Some Android VPN apps request access to sensitive permissions they don't need

[silversurfer]

Some of the Android VPN apps available through the official Google Play Store request access to "dangerous" user permissions that a normal VPN app would have no use for, according to research viewed today by ZDNet.

The study, carried out by John Mason from TheBestVPN.com, analyzed 81 Android apps available for download through the Google Play Store.

Mason said he downloaded and extracted the permissions requested by each VPN app from their respective APK installer files. The researcher used Google's definition for classifying permissions.

"Normal" referred to the permissions the Android OS gave apps without prompting the user --because they aren't considered a privacy risk.
"Dangerous" referred to permissions that accessed user data and which apps can only access after the user has granted explicit permission by clicking a button inside a popup window.

According to Mason, 50 of the 81 Android VPN apps he tested requested access to at least one dangerous permission that accessed user data.

SOURCE: https://www.zdnet.com/article/some-andro...dont-need/