Best Practices for Downloading Applications

In this video, we’re going over best practises for downloading apps for your smartphone. Now most people are going to have one of two smartphones, either an Android, in which they’re going to use the Google Play store, or they’re going to have an iPhone, in which case they’re going to use the Apple App Store. There are other app stores out there, however. There’s Cydia for iOS, Aptoide, Amazon has their own app store that they host Android apps on, APKsFree. You could also Google or DuckDuckGo APK files for your Android device. Now using app stores outside of the officially supported app stores will generally require you to have root access or gaolbreak your device.

What that means is you’re essentially circumventing the security of your phone in order to install these other apps, something that the developer never intended you to do. Now there’s pros and cons to this. So on the good side of having a rooted device, you tend to get more access and features. You also tend to have better control of your device. And the bad side is heavy root access is essentially having root or administrative access to your device, much deeper access than you’d normally have, which means malicious software may have deeper access to your device. You may also unknowingly install malicious software on your phone. And, generally, having a rooted or jailbroken device will prevent you from obtaining your phone.

So, in general, it is safer to keep your phone stock and stick to the authorized app stores.

Now in this example, this is an app on the Android app store, the official Android app store. So any app you grab, you want to actually go down there and you’re going to want to check this out. You want to take a look at the app permissions. And you want to do “See More.” So this particular app wants to know the approximate GPS location and the precise GPS location. It also pairs with Bluetooth devices, runs on startup, and views your network connections. So that, in itself, is pretty weird. A wallpaper app should not have access to your GPS location, especially your precise GPS location. There’s absolutely no reason a wallpaper app should have that type of access.

And this app came out last year, December of last year, as a matter of fact. There’s already over 1,000 downloads for this, and it has a 4.4 rating at the time of this recording. So this, in itself, is pretty dangerous. This is an app that got through Google Play’s vetting service. It got vetted. However this app is a prime example of an app that has way more permissions than it really needs. So let’s think about this. This is an HD wallpaper app. The only thing it should have access to is the storage device on your phone. That way, you can actually store the photos there. Maybe network access, if it’s streaming in different pictures.

And the ability, obviously, to set a wallpaper, because is a wallpaper app. Since it’s a wallpaper app, again, there’s no reason why it should have your GPS location, especially your precise GPS location. There’s no reason why it should pair with Bluetooth devices. That makes absolutely no sense. And this also is something that auto-runs. So this would make me really worried. And this is why it’s really important to take a look at the app permissions and go through it. You need to think very carefully, does this make sense? Should this app actually need all these types of permissions? And if it doesn’t, I would absolutely avoid installing that type of software on your device.

And when you start getting outside of the actual, official stores, like the Google Play store the iOS store, you need to be much more vigilant about this. Because these devices aren’t vetted by Google. They’re not vetted by Apple. So they may contain malicious payloads. And even going through the app permissions on those, there’s no guarantee that’s really what you’re looking at or what you’re going to experience on your device. So, again, sticking to the actual stores is going to be pretty beneficial to you. So to wrap things up, be careful about rooting. While rooting does have advantages, you do need to be careful.

Again, you’re granting a much higher access level to your device, which also means you may potentially do more damage to your device. You want to check app permissions. Always check the permissions on an app, no matter what store you download it from. That’s going to give you, at least, some insight into what it does. Stick to the authorized stores. Stick to authorized stores, such as Google Play, iOS, and even the Amazon Appstore, as much as possible. Update often. Just like your computer, your smartphone should be updated whenever possible, both updates for your phone itself, and also the apps. Because apps will get exploited. There will be security updates, performance updates, and whatnot.

And if there’s any apps that you don’t use anymore, the best thing you can do is remove them. That way, it reduces the attack surface, frees up space in your phone, and there’s one less thing you have to worry about. So this was all about apps on your phone. In the next video, we’re going to be taking a look at some applications designed to help secure your phone. Thank you for watching. I’ll see you in the next video.