Kaladaran/briar
0
0
Fork 0
mirror of https://code.briarproject.org/briar/briar.git synced 2026-02-12 18:59:06 +01:00
Code Issues Projects Releases Wiki Activity

goapunk created page: permissions

goapunk
2017-07-22 16:56:50 +00:00
parent c466ed50b7
commit 35a32e3d10
1 changed files with 38 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
permissions.md Normal file

@@ -0,0 +1,38 @@
# Permissions
This page contains the list of permissions used by Briar and a short explanation for each.
* android.permission.ACCESS_NETWORK_STATE
Required to check if the phone is connected to a network (e.g. via wifi or cellular network).
We need to know when the phone establishes or loses a connection to the internet so we can enable or disable Tor accordingly.
* android.permission.ACCESS_WIFI_STATE
We are using the list of configured wifi networks on the device to increase the entropy used for random data generation in
[AndroidSecureRandomProvicer.java] (https://code.briarproject.org/akwizgran/briar/blob/master/bramble-android/src/main/java/org/briarproject/bramble/system/AndroidSecureRandomProvider.java). No information about those networks are leaked or used for any other purpose.
The permission is also used in the crash reporter to retrieve the local/lan ip of the currently connected wifi network. When Briar crashes an encrypted report can be transmitted via Tor to help us find the bug. You can choose which information are sent and exclude the ip address (untick CUSTOM_DATA in the crash reporter).
* android.permission.BLUETOOTH
Required to add contacts and send messages via Bluetooth. To read more about how Briar sends messages see [How it works](https://briarproject.org/how-it-works.html)
* android.permission.BLUETOOTH_ADMIN
Briar needs this permission to turn on Bluetooth during the contact exchange. See [Adding contacts](https://briarproject.org/manual/#adding-contacts).
* android.permission.CAMERA
The camera is only used during the contact exchange to scan the qrcode. See [Adding contacts](https://briarproject.org/manual/#adding-contacts).
* android.permission.INTERNET
Required to establish a connection to the Tor network and to send messages via Lan.
* android.permission.READ_LOGS
The READ_LOGS permission is used by [ACRA] (https://github.com/ACRA/acra), the library used to report crashes to us, to access the log(cat) of Briar. On newer versions of Android this permission is no longer required (Android > 4.1). There is also a ticket to completely remove this permission and use our own logger: #986
* android.permission.VIBRATE
Required to add vibration support for notifications.
* android.permission.WAKE_LOCK
We need a wake lock to prevent the device from going to sleep because this would break the connection to the Tor network.
* android.permission.ACCESS_COARSE_LOCATION
This permission is required on Android 6+ to discover other Bluetooth devices. Briar used a different approach for adding contacts in the past (via Bluetooth discovery), however this permission will most likely be removed in a future version because the current approach for adding contacts (via qrcodes) does not need Bluetooth discovery anymore.