How to find what apps have gained permission/possibility to remote control the phone access

Hi - hoping for expertise help!

The other day I wasn’t able to log in to my bank app and was informed that it had discovered another app that might be able to remote control the phone. The unknown app must have made that change in the latest update, but I’ve updated quite a few and have no way of knowing which it might be. Unfortunately there was no info what app it was referring to, so I contacted the bank. They explained how to find what apps are allowed to remote control the phone, but since the basic OS of the Fairphone is Android they followed the description for finding it in stock Android, which doesn’t match the /e/os version. So in the end they couldn’t help me find the needed path, which leads me here.

Where/how do I find what app/s that is causing this problem? Maybe it should be added that I’ve also installed the Aurora app store, since some apps didn’t update through the /e/ App lounge. Could that be part of the problem?

Really need help to gain full control of what’s on and going on with my phone!!

Thanks!

Regain your privacy! Adopt /e/OS the deGoogled mobile OS and online servicesphone

What did they tell you to look for?

(/e/OS is Android, too, by the way, there are lots of Android OSes with lots of differences. Fairphone’s own version is named Fairphone OS :wink: .)

In the Swedish version of Android they told me to under settings find Accessibility and there find the apps with permissions, but in the Swedish translation of /e/os Accessibility is the one marked in the picture, which has nothing to do with app permissions.

Any leads on where I should go to find it?

Indeed.

To easily discuss on common ground you could set the phone to English for the moment, and later set it back to Swedish.
Settings - System - Languages & input - Languages - (add English here or if it’s there but not in the first position just long-tap and drag it there)

I had a look in Settings - Apps - Special app access, but nothing stands out there to me regarding your issue, I guess “Device admin apps” isn’t the one.

I found something in the internet telling developers who would want to implement such a check to simply query the system for the number of displays it serves, and this number shouldn’t be higher than 1.
This would mean that e.g. simple screen sharing Apps could trigger this if your banking App did it the same way.
Anything that comes to mind on your phone?

I had a look at the permissions of 2 Apps on my phone which should be able to share the screen, but again nothing stands out as a permission for remote control to perhaps look for in other Apps.

Tricky.

2 Likes

Thanks for advice!
Changed language but still wasn’t able to locate what they were suggesting.
Tricky indeed.

Yes, the language doesn’t change what’s there or not, but we can talk more easily about Settings paths and whatnot on the phone if we have it on the same language :wink: .

Exactly - was just hoping for an easier search with different headlines in English, but at least we have the same language references here now!

Maybe the “Permission Pilot”-app is helpful?
https://apt.izzysoft.de/fdroid/index/apk/eu.darken.myperm
and here:
https://github.com/d4rken-org/permission-pilot

Just add the izzy-repo to fdroid and you find it through fdroid…

edit:

from what I understand there´s a permission in android (or a group of such) that is called along the lines of “Accessibility Service”. It allows apps to “remote control” the phone in the sense that the app is granted permission to push buttons on its own - for instance in order to follow workflows and e.g.delete the cache of every single app by clicking it´s way through systems settings until all caches are cleared (for example “Cache Cleaner”)… maybe that is what is meant by “remote control”?

You´ll find the menu for that in system settings - well sorry but my menu is in German :slight_smile: … System Settings → “Bedienungshilfen” (Accessibility?) → “downloaded apps”( literally translated…)
(Not sure if all of this redundant anyways to what @AnotherElk already wrote…)

1 Like

In Settings > Privacy > Permission Manager I find 16 “permissions which can be managed” and using Settings > Search facility > Permission there are 20 entries.

An app which does allow Remote control of an Android device is Anydesk. This is a Exodus report for Anydesk listing 18 permissions https://reports.exodus-privacy.eu.org/en/reports/com.anydesk.anydeskandroid/latest/

The Exodus list

ACCESS_NETWORK_STATE view network connections

FOREGROUND_SERVICE run foreground service

INJECT_EVENTS

INTERNET have full network access

MANAGE_EXTERNAL_STORAGE

POST_NOTIFICATIONS

QUERY_ALL_PACKAGES query all packages

:exclamation:READ_EXTERNAL_STORAGE read the contents of your shared storage

RECEIVE_BOOT_COMPLETED run at startup

:exclamation: RECORD_AUDIO record audio

MDM_REMOTE_CONTROL

:exclamation:SYSTEM_ALERT_WINDOW This app can appear on top of other apps

USE_BIOMETRIC use biometric hardware

USE_FINGERPRINT use fingerprint hardware

WAKE_LOCK prevent phone from sleeping

:exclamation:WRITE_EXTERNAL_STORAGE modify or delete the contents of your shared storage

INSTALL_SHORTCUT install shortcuts

KNOX_REMOTE_CONTROL

Maybe the list would give a clue of some exotic permissions to look out for.

As said by @obacht, I also read that some apps with Accessibility access might pose the a threat to a banking app looking for this vulnerability. I have Cache Cleaner installed, it is listed as having Accessibility access, but so far I do not see Accessibility listed as a permission (perhaps a special case?)

1 Like

Not sure what you refer to.
Do you mean in exodus for Cache cleaner?
Or in system settings or in permission pilot?

Neither of those “exodus for Cache cleaner” or “system settings or in permission pilot” …

I mean in my set of permissions found on this device /build 2.0-t-20240508399779-dev-ocean.

1 Like

Hi JM69,

I had the same problem after upgrade to v2.0. The banking app (Nordea) has some sort of detection of malware and I got the same error message telling that possibly a malicious app has been detected and it will not let the banking app be used before it is disabled.

After some digging I found that the app being suspected is Talkback FOSS shipped with /e/. I disabled the app: All applications → three dots: show system → search for Talkback FOSS. Disable and force stop the app.

After doing this the banking app happily worked again. Hope this helps!

Even though I am not using accessibility apps, I think this should be reported to the developer of the software as this could be crucial for being relying on accessibility features. I will report this to the bank and ask nicely for them to find a solution for this.

5 Likes

That’s exactly the same app causing my problems - good to hear you managed to solve the issue!

Ok, trying to follow your instructions but got stuck on the first step: where/how did you find All applications?

Edit:
Never mind - just searched for the app, found it and did what you did and now the Nordea app is working, so a big thank you to you and the rest of you all for helping me out: great community!:pray:

Ju2000:
Just out of curiosity: how did you find out that exactly that app caused the problems, has it caused any problems having that app disabled? Are you also in Sweden? Good to have someone else using /e/ in the vicinity!

2 Likes

JM69: Good to hear you got the app working too! We are neighbours, I live in Finland :slight_smile:

As the app error mentioned accessibility application, I checked what apps are installed for /e/ accessibility via the accessibility menu and found Talkback FOSS there. Then it was just trial and error but this time it hit the mark on the first attempt!

1 Like

Great neighbours too!!

Well done in your search! Did the same kind of looking around, but apparently didn’t find what you did.

Kiitos again, hyvvää summer - kippis!