Permission <READ_PHONE_STATE> are declared but not used

[denis-bogdanas]

Hello, I'm Denis Bogdanas, a research assistant at Oregon Stat University.
I'm working on a tool that automatically introduces runtime permission checks and requests for Android 6 apps. As part of this study I analyzed this app. I was looking at the way permissions are referred in the code.

This app declares permission <READ_PHONE_STATE> in the apk manifest, but doesn't have any code that requires them. It is possible that source code doesn't declare the permissions. I only analyzed apk builds from f-droid. Yet android build mechanism may introduce them when the app uses certain libraries:

https://commonsware.com/blog/2015/06/25/hey-where-did-these-permissions-come-from.html

It won't create any problems on Android 6, but on Android 5- users may wonder why the app needs these permissions and be skeptical of installing the app.

Do you think this is an issue?

best regards,
Denis