create apps that turn off vibration. Another program (or maybe the same one) intercepts messages arriving on a smartphone until they are read by a user who has not received the corresponding notification.

SD card access

Without access to the memory card, no one can function normally file manager. It will also be needed by all kinds of players that read music and videos from the card. But do absolutely all applications need such access?

If the corresponding permission is required by some Notepad, then it is better not to provide it. Such programs may well store data in the built-in memory. It is possible that under useful application the virus is disguised. Once authorized, it will use the SD card to store illegal or stolen data. Also, such an application can quietly send personal files to the developer - photos, documents and something like that.

If you store any sensitive data on your smartphone (for example, financial reports of your own company), then it is better not to give access to the SD card to unfamiliar programs. Moreover, such people are recommended to regularly backup the memory card and format it - at least once a quarter.

Communication status

Almost all malicious applications require this permission. The fact is that it is with its help that various communication modules are controlled, through which malicious code is then transmitted. As a result, the program can use the device as part of a botnet, used, for example, to send spam.

Control over the state of communication should be provided to the browser, instant messenger and social network clients. Then proceed with extreme caution - some applications may turn the connection on and off without your permission with malicious intent.

Accessing Application State

This permission is very useful for those programs that integrate advertising modules into the system. They operate very simply.

Only the most important utilities should have access to application state. These can be antiviruses and optimizers. And do not choose the creations of hitherto unknown developers for this role.

Wi-Fi connection control

This permission will have to be granted to all applications that operate via an Internet connection. However, under no circumstances should you provide it to any flashlights or note-taking programs (unless the latter are capable of synchronization).

If the application turns out to be malicious, it may start scanning your Wi-Fi network. It will recognize its settings and then transfer them to the developer server. It is possible that in the future this will lead to interception of communications, as well as the transmission and reception of malicious code. This is confirmed by the recent introduction of the KRACK virus, which affected a fairly large number of users.

Popular applications - all kinds of browsers and instant messengers - are not immune from the influence of hackers. Therefore, do not forget to update them so that all discovered security holes are quickly closed.

Access to smartphone status and identification

Some applications require full access to smartphone identification. This means that from now on they will know its IMEI, configuration, phone number and other information. It is absolutely not necessary for every program to know all this. If this is some simple fishing guide, then it is better to reject the corresponding request. You should satisfy it if you installed a licensed game (for which you paid), a bank application, a Yandex.Money client, or some other similar program. Let the rest of the developers' creations recognize you by your login and password - they have no need to know IMEI.

What can malicious programs do if they gain access to device identification data? Their creators can use the information received to their advantage. For example, they can clone IMEI, start sending spam to your phone number, and perform other similar actions. Roughly speaking, this is how online finance crimes are most often committed.

Access to contacts and SMS messages

Most people struggle to read contacts from your phone book. different applications. First of all, these are instant messengers and social network clients.

If some malicious application gets permission to read contacts, then your friends and colleagues can expect all sorts of spam in the form of SMS. This is how databases are most often collected telephone numbers, which can now be freely purchased on Telegram.

In short, do not provide appropriate access to photo galleries and office applications. They don't need contacts. However, there are exceptions to the rule. For example, Samsung Health scans your contacts so that you can compete with other owners of this program. We also recommend that you clean your contact book from time to time. Leave in it only those people with whom communication is possible. Should not be kept in phone book numbers obtained from free ad services - it is clear that you will not call such a person again.

Summarizing

All app permissions are here

On older versions of the operating system Android systems I had to immediately grant all the permissions that the application requested during its installation. Fortunately, permission requests are now flowing more smoothly. If the program wants to go online for the first time, you will see a corresponding notification. In this regard, you can safely prohibit utilities from accessing certain functions of the operating system. Take advantage of it!

How do you feel about safety? Do you keep track of what permissions the apps you install ask for? Post your opinion in the comments.

Android is quite flexible system Permissions: When installed, the application requests the operating system to access the device capabilities it needs. True, at this stage the user has only two options: agree to the terms and install the application, or refuse and not install. In the future, apps can be prevented from displaying notifications if they abuse this feature, and that's where the standard permission management options end. Only non-standard ones remain.

For more flexible permission settings, you can use hidden Android function called AppOps. It is accessed using the application of the same name from Google Play. It is compatible with Android 4.3 and 4.4 devices and does not require root access. In fact, it's just a shortcut that opens the permission settings.

AppOps shows a list of all installed applications and the permissions granted to them. If desired, any of the permissions can be revoked: to do this, click on the switch so that it moves to the OFF position and turns gray.

Why does Yandex.Disk need so many permissions that it never uses anyway? Turn it off. But it's even worse when applications use permissions that they don't need: determine your location, read the clipboard, access your contacts list, and the like. This wastes CPU time and negatively affects the battery life of the device. Turn it off.

Unfortunately, AppOps does not know how to prevent applications from using the Internet. To do this, you can install an antivirus with a firewall, alternatively the free Avast.

In the firewall settings of Avast! specify which applications are allowed to use Internet Wi-Fi, 3G and GPRS, all other connections will be prohibited.

Avast Firewall requires root access to file system, on devices without it you can use, for example, the application “Firewall without root rights” or. They work on the same principle: they create a VPN connection, and when any application tries to access the Internet, they ask the user if this can be done. In the firewall rules settings, you can deny access to the network to any application. Story established connections is written to the log.