I've been using an application on my device and it allows access to both my camera and gallery even though I have denied access to both. In the applications permission tab, both Camera and Storage are deactivated.
The application is a popular Taxi app and my understanding was that if I deny the application permission to access content/sensors on my device, it would not allow the application access. This somehow overrides it.
My question is, is this a bug on the developers side or with Android itself? In my opinion it's pretty concerning with regards to user privacy. I've had a read through the Android Permissions Documentation and it states
"...that no app, by default, has permission to perform any operations
that would adversely impact other apps, the operating system, or the
user."
Which causes cause for concern as the application, by default has access to other apps.
To clarify the app's core functionality doesn't need access to my gallery or camera. I've also replicated this issue on numerous devices with different Android versions and the problem still persists.
Related
I have a few questions about privacy protection on Android and iOS. I've looked at Android documentation, but as a beginner I am not sure if I understand correctly (I put my understanding in square brackets). Especially, not finding the obvious way does not mean there are no workarounds to get the same information. Therefore, could any developer give advice on the following questions? Answers about iOS are also appreciated.
Can the user allow an app to use the microphone/camera/location only once (i.e. the system should always ask the user every time this app needs access)? [No, the "never ask again" option in the dialog is not meant for this purpose.]
If microphone/camera/location permission is given to an app, can it access these while in background? [Yes.]
Is it possible for an app (running in foreground) to obtain the list of other apps currently running or installed on the device? [Yes for installed ones, not sure about currently running ones.]
Can an app in background know what other apps are currently running and which one is in foreground? Can it possibly figure out whether the user is using the phone? [Not sure.]
Can an app (apart from the OS itself) take screenshots? [No.]
With regards to Android:
Can the user allow an app to use the microphone/camera/location only once (i.e. the system should always ask the user every time this app needs access)?
Not directly. They could have this effect by granting the permission, using the app, then going into Settings and revoking the permission. I suspect that few people do this. Offering a one-time-use-only option directly in the runtime permission dialog is an interesting option, though I suspect that Google would pass on it as making the flow too complicated.
If microphone/camera/location permission is given to an app, can it access these while in background?
Locations, yes, though with some limits on Android 8.0+ (for power savings). Microphone/camera, yes, though reportedly no longer starting with Android P.
Is it possible for an app (running in foreground) to obtain the list of other apps currently running or installed on the device?
Installed, yes. Running, not really, on newer versions of Android.
Can an app in background know what other apps are currently running
See above.
and which one is in foreground?
Not really, on newer versions of Android.
Can it possibly figure out whether the user is using the phone?
You can tell if the screen is on. IMHO, "whether the user is using the phone" has lots of possible definitions.
Can an app (apart from the OS itself) take screenshots?
I do not know how you are drawing the distinction here. An app can request screenshots and screen recordings through the media projection APIs on Android 5.0+, though this involves user acceptance. This acceptance is a one-time-per-process thing, so the user would have to grant access again in the future (akin to what you were seeking for microphone/camera/location).
I am getting very conflicting information regarding the use of android.permission.READ_LOGS Android permission. Firstly, the Android Documentation website does not specify the protection level of this permission. It is neither classified as normal, nor dangerous. They do specify the following:
"Not for use by third-party applications, because Log entries can
contain the user's private information."
Some websites say not to use it for the same privacy concerns.
However I have some issue with that:
When I tested this permission in my app on Android 7.1.1 (Nexus 5X) and Android 4.4.2 (old Samsung 8" tablet), neither of them prompted me that the app required this permission. Both said that the app requested "no special permissions". This only happens if the permission is deemed "normal", in which case it is automatically granted.
Secondly, using this permission, I can only view logs from logcat pertaining to my app, which does not log any personal information. Hence, I don't violate any privacy either. I thought this permission may allow me to see other app's logs, causing privacy issues.
So, if this is the case, then is it deemed safe to use this permission in a production version of the app? It would help me a lot in debugging strange bugs users face if they can send me a logcat by the press of a button.
EDIT: Ok, now I am quite confused. It appears that I don't need to explicitly specify this permission in the manifest either.
Is READ_LOGS a normal or dangerous Android permission?
Neither. As of Android 7.1, it is signature|privileged|development. That basically means that apps signed as part of the firmware build or installed on the privileged partition can hold the permission, but nothing else can.
the Android Documentation website does not specify the protection level of this permission
Correct. READ_LOGS is still in the SDK, for backwards-compatibility reasons, but ordinary apps have not been able to hold it since Android 4.1, which came out five years ago.
This only happens if the permission is deemed "normal", in which case it is automatically granted.
No.
I thought this permission may allow me to see other app's logs, causing privacy issues.
It did, on Android 4.0 and earlier.
then is it deemed safe to use this permission in a production version of the app?
Well, bear in mind that there has never been a documented and supported way for apps to access LogCat contents. Most likely, you're using one of the script-kiddie solutions that have been posted, such as running the logcat command and capturing its output. So, it is entirely possible that there are devices, now or in the future, that will not support your particular approach towards accessing LogCat. So, the permission is not your problem; the lack of a supported API for LogCat access is your problem.
Personally, I'd use a logging library to log the content to both a file and to LogCat, using the file for whatever your app needs it for.
I am building an android app that will be for sale through the market. The base application will need very minimal permissions.
What I want to do, is allow the base application customers to add libraries I'll have available as free upgrades. But those add-ons would need additional permissions and abilities. ( Like contacts, camera, live wallpaper, or home screen ).
My goal is to allow my customers buy my base application without requiring excessive permissions. But if they desire the extra features, they can simply install those libraries from the play market, and grant the permissions for those added libraries. But still allow all of these features to be detected, controlled and used from the base purchased app.
My fear is that no-one will buy my base application if it requires all the permissions of the optional features.
My question is...
Is it possible to do this?
Are there other ways to set this up?
Thank you!
You will need to package those libraries as separate apps, kind of what like Google does with Google Play Services.
These apps need not be visible in the application drawer, just don't declare any Launcher activities there.
You will then need to communicate with those apps using Intents to get your job done.
I have a question about installation of an app on android device. I have an application that requires that a user installs another application. That required app may be different at different times, but sometimes user device cannot install this required app for some reason. I want to check programmatically that a user can or cannot install a required app. Is it possible??
As mentioned in the comments, you can check whether another application is already installed, but there's no simply way to determine whether another application is technically capable of being installed.
This determination is based on the AndroidManifest.xml file of the other application (at least), and possibly some internal checks that occur within other application's code. You would need to know the requirements for the other application (minimum SDK version, supported screen sizes, camera and other hardware requirements, etc.) and check for them yourself.
Can somebody explain to me what are the benefits of Android System App over a "normal" app
(besides that fact that a system app cannot be uninstalled)?
Special permissions?
There is some confusion here.
First, if you are talking about "system app" as just being one with FLAG_SYSTEM set, all this means is that the app is located on the /system partition, which is the read-only partition that is basically the firmware of the device. (It can only be modified as part of an OTA firmware update.) These apps can't be removed simply because they are on a partition that can't be modified.
The only thing special about a system application beyond this is that there are a handful of signature permissions that can also be granted to any app on the system image. For example there is a permission to directly talk with the package manager to install an app (without going through the system UI) that such an app can have; this is useful for any app store / market pre-loaded on a device.
Being signed with the platform certificate is an orthogonal concept -- such an app can be either on the system image or installed as a third party app (though obviously in almost all cases these come pre-installed). Such apps have access to a whole suite of low-level permissions for interacting with the platform. Very few apps are signed with this certificate; it is only for core platform applications. Unless you are working with a hardware vendor on a device, you won't have access to this.
All of the platform's certificates (whether they be available to all apps, require an app be signed with the platform cert, or are available to apps installed on the system partition) are declared by the platforms manifest, just like any other app:
https://android.googlesource.com/platform/frameworks/base/+/master/core/res/AndroidManifest.xml
There are permissions that can only be obtained by systems apps. For example the permission brick can be requested by every app but it is only granted to apps that are signed as system apps. There are some other features that make more sense I think directly installing and removing apps would be a system only permission too.
From your explanation I guess you mean the the pre-installed applications (like the Browser or the Messages app). You can take a look in these apps at https://android.googlesource.com. (search for platform/packages/apps/...).
You will find that these application are no difference to your own custom developed Apps, except you can't remove them. They cannot be removed as they provide the basic functionality to operate your phone / device. So, same security constraints apply there.