4

Does anything stop an application with Photos/Media/Files and Other ("full network access" and "run at startup") permissions from simply uploading ALL of your photos and videos to some stupid server they control?

Is it access to store and read their own photos/files, or total access to everything on the phone? Does it matter if it's on an SD card or internal storage?

User
  • 43
  • 1
  • 1
  • 3

2 Answers2

1

If an app has access to your data and the Internet, there's actually nothing to keep it from doing such things indeed. But if it did, it probably won't go unnoticed (as it would use bandwidth for that, someone surely would have noticed). Which is one reason one should prefer apps already used by many people, and from a trustworthy source.

Izzy
  • 91,166
  • 73
  • 343
  • 943
  • Why doesn't Android let you choose which permissions to give an application??? – User Mar 04 '15 at 03:25
  • That's a speculative question we cannot answer here – while most of us wished it were that way. It even looked as if Google were taking that approach, when "AppOps" was found with 4.3 – but then again that was buried. For alternatives, take a look at my Permission Manager list; but most of them will require your device to be rooted. – Izzy Mar 04 '15 at 07:09
  • Yep, it was more of a complaint than a question. – User Mar 05 '15 at 05:54
  • Granular permissions management will be introduced in Android M. For those of us stuck with Android L and below, privacy issues are indeed a concern. Even apps with hundreds and thousands of downloads may not be trustable! No one takes time to audit everything. Bandwidth usage isn't a good guide unfortunately. Just be careful. – Kevin Lee Aug 25 '15 at 15:44
  • Btw, the photos media and files permission group should apply to both internal storage and the external SD card. Note that a portion of the storage is private no matter what, e.g. every app has its private folder due to app sandboxing. It's up to the developer on how they use the private or public folders. Photos are stored in a public folder. – Kevin Lee Aug 25 '15 at 15:53
  • Is there any change on what can a user do about this as of today? – sancho.s ReinstateMonicaCellio Nov 12 '21 at 09:24
  • @sancho.sReinstateMonicaCellio depends on your device and software. Some ROMs offer to disable network permissions as well (stock Android does not). And you can use Firewall apps (e.g. AFWall+ if your device is rooted, or NetGuard otherwise) to achieve the same. Or you can deny those apps access to your media. Third variant is using only trustable apps where the question doesn't come up – which to my experience is the case for apps you install from F-Droid (I've dumped PlayStore altogether and only use F-Droid). – Izzy Nov 12 '21 at 18:47
  • @Izzy - I also prefer F-Droid, if possible. but as of today, the options are much more limited. As for trustable apps, of course that is one criterion to follow... but it is much worth adding further scrutiny. – sancho.s ReinstateMonicaCellio Nov 12 '21 at 19:31
0

If your device is Android version 4.3 and 4.4 or above, Google introduced AppOps application permission manager functionality,You can control the way an app can access specific permissions like Internet,File read or write,Read gps locations,etc.

Just goto Setting>Security and enable App permission.So each and everytime an application tries to access anything specified in its permission.And notification will be shown asking you to confirm access or jz deny it.

Hope it answered the question.

ShihabSoft
  • 101
  • 2
  • I have Android 4.4.4 but I can't find anything like that under Security. – User Mar 04 '15 at 03:24
  • Jz look out one more time.In phone settings not google settings.Then go to security there is an option called "App Permissions" Jz click the button along with that option to enable. – ShihabSoft Mar 04 '15 at 05:07
  • @ShihabSoft That AppOps interface has never been official. It was a hidden activity when found first with 4.3, got harder to unveil with 4.4, and AFAIK finally disappeared again altogether. There are several apps which can make it visible (see my Permission Manager list), but those are often depending on specific Android versions (due to the fact described before). – Izzy Mar 04 '15 at 07:12
  • So if I root my phone I can do this? Android 4.4.4 – User Mar 05 '15 at 06:05
  • @Perce Definitely – with more than one app from the list I've linked. I do so for years already, forbidding apps access to location, contacts, and more. – Izzy Mar 05 '15 at 07:39
  • Always been reluctant to root (warranty void scare for a brand new Note Edge) but this might be the motivation. – User Mar 05 '15 at 15:33