Why You Should Never Click "Agree to All"

Have you ever noticed during the phone setup or installing the apps, android phones ask permission for the apps with the options that vary with the software we use and
  • Android 11
    • Allow while using the apps
    • Only once
    • Deny.
  • Android 10
    • Allow all the time
    • Allow only while using the app
    • Deny
  • Less than Android 10
    • Allow
    • Deny
Suppose you are using Android 11 and gives permissions to the apps as "Only once" or "Allow while using the apps". In that case, you may be safe to some extent from the privacy exploits. Still, suppose you click "Agree to All" concerning any android version you are using. In that case, it may cause many privacy concerns as the apps we gave the permissions can access the camera, location, storage, and share your data and exploit our privacy. But as per our survey, most people agree to all the permissions. So, We want to create awareness among the people regarding this by explaining the threats they will be facing and also suggest them with permission set for the apps which can decrease the privacy attacks on their mobiles.

Privacy threats in Android Mobile phones

  • Data Leaks
    • These mobile malware programs use distribution code native to popular mobile operating systems like iOS and Android to move valuable data across corporate networks without raising red flags.
  • Network Spoofing:
    • Network spoofing is when hackers set up fake access points connections that look like Wi-Fi networks but are actually traps—in high-traffic public locations such as coffee shops, libraries and airports.
  • Spyware:
    • A comprehensive antivirus and malware detection suite should use specialized scanning techniques.
  • Phishing Attacks:
    • Because mobile devices are always powered-on, they are the front lines of most phishing attacks. According to CSO, mobile users are more vulnerable because they often monitor their email in real-time, opening and reading emails when they are received.
               


  • Unsecured Wi-Fi:
    • No one wants to burn through their cellular data when wireless hot spots are available—but accessible Wi-Fi networks are usually unsecured as they can be easily hacked by technology experts
  • Broken Cryptography:
    • According to Infosec Institute training materials, This can happen when app developers use weak encryption algorithms or fail to properly implement strong encryption.
    • With the less secure encryptions, an attacker can exploit the vulnerabilities to crack passwords and gain access.
  • Click-fraud advertising embedded in the app.
    • Surprisingly, advertisement fraud is one of the most profitable criminal enterprises nowadays, and mobile apps appear to be a vital part of this subtle crime.
    • According to data published by the World Federation of Advertisers, it tops the US $19 billion each year.
  • Camera and Microphone access to third-party apps


Survey

These are some of the important survey results that show the users viewpoints on the privacy issues and app permissions














Solutions

We should avoid any app permissions that are unnecessary for an app to work. In general, the android permissions are categorized into standard and dangerous permissions. The normal permissions do not pose any risk to personal data or device functionality. The dangerous permissions require the user's consent to use. These permissions want the data and resources that involve the user's privileged information. So, we should avoid any unnecessary permissions that are mentioned below figure.






Android 12

Most of the privacy concerns regarding the android apps are resolved by android 12 by taking appropriate measures. The proposed actions by the android 12 are
  1. A new indicator in the phone's status bar with which one can know if the microphone and camera are being used or not
  2. Giving the users a choice to display users location precise or approximate
  3. A dashboard with all the permissions of the apps and their usage of the location, camera, microphone features








    Video Link: https://drive.google.com/drive/folders/1pQLmtC8thtcLWcjCryL8Qd_5nXMp1vOh?usp=sharing
































    Comments

    Post a Comment

    Popular posts from this blog

    Applications of NLP in Privacy Policies

    Image
      Photo by Marija Zaric on Unsplash How many privacy policies have you accepted without knowing what the policy states? We're guessing that number is probably pretty high. And you are not alone. A  survey  of 2100 individuals conducted reported that 87% of individuals accept policies without reading them. Common reasons for this included the length and general readability of the policies. Of the top 500 websites, the average reading score was comparable to that of a high school student , while the average reading level of US adults is that of the 7th grade. Luckily, Natural Language Processing (NLP) can help. For our project, we set out to detect the readability of current privacy policies (spoiler alert: you'd need to have at least completed high school to make sense of what you agree to). We also wanted to see how we could make the readability of the policies better. So what did we do with the privacy policies? We used privacy policies from the  OPP-115 Corpus ...
    Read more

    "TL;DR: No more an excuse!": On making privacy policies easier to read and interpret

    Image
    Introduction Many websites collect, share, and use users’ Personally Identiļ¬able Information (PII). Many regulatory bodies around the globe have long enforced requirements on posting privacy policies online. Over the past few decades, however, the collection, sharing, and usage of users' PII have risen to a major privacy concern over the internet, so much so that newer laws have gone into effect to protect user privacy. Prominent examples of such laws are the General Data Protection Regulation (GDPR) in the European Union and the California Consumer Privacy Act (CCPA) in the United States. Research has shown, time and again, that privacy policies are too long and hard to comprehend for their intended users, and therefore users rarely take the time and effort to read them. Privacy Policies are getting longer over time and increasingly difficult to read. To address the poor readability of privacy policies, we have developed tools that leverage machine learning (ML) to automatically s...
    Read more

    How private is the Instagram Private mode?

    Image
      Introduction: In today's world maintaining a social media presence is just as important as maintaining a resume. With Globalization, comes the need of fast and reliable communication and social media platforms like Twitter, Facebook, Instagram, LinkedIn, etc are quick to fulfill this need, thus creating, a still expanding, market of people's identity, expressions and emotions with the help of computer algorithms, powerful processors and mighty memory units.  "Why call it a market?", One might ask, and rightfully so. Such a person must understand that despite the wholesome implications of bringing families and friends together, Social Media platforms are businesses run by big corporations. They run on advertisers money (among other things) and their ultimate goal is to rake in more and more profit. And a business whose most defining feature is to collect, store and display the private and sensitive data of billions of people, must implement at least som...
    Read more