All Questions
Tagged with android permissions
27 questions
1
vote
0
answers
624
views
Get root permission on android for metasploit
Is there any way to get into the root file system in android with an already installed msfvenom apk in reverse_tcp (to get the whatsapp encryption key)
1
vote
1
answer
310
views
Storage access permissions before initial unlock upon startup
How do Android devices (at least all the non-enterprise personal devices I remember owning) display the wallpaper (usually chosen from the 'downloads' folder) on the lock screen when it first is ...
0
votes
1
answer
2k
views
Is my Android phone camera hacked?
I suddenly see a strange thing when developing my Flutter application. My application that I'm developing is not asking for permissions, it does not need any permissions. But when I debug the app in ...
5
votes
1
answer
761
views
Is it possible to use WeChat (Weixin) more safely in recent versions of Android by using permissions?
I assume that anything written or read on WeChat is read by the government of the People's Republic of China. I understand the risks of that.
However, I would like to understand the implications of ...
64
votes
6
answers
11k
views
Is 2FA via mobile phone still a good idea when phones are the most exposed device?
Everyone knows that two factors are better than one. My problem is that often the only second factor allowed is text messages sent to your mobile phone. This creates two concerns:
I travel frequently ...
2
votes
3
answers
3k
views
Can an app access location services when I turn off location services?
An app I'm using requires me to grant it the permission to track my location, which I grant.
But, if I manually toggle off the device's location service (for example in the settings or the drop down ...
1
vote
2
answers
443
views
Doubt on Android permissions mapping with UIDs/GIDs
Reading the book: Android Security Internals I'm reading at Chapter 2 - Permission Management paragraph that permissions are assigned to application at install time by the packet manager with a ...
0
votes
0
answers
110
views
can't find mapping of "android.permission.INTERNET" permission to famous methods which should use it
I was trying to evaluate effective permissions usage of an apk using axplorer mapping files.
During evaluation I obtained an effective use of the android.permission.INTERNET permission equal to 0.
...
12
votes
2
answers
395
views
Is there always a user notification when smartphones record audio?
Background: With microphones being embedded in all sorts of consumer electronics, there is widespread concern that certain actors (e.g. device manufacturers, ecosystem providers, third-party apps) ...
7
votes
1
answer
1k
views
Why would a banking app require access to browsing history and information about apps running on the device?
I have a banking app installed, but when I tried to update it, it asked me for permissions to access browsing history and the information about apps running on the device.
Why would a banking app ...
1
vote
0
answers
485
views
Fake data stub for android authorisations
I'm annoyed by all the applications on my Android device that require access to media/camera/message/call etc, when they don't really need them.
Is there a way to fake the autorisations? Like having ...
4
votes
2
answers
3k
views
Can APK's installed from unknown sources without special permission be considered safe?
If i choose to install downloaded APK files from unknown sources, can it log keystrokes or install malware without additional permissions?
Currently users don't have to grant internet permissions ...
0
votes
0
answers
366
views
Can Android malware cause any damage without any permissions?
Just as the title says. On Android 6 you can control pretty much every single permission you give to an app. So my question is, if i give no permissions(i.e. when the app doesn't ask for them), is ...
0
votes
1
answer
3k
views
How to globally limit Bluetooth functionality on Android and iPhone
I recently got my parents a Bluetooth speaker, and they are very new to the smartphone arena. What I would like is to disable all of the Bluetooth functionality in their phones except for the ability ...
1
vote
2
answers
6k
views
Why should we use checkCallingPermission instead of checkCallingOrSelfPermission in Android?
I scanned a project using Fortify and it says I should replace checkCallingOrSelfPermission method with checkCallingPermission.
I could not figure out the security risk that ...
1
vote
2
answers
1k
views
Does a malware in an android phone have permission to read/modify/delete data of all the apps?
If an android phone is infected with malware/virus, can it access all the apps with modify/delete/read permission? Isn't there any control by an app , say a bank app which can't allow to read data by ...
3
votes
2
answers
689
views
Why does the ProtonMail Android app require Identity permissions?
The ProtonMail Android app is supposed to be a privacy-centered alternative for data-mined email services such as Gmail, Yahoo, and Outlook. If this is truly the case, why does the Android app require ...
4
votes
1
answer
273
views
Android apps: required permissions reported before installing are misleading
I've noticed several Android apps that advertise different permission requirements than they actually get after they are installed. I'm on Android 5.0.2.
To be more specific:
I locate an app through ...
0
votes
1
answer
193
views
Acquire new permission after installing an Android application
I would like to know if there is an attack that allows an installed Android application to acquire further permission that is not assigned initially during installation.
I did some research and found ...
2
votes
2
answers
523
views
How can I secure the usage of root access on android, given that I have regular updates?
the situation:
I use Android 5.1
I'm running the "rooted" variant of fairphone OS, which means that:
I can enable Root access in the developer settings, i.e. I don't need to exploit my phone.
...
3
votes
3
answers
2k
views
Does Java/Dalvik's Java Native Interface JNI make Android prone to better attacks?
Java has a feature named Java Native Interface (JNI), which allows to call native machine code function from inside the Java's bytecode. This feature allows effectively running machine native code ...
0
votes
0
answers
273
views
Facebook app permissions
According to an answer to this question : Bypass app permissions, I changed by curiosity the application permission of Facebook and Messenger for the camera to always ask. I'm using CyanogenMod 12.0. ...
5
votes
2
answers
356
views
Should Android apps for communication encryption and security require permissions like identity, device ID, contacts, etc.?
There is a Android application Threema for communication encryption and that says it does not collect user data, but it requires the following permissions: identity, contacts and device ID.
Can ...
1
vote
1
answer
176
views
Android Permissions and Explanations
I am doing some research on Android permissions and whether or not they could abuse data privacy. Does anyone have a good source on all updated Android permissions with a short explanation on what ...
5
votes
1
answer
378
views
Why do mobile operating systems not implement a way to deny permissions to an app?
Android and iOS (afaik) implement a relativly fine-grained permission schema for their apps.
But as I user I only have the change to acceppt all or nothing.
When I think about it, it shouldn't be a ...
1
vote
1
answer
726
views
App permissions to access hardware "at any time without your confirmation"
On Android applications now some applications say that they want access to things such as speaker or camera "at any time without your confirmation".
I wasn't sure if this meant that it does not ...
12
votes
1
answer
341
views
Why does Android mix phone state with phone identity?
The "Phone State" permission on Android is widely requested by many apps. The explanation often given by the developer is that the app needs it in order to determine when you're on the phone, to stop ...