If you have an Android device, then you are probably aware of the issues and flaws in the Android permissions. These flaws with the permissions end up putting Android users at a higher risk for malware, adware, and ransomware. Now, Google has confirmed that the company is not going to fix the Android permissions issues until the release of Android O, which is the next operating system.
Android Permissions Flaws To Stay Until Android O
The really bad news in all of this is that Android users everywhere are going to be vulnerable to the issues that impact Android permissions until Android O comes out. Check Point Software, which is the company that finds many of the vulnerabilities, has already said that the permissions issues impact many apps hosted on Google Play Store. There are a ton of different attacks that Android users are vulnerable to with the Android permissions vulnerabilities, according to Check Point.
It is also bad news for Android users because Android O will not be released until sometime in the third quarter of 2017. It was only a couple months ago that an Alpha Android O version was released, so we still have a while until Google officially launches Android O. The Android permissions vulnerabilities have been around since Android Marshmallow, which was Android 6.0. Check Point said that the main issue is that Google’s malware scanner, which is automated, will not be able to pick up on the malicious apps that could get published via Google Play Store.
Once on the device, the malware will always be at the top of the Android device screen. Even worse is that phishing scams along with fraudulent advertisements are just a couple of the potential types of malware that this vulnerability could create. Banking Trojans and ransomware could also happen with the Android permissions flaws.
Basically, Google classifies the Android apps and grants those apps permissions, but there is only a Normal level and Dangerous level. Google has changed how it looks at the System Alert Window, which was classified as Dangerous. This change occurred on Android Marshmallow and Google did this because the company thought normal people would not understand that apps like Facebook need this permission and System Alert Window to run properly.
What Android Permissions Changes Will Mean for Apps
There are exceptions now when it comes to the System Alert Window and permissions, mostly because of the pop-up windows needed for some apps, like Facebook Messenger. So all someone has to do is say that the System Alert Window functionality is needed for their app and there you go, even though Google originally said this was dangerous.
There is no way of knowing whether the app developer is telling the truth or going to use this for the Android permissions vulnerability issues. There will be changes on Android O though, which should give out a different permission that is more restricted. This new permission will be called “Type Application Overlay” and it will block the pop-ups from happening on top of system windows.
Beyond this, we still do not know much about how Google will take on the permissions for the apps like Facebook. On one hand, Google has to allow those types of permissions for some apps to work, but on the other hand, it creates a dangerous environment for people who want to use malicious apps and software to hack or scam other people. Since Android O will have at least a little more protection when it comes to the Android permissions issues, it is unclear if this will negatively impact those legit apps that need these permissions to run properly.
The real solution, although complex, would be if Google manually went through and approved those applications that need the permissions. That would be way too much of a hassle though, so some sort of automated method, just maybe a little better than what Google has now, will likely be the solution. So if you have an Android device, just be aware that the Android permissions issues will not be fixed at all until Android O releases later this year.