Welcome Guest ( Log In | Register )

 
Closed TopicStart new topic
> Mobile Security Permissions
Daniel.M
post Sep 3 2012, 02:19 PM
Post #1


Poster
*

Group: Moderators
Posts: 87
Joined: 24-March 11
Member No.: 53,865



Below you will find a full list of permissions Bitdefender Mobile Security requires.


General Mobile Security permissions : the following permission are used across multiple modules and are explained in-line :
  • android.permission.WAKE_LOCK -> used when receiving commands from web-console in order to interpret the command at the time it's received
  • android.permission.INTERNET -> used when communicating with Bitdefender web-services ; licensing ; Web-Security ; Malware Scanner
  • android.permission.GET_ACCOUNTS -> used if the user wants to log-in using his Google Account
  • android.permission.MANAGE_ACCOUNTS -> used if the user wants to log-in using his Google Account
  • android.permission.USE_CREDENTIALS -> used if the user wants to log-in using his Google Account
  • com.android.vending.BILLING -> used for In-app-purchase ; the user must have the latest version of Google Play Store on his device
  • com.google.android.c2dm.permission.RECEIVE / com.google.android.c2dm.permission.SEND / com.google.android.c2dm.intent.REGISTRATION-> used for Anti-theft functionality over web-console
  • android.permission.RECEIVE_BOOT_COMPLETED -> used for keeping services running after boot


Web Security : in order to provide WebSecurity the following permissions are required :
  • com.android.browser.permission.READ_HISTORY_BOOKMARKS
  • com.android.browser.permission.WRITE_HISTORY_BOOKMARKS


Anti-Theft :
General Anti-thef permissions - the following permissions are used in all anti-theft functions and are explained in-line
  • android.permission.WAKE_LOCK -> used when receiving commands from web-console in order to interpret the command at the time it's received
  • android.permission.INTERNET -> used when communicating with Bitdefender web-services
  • android.permission.BIND_DEVICE_ADMIN -> required for all anti-thef modules except GeoLocation


The anti-thef module requires some permissions that might seem intrusive , so to shed a clear light on why they are necessary we'll break them down below.

Web Control
  1. Geolocate : the permissions requested bellow are necessary to get the best possible location
    • android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
    • android.permission.ACCESS_NETWORK_STATE
    • android.permission.ACCESS_WIFI_STATE
    • android.permission.ACCESS_COARSE_LOCATION
    • android.permission.ACCESS_FINE_LOCATION
  2. Remote lock :
    • android.app.action.ACTION_PASSWORD_SUCCEEDED
    • android.permission.BIND_DEVICE_ADMIN
  3. Remote Wipe : only requires device admin to be enabled



SMS Control
  1. SMS Commands : Mobile Security now supports SMS commands. This along brings the need for us to request permissions for reading / writing SMS's. The flow is as follows : Mobile Security has to read a SMS that was received -> parse it in order to identify if it's a legitimate command -> take action according to the command received -> and respond back to the number which issued the command.

  • android.permission.READ_SMS
  • android.permission.WRITE_SMS
  • android.permission.RECEIVE_SMS
  • android.permission.SEND_SMS
  • android.permission.READ_PHONE_STATE
  • android.permission.READ_CONTACTS - > required to access phone contacts when selecting buddy number
  • android.permission.CALL_PHONE -> required when issuing callme command
  • android.permission.BLUETOOTH / android.permission.MODIFY_AUDIO_SETTINGS -> required when issuing answer command
  • android.permission.SYSTEM_ALERT_WINDOW -> required for PIN protection

Go to the top of the page
 
+Quote Post

Closed TopicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 24th November 2014 - 10:30 PM