{"id":10748,"date":"2017-12-07T07:00:03","date_gmt":"2017-12-07T15:00:03","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/12\/07\/news-4520\/"},"modified":"2017-12-07T07:00:03","modified_gmt":"2017-12-07T15:00:03","slug":"news-4520","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/12\/07\/news-4520\/","title":{"rendered":"Are Your Android Apps Invading Your Privacy?"},"content":{"rendered":"

Credit to Author: Trend Micro| Date: Thu, 07 Dec 2017 14:00:59 +0000<\/strong><\/p>\n

\"Android<\/p>\n

Tips to utilizing app permissions in the world\u2019s most popular mobile operating system.\u00a0\u00a0\u2013 \u00a0<\/strong>by\u00a0Ian Grutze, Senior Global Product Manager<\/em><\/p>\n

Mobile devices are amazing tools that can enrich your life in many ways. Need to solve a problem\u2026? There\u2019s probably an app for that. As these devices mature, and as we weave them into our daily lives more, there is a cost tradeoff that you should be mindful of: \u201cprivacy vs convenience.\u201d<\/p>\n

 <\/p>\n

Think of a navigation app for example. It can be very helpful when you\u2019re out and your phone tells you that it will take 22 minutes to drive to that calendar appointment you have across town in 30 minutes. In order to do this, the app has access to your GPS location and your calendar, potentially monitoring these all the time<\/strong>. This may or may not be something with which you\u2019re comfortable sharing. You\u2019re getting some very helpful automated reminders, but someone\/something knows your location and your schedule. If this doesn\u2019t sit right with you, what can be done?<\/p>\n

The Android operating system gives you options to deal with this kind of situation, giving users the ability to customize app permissions. Open your Android settings and look for something like \u201cApp Manager\u201d or search for \u201cpermissions\u201d (it can vary depending on what version of Android you are running).<\/p>\n

\"\"\"\"<\/p>\n

 <\/p>\n

Settings menu from Google Pixel XL, running Android Oreo.<\/em><\/p>\n

From here you can manage which apps are allowed to use various services, such as: Camera, Location, Contacts, and more. There are some pretty serious options as well, like the ability to draw over other apps, or lock and erase all the content on a device. Taking the time to customize these in your favor can have many benefits and doing so gives you a better sense of what your apps are capable of.<\/p>\n

When reviewing an app, think about which permissions it requests access to and whether or not it makes sense for that app to need such a service.<\/p>\n

Maybe that popular candy game doesn\u2019t need access to your contacts list. Try disabling access and see if you still enjoy the app. Even if the app has good intentions (and isn\u2019t doing any shady behind-the-scenes tricks), if you don\u2019t gain value from it, it\u2019s often better to disable the permission. Depending on the situation, denying a permission can help maintain your privacy, reduce data usage, or save on battery drain and other device resources.<\/p>\n

\"\"\"\"<\/p>\n

 <\/p>\n

App Info menu from Google Pixel XL, running Android Oreo<\/em><\/p>\n

Trust in the app developer is an important thing to consider when thinking of permissions access. An app with control of your camera should<\/strong> make it obvious when they\u2019re using it\u2014for example, by showing you a preview on screen of what the lens sees\u2014but it\u2019s important to know that technically, it doesn\u2019t always do that. Some apps with microphone access may listen in without you knowing. Perhaps they\u2019re using automated speech recognition to pluck key words from your conversations, to enrich your experience with the app, OR they could sell such information to advertisers. If you don\u2019t know and trust the app developer, there are many things they could be up to that go unnoticed.<\/p>\n

The more potential for invasiveness in a permission, the more you should consider the source. Do some background research on the publisher or app, and try to learn if it\u2019s safe. In general, it\u2019s a good idea to review the permissions of all<\/u><\/strong> apps on your device (especially ones you chose to download yourself, as they were not vetted by your phones manufacturer) and disable access you think may not be necessary. Often times, an app will continue to work fine without 100% of their permission requests granted. It may just be missing some functionality that you did not care about anyway, or weren\u2019t intended to even know about.<\/p>\n

Beyond major to minor invasions of privacy, or just the uneasy feeling of certain types of your personal information existing in some companies\u2019 databases (which could theoretically be breached), there are some extremely harmful side effects that can come with granting the wrong app too many permissions. Trend Micro\u2019s Mobile Threat Response team has been researching mobile malware and logging its continued growth for years. They have discovered malicious app developers will use permissions to their advantage and your loss.<\/p>\n

A prime example: Banking attack apps that to you look like a harmless game or tool. If given the permission to know what other apps are open and overlay their own UI on it, they can replace the login credentials screen of popular banking services with their own, stealing any user name and password combination you enter. Another example is mobile ransomware, which seeks to disable all your files, or your entire device, from use, until you pay a digital currency ransom to undo this attack.<\/p>\n

In an extreme case like this, with clear intent of harm, it\u2019s no longer a choice of \u201cprivacy vs convenience,\u201d but of identifying apps that are malware and deleting them. I recommend finding a trusted security vendor, installing their app, then granting the appropriate permissions to let it help you stay safe.<\/p>\n

Trend Micro offers Mobile Security on Google Play<\/a>, with features that scan for malware, and report privacy concerns for your installed apps. This gives great visibility into what parts of your phone are being used by other apps, and tools to manage them.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Trend Micro| Date: Thu, 07 Dec 2017 14:00:59 +0000<\/strong><\/p>\n

\"AndroidTips to utilizing app permissions in the world\u2019s most popular mobile operating system.\u00a0\u00a0\u2013 \u00a0by\u00a0Ian Grutze, Senior Global Product Manager Mobile devices are amazing tools that can enrich your life in many ways. Need to solve a problem\u2026? There\u2019s probably an app for that. As these devices mature, and as we weave them into our daily…<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[10462,10789,10463,714],"class_list":["post-10748","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-android","tag-consumer","tag-mobile-security","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/10748","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=10748"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/10748\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=10748"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=10748"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=10748"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}