Thursday, 26 May 2011

LBE Privacy Guard controls app permissions

An old Android problem is that it doesn't give you any control over what apps are allowed to do, and what not. You can't grant an app some permissions, but deny others. When you accept the list of permissions upon installing an app you're writing a blank check.

You can wrestle a bit of control back by tuning internet access control with DroidWall, and block access to advertising banner farms with AdFree. But what about other permissions, such as reading your address book or your messages?

Denying access to contacts and messages is essential for apps that break if you don't give them internet access. For example, a music streaming app obviously needs to go online, but that doesn't mean you want it to read your emails or snoop in your contacts list. You probably don't want to share your location with apps and advertisers either.

Privacy Settings Manager promised to fix that, but didn't deliver yet. Permissions Denied works, but only on some phones. And now there is a new permissions manager: LBE Privacy Guard.

LBE Privacy Guard runs in the background, and pops up an alert whenever an app tries to do something that may violate your privacy or cost you money. Permissions that you can control:
- sending SMSs;
- making phone calls;
- reading your SMSs;
- reading your contacts;
- reading your call logs;
- getting your location (by GPS or from networks);
- identify your phone by IMEI, IMSI, phone number, or SIM card ID;
- internet access.
You can grant or deny permissions, and for most permission requests it's up to you whether your answer is remembered or whether you're asked again next time. But there's no prompt for internet access or phone identification, only an allow/deny switch in the settings screen.

The internet permission switch in LBE Privacy Guard is an all or nothing setting. If you want to allow access by WiFi but not by mobile data (or vice versa) you'll need DroidWall.

LBE Privacy Guard will only let you allow or deny permissions. It won't let you feed spoofed contacts or a fake location to an app, which is what Privacy Settings Manager is supposed to do when it's ready. LBE Privacy Guard should include a spoofing feature, because some apps break if they don't get the permissions they want, even though you may have very good reasons not to give them what they ask for.

When LBE Privacy Guard stops or starts (which it sometimes does when you change app permissions) it shuts down all sorts of background processes. This may stop your widgets from auto-updating: my clock and battery widget froze after an LBE Privacy Guard restart. My Quick Settings icon and SetVSel indicator also disappeared from the notification bar, and GO Launcher also shut down together with LBE. Only my launcher restarted by itself, I had to restart everything else myself. This is a bug that definitely needs to get fixed.

Like all privacy and internet control apps, LBE Privacy Guard requires root access. It wants internet permission too, but you can force it to stay offline with DroidWall. It tells you it's running with an icon in the notification bar and an entry when you pull the bar down. There's no option to switch off this icon yet, but maybe we can make it go away in a future version? Ask for it when you leave feedback in the Android Market to encourage the developer to add an off switch [update: the new version of LBE lets you kill the icon]. An option to protect the app with a password would be useful too.

LBE Privacy Guard (Android Market)
LBE Privacy Guard (xda developers)
tweet this reddit digg this StumbleUpon digg this digg this


  1. You might find this interesting

  2. Interesting indeed! Would it be possible to use the code in an app that works on all phones, so that you don't need to make a separate patch for every type of phone and ROM?

  3. PDroid claims those features and user-controlled data spoofing all without root ... on some phones

  4. maybe something to feed a patching engine to churn out the files one could push to a phone via ADB? since those capable of rom hacking already have super powers

  5. lastly

    I would prefer an option in LBE PG/SM to not-use-iptables but allow user selection of GUID filtering as is available to android 1.6