Google now allows apps to silently take control of your device

The Hacker News recently reported on a new update to the Google Play Store and how it updates applications on user’s devices. What seems like an innocent change for Google to make in that they want to protect users, may actually harm them.

When you install apps to your device you get the familiar screens outlining the permissions the application is requesting, IE Facebook may request the camera so you can upload pictures using the in-app controls. In the latest update to the Play Store however, when an app updates it can give itself new permissions that could be against the users will and compromise security and privacy for the user.

Permissions may allow an app to modify data on the device, read SMS messages and view contact list.

Whilst there are controls buried in the settings that you can change to show the new permissions DTL advises against using any of the Google Apps as they’re proprietary software and so you can’t be too sure what they’re doing on your device. In addition, because they’re Google apps it is safe to assume they will be used to monetise your information.

DTL recommends using a custom ROM (CyanogenMod) and then just install the F-Droid app store. This app store only offers free software and explicitly asks for your permission before it updates any applications. Using the software provided here will likely mean expanding device life time too because typically they are a lot lighter on resources. Read more over at Free Software Foundation Europe’s dedicated page.

Advertisements