tSpyChecker gives help to detecting spyware.
tSpyChecker gives help to detecting spyware.
Android smart-phones have different security policy from the conventional cell-phones.
Conventional cell-phones are secured by carrier and hardware maker.
But in android phones, users can install apps freely, and can customize it.
To keep security of android phones, users have to be very careful.
As you know, the app exchanges contact information can get the phone number.
If the app is malicious,
the phone number may be collected by criminals.
To avoid such risks, android shows list of functions that the app uses.
And ask user whether install the app or not.
However, messages android shows are not easy to understand. Almost users install apps without understanding the messages.
In addition, some developers occasionally release their apps with needless authority. That is a fact both developers and user are low of consideration to security.
As the android spreads, it seems that the problem grows big. This is the reason why we released this app. we would like to cause a stir in current situation.
tSpyChecker classifies of apps in your device into safety and dangerous.
When you launch "tSpyChecker", you will be surprised that much apps are classified dangerous.
The apps judged dangerous are not always malicious.
tSpyChecker gives you just a guidance.
Application List displays a list of all installation apps.
When the analyzing finished, the list of applications is shown.
If there are dangerous functions such as information leakage, pink icon is displayed.
You can find dangerous apps with this screen easily.
The risk that each icon means is as follows:
This application can leak information of your friend and acquaintance. | |
This application can steal user's input(e.g., password). | |
This application can leak user's personal data. | |
This application can monitor user's action. | |
This application can make a call without user's permission. | |
This application can send a short mail without user's permission. | |
This application can lock or initialize the device forcibly by remote-control. | |
This application is incomplete or under development. | |
This application can alter or remove data without user's permission. | |
This application can harm the device by altering device's settings. |
*In the case of malicious apps, It is risky.
For example, you do not need the ability to read the phone book to the general application of wallpaper.
You must distinguish that it is really dangerous apps.
The detailed commentary is here.
When press and hold the list, it displays follows menu:
(The displayed menu is different by the application.)
Exclusion List is displayed a list of apps that excluded.
Tap "Exclusion List" of the right tab of the "Application List".
If you judge the app is safe, you can exclude it from Application List.
The "Exclusion List" screen lists the excluded apps.
When press and hold the list, it displays a "Restore to App list" and "Uninstall" menu.
This screen detects dangerous authority of the apps, and display a result.
When swipe a Application List or Exclusion List, this screen will be shown.
This screen shows detected risks of the app with description that is easy to understand.
Please confirm whether there functions are really required or not.
For example, if the wall paper app has a function of the acquisition
with a phone number and a function to send a short email, It seems dangerous.
In addition, the web search by the application name, when you click the search button.(Transition to the browser application)
The detailed commentary is here.
This screen is displayed when the application doesn't have any dangerous authorities.
When tap a "Uninstall" button, you can uninstall the app.
When tap "Exclude" button, you can exclude the app from the list.
This screen shows a description all of the authority of the app.
Swipe to "Description" screen, detailed description of the app is shown.
You can see a detailed description of application functionality.
Please scroll the screen to see long descriptions.
This screen displays the explanation that is more detailed than Android Settings.(Settings>Applications>Manage applications)
Orange color explanation means the protection level of authority is "dangerous".
The app can access the user's private data of high-risk features.
White color explanation means a protection level of authority is "normal", describes the low-risk features.
It is a screen for the developers who can confirm permissions with a cord.
Swipe to "Permissions" screen, Application permission screen is displayed.
All of authorities admitted for application are listed.
Show a detailed description, group, and protection Level of authority when you tap the list.
tSpyChecker features the following settings.
You can be changed to a display "Except an preinstalled apps" or "Only preinstalled apps".
Also, You can change the order of the list by tapping "Updated date descending", "Application name ascending", "Dangerousness descending", etc.
"Dangerousness descending" is the total number of dangerously Permission.
It is not in descending order of total number of pink-icon.
You can change detection of communication method from "Internet communication", "SMS communication", "NFC communication" and "Bluetooth communication".
By default, "Internet communication" and "SMS communication" have been checked.
You can change detection of dangerous Permission group.
Applications that belongs to the selected group will be detected.
"Keystroke logging and can send it","Access function to personal data and can send it" and "Monitoring user's action"
is detected in combination with external communication tools that is checked in your settings.
By default, permission that should be aware have been checked.
For additional information, please visit at next chapter.
This chapter describes the results found by the tSpyChecker.
Authority icon | Commentary |
---|---|
When application have permission of access your friend and family information and communication tools that is checked in your settings, display the icon. Because the application can access and send friends data via specified communications, this is risky. For example, When application have "android.permission.READ_CONTACTS" and "android.permission.INTERNET", Allows an application to leak the friends name, address, and phone number. |
Authority icon | Commentary |
---|---|
When application have "android.permission.BIND_INPUT_METHOD" and communication tools that is checked in your settings, display the icon. Allows the holder to bind to the top-level interface of an input method. Because the author of this application can steal user's input(e.g., password) illegally without permission, using communication tools that is checked in your settings, this is risky. |
Authority icon | Commentary |
---|---|
When application have permission of access personal information and communication tools that is checked in your settings, display the icon. Because the application can access and send user's personal data via specified communications, this is risky. For example, When application have "android.permission.READ_CONTACTS" and "android.permission.INTERNET", Allows an application to leak the user's contacts data. |
Combination as follows:
Communication | Authority of acquire personal information |
---|---|
Selected communication tools Setting is here |
GET_ACCOUNTS |
USE_CREDENTIALS | |
READ_SMS | |
RECEIVE_SMS | |
RECEIVE_MMS | |
RECEIVE_WAP_PUSH | |
READ_CONTACTS | |
READ_CALENDAR | |
READ_USER_DICTIONARY | |
READ_PROFILE | |
READ_LOGS | |
READ_PHONE_STATE |
Authority icon | Commentary |
---|---|
When application have permission of access to user's action and communication tools that is checked in your settings, display the icon. Because the application can monitor user's action via specified communications, this is risky. For example, When application have "android.permission.ACCESS_FINE_LOCATION" and "android.permission.INTERNET", Allows an application sent outside of your whereabouts at all times. |
Combination as follows:
Communication | Authority to access the user's action |
---|---|
Selected communication tools Setting is here |
RECORD_AUDIO |
RECORD_AUDIO, PROCESS_OUTGOING_CALLS | |
CAMERA | |
ACCESS_FINE_LOCATION | |
ACCESS_COARSE_LOCATION | |
RECEIVE_SMS | |
RECEIVE_MMS | |
RECEIVE_WAP_PUSH | |
ACCESS_WIFI_STATE | |
com.android.browser.permission.READ_HISTORY_BOOKMARKS | |
READ_LOGS | |
GET_TASKS | |
BATTERY_STATS |
Authority icon | Commentary |
---|---|
When applications have "android.permission.CALL_PHONE" or "android.permission.PROCESS_OUTGOING_CALLS", display the icon.
Allows the applications can make a call without the permission of the user. Malicious applications may cause unexpected calls on your phone bill. This is risky to cost a rate and leaking a phone number. And, the application that have "android.permission.CALL_PHONE" and "android.permission.PROCESS_OUTGOING_CALLS" be dangerous because it can be transferred to a different phone number. |
Authority icon | Commentary |
---|---|
When application have "android.permission.SEND_SMS", display the icon. Malicious applications may cost you money by sending messages without your firmation. |
Authority icon | Commentary |
---|---|
When application have "android.permission.BIND_DEVICE_ADMIN", display the icon. Allows the holder to send intents to a device administrator. Should never be needed for nomal application, it is risky. |
Authority icon | Commentary |
---|---|
When application have authority group "DEVELOPMENT_TOOLS", display the icon.
Should nevere be needed for nomal application, it is risky. In addition, signing in Debug Mode, is also displayed in the debug-enabled application. |
Permission as follows:
Authority |
---|
SET_DEBUG_APP |
SET_PROCESS_LIMIT |
SET_ALWAYS_FINISH |
SIGNAL_PERSISTENT_PROCESSES |
Authority icon | Commentary |
---|---|
When application have authority that can falsify data, display the icon.
For example, When application have "android.permission.WRITE_CONTACTS", Allows an application to modify and delete the contect(address) data stored on your phone, it is risky. |
Permission as follows:
Authority |
---|
WRITE_SMS |
WRITE_CONTACTS |
WRITE_CALENDAR |
WRITE_USER_DICTIONARY |
WRITE_USER_DICTIONARY |
com.android.browser.permission.WRITE_HISTORY_BOOKMARKS |
WRITE_EXTERNAL_STORAGE |
MOUNT_FORMAT_FILESYSTEMS |
WRITE_PROFILE |
Authority icon | Commentary |
---|---|
When application have authority to destabilize the operation of the terminal, display the icon.
For example, When application have "android.permission.WAKE_LOCK", Allows and application to prevent the phone from going to sleep, Because of increase in battery consumption, it is risky. |
Permission as follows:
Authority |
---|
CHANGE_CONFIGURATION |
CHANGE_NETWORK_STATE |
CHANGE_WIFI_MULTICAST_STATE |
CHANGE_WIFI_STATE |
WRITE_APN_SETTINGS(Android4.0) |
WRITE_SETTINGS |
WRITE_SYNC_SETTINGS |
SET_TIME_ZONE |
MOUNT_UNMOUNT_FILESYSTEMS |
KILL_BACKGROUND_PROCESSES |
REORDER_TASKS |
SYSTEM_ALERT_WINDOW |
DISABLE_KEYGUARD |
WAKE_LOCK |
tSpyChecker detects the applications and application modules that have became a topic on the Internet.
Even if the developer says "no problem", many users have seen the app as a problem, tSpyChecker will detects the app.
It's dangerous to continue using the app that have been recognized to problems by the application developer itself.
Even if the developer say to "no problem", this apps detects the software.
Display a screen of selecting detect app when you tap "Detect Hot Apps" on menu.
Then check the app discovery. And check the box against the application you want to discover.
Display a detailed explanation when you tap the list.
This appears only type that was detected.
If not found will not be displayed.
Display a detailed explanation when you tap the list.
Carrier IQ was discovered in December 2011.
It has been a problem as software which records a user's operation without a user's permission by the mobile phone maker and a carrier.
Although it aimed at using for the improved quality of a product by using the trend data collection of the mobile phone, user was not told that data collection.
Even if Carrier IQ is installed, sometimes data collection is not carried out or sometimes only the wreckage of Carrier IQ is installed, it is various.
In order to uninstall Carrrier IQ, root privilege is needed so uninstallation is usually impossible.
Please refer to the following for detailed information.
To uninstall Carrier IQ, you need to get a root.
So usually, you can not uninstall the app Carrrier IQ.
For additional information, please visit the following:
Screen of detected Carrier IQ.
Display a detailed explanation about Carrier IQ when you tap the "Description" button.
Detailed description screen of Carrier IQ
This application has been created with reference to FORTINET "Carrier IQ on Android FAQ".
When the following files exist, Reports that "Detected".
This app does not determine that is actually running Carrier IQ.
There may be to be addressed other than the above in the future, in which case please contact us.
Airpush is the application module for ads provided by Airpush Inc.
Ads is displayed on notification bar of devices instead of application's display area.
Even if it does not use an application, ads is displayed and a user does not know which application displayed ads.
Please use this function when ads displayed on a status bar and you don't know how to delete it.
For additional information, please visit the following:
Screen when AirPush detected
Displays all of the applications using AirPush.
The ads will be deleted from notification bar when all applications are deleted from the list.(Even one application remains, the ads keep displaying.)
AirPush.com expresses that the AirPush advertisement delivery system is no problem.
Thus, AirPush ad module is being used openly. Perhaps It is not included in applications secretly.
Therefore, tSpyChaecker reports "Detected" when the following symbols have been found in AndroidManifest files.
It seems addtional logic will be needed in the future. If you find other symbols should be detected, please let us know.
The Movie is a malware that was discovered in April 2012.
Many applications has been released as the Movie.
Their application name was named 'the Movie' adding after the famous keyword.
It is said that the number of installations are more than hundred thousand.
Although the application provides the function of to download videos, it will send names and phone numbers in contacts to the server at the same time.
At present these apps has been removed from Google Play, and the author's account removed too.
The server used to receive data from the Movie has been stopped, so if you installed the Movie application, it doesn\'t send info in contacts.
However, who have installed these apps before the server was stopped, phone book data could have been already extracted.
Please refer to the following for detailed information.
Symantic blog:
"The Movie" Malware Steals Personal Information from Japanese Android Users
tSpyChecker will search applications that are given package name below.
tSpyChecker displays index of the Permissions. It could search by permission name.
When tap the list, it displays application list per permission.
Download from Android Market" Apps -> Tools"
http://play.google.com/store/apps/details?id=jp.co.taosoftware.android.spychecker
For additional information, please visit at here.
You expressly acknowledge and agree that use of the Software is at your sole risk. The Software and related documentation are provided "AS IS" and without warranty of any kind and Taosoftware EXPRESSLY DISCLAIMS ALL WARRANTIES, EXPRESS AND IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. TAO SOFTWARE DOES NOT WARRANT THAT THE FUNCTIONS CONTAINED IN THE SOFTWARE WILL MEET YOUR REQUIREMENTS, OR THAT THE OPERATION OF THE SOFTWARE WILL BE UNINTERRUPTED OR ERROR-FREE, OR THAT DEFECTS IN THE SOFTWARE WILL BE CORRECTED. THE ENTIRE RISK AS TO THE RESULTS AND PERFORMANCE OF THE SOFTWARE IS ASSUMED BY YOU. FURTHERMORE, TAO SOFTWARE DOES NOT WARRANT OR MAKE ANY REPRESENTATIONS REGARDING THE USE OR THE RESULTS OF THE USE OF THE SOFTWARE OR RELATED DOCUMENTATION IN TERMS OF THEIR CORRECTNESS, ACCURACY, RELIABILITY, CURRENTNESS, OR OTHERWISE. NO ORAL OR WRITTEN INFORMATION OR ADVICE GIVEN BY TAO SOFTWARE OR TAO SOFTWARE'S AUTHORIZED REPRESENTATIVE SHALL CREATE A WARRANTY OR IN ANY WAY INCREASE THE SCOPE OF THIS WARRANTY. SHOULD THE SOFTWARE PROVE DEFECTIVE, YOU (AND NOT TAO SOFTWARE OR TAO SOFTWARE'S AUTHORIZED REPRESENTATIVE) ASSUME THE ENTIRE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
UNDER NO CIRCUMSTANCES INCLUDING NEGLIGENCE, SHALL TAO SOFTWARE, OR ITS DIRECTORS, OFFICERS, EMPLOYEES OR AGENTS, BE LIABLE TO YOU FOR ANY INCIDENTAL, INDIRECT, SPECIAL OR CONSEQUENTIAL DAMAGES (INCLUDING DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, LOSS OF BUSINESS INFORMATION, AND THE LIKE) ARISING OUT OF THE USE, MISUSE OR INABILITY TO USE THE SOFTWARE OR RELATED DOCUMENTATION, BREACH OR DEFAULT, INCLUDING THOSE ARISING FROM INFRINGEMENT OR ALLEGED INFRINGEMENT OF ANY PATENT, TRADEMARK, COPYRIGHT OR OTHER INTELLECTUAL PROPERTY RIGHT, BY TAO SOFTWARE, EVEN IF TAO SOFTWARE OR TAO SOFTWARE'S AUTHORIZED REPRESENTATIVE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
We make a customized development of software for Android. Please feel free to contact us at any time.