How to Stop Apps Tracking You on iPhone and Android Using App Permissions

4

Apps, the lovely icons that appear on our phone and allow us to complete a multitude of tasks, anything from watching a movie to reading a book or even playing a fun game. While these apps provide great functionality and endless hours of fun, we rarely think about whats going on in the backend. We rarely stop to think if there are analytic trackers, if the app is spying on our call logs, or anything of the sort, I mean why would we right? It’s just an app.

While we may want to believe these apps are playing by the rules, that’s rarely the case. More often than not company’s and developers will try to slip in all sorts of nefarious junk. This includes ads, malware, invasive tracking, private APIs among other intrusive measures to get into your private phone data. Unbeknownst to you all sorts of creepy stuff is going on in the background, with simple apps going far beyond their basic needs. This includes trying to access your contacts, call logs and often times even your location.

That’s right, all of this goes on in the background without your knowledge nor consent. Creepy right? Well thanks to Google and Apple’s most recent updates-Android Marshmallow 6.0 and iOS 9-they have actually integrated a feature known as App Permissions that can stop overly intrusive apps from accessing your data.

No downloads required, it’s integrated right into the OS, meaning Google and Apple obviously want you to have control over these settings. We can only hope in the near future these types of permissions will be restricted by default, meaning companies would not be able to intrude on user data by default, making users explicitly grant apps these permissions. With the current state of privacy, it’s not an implausible solution to the ongoing and incoming amass of data collection.

What are app permissions?

App permissions are just as the name suggests, permissions for apps. More specifically, this new app permission feature actually allows you to control what data apps have access to. If you’ve ever had an Android phone and downloaded a simple app from the Google Play Store, lets just say a Flashlight, you will often see Google warn you what type of data the app is requesting access to. These permissions allow you to actively control what type of data you share with what apps, regardless of the developers default settings. These permissions have become so necessary because completely basic apps are requesting a multitude of data. As stated above, why would an app that turns your camera flash into a flashlight need access to your microphone and contacts? Spooky right?

Well this is all too familiar, completely basic apps requesting completely unnecessary amounts of permissions. Now if your an Apple user you may have never once experienced these permission requests until just recently. Sometimes when you open apps it will notify you that the app is requesting permission to your location or another area of your phone, which you can easily click allow or deny. Apple only recently implemented this much necessary feature in iOS 8, while Google on the other hand has had the permissions listed for as many years as I’ve been using Android.

Now only recently, both of these companies have implemented features allowing you to individually control the specific permissions apps are granted. In short this means you can individually control what data apps do and don’t have access to. These newly granted permissions Google and Apple have granted users are perfect for people like us who want to control what data companies should and shouldn’t have access to. I don’t know about you, but I personally don’t want a Chinese company who produced a Flashlight app to have access to my photos and call logs, but that’s just me.

How to Control App Permissions on Android

Video:

App permissions have been around in Android for awhile now, first making their appearance in custom ROM’s and just recently Google actually baked it right into the Android OS.

Google has done a perfect job at making app permissions easier to manage than ever! To start, open up your Settings app and navigate down to the Apps submenu. From there click the gear icon on the top right then click app permissions.

How To Use Android App Permissions

Now a huge list of permissions should appear. From here you will be able to see what apps are requesting access to specific data, as well as being able to enable or disable any permissions already granted.

Scrolling down the list may seem worrisome as some apps are requesting access to your body sensor, locations, photos and all sorts of creepy stuff. Now we can’t really guide you on what to disable as it’s your phone, but more often than not, there is zero reason a game needs to know your location or have access to your call logs.

To begin, start disabling all the fun apps that are requesting access to your location. You may also want to look for apps requesting a little more information than the need, for example a Calculator app requesting your location or contacts. There is zero reason a Calculator app would ever need access to any form of data on your phone. Here is just one picture of our location permissions, as you can see everything that can be disabled has been, due to Google Play Services needing location data.

Prevent Android Apps Tracking Your Location

Just remember, not only will this protect your privacy but it will also vastly improve your battery life!

How to Control App Permissions on iPhone & iPad

Video:

It’s here, Apple has finally integrated and fully allows you to see what permissions apps are requesting, a feature that Apple has entirely disregarded til their recent iOS 8. If you didn’t watch the video above we have a written guide below with pictures.

First navigate to your settings app and click on the “Privacy” tab on the bottom left.

Stop IOS Apps Tracking You

From this main panel you will be able to see what apps are requesting data, what data they are able to get a hold of, and then you can enable or disable each option individually.

To start, if you want no app to be able to track your location go ahead and disable location services entirely. This will stop any apps or third-party from being able to request location data.

However, disabling location services may not be optimal if you’re on an iPhone and still want to use services like GPS. If that is the case, you can click on the location services tab and individually control what apps can actively track your location. You can set options so that apps can never request your location, request only when using the app, or always. If you insist on leaving these services on for most apps set them to only be allowed while the app is open. This is better than the app being able to request data at any moment, but we recommend just denying apps location data.

Apple Location Services Privacy

And if you don’t want to mess with that giant panel you can easy scroll down to the very bottom left hand side in the settings and change each apps permissions individually. Here is an example, this Reddit app is requesting access to our location and photos, which we have promptly disabled.

Apple App Permissions

These settings will appear under every app and will list every permission they request. Meaning if another app is requesting access to the microphone, that will appear and I can quickly enable or disable the apps permissions.

Why you need to set your app permissions

We realize not everyone wanted to read this part, so we went ahead and stuck it below the tutorial. But if you want to get a little more detail on why we feel it is so important to set your app permissions we encourage you to read on.

Regardless of what you may believe, companies have a huge amount of data on you. It doesn’t matter what you do or where you go, devices and technology are always tracking you. Digital transactions are all on record, stores know what you buy and keep records of it when you use “reward cards,” and more intrusive technology to track users keeps being developed and pumped onto the market.

Honestly, it’s far worse than you think. Just last year a tech firm was caught developing technology that emitted an inaudible, high-frequency sound to track devices.

“The ultrasonic pitches are embedded into TV commercials or are played when a user encounters an ad displayed in a computer browser. While the sound can’t be heard by the human ear, nearby tablets and smartphones can detect it,” Arstechnica reported. “When they do, browser cookies can now pair a single user to multiple devices and keep track of what TV commercials the person sees, how long the person watches the ads, and whether the person acts on the ads by doing a Web search or buying a product.”

So unless you are using a flip phone, only cash and can manage to hide your face from security cameras in public, there is going to be some type of data companies have on you. Whether it’s your friend posting a photo of you on Facebook without your knowledge or simply using a rewards card to get a few bucks off at the store, someone has some form of data somewhere in the world. And this doesn’t even include Internet browsing habits, which can track you via a footprinting, leaving another mess to clean up. All-in-all someone has got data somewhere.

What does this have to do with app permissions?

We’re getting there but we just want you to know, there is always some way companies are going to have data on you, but you should take every precaution you can to limit it. Again, we are not saying walk around like an absurd hacker stock photo, but why let companies automatically track this data when you can easily prevent it?

The amount of data companies are able to collect is not just terrifying, it’s intrusive and a complete invasion of personal privacy. The fact that a TV ad in the future could emit ultrasonic sounds and communicate with your technology unknowingly is extremely invasive. You have to remember just how many restaurants and stores have TV’s in them, meaning even if you don’t watch TV your still being targeted.

Regardless, allowing all of these companies to collect data is as we already said intrusive, but it’s actually extremely unsafe. More and more we are seeing simple applications asking for permissions they don’t need, for example a Weather app asking for permission to your call logs and microphone. If companies are just taking this data, they are able to create active maps of their users and target you easier. Tracking locations, accessing contacts and accessing call logs may not only be for alleged “marketing purposes,” but instead to collect phone numbers and extremely personal information allowing them to know every aspect of your life, and in-turn tailor their systems to you.

What’s extremely disturbing is the state of security where all of this collected data is stored. I cannot expect a Chinese company that made a Weather app trying to access my photos to steal and store them securely. They are presumably poorly secured and such information is extremely private. This also includes call contents, photos, microphone access, and all other permissions apps want. What if your talking about your SSN with your tax adviser and Candy Crush decides it’s a good time to open the mic and record without your consent? While this may sound like malware, some apps actually have these permissions. Or what if your talking with a lawyer or disclosing sensitive information and these jokes we call apps are intruding?

There are many bizarre and rather obscure situations you need to consider. Again, remember these apps, if granted special permissions, can often access these permissions at any time. Remember, ANY TIME. Just quickly think how many things you’ve said, things you’ve done, or situations you’ve been in that you don’t ever want to be on record.

Companies storing our secrets is insecure and we are loosing a grasp on privacy. But again, companies are seeing our struggle and actually providing real solutions to these intrusions. However, they in-turn are now collecting all the data for themselves, yes we are looking at you Apple and Google. We know you want all the data for yourselves, but I’d rather the OS supplier and a billion dollar company secure my private information rather than a random developer.

We aren’t trying to fear monger anybody, but we feel very strongly that companies need to know little to no information about us. And we try to think of all possibly scenarios in where these apps could be problematic.

Closing comments…

In short, set your damn app permissions! This isn’t something you want to happen to late, or something you want to go on long.

The more data companies have on you, the less privacy you have overall.

About Author

Brandon Stosh is the founder and CEO of www.freedomhacker.net. Stosh is a cyber security researcher and professional consultant who strives to provide reliable news on cyber-security based topics.

4 Comments

Leave A Reply

Send this to friend