WHich apps are spying on you this week.
Google is narrowing the gap to iPhone on the security and privacy front with Android 15. A raft of welcome changes will better protect users, their devices and their data, including live threat detection to quickly flag malware and permission abuse, cellular network defense, and tighter controls of what apps are doing behind the scenes.
When we talk about permission abuse, we clearly mean the grey area between apps behaving well and outright spyware—of which there’s still plenty on Android. While Apple led the charge to restrict location tracking and access to sensitive phone functions like messaging, cameras and contacts, Google has followed.
The latest leaked preview is an improvement to the Privacy Dashboard coming to Android 15. As reported by 9to5Google, “after introducing in Android 16 Developer Preview 1 last month, Google is rolling out a 7-day history for the Privacy dashboard to Android 15. This is rolling out via the November 2024 Google Play system update.”
Whether it’s permission access or battery drainage, expanding a 24-hour view to a 7-day view is critical in catching misbehaving apps or power-hogs in the act.
“We’re seeing this 7-day history in Privacy dashboard on various Android 15 QPR1 Pixel devices today,” 9to5Google says, “as you get a longer timeline for Location, Camera, and Microphone usage.”
New 7 day ‘spyware’ warning
These are the most sensitive spyware functions on your phone, and you should monitor their usage carefully. That said, the advice for users isn’t actually to monitor after the fact, of course, but to stop granting these permissions in the first place.
Earlier this year, CyberNews “selected 50 of the most popular apps on the Google Play Store and analyzed their Manifest files to determine what dangerous permissions the apps are requesting,” and found that 33 of the 50 apps requested “access to the camera and recording audio,” while “more than half (26) of the apps would like to track precise (fine) location, meaning they can pinpoint user location within a few meters (10 feet). The same number of apps want to read contacts.”
No app should be allowed to access your camera, microphone or phone or messaging functions, unless they absolutely need to do so to perform their core functions. As for location tracking, this has been the most pervasive of all permission abuses on Android and needs to stop. Google centralizing privacy monitoring helps do that.
Last week we saw the latest Android spyware threat come to light, with 77 infected apps that “enable the interception of user interactions, making it a powerful tool for surveillance and credential theft.”
DroidBot, which was disclosed by the research team at Cleafy, is “an advanced Android Remote Access Trojan (RAT) that combines classic hidden VNC and overlay capabilities with features often associated with spyware.”
The other permissions that should never be granted to any app unless absolutely necessary is Accessibility Services, which are system tools that can be abused by malware to take control of devices and their key system functions.