In the fast growing “internet of things” technology world we live in, apps are popping up left and right to help make life easier. There are apps for everything you could think of, restaurant searching, booking a taxi and even some meaningless for your entertainment. With the temptation right in front of you, claiming that it will completely solve your current issue whether it be boredom or hunger, you simply shouldn’t trust every app that is out there.
Just because an application is on the Google play or Apple store, doesn’t mean that it is completely safe from a security perspective. Sure Google and Apple scan the tools to make sure they are not malicious or contain bad code, but that’s it. You remember that screen that pops up before you accept to download the app? Do you ever read what that says? Some apps need basic access to your devices utilities in order for the app to perform its intended function. But then there are some people out there who create apps in order to gather information on each user that downloads there apps. Things like GPS, access to all contacts, permission to send messages and root user should not be allowed to be given out so easily.
Below are some of the most common permissions that are given out to download an application when they shouldn’t be.
- Directly call phone numbers - This is exactly what it says, this will give the downloaded app permission to make outgoing calls without your knowledge. Malicious app will use this to rack up cell phone charges or use someone else’s phone bill to purchase over the phone services. Google and Skype require this for obvious reason, but if you are downloading a flashlight app and it asks for this permission, stop immediately.
- Send SMS messages- Same as the outgoing call permission, if the app you are downloading doesn’t support SMS, there is no reason to allow them to have it.
- Access contacts- malicious apps love to get this one, as it allows them to reach out to all the contacts in one person’s phone. Some acceptable apps that would ask for this permission would be social media and calling apps.
- Read Sensitive log data- This one can be tricky, applications will use this permission to access information regarding other apps they are communicating with on your device. It is common for social media apps to request this as well as apps that report error messages back to the creator for bugs. Read the fine print, if the app doesn’t clearly explain what they need this feature for, don’t give it out.
- Kill Background Processes- At no point do you want to give out this permission to anyone unless you are at the cellphone store and they need troubleshooting to fix your phone. Otherwise this permission will give any application the keys to the kingdom, allowing anyone with it to stop all other apps on the phone which can result in full data loss. This is the holy grail of permissions.
All in all just remember to read the fine print and really ask yourself “does this app really need this to work?” many malicious app creators will try to make lookalike apps to try and trick you into downloading a different app than you were intending on getting. Lastly if you find a bad app, make sure you report it to your app store so that it can be removed.