List trackers and permissions of all installed Android applications with Exodus

Martin Brinkmann
Feb 26, 2021
Apps, Google Android
|
17

Exodus is a free privacy application for Google's Android operating system that reveals the use of trackers of installed Android applications and their permissions.

We reviewed Exodify, browser extensions by the Exodus project, back in 2018 and covered the web service Exodus as well back then. Users may use the browser extensions to display permission requests and tracker uses of any app on Google Play, or run searches for applications on the Exodus website.

Exodus was mentioned in Günter Born's article on LastPass' extensive use of trackers in the service's Android application.

The Exodus application is available on Google Play. Its main advantage over the browser extensions or web service is that it will scan all installed applications on an Android device to return each application's use of trackers and its requested permissions.

Usage is pretty simple: download the app from Google Play and run it after installation. It will scan the installed applications automatically, lists them, and displays the number of trackers and permissions for each.

exodus android trackers

The app uses colors to make it easier for users to distinguish between apps that use little or no trackers or permissions, and apps that use them heavily. Green background colors mean that the app does not use any trackers or has not requested extra permissions, yellow that some are used or have been requested, and red that a lot of trackers are used or a lot of permissions have been requested.

You may tap on any application to display a profile page. The page lists the installed version and test version, all trackers and all requested permissions with a short explanation. A tap on a permission or tracker opens even more details, e.g. when you select a tracker you get a list of other installed applications that use it as well.

You may also activate a link to open the application's profile page on the Exodus website to get additional information such as purposes of trackers if known.

The results depend on the applications that you have installed, but most users will probably notice that the majority of installed applications do use one or more trackers. Use of trackers or lots of permissions is not always a sign that something bad or fishy is going on, but it can be an indicator.

Exodus offers some interesting options, such as:

  • Checking all installed browsers for trackers.
  • Making sure that important applications don't use trackers.
  • Spotting apps or games that go over the board with trackers or permissions to drop them.

It is necessary to check the list of requested permissions and/or trackers. Some application types, web browsers for instance, require more permissions than apps that have a narrower focus.

Closing Words

Exodus offers an interesting service. It needs to be noted that the app requires Internet connectivity as it uses a central database and not real-time scanning for its analysis; this means, that it is possible that some applications have not been scanned by Exodus or that earlier versions have been scanned only.

Still, if you want to quickly check permissions and trackers of all installed Android apps on a device, it is a good way of doing that.

Now You: Do you check trackers or permissions before installing apps on your mobile devices?

Summary
software image
Author Rating
1star1star1star1star1star
5 based on 4 votes
Software Name
Exodus
Operating System
Android
Software Category
Privacy
Landing Page
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. me said on May 5, 2021 at 4:47 am
    Reply

    Exodus doesn’t list “trackers”, it categorizes apps according to the number of “critical” permissions they request, like network or camera access. And out of my ~ 180 installed apps it didn’t have profiles for, at a glance, 95%… pretty underwhelming.

  2. Suxodus said on March 7, 2021 at 1:50 pm
    Reply

    It complained I had no apps installed immediately upon starting the app, but on the other hand I didn’t let it out because wanted to see what it would do, it kind of sucks it can’t figure out on its own some things of other apps but require online connection, so in short it appears to rather mine user data, uninstalled it.

  3. here said on February 27, 2021 at 3:50 pm
    Reply

    Theres this one on F-Droid:
    https://f-droid.org/en/packages/com.oF2pks.classyshark3xodus/

    Can scan installed apps or downloaded .apks without them installed.
    Doesnt just compare the app name against reports.
    Works offline and actually scans the app classes finding known tracker code in the apps.

    1. Sol Shine said on February 27, 2021 at 10:01 pm
      Reply

      @here

      Right.
      classyshark3xodus is the handy app that is integrated in App Manager on f-droid.

      1. Pittheus said on March 2, 2021 at 10:49 am
        Reply
  4. Anonymous said on February 27, 2021 at 2:27 pm
    Reply

    Exodus is great but the article screenshot here is a reminder that it will not catch everything, apparently looking mainly for standard largely used third-party trackers and ignoring specific home-made tracking components in applications. The F-Droid repository “tracking anti-feature” warnings are more complete. But the F-Droid applications have usually moral standards light-years above those of Google Play applications, which should be considered as compromised by default.

    “Use of trackers […] is not always a sign that something bad or fishy is going on”

    Debatable, especially considering the trackers that the Exodus database is concerned with.

    1. Anonymous said on February 28, 2021 at 12:14 pm
      Reply

      Looking more closely at their trackers list they still list first-party trackers for some of the biggest fishes, like Tinder and Mozilla.

  5. Chess said on February 26, 2021 at 7:10 pm
    Reply

    Useless, only scans play store apps, not sideloaded apps.

  6. Sol Shine said on February 26, 2021 at 6:04 pm
    Reply

    App Manager app has the exodus feature in it, and works offline.
    It lists activities, broadcast receivers, services, providers, permissions, signatures, shared libraries, etc. of any app.
    It has a bunch of other features to manage apps.

    Link: https://f-droid.org/en/packages/io.github.muntashirakon.AppManager/

    1. here said on February 27, 2021 at 3:53 pm
      Reply

      Interesting, good find!

  7. X said on February 26, 2021 at 5:59 pm
    Reply

    You can easily check the reports directly from the Exodus web site @ https://reports.exodus-privacy.eu.org/en/reports/

  8. Mystique said on February 26, 2021 at 5:07 pm
    Reply

    Meh! I’m not a fan.
    The app will scan your apps by name and then alerts you of trackers and permissions but those trackers and permissions are based upon a different version of which you have installed therefore we have a problem which is indicative of a larger problem. For example if the app you have installed on your phone has recently changed hands (indeed in my case) or has changed permissions and have added ads going forward then you would still be alerted of such issues as the app does not actually deep scan for trackers or permissions but compares it to a loose database of apps and versions that have actually been analysed, furthermore because of such limitations it will not give you accurate information and worse yet it only appears to show you information on applications installed via the google play store.
    It will not take into account apps that have been modded an nulled and if it did given the methodology it will probably still flag it with such things as google analytics even if they had been removed.

    I award this app one silver star *

    1. Q said on February 26, 2021 at 10:31 pm
      Reply

      I remember trying the Exodus years ago and was also quite disappointed.

      There is an app that is rather good at identifying commercial add-ons (such as Firebase Analytics, Google Analytics, Google Mobile Ads, Flurry Ads, and many more) to apps that are installed. It would have been good if Martin would have referenced it in this article (he had written about it before). The app is called “Addons Detector” and was review at: https://www.ghacks.net/2018/02/26/addons-detector-for-android-review/ .

  9. Anonymous said on February 26, 2021 at 2:29 pm
    Reply

    Would be cool to have something similar for iOS.

  10. jNizM said on February 26, 2021 at 2:11 pm
    Reply

    So is it like the App Warden?
    https://gitlab.com/AuroraOSS/AppWarden/

    1. Anonymous said on February 26, 2021 at 3:42 pm
      Reply

      The other way around, App Warden is like Exodus, because App Warden is based on Exodus Privacy.

    2. Malte said on February 26, 2021 at 2:26 pm
      Reply

      In the link you provided, it says that App Warden uses the Exodus Privacy tracker list.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.