Google Android Auto Revoke Breaks Phones

  • SpinRite v6.1 is Released!
    Guest:
    That's right. SpinRite v6.1 is finished and released. For the full story, please see this page in the "Pre-Release Announcements & Feedback" forum.
    /Steve.
  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in:

    This forum does not automatically send notices of new content. So if, for example, you would like to be notified by mail when Steve posts an update to his blog (or of any other specific activity anywhere else), you need to tell the system what to “Watch” for you. Please checkout the “Tips & Tricks” page for details about that... and other tips!

    /Steve.
  • Announcing “BootAble” – GRC's New Boot-Testing Freeware
    Please see the BootAble page at GRC for the whole story.
  • BootAble – FreeDOS boot testing freeware

    To obtain direct, low-level access to a system's mass storage drives, SpinRite runs under a GRC-customized version of FreeDOS which has been modified to add compatibility with all file systems. In order to run SpinRite it must first be possible to boot FreeDOS.

    GRC's “BootAble” freeware allows anyone to easily create BIOS-bootable media in order to workout and confirm the details of getting a machine to boot FreeDOS through a BIOS. Once the means of doing that has been determined, the media created by SpinRite can be booted and run in the same way.

    The participants here, who have taken the time to share their knowledge and experience, their successes and some frustrations with booting their computers into FreeDOS, have created a valuable knowledgebase which will benefit everyone who follows.

    You may click on the image to the right to obtain your own copy of BootAble. Then use the knowledge and experience documented here to boot your computer(s) into FreeDOS. And please do not hesitate to ask questions – nowhere else can better answers be found.

    (You may permanently close this reminder with the 'X' in the upper right.)


rfrazier

Well-known member
Sep 30, 2020
569
194
Hi all. I wanted to inform you that Google Android auto revoke permissions is about to break your phone or tablet. If you want to look into this, use your favorite search engine to search for android auto revoke permissions. Here's what it's about.

I got a popup on my tablet from Google Play that said they would be revoking permissions on programs I haven't used in 3 months. It didn't ask if I wanted it. It just said it would be doing it. My thought was "what the hell?". I started doing research. The notice means what it says. What are permissions. That means whether an app can access, for example, storage, wifi, camera, microphone, the internet, etc. In other words, EVERYTHING than an app needs to work. So, some bozo at Google has decided that just because I hadn't used some apps in a while, they would break them for me. I took some time to wish that person or team some ill will for their STUPID idea and for unilaterally implementing it and for costing me what would no doubt be hours of time wasted trying to undo it. Here are some apps they were about to break for me: DuckDuck Go, The Epoch Times, TeamViewer, and some others. I have dozens if not hundreds of hours into configuring all my apps over a couple of years. Whether I use these things frequently or not, I don't want them broken automatically for me.

When I have to go through pain to find out things, I like to share them in places like this to help others avoid such things. If you DON'T want Google to break a bunch of your apps for you, here are the steps it took on my tablet to fix it. It's hidden deep in the settings. Different tablets and phones have different menus.

This is something you probably want to check on all your apps right now, on every one upon install, and upon updates. I have auto update turned off on my apps since some have a history of totally breaking things without asking. I update some of them periodically by hand.

* Go to settings
* Go to security
* Go to Google Play Protect
* Tap the gear in the upper right
* Under the app privacy section, tap on permissions for unused apps
* On my tablet, there are 4 tabs or sections: Permissions Removed, Auto-Remove on, Auto-Remove off, All apps
* Tap the Permissions Removed option. If anything is listed, the system has already removed the permissions for that app and broken it for you. (Gee thanks.) Mine was blank. But, if yours has something here, there may be a way to tap on the app and restore it. I don't know.
* Tap the Auto-Remove on option. This lists apps that the system will conveniently break for you if you don't use them often enough for it's elegant tastes. If you DON'T want it to automatically break these apps, tap on each app INDIVIDUALLY and turn off the slider switch that says Remove permissions if app isn't used. Then tap your device's back button to back out. Then, go to the NEXT app in the list and do the same thing. Do this for EACH app that you don't want automatically broken.
* Finally, back out to the main app privacy screen. Tap on the Permissions removed option. You should see nothing, assuming that's what you want.
* Tap on the Auto-remove on option. You should see nothing, assuming that's what you want.
* Tap on the Auto-remove off option. You should see all your apps, assuming that's what you want.

You can tinker with these settings as you wish. Be aware that any apps where you left auto remove on will get broken about 3 months after the last time you use them. Then, you can back out of settings.

There are a bunch of settings I check every time Android is updated, or I install or update apps. Those include: update (ONLY) the apps I want to, disable apps I don't want, special access settings, admin apps, Google settings, auto update off, disable wifi control for all apps, disable battery optimization for most apps, check and disable trust agents, check and disable admin apps, disable install apps from unknown sources, and now, disable app privacy settings. You may wish to check ALL your apps on ALL your devices.

I hope you find this helpful and it saves you some pain.

May your bits be stable and your interfaces be fast. :cool: Ron
 
PS I just updated some apps on my tablet. Then I went back into the apps privacy screen to check it again. Sure enough, one app I haven't used in a while was listed there and it said it would remove permissions from the app. Aargh! I tapped it and turned off the remove permissions toggle. Then, just to make sure there were no more goodies waiting for me, I went back to the apps privacy screen and tapped all apps and looked at every single line of descriptions for the phrase "won't remove permissions". I did that twice to make sure there were no stragglers still set the wrong way. Hopefully, I've put this issue to bed. Hope the info helps.

May your bits be stable and your interfaces be fast. :cool: Ron
 
Yes had that, just told it not to bother me. Will keep it from changing them every update. At least look on it as a bonus that your phone is still getting updates, as often most carrier locked phones do not get them after they are no longer sold by the carrier. Good reason to buy unlocked phones, at least the manufacturer supports them better with the default firmware.
 
The permissions it removes are the ones that apps have to ask you for anyway. If the app was made correctly, it would ask for the permission(s) when it needed again the next time you use it.

I'm of the opinion that any app that does break with this feature shouldn't be considered a good app, because you can remove permission yourself. So if you're looking at apps that you allowed location access, and you see one you don't remember why it asked for it (and you can't think of a reason why it needed in the first place), you would remove it. If that broke the app to a point where you need to reinstall it...
 
This is the principle of least permission. These apps get updated by the system automatically, and sometimes they go rogue. Having them lose permissions because you're not actively using them can potentially save you from damage in this circumstance where one has gone bad. (After all if you're not actively using it, perhaps many other people also are not, and the author decides to cut his/her losses and sell it to someone who goes rogue.) Also the permissions are very over-broad, and can be used for spying. By removing permissions from an unused app, the system may also increase your privacy.
 
I get the general idea. Your power goes out one day. You frantically look for a flashlight app to light up your screen because you don't have a flashlight and you can't find an existing app on the device with a white screen. (A little tongue in cheek there. I can see uses for such an app. My phone has a flashlight button built into the drop down menu that turns on a LED on the back. Coincidentally, I read something on a flashlight forum where someone was in a long tunnel and his flashlight failed and his phone was all he had.) You get through the power failure and forget the app. And, lo and behold the app is malicious and starts attacking people. Or as @PHolder says, apps could "go bad". So, they want to put the shackles on these things.

What I don't approve of is the idea that they're just jumping in and doing this whether I want it or not. Let's take TeamViewer for example. I rarely ever use it. I spent an hour or two back in the day setting it up and testing it. The only time I use it is if a family member calls for remote PC help and I'm out in the car or something and not at my PC. But, if I need it, I need it. The last thing I want is to start it up while they're holding on the phone and then have to wade through all the "this app needs this permission" screens to figure out how to make it work again. Not only that, say the "storage" permission was revoked. Did the app's prior storage get erased? Did profiles get erased? Did logins get erased? Etc.

They should give the user the choice. Pop up a notice and say "you haven't used these apps in a while, would you like to revoke them and here's why" (to which I respond go climb a tree and get out of my face) or "xyz app has been proven to be malicious and here's what we have to do and why" or whatever. It's my computer. Give me the choice and don't disable things I've already put time and energy into acquiring and setting up and testing.

May your bits be stable and your interfaces be fast. :cool: Ron
 
The last thing I want is to start it up while they're holding on the phone and then have to wade through all the "this app needs this permission" screens to figure out how to make it work again. Not only that, say the "storage" permission was revoked. Did the app's prior storage get erased? Did profiles get erased? Did logins get erased? Etc.
When I install a new app, answering the permission questions take me on the order o seconds (could be tens of seconds if I need to think about it). In answer to your final list of questions, the answer to all of them is no.
 
If you think of your storage (the 128GB on my Pixel 5a) as something you need a password for like WiFi (assuming there aren't multiple user accounts, just a single password), when you grant storage permission, you are giving the app the "password" to the "whole" storage area (whatever area that doesn't need root access at least, I assume with the profile support, each user can have their own area), and when you revoke, you just changed the "password" and didn't tell the app. The data is still there, but the app doesn't have access to whatever data it may have been reading and writing to until you tell them the new "password". Apps do have their own area they can store stuff in without that permission, and I think it might be a SQLite database or something like it, so downloading files can't be a thing with the storage permission.

Wait, what the hell does TeamViewer need with the storage permission?
 
storage permission
Actually each app gets it's own storage location, I believe. It also allows the app to request (via a UI interaction) access to your saved photos etc. I assume TeamViewer is asking for the permission so you can record/share screen captures, and up/download files.
 
TeamViewer was relevant to the discussion but I was using it as an example and hadn't actually looked at the permissions since I installed it. I just checked and it "wants" camera, microphone, and storage. I think you can teleconference with the people you're helping. I don't know what it does with storage but I'd assume it wants to write configs files, log files, profiles, etc. I believe it's possible to also transfer files back and forth between yourself and the person you're helping. As it turns out I currently have all those permissions turned off. As far as I know TeamViewer still works and I don't know what if any features I'm missing.

I was under the impression that newer versions of android can ONLY write to their special folder under Android/data/appname or whatever unless it's given special permissions like a file manager would have. I THOUGHT that, if storage permission is denied, it couldn't write to any storage. Could be wrong though.

May your bits be stable and your interfaces be fast. :cool: Ron
 
You know, I forgot TeamViewer had a file transfer thing. That is something it should ask for storage permission for until you use it however (or the screen recorder if you have that feature turned on)

But all apps do have a location they can write to without storage permission either way, even if the location might be the same as the registry on Windows (the SQLite database comment I made in my last post)
 
  • Like
Reactions: rfrazier