PrivacyHawk: risk analysis for Android apps
Android's consumer-unfriendly permissions system makes it difficult for users to find out what applications do in the background.
While it is possible to root phones and install applications that provide detailed information about the background tasks an app runs on a device running Android, it is safe to say that most Android users cannot install those apps because their devices are not rooted.
It is difficult to find out if an application connects to Internet servers and even more so when it comes to the data that is transferred in the process.
The new Android application PrivacyHawk analyzes each installed app on a device it is run on to sort each application into risk groups.
The initial scan may take a while. Findings are displayed as buttons once the scan completes that represent risk categories. The application supports several of those including one that is reserved for apps that are outright malicious, one for safe applications and one for apps with moderate risk levels.
A tap on a risk category displays all apps PrivacyHawk rated accordingly. Information are scarce on the first screen but a tap on an application's name displays detailed information about its developer, its permissions, and the servers it connects to when run.
The summary at the top lists important details such as the risk rating of the publisher and the app, the version tested and when that version was published.
The risk summary report lists permissions, data leaks, device takeover and information gathering techniques the app uses. The application may inform you that the tested app sends data to third-party ad networks, that it may have access to your microphone and may record audio, that it may communicate data in non-secure ways, that it may try to disable certain device features, or that it can read low-level system log files.
The same page lists publisher reputation information and risk details which highlight the application's communication on a world map.
The program uses a mix of permissions an application requests with other information it gathers about the application. Since permissions play a big part in the risk assessment, it is clear that applications that require lots of permissions are listed as moderate or even dangerous even though that may not be the case.
PrivacyHawk can only provide information about applications that its parent company, Marble Security, has analyzed and included in a database.
PrivacyHawk requires quite the set of permissions itself including several such as "controlling vibration, finding accounts on the device or modifying system settings that seem irrelevant for its main purpose.
It is interesting to note that you can open the analysis of PrivacyHawk using the app. You find the application listed in the safe category but its risk summary highlights some troublesome permissions and features such as sending data to third-party ad-networks, looking up geo-location information, non-secure communication of some data or attempts to write device security settings.
PrivacyHawk can be a useful security app for Android provided that the apps you have installed have already been analyzed by the apps' parent company and that you don't mind the apps' own hunger for permissions.
The application can be an eye-opener as it provides you with detailed information about an applications' permissions and activities on the device that include a list of servers it communicates to.Advertisement