Skip to main content

Five permissions Android games do not need

 

Five permissions Android games do not need

You can refuse some permissions to greedy games, and they most definitely do not need these five.

Some Android games ask for a bunch of unnecessary permissions. Here are five you shouldn’t give them.

By default, apps on your phone have very limited permissions. To gain access to most of your data — and potentially dangerous Android features — they need your explicit consent. Android does that for security reasons; if permissions have potential for abuse, it’s better if an app doesn’t have them by default.

Apps actually need some permissions to do their jobs. For example, AR games really do require access to the camera. But even legitimate apps often want more than they really need. Here are five permissions that bona fide games definitely don’t need, and of course malware masquerading as a game would love to have.

For this post, we’re using the names of permissions and their paths in the “clean” Android 10. In other versions and on devices from some vendors, they may differ slightly.

Accessibility

What it is. Accessibility comprises a set of Android features that can help enable people, in particular people with disabilities, to use the device. Apps with Accessibility rights can see everything that happens on the screen, and control everything as if they were the user: change settings, perform actions in other apps, and so on.

One example of an app that needs Accessibility permissions is a voice assistant, which uses them to execute voice commands and to read information from the phone out loud. Games do not need this feature set.

What’s the danger? An app with Accessibility access can do almost anything on the device. For example, it can perform online banking transactions, write and read e-mails and other messages, change screen settings, and more. Generally, despite the innocuous-sounding name, this is a very dangerous permission.

Where to check. Settings → Accessibility

Device admin apps

What it is. Device admin apps involve remote control of the device. The permission might be needed if the phone is used for work, for example, and the company’s system administrators require access to it. Generally apps do not need this permission — and you certainly should not grant it to games.

What’s the danger? Armed with admin rights, apps can change the device’s password, lock the screen, delete files, and so on. What’s more, getting rid of a “game” with admin rights won’t be easy; the permission is intended for corporate admin tools that employees should not remove from the phone.

Where to check. Settings → Apps and notifications → Advanced → Special app access → Device admin apps

Install unknown apps

What it is. Permission to install unknown apps means having the ability to download other apps from anywhere, not only from Google Play. Games simply do not need that ability.

What’s the danger? Even if a game isn’t malicious, this permission lets it download “partner apps” to your smartphone or tablet, and those can be very difficult to get rid of later. Moreover, some partner apps might slip you some genuine malware. Don’t give this permission to anything, and download apps only from official sources.

Where to check. Settings → Apps and notifications → Advanced → Special app access → Install unknown apps

Display over other apps

What it is. Permission to display app windows on top of any running apps. Facebook Messenger uses this feature to show the chat icon even when you’re using another program, for example.

What’s the danger? This permission offers minimal benefit to the user, but it can cause significant harm. An unscrupulous game might use it to display banner ads on top of other apps. And if it turns out to be malware in disguise, it can lock the screen and demand ransom, or sneak in a fake form for entering bank card details. Or overlay a fake virtual keyboard atop the real one to read everything you type.

With a clever overlay obscuring the app you think you’re using, criminals can also get your consent to just about anything. In one scenario, an app requests access to, say, Accessibility permissions, and displays a window over it with an innocent message — say, that the content is temporarily inaccessible. This window covers everything except the real OK button in the request. The unsuspecting user taps it, and boom, cybercriminals have Accessibility in the bag.

Where to check. Settings → Apps and notifications → Advanced → Special app access → Display over other apps

SMS

What it is. SMS permissions give an app the ability to read and send SMS, MMS, and WAP Push messages. Games don’t need it, and they can’t even get it unless you make them your default app for handling text messages. But malware pretending to be a game may demand it.

What’s the danger? With access to text messages, apps can subscribe you to paid services by sending messages to short numbers. They can also spam your contacts (on your dime).

Most dangerous of all is that this permission lets apps intercept text messages with one-time confirmation codes from banks, enabling attackers to log in to your personal account and steal your money.

Where to check. Settings → Apps and notifications → App permissions → SMS and Settings → Apps and notifications → Advanced → Default apps

Don’t give games more than they need

Android offers lots more permissions. Here, we’ve just covered those that must never be given to games under any circumstances. But you should treat other permissions with care as well.

When it comes to device security, you can never be too cautious. If some three-in-a-row game wants access to your camera or microphone, just say no. And if a game really does need a permission to work, you can always issue it later.

Labels

Labels:

Comments

Post a Comment

Popular posts from this blog

How to secure PayPal

How to secure PayPal By- Aarti Jatan Your online finances need proper protection. Learn how to secure your PayPal account. With hundreds of millions of users around the world, PayPal has long been an international leader in the electronic payments industry. But as we know, money never fails to attract fraud, especially now, with as much of life as possible taking place online. Here is what you need to do to stay safe when sending or receiving money through PayPal. How secure is PayPal? As a matter of fact, PayPal is quite a reliable platform that maintains a high level of security — and keeps improving it. Thus, the company has an official program deploying white hat hackers to unearth vulnerabilities (the so-called bug bounty), under which it has already paid out almost $4 million since 2018. The program also covers several other services owned by PayPal, such as Venmo. PayPal also treats its users’ data responsibly: It did have one reliably reported leak, in 2017, but the leak invol...
Post a Comment
Read more

10 tips for Zoom security and privacy

10 tips for Zoom security and privacy By- Aarti Jatan Gain full control over your Zoom video conferences, family gatherings, and online bar crawls . With social distancing and quarantine measures implemented around the globe, people quickly started searching for effective means of communicating with each other. With its reported ease of use and attractive pricing, Zoom quickly rose in popularity — and people quickly figured out that Zoom’s developers weren’t fully prepared for the level of scrutiny it would receive. With so much use, Zoom’s flaws came rapidly to light. The company handled the tremendous increase of workload seamlessly and quickly reacted to security researchers’ discoveries. However, just like with each and every service, code updates will not address every complaint, but some issues are very much worth keeping in mind. So, here we offer 10 security and privacy tips for Zoom users. 1. Protect your account A Zoom account is just another account, and in setting yours up,...
Post a Comment
Read more

Woman dies during a Ransomware attack on a German hospital

Woman dies during a Ransomware attack on a German hospital It could be the first death directly linked to a cybersecurity attack A woman in Germany died during a ransomware attack on the Duesseldorf University Hospital, in what may be the first death directly linked to a cyberattack on a hospital. The hospital couldn’t accept emergency patients because of the attack, and the woman was sent to a health care facility around 20 miles away, the Associated Press reported. The cyberattack was not intended for the hospital, according to a report from the German news outlet RTL. The ransom note was addressed to a nearby university. The attackers stopped the attack after authorities told them it had actually shut down a hospital. Health care facilities are one of the biggest targets for cyberattacks, and cybersecurity experts have warned for years that most hospitals aren’t prepared . They rely heavily on devices, like radiology equipment, that are often connected to the internet. Without those...
Post a Comment
Read more