Guest Eildor Posted October 17, 2010 Report Posted October 17, 2010 I had my phone on charge and went upstairs for about 10+ minutes; on my return I found my display on (I think it was on the lock screen, and I unlocked it). I think there was a web page up, not sure because I pressed back quite quickly. About half an hour earlier I downloaded some apk files so I'm a little concerned that perhaps those files had something malicious in them. Is it possible for someone to take control of your phone via installation of an apk file / application? Also I may as well also ask; does rooting make your phone less secure? If it is indeed possible, is it likely that my accounts such as my Google Mail account has also been broken into? You never have to enter your Google Mail password in, so how does it remember the password exactly? Does it store it in the phone somewhere or does it somehow securely log you in? Thank you, Eildor
Guest xzyk Posted October 17, 2010 Report Posted October 17, 2010 I had my phone on charge and went upstairs for about 10+ minutes; on my return I found my display on (I think it was on the lock screen, and I unlocked it). I think there was a web page up, not sure because I pressed back quite quickly. About half an hour earlier I downloaded some apk files so I'm a little concerned that perhaps those files had something malicious in them. Is it possible for someone to take control of your phone via installation of an apk file / application? Also I may as well also ask; does rooting make your phone less secure? If it is indeed possible, is it likely that my accounts such as my Google Mail account has also been broken into? You never have to enter your Google Mail password in, so how does it remember the password exactly? Does it store it in the phone somewhere or does it somehow securely log you in? Thank you, Eildor I suppose it is not above the realms of possibility. Indeed some of the 'free' apk display ads by using data exchanged between your phone and website, but its the 'price' we have to pay for some of these 'free' apps. Regarding your passwords, especially google account, if its anything like on PCs then the password would indeed be kept on your phone, BUT in encrypted form. If you are worried, then simply log back into your google account and change the password, its a relatively quick process, indeed this is good computing practice although i appreciate many of us just keep the same password for months if not years.
Guest ken218 Posted October 18, 2010 Report Posted October 18, 2010 In theory, if android apps need to access part of the system (say - your contacts), it needs to request for permission. These permissions requests are shown when you try to install apps. It warns you what permission(s) this app is likely to consume (stupid enough, requesting permissions doesn't mean it will be used). So, when you install apps, if you see the app request permissions you not comfortable with, STOP!
Guest Eildor Posted October 22, 2010 Report Posted October 22, 2010 Well, I wouldn't be comfortable with quite a number of apps if I were to judge by the permissions they need. Suppose an app needs access to your contacts, does that then mean it can access your contact list and send that information off to somewhere? Surely there would be a way to detect/prevent that sort of thing happening? Like how a firewall would work on a computer.
Guest ken218 Posted October 22, 2010 Report Posted October 22, 2010 Well, I wouldn't be comfortable with quite a number of apps if I were to judge by the permissions they need. Suppose an app needs access to your contacts, does that then mean it can access your contact list and send that information off to somewhere? Surely there would be a way to detect/prevent that sort of thing happening? Like how a firewall would work on a computer. If the app gets premission to access your contacts, then it will be able to access ALL your contact infos. BUT, if the app wants to steal your contact info, whatever it reads, it must find a way to send them out. If it doesn't have Internet permission, it won't be able to send the info to the "secret" location where all the data are collected. So, 2 issues here 1) what permission does the app request? 2) if the app request permissions which you think was unnecessary, do you want to trust whoever made the app? I see apps requesting Internet permission because the developer wants to make money from showing ads (which needs internet permission) Since it doesn't request permission to access my personal info, I accepted it. Regards to firewalls... maybe there is an app for it which I just don't know about?
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now