I know common sense is a great safeguard etc but that will work better for than for most as there just doesn't seem to be enough to go around. No Smiley cause it is not funny.
I almost can agree with the idea of having no AV as it seems the permissions requested and user complaints of the programs are as bad or potentially as bad as the attacks were trying to avoid or stop.
Maybe all the info I see on just how easy it is to hack most computers and regular alerts on just how poorly secured many networks and systems. Are etc had created a bit of concern
I mean just today I got an email report on a open issue with many HTC droids where wireless settings, passwords and more can be leaked or the data sent to the hacker. It is being addressed but is an accepted and known issue.
Just look at the permissions required to use install or update Google maps, and tell me why my mal app needs to have access to my contacts or SMS?
If I use common sense I will have no well known apps on my phone as most want all kinds of permissions they just do not need.
Why a video type site like YouTube need to know who I call or text is beyond me unless they are up to no good.
I don't care if they are tracking for data, purchases, or whatever it is not part of their service and should not need to be done.
I almost can agree with the idea of having no AV as it seems the permissions requested and user complaints of the programs are as bad or potentially as bad as the attacks were trying to avoid or stop.
Until I am shown or discover a specific need for AV, etc., I wont install it.
Originally Posted by LennyD
Maybe all the info I see on just how easy it is to hack most computers and regular alerts on just how poorly secured many networks and systems. Are etc had created a bit of concern
Android is not Windows.
Originally Posted by LennyD
I mean just today I got an email report on a open issue with many HTC droids where wireless settings, passwords and more can be leaked or the data sent to the hacker. It is being addressed but is an accepted and known issue.
Can you share specifics?
Originally Posted by LennyD
Just look at the permissions required to use install or update Google maps, and tell me why my mal app needs to have access to my contacts or SMS?
Since I am interested and new to this subject, I am willing to look at this one thing at a time. I just looked at Maps permissions, do not see SMS, and see nothing amiss. Access to your contacts allows faster access to driving there. In many cases, your phone contacts are already in Gmail; what is the conflict?
Originally Posted by LennyD
If I use common sense I will have no well known apps on my phone as most want all kinds of permissions they just do not need.
Dont freak; they probably do need them; you can always ask here to get specific info.
Originally Posted by LennyD
Why a video type site like YouTube need to know who I call or text is beyond me unless they are up to no good.
Wont look at this til next time.
Originally Posted by LennyD
I don't care if they are tracking for data, purchases, or whatever it is not part of their service and should not need to be done.
Nexus One, Droid Incredible, HTC Desire, Samsung Galaxy S
iPod Touch 64gb, Droid Eris (reserve)
Blackberry Tour (sold), Nokia N85, Nokia 5530, MyTouch 3G (reserve)
Carriers
DOCOMO Pacific (HSDPA);
Feedback Score
0
If an IM, messaging or social networking app asks for your contacts, its natural. But if a live wallpaper, game app or utility app asks for it, its not.
I found an example of malware permission request. This link contains a screenshot of the permission to send sms. This is the warning. If you are not installing an sms app which was recommended, well reviewed, etc., etc., dont install it.
The problem is that many apps have a legit "share by SMS or email" option.
You can use apps like LBE Privacy Guard or PDroid to revoke permissions.
Do you have any experience or input on those?
I know I should, and surely will check into them more, but been real busy and a little first hand input/experience would be real helpful.
Also specifically do any of the popular apps not work properly if you remove certain access etc?
I know it was asked and discussed in a post other than quoted, but I am going to look over the four or so apps that keep trying to update to see exactly what they are asking for permission for. I know the google search app I did not update because too many reviewed that it was not as simple or seamless as the previous, and some even went back to or were asking how to go back to the previous.
On the AV issue I am reading more and more about how many are concerned with their AV having too much access/permission and it is honestly confusing. I mean obvious the app needs access to all areas in order to scan (maybe that is as much a question as a statement lol) but then again it is hard to not have concern over the amount of people claiming if it was compromised then whatever program or virus takes it over could also have the same access.
I really do not want to have to become any closer to a "cell phone nerd" in order to figure out just how to properly know what is OK and what should be of concern. No real time to learn linux or anything (though it is one of those things on my long list to learn lol) and I do not think one should have to in order to have a good feeling of security.
Maybe just not having any valuable information on the phone is one option (sort of like having nothing to lose etc) but that really reduces the value of having all this mobile ability.
On the AV issue I am reading more and more about how many are concerned with their AV having too much access/permission and it is honestly confusing. I mean obvious the app needs access to all areas in order to scan (maybe that is as much a question as a statement lol) but then again it is hard to not have concern over the amount of people claiming if it was compromised then whatever program or virus takes it over could also have the same access. .
That's one reason you want to go name brand in virus protection. I didn't really hit the antivirus bandwagon until Avast (makers of a really great PC antivirus) created a mobile antivirus app...for free.
It works well from what I've seen, and it's not obscure and suspicious (like Netquin) or a desperate company layering their logo on somebody else's work (like AVG). But you should find at least that part out yourself...no use in trusting suspicious people in forums with your security right?
LBE Privacy Guard works for me. It's on the market.
LBE works by spoofing data instead of denying permission to access it, so apps won't break because they think they still have the permissions they asked for.
PDroid can deny access or feed spoofed data. You choose.
Advantage: it works right when you boot your phone (LBE leaks in the seconds between booting your phone and starting its service, just like DroidWall leaks at boot).
Disadvantage: You have to find and flash a version tailored for your phone and ROM. It's a lot more complicated than just installing an apk.
Details and downloads on xda: http://forum.xda-developers.com/show....php?t=1357056
Thanks for the info and link Rogier, very interesting and useful. I will have to try it next time I switch back to CM. I have miui 2.2.3 running at the moment, and am tempted to try it since it is using the cm7 kernel and see what happens.
4/2/2012 - My Nexus One, after 2 years and thousands of rom flashes finally gave up the ghost. RIP to the best phone I ever owned.
Since I am interested and new to this subject, I am willing to look at this one thing at a time. I just looked at Maps permissions, do not see SMS, and see nothing amiss. Access to your contacts allows faster access to driving there. In many cases, your phone contacts are already in Gmail; what is the conflict?
Dont freak; they probably do need them; you can always ask here to get specific info.
Sent from my DROID BIONIC using HowardForums
I have used 'Maps' once or twice. I keep background data and GPS location off. I know how to read a map so I don't need an app to tell me to "turn right here". I don't need it to know where I am. Just show me a flag on a real map at the location I keyed in and I can get there just fine. So, if I don't need Maps to 'lead' me there from 'here', then it shouldn't need special permissions to do that.
The principle applies to any app, if I don't need that feature, it should work without the corresponding permissions.
Perspective instantiates reality.
( By DX w/HoFo app. )
Learning Android root on a Droid X while waiting 4Godot (or the Droid "4G" -- whichever comes first...)
Reply With Quote
Originally Posted by LennyD
if not, you can try Lookout
Bookmarks