To Customer Support To Customer Support
Solved

Apps that can access sensitive information: Android 7.0

F
Rank
Userlevel 1
Noob here...(shoots hand up)
 
Was playing around with Webroot on my Android (Marshmallow build, Android 7.0, all current software updates) and decided to do a "Review Apps"  scan.
 
Results are unchanged for example when I access my Metronome app (and app that helps keep time in music)  It did have permissions that I thought that an app like that shouldn't have.  So I went into the app via Webroot, which took me to the Application Info
 
For a test, I turn off every single permission that it did have with the exception of Storage (assuming that it needs to keep the settings I set for it)  However, the Notifications and Permissions are not allowed or blocked.
 
I rescanned and the numbers on the initial App Inspector Review and it remained unchanged.
 
Now the real question.... Even if I turn off access to those items that I don't want it to have, can the app all of a sudden "re-tick" the checkmark without my permission or will the app continue to do what I didn't authorize it to do when I de-selected Notifications  and Permissions?
 
Just curious.
 
Thanks all,
-fryer
icon

Best answer by Ssherjj 8 June 2017, 20:25

View original

4 replies

Ssherjj
Rank
Userlevel 7
Badge +62
Hello fryerlawrence,
 
Welcome to the Webroot Community,
 
Sorry for the late response..your post must of got missed somehow..
 
I have gone into App Inspector Review/Access sensitive information. I have stopped a few of my programs by turning off notifications and permissions and uninstalled from within my Samsung Android device under Application Manager. The number of programs that access sensitive information did change when I rescanned the App Inspector Review.
 
Your question below:
 
"Now the real question.... Even if I turn off access to those items that I don't want it to have, can the app all of a sudden "re-tick" the checkmark without my permission or will the app continue to do what I didn't authorize it to do when I de-selected Notifications  and Permissions?"
 
 
No I don't believe when you change your permissions and change/stop your notifications can be reticked within the App Inspector itself. Now if an Android Application program updates from the Google Play store,  maybe then the Permissions/Notifications might change? But Webroot does not retick or change your settings without your pemission and/or de-authorizing your programs.
 
Hopefully I answered your question?
 
Maybe @ our Android Professional Expert can add to this post?
 
 
Windows Insider, iMac 2021 27 in i5 Retina 5, iMac OS Sonoma (14.3.1}, Security: iPads, W 10 & (VM:15), ALIENWARE 17R4, W10 Workstation, ALIENWARE 15 R6, W11, Webroot® SecureAnywhere™ Internet Security Complete (Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester. Security
F
Rank
Userlevel 1
Sherry,
 
You did answer my question in part.  Thank you. :0)   I think it was excellent advice when you said that when you download an app from the store originally and you update that app, the original permissions you gave the developer still stand "technically" and then the permissions could get "re-ticked" to on when you previously turned them off.
 
The main two questions I still have is lets say for example you constantly continue to update whatever said app you have on your phone, and you continue to be vigilant by always turning off permissions:
 
1. Can the app still access those permissions (provided you haven't updated the app and the permissions were turned back on somehow) if you have turned them off? [That's what I am afraid of...lol]
 
2. After turning off permissions, and after refreshing your scan of potentially harmful apps (for this example: Metronome) why doesn't Webroot change the amount to one less harmful app and continue to flag the app?
 
    a.)  Is Webroot basing that number (80 potentially harmful apps vs. 79) because of the original permissions you gave the developer?
    b.)  Doesn't Webroot see that you have technically disabled the permissions (on said Metronome app for this example) so that number should be 79 instead of 80 potentially harmful apps?
 
Hopefully I have made sense...lol ;0)
 
Please advise?
 
-fryer
 
Ssherjj
Rank
Userlevel 7
Badge +62
Hi fryer,
 
You sure have my brain working over time. LOLs
 
I'll try to answer your questions but I am not an expert per'se with Androids.
 
1. "Can the app still access those permissions (provided you haven't updated the app and the permissions were turned back on somehow) if you have turned them off? [That's what I am afraid of...lol]"
 
My feeling on this is it's not suppose to turn back on if you have turned them off. But of course the Android has more inne crontrol then we do when the default appications that come with our phones. In my experience, no the app permissions should stay off when you stop/disable it. I haven't noticed my permissions being turned on again after turning them off.
 
2. "After turning off permissions, and after refreshing your scan of potentially harmful apps (for this example: Metronome) why doesn't rebroot change the amount to one less harmful app and continue to flag the app?"
 
I cannot answer that question above. This might be a question for the Webroot Support Team.
I am not experiencing this issue with the Android Webroot app. Of course as a test you could uninstall Webroot and see if it detects that app or not.after the reinstall of Webroot.
 
a) Not sure about this question either concerning the Developer of these apps. I don't believe a Developer has access to change a program unless somehow is listed as a Adminstrator on your device. Some phones you can disable Developer mode. Not sure though.
b) Webroot should be able to detect that your app has been disabled or uninstalled. But remember If a application is malicious Webroot would notify you of such. Android User Guide Here and Here
 
Again fryer you can also Submit that Support Ticket free of charge and they can answer your questions better then I. Since I am only a volunteer here. Just put this link in your support ticket so that you do not have to explain things further.
 
Sorry i wasn't more helpful.:@
 
 
 
      
 
Windows Insider, iMac 2021 27 in i5 Retina 5, iMac OS Sonoma (14.3.1}, Security: iPads, W 10 & (VM:15), ALIENWARE 17R4, W10 Workstation, ALIENWARE 15 R6, W11, Webroot® SecureAnywhere™ Internet Security Complete (Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester. Security
Ssherjj
Rank
Userlevel 7
Badge +62
@,
 
Here is an article on Androids Requesting Permissions that might help answer one of your questions. The other question would be to ask Support why Webroot doesn't detect an app that has been disabled on a rescan.
Windows Insider, iMac 2021 27 in i5 Retina 5, iMac OS Sonoma (14.3.1}, Security: iPads, W 10 & (VM:15), ALIENWARE 17R4, W10 Workstation, ALIENWARE 15 R6, W11, Webroot® SecureAnywhere™ Internet Security Complete (Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester. Security

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.