How in control are you of your own “smart” phone?
I have been wanting to write about this for a while now and been postponing it due to recent commitments at work and thus the lack of free time.
First of all I’d like to state that I am no security expert nor I claim to be an electronics geek but what I’m going to show you is more of what I stumbled on randomly at the beginning and decided to look further into it afterwards.
Skipping the smartphones introduction and the way they changed our lives, the way we’ve slowly become dependent on these devices that we now require them for the simplest of our daily tasks. I am going to go straight to the point of this post.
In the intention of finding an app that changes/alters the permissions given to an app to function on my phone, I instead found an app that lists you all permissions given to installed apps on your smartphones.
For those who still don’t know what we’re talking about, permissions are what an app asks you to grant it upon installation after you download it. Most of us including myself until recently, skip these steps by pressing NEXT NEXT NEXT NEXT OPEN.
So the application I found is called App Permission Watcher (click for download)
This app scans all applications on your phone for “suspicious apps” judging by the permissions these apps require.
Here are some screenshots from App Permission Watcher of apps one could’ve never suspected to be suspicious or malicious.
So let us start with EVERNOTE, my favorite place to write notes.. Neat and nice interface and is used by millions worldwide.
It appears that Evernote (as shown in picture above) can relay your contact data allowing itself to send all contact information over the internet. One could say that’s cool, I don’t mind someone knowing my contacts but why does Evernote want to know my movement profile? Allowing it to track my position anytime anywhere and without my permission?! Fine again, one could argue that I don’t care if someone knew where I was and when.. It’s fine. But can someone please explain why evernote can use my phone as a covert listening device?!! They can actually listen to our phone calls and use our device microphone to record audio clips and send them over the internet without! I repeat again, WITHOUT our permission.
Now just as you’d think they’ve done it all, you learn that they can use your device camera to send data over the internet, which can be used to watch the field of view of your phone at anytime, without you finding out. Cool eh?
same goes for our beloved facebook and whatsapp apps
only whatsapp can send sms from your phone to anyone without your permission and without you even finding out about it..
but my biggest surprise came when I checked my what supposed to be ANTIVIRUS / ANTISPAM / ANTITHEFT / ANTIFRAUD app…
sadly this app simply takes full control of your phone and can and probably is or will hurt you in many ways.
AVG antivirus app can:
1- share your contacts
2- share your location
3- make phone calls
4- send and relay sms messages
but most dangerously… this app can FALSIFY sms messages sent TO YOUR PHONE such (as explained by the next pic) mTAN codes sent to your phone by online banking services and could lead to an attacker getting into your bank account.
pretty shocking and unbelievable in some cases but that doesn’t mean all apps are malicious..
For example the google drive, translate, hotmail and Instagram apps require only contact info and usually that kind of info is used to add your friends on these services.
To conclude this, there are many ways that these permissions YOU yourself allow these apps to have can be used against you. A simple example which some might call an exaggeration is the capability for a hacker/security expert to place you somewhere perhaps a crime scene without the possibility for you to deny that claim.
Another example would be to send sms or make a call on your behalf that could lead to financial, social or even physical harm.
Next time you are installing an application on your phone, make sure you read the permissions you are giving it.
Knowing that most apps require these permissions to allow you to install them on your phone, a way to come around this is to install an application called SRT appguard PRO which allows you to alter applications permissions AFTER you install them and thus being able to deny them any undesirable permissions and privileges.
Posted on May 3, 2013, in art, Events, freedom of speech, Funny, Love, make me smile, Photography, Sarcasm, Technology and tagged android, applications, apps, appstore, danger, download, free, google, harm, help, iphone, malicious, mobile, paid, phone, play, security, spam, suspicious, technology. Bookmark the permalink. Leave a comment.