当您在 Android 设备上安装新应用程序(new app on your Android device)时,您是否只是选择接受(Accept )所有抛给您的东西?大多数人都这样做。但是你同意什么?
有最终用户许可协议(End User Licensing Agreement)( EULA ),然后是应用权限。其中一些应用程序权限可能允许应用程序以及制作它的公司走得太远并侵犯您的隐私。您需要知道在您的Android上避免同意哪些应用程序权限。
您应该避免哪些权限?这取决于,我们将进一步讨论。您需要警惕与访问相关的权限:
- 电话
- 声音的
- 地点
- 联系人
- 相机
- 日历
- 消息传递
- 生物识别(Biometrics)
- 云储存
什么是应用权限?(What Are App Permissions?)
当您安装一个应用程序时,该应用程序很少会内置完成其工作所需的一切。您的 Android 中已经有很多东西需要与应用程序集成才能完成工作。
假设您下载了一个照片编辑应用程序(download a photo editing app)。应用程序开发人员不会将完整的照片库或相机软件写入应用程序本身。他们只是会要求访问这些东西。这使应用程序小而高效,并且您的 Android 不会被重复的应用程序代码填满。
我应该避免哪些应用程序权限?(What App Permissions Should I Avoid?)
对于Android开发人员,权限分为 2 组:正常和危险。
普通权限被认为是安全的,并且通常在未经您明确许可的情况下默认允许。危险权限是可能对您的隐私构成风险的权限。
我们将查看Google的(Google)Android 开发者参考( Android Developer’s Reference)中列出的 30 个危险权限。将列出权限的名称,并引用开发人员参考(Reference)中关于权限允许的内容。然后我们将简要解释为什么它可能是危险的。如果可能,这些是您可能(may)希望避免的应用权限
ACCEPT_HANDOVER
“允许呼叫应用程序继续在另一个应用程序中启动的呼叫。”
此权限允许将呼叫转移到您可能不知道的应用程序或服务。如果它将您转移到使用您的数据配额而不是您的手机计划的服务,这最终可能会让您付出代价。它还可以用来秘密记录对话。
ACCESS_BACKGROUND_LOCATION
“允许应用程序在后台访问位置。如果您请求此权限,则还必须请求ACCESS_COARSE_LOCATION或ACCESS_FINE_LOCATION。请求此权限本身并不会给您提供位置访问权限。”
正如谷歌(Google)所说,仅此权限不会跟踪您。但它可以做的是让你被跟踪(allow you to be tracked),即使你认为你已经关闭了应用程序并且它不再跟踪你的位置。
ACCESS_COARSE_LOCATION
“允许应用访问大致位置。”
粗略定位的准确性会根据设备连接的手机信号塔将您定位到一般区域。紧急服务在遇到麻烦时找到您很有帮助,但没有其他人真正需要这些信息。
ACCESS_FINE_LOCATION
“允许应用程序访问精确位置。”
当他们说精确时,他们是认真的。精细定位权限将使用GPS和WiFi数据来精确定位您的位置。准确度可能在几英尺之内,可能会确定您在家中的哪个房间。
ACCESS_MEDIA_LOCATION
“允许应用程序访问用户共享集合中保留的任何地理位置。”
除非您关闭了对图片和视频的地理标记,(turned off geotagging on your pictures and videos)否则此应用程序可以浏览所有这些,并根据照片文件中的数据构建准确的个人资料(build an accurate profile of where you’ve been based on data in your photo files)。
ACTIVITY_RECOGNITION
“允许应用程序识别身体活动。”
就其本身而言,它可能看起来并不多。FitBit 等活动跟踪器(activity trackers like FitBit)经常使用它。但是将它与其他位置信息放在一起,他们可以弄清楚你在做什么以及你在哪里做。
ADD_VOICEMAIL
“允许应用程序将语音邮件添加到系统中。”
这可用于网络钓鱼目的。想象一下(Imagine),从您的银行添加一个语音邮件(voicemail),要求给他们打电话,但提供的号码不是银行的号码。
ANSWER_PHONE_CALLS
“允许应用接听来电。”
您可以看到这可能是一个问题。想象(Imagine)一个应用程序只是接听您的电话并随心所欲地做任何事情。
BODY_SENSORS
“允许应用程序访问来自传感器的数据,用户使用这些传感器来测量他们体内正在发生的事情,例如心率(sensors that the user uses to measure what is happening inside their body, such as heart rate)。”
这是另一个信息本身可能意义不大的情况,但当与来自其他传感器的信息相结合时,可能会非常具有启发性。
CALL_PHONE
“允许应用程序发起电话呼叫,而无需通过拨号器(Dialer)用户界面让用户确认呼叫。”
认为应用程序可以在您不知情的情况下拨打电话,这已经足够可怕了。然后想想它可能会如何拨打 1-900 号码,而您可能会因为数百或数千美元而陷入困境。
相机(CAMERA)
“需要能够访问相机设备。”
许多应用程序都想使用相机。这对于照片编辑或社交媒体之类的东西很有意义。但如果一个简单的儿童游戏想要这个权限,那就太令人毛骨悚然了。
READ_CALENDAR
“允许应用程序读取用户的日历数据(calendar data)。”
该应用程序会知道您将在何时何地。如果你在约会时做笔记,它也会知道你为什么在那里。添加到位置信息,应用程序也会知道您是如何到达那里的。
WRITE_CALENDAR
“允许应用程序写入用户的日历数据。”
一个坏演员可能会使用它在你的日历中安排约会,让你认为你可能不得不去你不需要的地方,或者打电话给你不需要的人。
READ_CALL_LOG
“允许应用程序读取用户的通话记录。”
我们与谁交谈以及何时交谈可以非常揭示我们的生活。白天打电话给你的同事?正常(Normal)。周六(Saturday)晚上凌晨 2 点给他们打电话?不太正常。
WRITE_CALL_LOG
“允许应用程序写入(但不读取)用户的通话记录数据。”
这不太可能发生,但恶意应用程序可能会添加通话记录来为您做好准备。
READ_CONTACTS
“允许应用程序读取用户的联系人数据。”
与阅读通话记录类似,一个人的联系人列表中(person’s contact list)包含了很多关于他们的信息。此外,该列表可能会被用来对您的朋友进行网络钓鱼,让他们认为是您在向他们发送消息。它还可以用于增加营销电子邮件列表,然后公司可以将其出售给广告商。
WRITE_CONTACTS
“允许应用程序写入用户的联系人数据。”
如果这可以用来编辑或覆盖您的联系人怎么办?想象一下(Imagine),如果它将您的抵押贷款经纪人的号码更改为另一个号码,然后您打电话给一些骗子并给他们您的财务信息。
READ_EXTERNAL_STORAGE
“允许应用程序从外部存储中读取。”
如果您允许此权限,则可以访问插入您设备的任何数据存储,例如microSD 卡(microSD card)甚至笔记本电脑。
WRITE_EXTERNAL_STORAGE
“允许应用程序写入外部存储。”
如果您授予此权限,则READ_EXTERNAL_STORAGE权限也会被隐式授予。现在,该应用程序可以使用任何连接的数据存储来做它想做的事情。
READ_PHONE_NUMBERS
“允许(Allows)读取设备的电话号码。“
如果一个应用程序要求这样做并且您同意它,该应用程序现在知道您的电话号码。如果应用程序粗略,预计很快就会收到一些自动电话。(get some robocalls)
READ_PHONE_STATE
“允许(Allows)对手机状态进行只读访问,包括当前的蜂窝网络信息、任何正在进行的通话的状态,以及在设备上注册的任何手机帐户的列表。”
此权限可用于方便窃听和跟踪您所在的网络。
READ_SMS
“允许应用程序读取SMS消息。”
再次(Again),窃听您并收集个人信息的另一种方式。这次通过阅读您的短信。
发送短信(SEND_SMS)
“允许应用程序发送SMS 消息(SMS messages)。”
这可用于为您注册付费短信服务,例如获取您的每日星座运势。这可能会很快花费你很多钱。
RECEIVE_MMS
“允许应用程序监控传入的彩信(MMS)。”
该应用程序将能够查看发送给您的任何图片或视频。
RECEIVE_SMS
“允许应用程序接收SMS消息。”
这个应用程序将允许监控您的短信。
RECEIVE_WAP_PUSH
“允许应用程序接收WAP推送消息。”
WAP推送消息是一条消息,它也是一个 Web 链接。选择该消息可能会打开一个网络钓鱼或恶意软件的网站。
录制音频(RECORD_AUDIO)
“允许应用程序录制音频。”
窃听人们的另一种方式。此外,即使他们没有说话,你也可以从一个人周围的声音中学到很多东西。
USE_SIP
“允许应用程序使用SIP服务。”
如果您不知道什么是 SIP 会话,请考虑Skype 或 Zoom(Skype or Zoom)。这些是通过VoIP连接进行的通信。这只是恶意应用程序可以监视和收听您的另一种方式。
我应该避免所有 Android 权限吗?(Should I Avoid All Android Permissions?)
我们必须在我们希望应用程序为我们做什么的上下文中查看权限。如果我们要阻止每个应用程序的所有这些权限,我们的应用程序都不会运行。
将(Think)您的Android设备视为您的家。对于我们的类比,将应用程序视为进入您家的修理工。他们有一项特定的工作要做,需要访问您家的某些部分,而不是其他部分。
如果您有水管工来修理厨房水槽,他们将需要您的许可才能进入水槽以及供水和排水的管道。就是这样。所以如果水管工要求看你的卧室,你会怀疑他们在做什么。应用程序也是如此。当您同意应用权限时,请记住这一点。
30 App Permissions To Avoid On Android
Do you just select Accept to everything thrown at you when you install a new app on your Android device? Most people do. But what are you agreeing to?
There’s the End User Licensing Agreement (EULA) and then there are the app permissions. Some of those app permissions can allow an app, and the company that made it, to go too far and violate your privacy. You need to know what app permissions to avoid agreeing to on your Android.
What permissions should you avoid? It depends, and we’ll go into that further. You’ll want to be wary of permissions related to accessing:
- Phone
- Audio
- Location
- Contacts
- Camera
- Calendar
- Messaging
- Biometrics
- Cloud Storage
What Are App Permissions?
When you install an app, the app seldom comes with everything it needs to do its job already built-in. There are a lot of things already in your Android that the app needs to integrate with to get its job done.
Let’s say you download a photo editing app. The app developer wouldn’t write in a complete photo gallery or camera software into the app itself. They’re just going to ask for access to those things. This keeps the apps small and efficient and your Android from filling up with duplicated app code.
What App Permissions Should I Avoid?
For Android developers, permissions are divided into 2 groups: normal and dangerous.
Normal permissions are considered safe and often allowed by default without your express permission. Dangerous permissions are ones that may present a risk to your privacy.
We’ll look at the 30 dangerous permissions listed in the Android Developer’s Reference from Google. The name of the permission will be listed, with a quote from the Developer’s Reference about what the permission allows. Then we’ll briefly explain why it could be dangerous. These are app permissions you may want to avoid, if possible
ACCEPT_HANDOVER
“Allows a calling app to continue a call which was started in another app.”
This permission allows for a call to be transferred to an app or service you might not be aware of. This could end up costing you if it transfers you to a service that’s using your data quota instead of your cell plan. It could also be used to secretly record conversations.
ACCESS_BACKGROUND_LOCATION
“Allows an app to access location in the background. If you’re requesting this permission, you must also request either ACCESS_COARSE_LOCATION or ACCESS_FINE_LOCATION. Requesting this permission by itself doesn’t give you location access.”
Like Google says, this permission alone won’t track you. But what it can do is allow you to be tracked even if you think you’ve closed the app and it’s no longer tracking your location.
ACCESS_COARSE_LOCATION
“Allows an app to access approximate location.”
The accuracy of coarse location locates you to a general area, based upon the cell tower to which the device is connecting. It’s helpful for emergency services to locate you during trouble, but no one else really needs that information.
ACCESS_FINE_LOCATION
“Allows an app to access precise location.”
When they say precise, they mean it. The fine location permission will use GPS and WiFi data to pinpoint where you are. The accuracy could be within a few feet, possibly locating which room you’re in within your home.
ACCESS_MEDIA_LOCATION
“Allows an application to access any geographic locations persisted in the user’s shared collection.”
Unless you’ve turned off geotagging on your pictures and videos, this app can go through all of them and build an accurate profile of where you’ve been based on data in your photo files.
ACTIVITY_RECOGNITION
“Allows an application to recognize physical activity.”
On its own, it might not seem like much. It’s often used by activity trackers like FitBit. But put it together with other location information and they can figure out what you’re doing and where you’re doing it.
ADD_VOICEMAIL
“Allows an application to add voicemails into the system.”
This could be used for phishing purposes. Imagine adding a voicemail from your bank asking to give them a call, but the number provided isn’t the bank’s.
ANSWER_PHONE_CALLS
“Allows the app to answer an incoming phone call.”
You can see how this could be a problem. Imagine an app just answering your phone calls and doing whatever it likes with them.
BODY_SENSORS
“Allows an application to access data from sensors that the user uses to measure what is happening inside their body, such as heart rate.”
This is another one where the information on its own might not mean much, but when coupled with information from other sensors could prove very revealing.
CALL_PHONE
“Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.”
It’s scary enough to think an app could make a phone call without you knowing it. Then think about how it might call a 1-900 number and you could be on the hook for hundreds or thousands of dollars.
CAMERA
“Required to be able to access the camera device.”
A lot of apps will want to use the camera. It makes sense for things like photo editing or social media. But if a simple kids game wants this permission, that’s just creepy.
READ_CALENDAR
“Allows an application to read the user’s calendar data.”
The app would know where you’ll be and when. If you make notes with your appointments, it’ll also know why you’re there. Add to the location information and the app will know how you got there too.
WRITE_CALENDAR
“Allows an application to write the user’s calendar data.”
A bad actor might use this to put appointments in your calendar making you think you might have to go somewhere you don’t, or call someone you don’t need to.
READ_CALL_LOG
“Allows an application to read the user’s call log.”
Who we talk to and when can be very revealing about our lives. Calling your co-worker during the day? Normal. Calling them at 2 a.m. on Saturday night? Not so normal.
WRITE_CALL_LOG
“Allows an application to write (but not read) the user’s call log data.”
It’s not likely to happen, but a malicious app could add call logs to set you up for something.
READ_CONTACTS
“Allows an application to read the user’s contacts data.”
Similar to reading the call log, a person’s contact list says a lot about them. Plus, the list may be used to phish your friends, making them think it’s you messaging them. It can also be used to grow a marketing email list the company could then sell off to advertisers.
WRITE_CONTACTS
“Allows an application to write the user’s contacts data.”
What if this could be used to edit or overwrite your contacts? Imagine if it changed the number for your mortgage broker to another number and you call some scammer and give them your financial information.
READ_EXTERNAL_STORAGE
“Allows an application to read from external storage.”
Any data storage that plugs into your device, like a microSD card or even a laptop, could be accessed if you allow this permission.
WRITE_EXTERNAL_STORAGE
“Allows an application to write to external storage.”
If you grant this permission, then the READ_EXTERNAL_STORAGE permission is implicitly granted as well. Now the app can do what it wants with any connected data storage.
READ_PHONE_NUMBERS
“Allows read access to the device’s phone number(s). “
If an app asks for this and you grant it, the app now knows your phone number. Expect to get some robocalls soon if the app is sketchy.
READ_PHONE_STATE
“Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any phone accounts registered on the device.”
This permission could be used to facilitate eavesdropping and tracking you by which network you’re on.
READ_SMS
“Allows an application to read SMS messages.”
Again, another way to eavesdrop on you and gather personal information. This time by reading your text messages.
SEND_SMS
“Allows an application to send SMS messages.”
This could be used to sign you up for paid texting services, like getting your daily horoscope. This could cost you a lot of money, quickly.
RECEIVE_MMS
“Allows an application to monitor incoming MMS messages.”
The app would be able to see any pictures or videos that were sent to you.
RECEIVE_SMS
“Allows an application to receive SMS messages.”
This app would allow for monitoring your text messages.
RECEIVE_WAP_PUSH
“Allows an application to receive WAP push messages.”
A WAP push message is a message that is also a web link. Selecting the message could open a phishing or malware laden web site.
RECORD_AUDIO
“Allows an application to record audio.”
Yet another way to eavesdrop on people. Plus there’s a surprising amount you can learn from the sounds around a person, even if they’re not talking.
USE_SIP
“Allows an application to use SIP service.”
If you don’t know what a SIP session is, think of Skype or Zoom. Those are communications that happen over a VoIP connection. This is just one more way that a malicious app could watch and listen to you.
Should I Avoid All Android Permissions?
We must look at permissions in the context of what we want the app to do for us. If we were to block all those permissions for every app, none of our apps would work.
Think of your Android device as your home. For our analogy, think of the app as a repairman coming into your home. They have a specific job to do and will need access to certain parts of your home, but not others.
If you’ve got a plumber coming in to fix the kitchen sink, they’re going to need your permission to access the sink and the pipes that supply and remove water. That’s it. So if the plumber asked to see your bedroom, you’d become suspicious of what they’re doing. The same goes for apps. Keep that in mind when you agree to app permissions.