When installing the Mobile Security client onto an Android device, there is an extensive list of permissions that the SMS 7.2 app will require. Are any details available regarding the need for these permissions?
It is sound practice to review the permissions needed by any app, and to decline to install simple apps which are requesting more permissions than they should need. Many malicious Android programs claim to be a straightforward game or utility, but request access to unrelated features such as sending SMS messages or making phone calls.
In order to adequately monitor and take corrective action on a device, any security program will require powerful capabilities. Symantec Mobile Security 7.2 has features which scan for malware, prevent the browser from visiting known malicious websites, and several crucial anti-theft defenses. These various features require an array of Android permissions.
For security and confidentiality reasons, it is not possible to specify the specific use of each permission. Below are some examples of permissions needed by SMS 7.2 and their corresponding function:
<uses-permission android:name="com.android.browser.permission.WRITE_HISTORY_BOOKMARKS" />
For reporting the Android's GPS location information to its management server, if configured to do so:
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_LOCATION_EXTRA_COMMANDS" />
<uses-permission android:name="android.permission.READ_SMS" />
<uses-permission android:name="android.permission.RECEIVE_SMS" />
<uses-permission android:name="android.permission.READ_CONTACTS" />
The Symantec Mobile Security client requires these permissions should any of the available features be enabled. It also requires that the program be a Device Administrator. This is by design.
Please note: There are no hidden features built into the Mobile Security client which allow it to perform undocumented actions. SMS 7.2 cannot be used to listen in on any phone calls, snap photos, forward SMS messages to an administrator or third party, and so on. It is engineered solely to protect users, their data and their networks. Additional details on the capabilities of the client can be found on Symantec's Mobile Security website and in the Connect article Getting to Know the Symantec Mobile Security 7.2 Client.