Next week I'm moving from Cyanogenmod 13 to stock Android M. I no longer have PrivacyGuard and I'm not going to root my phones anymore.<p>With that in mind, how can I protect my contact list and personal files when I install new apps?<p>Let's say I want to install a double tap to unlock app but I'm worried they might be malware. It's impossible to just use apps from certain developers so, HN, can I just install anything I want or do I need some kind of evaluation method? If I never click on "Allow this app to read my contacts" it won't do any harm? If an app shows some ads on my lockscreen I could just remove it, that's ok. But can it make more damage than that?