The paper "Android Permissions Demystified" by Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, and David Wagner from the University of California, Berkeley, explores the permission system in Android applications. The authors developed Stowaway, a tool that detects overprivilege in compiled Android applications by analyzing API calls and mapping them to required permissions. They found that about one-third of the 940 applications analyzed are overprivileged, requesting unnecessary permissions. The study also identified patterns of developer errors, often due to insufficient API documentation, and concluded that developers generally try to follow least privilege principles. The paper contributes to understanding Android's permission system and provides insights into the effectiveness of install-time permission systems.The paper "Android Permissions Demystified" by Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, and David Wagner from the University of California, Berkeley, explores the permission system in Android applications. The authors developed Stowaway, a tool that detects overprivilege in compiled Android applications by analyzing API calls and mapping them to required permissions. They found that about one-third of the 940 applications analyzed are overprivileged, requesting unnecessary permissions. The study also identified patterns of developer errors, often due to insufficient API documentation, and concluded that developers generally try to follow least privilege principles. The paper contributes to understanding Android's permission system and provides insights into the effectiveness of install-time permission systems.