Permission models have become very common on smartphone operating systems to control the rights granted to installed third party applications (apps). Prior to installing an app, the user is typically presented with a dialog box showing the permissions requested by the app. The user has to decide either to accept all of the requested permissions, or choose not to proceed with the installation. Most regular users are not able to fully grasp which set of permissions granted to the application is potentially harmful. In addition to the knowledge gap between user and application programmer, the missing granularity and alterability of most permission model implementations help an attacker to circumvent the permission model. In this paper we focus on the permission model of Google's Android platform. We detail the permission model, and present a selection of attacks that can be composed to fully compromise a user's device using inconspicuously looking applications requesting non-suspicious permissions.