It seems like a growing number of (seemingly legitimate) apps casually claim the "Services that cost you money" permissions (making calls and sending SMS) for non-essential secondary features that aren't the main thing people download the app for.
A couple of examples I've seen recently are Any.Do and 2Do. These apps' primary purpose is managing to do lists and projects, but they have secondary minor features that use these permissions (I think it is for scheduling responses to missed calls and sharing tasks by SMS).
I don't want to allow any non-official app on my phone to make phone calls or send SMS. It's just not something I need 3rd party apps to do for me, and I'm not interested in these secondary features. The developers look reasonably legit - but I generally prefer not to feel like I'm unneccessarily handing a company I don't know an open wallet. But I would, ideally, like to be able to use these apps for their primary features, which appear to be very good and better than the competition for what I want.
Is there any way to download these apps and prevent these permissions from being used? Or to make it so any time they did try to make a call or send an SMS, I get some kind of system confirmation notice and the opportunity to stop it before it happens.
(please note this isn't a question about to-do apps, I'm aware there are loads of alternatives that don't use these permissions. It's a question about any kind of app you want for any reason, that requires call and SMS permissions for a non-essential minor feature you're not going to use)
Ideally I'd prefer not to need to root the phone to do this. I've looked at the app Permission Denied (requires root acces) and while I love the idea of what the app does, it sounds like a complicated road that I don't have time to go down. Likewise for custom ROMs.
I don't mind if it's a blunt solution that stops any app except the Android phone interface itself from making calls or sending SMS. In fact, that would be ideal. I thought about trying to use an app like Tasker to set up a trigger on any ongoing call or SMS that cancels it if it wasn't called directly by the Android phone interface, but I doubt that it would work (and of course Tasker uses these permissions itself...).
Also ideally I'd prefer not to need to spend lots of time in airplane mode unable to receive normal calls or messages - but I'll accept a strong solution that involves using airplane mode some of the time if there is no better approach.
I also don't mind if a solution causes the app to crash or force close any time it tries to use one of these permissions. If it thinks it needs to make a call or SMS, that itself is a sign that something is wrong.
This earlier question covers somewhat similar ground but with a focus on data privacy, monitoring, and proper sandboxing for rooted phones. Only one answer there seems like it could be a non-root solution to this specific problem - the app App Shield - but it seems to be no longer available (dead link and nothing relevant in Google Play app search).
EDIT - I've added a seperate linked question trying to find out what the deal is with App Shield: Is App Shield safe, stable, available?
Phone is a Samsung Galaxy Note if that's relevant.
Answer
Marshmallow (Android 6) has a new permissions model. Applications targeting Marshmallow can now be restricted to fewer permissions at runtime, and these applications should fail gracefully, rather than the all-or-nothing permissions model of prior Android versions. In Marshmallow, this is a feature of the standard OS, and does not require rooting or additional applications.
No comments:
Post a Comment