Sign in with
Sign up | Sign in

How to Check if Your Android App is Stealing Info

By - Source: Tom's Guide US | B 25 comments

There are no excuses for Android owners to follow this simple step-by-step.

Google is far more lenient than Apple regarding app development. But such openness comes at a cost. Security firm Lookout recently discovered that over 80 Android wallpaper apps collected users' personal data and sent it to a server in China.

When you install an app from the Market, a screen will tell you what the app will access. That may include your location, network communication, personal info, storage, phone calls, and your accounts. Simply read the contents of the access list screen carefully before installing any application.

For apps already installed on your Android device, you can review the access of your installed apps on the Manage Applications screen. On most Android devices, simply pull up the menu, tap Settings, and select Applications. Select an app from the list then scroll down to see the Permissions section. Anything that appears out-of-the-ordinary—like a wallpaper app that has access to your contacts, should be removed immediately.

Discuss
Ask a Category Expert

Create a new thread in the Streaming Video & TVs forum about this subject

Example: Notebook, Android, SSD hard drive

This thread is closed for comments
Top Comments
  • 12 Hide
    micr0be , August 2, 2010 6:17 PM
    a wise man once said there is no patch to human stupidity
  • 10 Hide
    zain_asad , August 2, 2010 5:36 PM
    Yeah, if a wallpaper app has permissions to your messages, calls, and sent data, it's probably not a mere wallpaper app.
Other Comments
  • 10 Hide
    zain_asad , August 2, 2010 5:36 PM
    Yeah, if a wallpaper app has permissions to your messages, calls, and sent data, it's probably not a mere wallpaper app.
  • Display all 25 comments.
  • 3 Hide
    Anonymous , August 2, 2010 5:48 PM
    Simple rule of thumb....

    Free wallpapers, ring tones, screen savers, games, it's usually Spyware or worse.

    That's why so many people are always asking to have their computers repaired.

    You'd think they would be a bit more careful with their phones.
  • 1 Hide
    asiaprime , August 2, 2010 5:58 PM
    Renegade_WarriorYou'd think they would be a bit more careful with their phones.


    think those people are followers to the apple mentality to security: they target windows machines, so we don't need to worry about security.
  • 6 Hide
    twu , August 2, 2010 6:00 PM
    There's always a price tag, nothing free.
  • 12 Hide
    micr0be , August 2, 2010 6:17 PM
    a wise man once said there is no patch to human stupidity
  • 1 Hide
    maestintaolius , August 2, 2010 6:27 PM
    Sounds like par for the course, my BB is the same way. Every time I install something I get like 5 different prompts saying Soandso requests access to this or that.
  • 2 Hide
    blahh , August 2, 2010 6:43 PM
    This whole sending data to China thing has been debunked - please do some fact checking.

    http://www.androidtapp.com/android-wallpaper-apps-falsely-accused-of-spyware-and-stealing-sensitive-user-data-fud/

  • 4 Hide
    hellwig , August 2, 2010 7:01 PM
    Always read the "fine print" under the permissions.

    "Services that cost you money" is a big red flag, but this is applies to anything that can enter in a phone number or pre-populate a text message for you. At the same time, your wallpaper app should do neither.

    "Storage" is another one. Lots of apps store settings or data on the SD card, but it still shows up in red, so is it really a problem?

    Maybe you downloaded a Flickr app, why does that app need access to your Personal Information (contacts)? Maybe the app lets you set a picture as the icon of a contact, it has to read and modify your contacts info to do this.

    My point is, its not always clear-cut as to why the app needs the data it requests. I wish google would make it a little clearer (and maybe force the developer to include a little statement as to why they need it). In the end, if you're worried, just don't download the app. Life won't end if you can't download your 23rd fart app.
  • 1 Hide
    Camikazi , August 2, 2010 7:44 PM
    micr0bea wise man once said there is no patch to human stupidity

    Well there are patches for them, the only problem is humanity always seems to be able to make a newer, more stupid version of stupidity :/ 
  • 0 Hide
    DjEaZy , August 2, 2010 7:44 PM
    ... not android app's... spyware!!!
  • -3 Hide
    Anonymous , August 2, 2010 7:48 PM
    And people wonder why Jobs prefers a "Walled Garden" approach.
  • 2 Hide
    Clintonio , August 2, 2010 8:16 PM
    MystgreenAnd people wonder why Jobs prefers a "Walled Garden" approach.

    That's not really a the point of this. It's like saying 'no wonder some parents wipe everything down with anti-bacterial wipes'. Anything that is too controlled and assumed safe will fail hardest when it's crunch time. Like those poor children's immune systems.
  • 0 Hide
    dredj , August 2, 2010 8:31 PM
    Mario wallpaper app requires internet access. Oh well, I love seeing it WAY to much to care. Compared to others, though, it's not nearly as intruding.
  • 0 Hide
    dman3k , August 2, 2010 9:01 PM
    MystgreenAnd people wonder why Jobs prefers a "Walled Garden" approach.

    Since the whole story about the wallpaper spyware has been declared as FUD, I'm just going to say Apple Sucks and be done with it.

    http://www.androidtapp.com/android-wallpaper-apps-falsely-accused-of-spyware-and-stealing-sensitive-user-data-fud/
  • 0 Hide
    kingssman , August 2, 2010 9:17 PM
    while there are some great wallpaper/ringtone apps that i'll accept network access on due to their ads, Sometimes things like "media manager" or other location and GPS based tools are really trying to steal my information.
  • 1 Hide
    milktea , August 2, 2010 9:48 PM
    blahhThis whole sending data to China thing has been debunked

    I don't care if sending those data is legit or not. I would never allow a wallpaper to send any data. If the developer really needs to improve the content of their product, they should do so explictly and not hiding it from the user.
    Most newer applications now would ask you for permission before sending any data. And all developers should follow this standard of practice. Otherwise, I would consider them as non-legit.
  • 1 Hide
    Anonymous , August 3, 2010 3:31 AM
    The sending data to China HAS NOT been debunked!
    You mean to tell me that a wallpaper needs to collect device id,phone number and subscriber id and then you have the audacity to say it's not gathering user data! How is that not user data and why is a wallpaper collecting those things?
    Sure thing Chang, keep thinking everyone in the world is stupid. They should ban Chinese software, it seems you can't trust anything coming from that country.
  • 0 Hide
    xtc28 , August 3, 2010 6:16 AM
    Fact check!!??
  • 1 Hide
    Anonymous , August 3, 2010 12:10 PM
    @yurismirov the combination of phone number & device id is a great way to remember you across devices and provide personalisation like favorites without an explicit registration.

    Also keep in mind that free applications may need internet, location and phone state to provide ads.
    Android ads by Apple/Quattrowireless require

    # INTERNET
    # READ_PHONE_STATE
    # ACCESS_COARSE_LOCATION
    # ACCESS_FINE_LOCATION

    Source: http://wiki.quattrowireless.com/index.php/Android
  • 0 Hide
    sheepherd , August 3, 2010 2:14 PM
    is it just me or cant you do that on droid/milestone with 2.1?
Display more comments
Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter
  • add to twitter
  • add to facebook
  • ajouter un flux RSS