When an app has permission to "read phone state and identity", that means, among other things, that it knows my phone number. And if an app can read all my contacts, what can it do with that information (and the phone number)? If it wants to send that info back to "headquarters" then that means it would need internet access to do that, right?
Well, if I rooted and turned on avast firewall, then all that info is going nowhere via internet, so I'm safe from those apps with permissions sending that info anywhere, right? I've looked up info on permissions, and all the people say that you should avoid apps with those permissions, but I can't find anybody that explains how that private information gets off my phone via the app.
Thanks