Thursday 28 April 2011

Permissions Denied: tame apps that ask for too much


The Android Market is full of useful apps, but many of them ask for more permissions than you want to give them. Apps that work OK offline want internet access to download ads from banner farms that want to know your location. Some apps ask for permission to make phone calls or send out SMSs for no apparent reason. And do you really want apps that can read your contacts list to go online to nobody knows where?

Yajin Zhou and colleagues at North Carolina State University are making a permissions manager that will let you grant or deny permission to read your contacts, get your location, or track your phone by its unique device identifier, but...

...they've been beaten to it by Stericsson, the maker of Busybox. His app, Permissions Denied, lets you block each and every permission of each non-system app installed on your phone. Block their internet access, stop them from snooping in your contacts list, hide your location, prevent them from autostarting at boot, and much more.

Permissions Denied is free, but there's a donation version available if you want to buy the developer a beer.

Some apps may break when you take away their permissions, but that's no problem. Permissions Denied lets you restore permissions with a few taps.

Some minor things that I'd like to see fixed in the next version:

Permissions Denied lets you switch internet access on or off for an app, but only in an all-or-nothing way. It would be better if we could fine tune this, for example by allowing internet access over WiFi but not over a mobile data connection. But it's not a big deal, because Permissions Denied can play together with apps like DroidWall and AdAway.

The program doesn't always work. Whether it works for you depends on your phone and firmware version. The only way to find out if it does the job for you is by trial and error.

Permissions can only be denied, not spoofed. Some apps break when they don't get the permissions they expect, so an option to spoof permissions (like giving an app a bogus location or contacts list) would be welcome.

And Permissions Denied won't let you edit permissions of system apps. This may stop you from making your system unbootable, but it also stops you from removing permissions for bloatware like MySpace, Facebook, and other non-essential stuff that may be preinstalled on your phone. Too bad, because I'd like to revoke the startup permissions of the totally useless weather widget service that Motorola slammed onto my phone.

Permission Denied, DroidWall, and AdFree all require root access, but if you want to be in control of your phone you'll have rooted it anyway, right?

Permissions Denied in the Android Market
Permissions Denied on code.google.com
tweet this reddit digg this StumbleUpon digg this digg this

1 comment:

  1. check your stats, it's true, I just read your whole blog. great material! I'm only a few days down the path of android root and, with my past in Linux, android is now becomimming what I dreamed of.

    ReplyDelete