Well, each time you install a new application on your BlackBerry, you would probably be asked to set permissions for it. Research In Motion made it so that only the BlackBerry end user would be able to decide how apps would interact with their device, giving them more control. Unlike some other device creators (jailbreak and rooting as we know it), there is no code signing or other workarounds to granting the permissions. Only the user or the BES administrator (for corporate users) can choose and decide to allow permissions.
However, without certain permissions, your new app may not run on your BlackBerry either properly or at all. But what permissions should be granted? What do each different permission mean? Should you give Trusted Application status to your newly installed program? Should you give it access to your personal data? These are important questions to ask and you should know.
For such permissions, there are 3 categories.
There are three main categories of permissions: Connections, Interactions, and User Data.
- The Connections permissions deal with how the BlackBerry can communicate to the outside world. USB, Bluetooth, and Wi-fi permissions are all in the category.
- Interactions cover the permissions an app would need to access the “internals” of the smartphone. Media, recording, and that mysterious “Security Timer Reset” are all included in the category.
- User Data permissions include permission to access email, sms (text) messages, contacts, calendars, and the files on your BlackBerry.
When you first run an application, you’ll probably be prompted to set the permissions to allow the app to interact with your device. All permissions have a default setting, but some apps may need more authority than that. You’ll be asked whether to grant Trusted Application status and possibly to grant more permissions in a later screen. You should and have to be aware of what you’re allowing on your phone and only grant the permissions that you know the app will need and trust.
When an application asks for permissions, it usually doesn’t tell you exactly what is needed and/or why. Although there is simple code for explaining why a permission is needed, most developers do not use it. If you’re unsure as to why an application needs permission, don’t grant it. If it is needed later, the app should prompt you again. If not, you can still change the app’s permissions in the application option.
Permissions are set individually to each application. To change them, you’ll need to edit the permissions for your app as seen above. Many permissions can be set to Allow, Deny, or Prompt; though some cannot be set to Prompt. Setting a permission to Prompt just means the application will ask you if it’s okay to use a resource (such as location data) if and when it needs to.
If you noticed, some of the permissions are bolded, which shows that that is the default permission that is set to it.
- USB: Allow/Deny access to use the USB port for data transfer
- Bluetooth: Allow/Deny access to use Bluetooth communication
- Phone: Allow/Deny/Prompt for the ability to make phone calls and access call logs
- Location Data: Allow/Deny/Prompt for the ability to access GPS and cell-tower location information
- Internet: Allow/Deny/Prompt for access to the internet through your wireless service provider (Verizon, Rogers, O2, etc.)
- Wi-Fi: Allow/Deny/Prompt for access to the internet through Wi-Fi
- Cross Applications Communications: Allow/Deny the app’s ability to communicate with other applications on the device
- Device Settings: Allow/Deny/Prompt for the ability to turn off the BlackBerry and to change other device settings, such as display options
- Media: Allow/Deny/Prompt for access to media files, such as videos and music
- Application Management: Allow/Deny the ability for the app to add or delete modules and get information like module names and version numbers
- Themes: Allow/Deny the ability for the app to be a source of customized themes
- Input Simulation: Allow/Deny the app to simulate actions like pressing a key
- Browser Filtering: Allow/Deny the app to register a filter than can change, add, or delete internet data before it displays in the browser
- Recording: Allow/Deny/Prompt the ability for the app to record audio and video data
- Security Timer Reset: Allow/Deny the app to change the length of time that your phone stays unlocked after you stop using it
- Display Information While Locked: Allow/Deny the app to display information while the phone is locked
- User Data
- Email: Allow/Deny the app to access email, SMS (text) messages, MMS (“texts” with video/pictures) messages, and PIN messages
- Organizer data: Allow/Deny the app to access contacts, calendars, tasks, and memos
- Files: Allow/Deny the app to access files stored on the device
- Security Data: Allow/Deny the app to use keys and certificates in the key store
Trusted Application Status?
Most apps that I have installed seems to be asking for Trusted Application status as soon as I first run it or install it. Trusted Applications simply sets a variety of permissions to allow, and makes it easier to start using applications that you trust. However, my recommendation is to try avoid doing this. Only applications that you truly trust should be granted this option. Granting this status does nothing more than set some permissions. You can always change it later. But if it is one of those (rare for now) rogue application, you are going to be at risk.
In a nutshell, the Trusted Application Status sets all permissions to Allow except for the following:
- Security Timer Reset and Recording are set to Prompt
- Input Simulation, Browser Filtering, and Display Information While Locked are set to Deny
For OS 6
While RIM’s goal with the BlackBerry OS6 was to make things easier for the user, the end result is additional confusion for some users. In OS 5 and previous versions, the user was presented with all of the permissions and asked to set the ones he or she needed to make the application run. However, in OS6, the user is presented with and asked to enable a category of permissions.
For example, if the application needs to be able to access the Security Timer Reset (which simply allows the app and the BlackBerry to stay active for an extended period of time), the user is asked to grant all permissions in the “Interactions” category. The permissions screen asks the user to grant “Advanced Capabilities.” Similarly, if the application requires to access files or the security key store, the user is asked to grant all permissions in the “User Data” category after asking for access to “Personal Information.”
Optional Security Recommendation:
Do remember that the permissions gives you, the user, ultimate control over how the applications will run on your own device. Neither Research in Motion nor app developers will be able to decide that for you. Know your applications, and know your app developers. Keep your personal information safe, now that you know just what your new app is trying to do.
Special thanks goes out to Joseph.