I have notice recently when d/l apps to android phone/tablet that you now have to give permission for Google to have access to your contacts etc. Is there anyway to prevent this apart from the obvious of not using the apps. Thanks
I think I didnt read the original question correctly. I incorrectly assumed he meant Google accessing the contacts rather than the apps. Blocking apps from accessing contacts and anything else is pretty straight forward using XPrivacy. Any other methods you can think of J_L?
I still can't get what the OP means. Are you care about app's permission, or rather care about Google? If it is former and you don't want to root your phone, SRT Appguard and Permission manager are 2 of options. I don't trust other apps (except App Ops which seems actually not very flexible, tho I haven't actually used it) regarding permission control, and those 2 apps don't have theoretical risk related to re-sign.
Interested in SRT Appguard. Have you seen XPrivacy (part of Xposed Framework)? Interested in comparison if you have seen it.
I know XPrivacy but haven't used it yet as I haven't rooted my phone. One reason is my device maker strictly restrict gaining root and even I got root it is still restricted via LSM. They also made some trick, especailly McAfee (OME version) runs on system privilege so it can monitor/block in real-time which is usually impossible on non-rooted Android. But moreover, I personally trust one of dev who made and explained those security measure well to us security caring user, so I'll root my phone only after serious and remotely exploitable vuln was found on my OS version. As to privacy, my strategy is compartmentalization. My Google accout is only for this phone, and I also made dedicated 2nd email address for this phone as a backup. I never login other Google account via this phone, tho anyway I rarely use them. I'm trying not to relate this identity to other, but one compromise is Firefox sync for bookmark. I finally gave it up. I'm not sure how effective the strategy is, but quite sure most people can do this w/out significant incovenience unless he want to sync everything with Android. Back to the topic, if you rooted your phone, no need to use Appgurad, I suppose. It modifies original app's signature with custom sig, and embed module to monitor the app's permission access. This is definitely additional risk, so I recommend use it only after you could trust the dev and on your own risk.
Thanks for your reply and sorry for the delay in replying. The reason I was asking was that when I installed an App (one was BBC IPlayer, can't remember the other) it came up with a box saying it would use my contacts. I assumed it was Google doing this. It seems from your reply that SRT Appguard would suit. Not sure about rooting the tablet. Thanks
Just tried d/l SRT Ap and found that the licence agreement is written in German. I would prefer to have them in English not that I always read them. Do you know if they supply an English version?
Unfortunately there's no English version of the license agreement. So you have to use translation service. Here's copy of Google translate, but I recommend you to do this by yourself as I can change sentence if I want.