You'd think most folks by now would realize why so many phone apps are free. Avast just noted the situation of phone apps asking for WAY more permissions than make sense.
Flashlight Apps on Google Play Request Up to 77 Permissions
by Luis Corrons
September 10, 2019
it's a short blog, worth sharing with your naive friends.
1. It's android/google so that's the first strike.
2. In the opening paragraph it is stated: "It is clear that FaceApp is not malicious, although it raises valid privacy concerns." What? Because it has a cute name? Because it has a really artistic icon? What makes any application deserving of this attribute of not being malicious?
3. Four permissions are all that needs to be granted to run a flashlight: 1. Turn on Flashlight. 2. Turn off flash light. 3. Activate flashlight via locked screen. 4. Deactivate flashlight from locked screen.
Also from the article: "apklab.io includes thousands of flashlight apps, however we focused on the ones that have once made it to the Google Play Store. In total I found 937 flashlight Android applications that either once made it on the store or are still available there , seven of which are considered malicious or at least potentially unwanted, which means that most of these apps are 'clean'." More proof that google does not do enough to keep their store clean. Apps aren't vetted. They do not perform random audits. There is no real plan to protect their consumers.
I may be accused of being a fan boy but I'll stick with my Apple store and apps. I have a much higher level of confidence that those apps are vetted.