Question Allowed all the time location permissions - Samsung Galaxy S23 Ultra

On my new S23U, I noted after doing the smart transfer of all my stuff from my old phone that Android System Intelligence and Google were both given "Allow all the time" location permission. Of course, I removed it immediately.
The only thing I'm uncertain of is whether this was the case before I did the smart transfer - does it really require allow all the time location permission for Android System Intelligence?
Anyone able to confirm what the setting is out of the box?

Related

[Q] Appropriate permissions request?

I would like to use an application to enable remote access to a security DVR from an Android phone. The app requires permission for "read phone status and identity".
That doesn't seem like an appropriate permission, since the application has nothing to do with the phone number or the phone operation. It would work equally well without any phone functionality.
I contacted the developers, and they say:
"The application makes that request to get though the firewall on the phone.
The program does not store or use that information.
If you manual set permissions in the firewall then the program will need the permission."
Does that make sense to anybody? Is there a "firewall" in Android that is somehow related to phone state and identity?
Before I call BS on this response, I wanted to check here with the experts just in case there is some obscure relationship.
Thanks!

[Q] permisions [Noob Alert]

Being a Noob to Android I thought I'd install some location based profile software which is one of the things that Android owners always say they can do which is lacking from the iPhone.(where I come from)
Lamma seems to be recommended but the permissions it asks for include:
"Add or modify calendar events and send email to guests without owners' knowledge. read calendar events plus confidential information"
clicking on the detail is even more scary.
Android tells you what it's going to do - but do users actually allow this? Most apps seem to want permissions that you would have to be mad to accept.
Can I not install any useful app without agreeing to terms that are unacceptable?
What am i missing? Do people just allow unrestricted access? Not install any app? or is there a way of installing apps but not giving them stupid access?
I can't believe people allow that sort of access - I must be missing something.
Some custom after market ROMs allow to drop any permission by user but it may render app useless.
Most of the time apps are not malware, but sometimes they may be. You can contact developer of the app requesting for reasons of these permissions and he may reply better.
you can always use auto start manager app within the rom toolbox to control the permissions of the apps..
Confucious said:
Being a Noob to Android I thought I'd install some location based profile software which is one of the things that Android owners always say they can do which is lacking from the iPhone.(where I come from)
Lamma seems to be recommended but the permissions it asks for include:
"Add or modify calendar events and send email to guests without owners' knowledge. read calendar events plus confidential information"
clicking on the detail is even more scary.
Android tells you what it's going to do - but do users actually allow this? Most apps seem to want permissions that you would have to be mad to accept.
Can I not install any useful app without agreeing to terms that are unacceptable?
What am i missing? Do people just allow unrestricted access? Not install any app? or is there a way of installing apps but not giving them stupid access?
I can't believe people allow that sort of access - I must be missing something.
Click to expand...
Click to collapse
You really have to think about what the app could be using the permission for, for example something like tasker pretty much needs every permission going because it allows you to set anything up as a profile etc.
The rule of thumb is to look at the app reviews, look at the permissions and just think about what the app could be using it for.
Sure a soundboard style app shouldnt need to make phone calls but many apps do need permissions that at first glance you might not think are needed.
And if your really in doubt email the developer and ask them to explain why they need this permission.
Surprise :laugh:
http://www.xda-developers.com/android/manage-individual-app-permissions-with-xprivacy/

Which of those Apps/Services shouldn't have a full access to Android ?

So I have lately I have bought a Chinese Smartphone and when I looked at Settings -> Apps -> All some of the apps have a full access to my smartphone which is rather scary, can someone please help me identify which service/app shouldn't have a full access to my phone and also is there a website in which I can type the name of a service/app and it would tell me which permission it requires ? So this is the list:
Atci_service
BSPTelephonyDevTool
com.mediatek
com.mediatek.batterywarning
Common Data Service
EngineerMode
Factory Mode
FotaProvider
Fused Location
Google Account Manager
Google Play services
Google Play Store
Google Services Framework
Input Devices
Key Chain (A lot of permissions)
MmsService
MTK Thermal Manager
Phone
Phone/Messaging Storage
Schedule power on & off
Settings
Settings Storage
Shell
SIM Tool Kit
SmartcardService
System UI
UpgradeSys
User Dictionary (Why does it have a full access to my SMS/MMS and full network access (?)
YGPS
Search Application Provider
Google Contacts Sync
Google Backup Transport
Google App
Very Suspicious Services/Apps:
MTK Android Suite Daemon (e.g it can read phone status and identity or do everything it wants with a SMS or MMS (?) )
MTK NLP Service (What is this and what does it do
MTK Thermal Manager (Why does controller for a battery needs to have a full access to Android (?)
MTKLogger (Is this a spyware (?)
Omacp (e.g it has access to a "Modify secure system settings" or can do whatever it wants with either phone call or SMS/MMS.
Phone (I have two of them and the first one have handful of permissions where the second one has a full access to Android (?)
Shell (What is this ? It mainly has access to " access extra location provider commands, interact acreoss users etc, is it possible that this might be a backdoor ?)
UpgradeSys (I have never noticed it on another smartphone, same as Shell.)
Normal (What is this app ?)
LocationEM2 (Again, what the hell is this app ?)
What I don't understand is that many apps/services has permissions which they shouldn't have .... I have tried to for example find out what's LocationEM2 or MTKLogger but I have ended up with nothing ....
I was also thinking about rooting the device and install some firewall to block incoming connections to such apps/services which are suspicious or what's better remove such permissions. Also I know that Common Data Service can serve as a backdoor. Also I didn't connected this device to a Wi-Fi as I want to sort this stuff out first and it's a bit scary what's going on underneath the mask in this smartphone with services/apps and I must admit I'm a bit concerned about credentials used on such device. Also what's weird is that most of the services/apps I can't disable when for example on Sony Xperia M2 I could do it with most of them.
Can someone give me a hand here please ?
Kind Regards
Key Chain is a serious Virus i know.
Key Chain is a serious Virus i know. On other i have same question. I need to know about those app.

Truly blocking Internet permission using Xprivacy

My plan is to modify permissions for almost every app on my phone including system apps.
There will be 2 categories:
1. Apps that need to be able to phone home (Internet access, I guess).
(For those I want to block access to all my personal information / data.)
2. Apps that don't need to phone home.
(For those I just want to make sure the apps can't leak my data/information.)
Now let's say I want to prevent an app from accessing the Internet:
Is it enough to just tap the according check box? Because some of the 'functions' listed under that category don't get a check mark by default. Which of these functions do actually make sending/receiving data over the Internet possible?
I'm not an Android developer, so I don't know what all the 'functions' can potentially do/expose. What is your advice for people like me? Should I just disable all functions under a category that I want to restrict and see if it works? Or am I truly expected to become an Android developer and understand every single class member listed in the app? It would be nice to have a short explanation and assessment for each function.

Why does BLE scanning reuquire ACCESS_FINE_LOCATION, but CompanionDeviceManager not?

Starting with Android 6(?) your app needs the ACCESS_FINE_LOCATION permission and the user has to turn on the system-wide location setting in order to scan for Bluetooth devices from the app: https://stackoverflow.com/questions...-bluetooth-low-energy-scanning-on-android-6-0
Google is arguing that you could use just the Bluetooth data to find the location of the phone and thus hid Bluetooth scanning behind the location permission. (Which my opinion is ridiculous because they could have added a separate permission instead of forcing the user to give up all their battery life to GPS and WiFi location tracking.)
Now with Android 8 there appears to be a new API, namely the CompanionDeviceManager:
https://developer.android.com/guide/topics/connectivity/companion-device-pairing
This API only seems to require adding the FEATURE_COMPANION_DEVICE_SETUP feature to the manifest, but yet it allows scanning for Bluetooth devices, even with the system-wide location setting turned off.
Now I'm wondering if that API is somehow anonymizing the Bluetooth data, e.g. by removing the MAC addresses or what else could be the reason for why Google thinks that this does not need to be hidden behind the location permissions?
No one?
Any suggestions on other forums where people might be able to help me?
Don't think anyone here can answer your question.
Damn... I was really hoping to find an anser to this. :/

Categories

Resources