permissions

Facebook explains why they want access to your SMS

In a recent update, Facebook gained the ability to read your text messages. For a company that has a checkered past with regard to the privacy of information, it raised eyebrows. Was Facebook trying to pry deeper into your device to force ads upon you? The explanation from Facebook points to a really simple solution.

Security concept app steals Android info with no permissions

Android security nuts, get your tin foil hats ready. A security researcher at Leviathan Security Group has posted a proof of concept application that can steal massive amounts of personal data when installed on an Android phone or tablet. No big deal, right? We've known about this sort of thing for ages. Except that Paul Brodeur's app can grab a shocking amount of data with zero Android system permissions, something that isn't supposed to be possible. The security loopholes exist in both Gingerbread and Ice Cream Sandwich, and can be presumed for other versions of Android as well.

European Commission VP eyes Android for privacy violations

Data privacy has been in the headlines a lot lately, and thanks to the latest bit of news concerning its photo system, Android is right there with it. The increased attention has brought a flurry of media coverage, and even political types (who, for better or worse, are usually a step or two behind) are getting in on the action. The Vice President of the European Commission recently told Channel 4 News that Android's potentially harmful privacy policies are concerning... and may actually be illegal, at least by European Union common law.

Researcher demonstrates an app taking over Android with zero permissions

The first line of defense in computer security is the user, or at least that's the way it works on Android. Whenever you install an APK from the Android Market or via an SD card or download, you're presented with a list of permissions detailing what hardware and software the app can take advantage of. Wary users often opt to skips apps that take more permissions than are needed, and smart developers often post reasons for requested permissions in the Market. But it looks as if there's at least one critical flaw in the Android permission system.  An R&D director with ViaForensics has proven that the system can be bypassed, by installing an app with no permissions at all that can nonetheless completely control the Android shell.