Cyanogenmod Puts Users in Control of Permissions

An anonymous reader writes "Cyanogenmod is soon to have a better permissions systems, allowing its users to deny certain permissions to the applications they install. Users are warned that enabling this feature on the nightly build may cause applications to crash or 'force close', but a new dialog allows them to easily return the permissions to stock if they wish. Hopefully Google implements a system similar to this very soon." This is the biggest feature I've missed from Symbian — it never made sense to me why the permissions system didn't put the user in control from the first release.

Re:So That's What Slashdot Is Today

[paziek]

Yea, it shows what is app asking for, but doesn't let you to choose what to actually give. Now its either all or nothing, but Cyanogenmod lets you to fine-tune permissions for app, so for example that notepad app won't be getting access to your contacts or internet anymore.

Not gonna happen in stock Android

This feature will never come to stock Android. Google makes their money from Android by delivering ads, which is what pays for all those free apps. If I could download a free app and block it's ability to connect to the internet, I instantly block the ads. You can like it or hate it, but the fact is this ability would cripple the entire current Android ecosystem.

Re:Not gonna happen in stock Android

[SharpFang]

There is still option of Google separating "obtain targetted display ads" permission from "Full network control"+"Phone location". Making the "ads" permission unblockable.

I really am not happy that an app which does require access to my local filesystem can simultaneously send its entire content to a remote server and let the author track my location - when all I consent for is to display ads relevant to my city.

Re:Not gonna happen in stock Android

[PReDiToR]

You mean like installing Droidwall does?

It's in the market and on XDA-Devs.

If you root you can use AdFree too.

Re:Not gonna happen in stock Android

[poetmatt]

That's not crippling the android ecosystem, that's a benefit and adds value to the system as a whole. All these developers who act like they magically never existed before they made ad-supported apps can shove it and go back to the reality of : ads were never welcome, and developers can live without ad revenue.

Re:Not gonna happen in stock Android

[Eil]

This feature will never come to stock Android. Google makes their money from Android by delivering ads, which is what pays for all those free apps. If I could download a free app and block it's ability to connect to the internet, I instantly block the ads. You can like it or hate it, but the fact is this ability would cripple the entire current Android ecosystem.

I would almost believe your story, if it weren't for the fact that over the last 10 years or so I've been running a full-fledged desktop PC with thousands of free apps installed and yet not a single one of them is ad-supported.

I'm not against developers charging for software, or offering software for free with ads, but I really can't take the "ads or nothing" mentality of this new wave of mobile developers who think that they deserve instant riches just because they've managed to hack together a tiny single-purpose application after reading a book on Objective C or Java.

Re:So That's What Slashdot Is Today

[Mushdot]

It would be nice if the control was a lot more fine grained within each access type e.g. Do you want to allow the app internet access to a specific URL (for example for high scores) and block any other internet access.

It unnerves me a little to see most apps requesting access to your contacts, internet etc without a more detailed explanation why.

Re:Context: Android

[Azmodan]

There is also a "little green robot" next to the news to indicate that this is an Android related story. Hovering it says "Android".

Facebook Apps

[wisnoskij]

They need this feature for Facebook Apps.

Awesome!

[Daetrin]

That would seriously tempt me to try out Cyanogen if Google doesn't implement something like it in the near future, even though i've already got an unlocked Nexus. There are a number of otherwise great apps that i haven't updated in months because they decided to add Facebook integration, so "of course" they need access to my account details now. Sorry, not gonna happen.

Re:Awesome!

[jittles]

I switched to Cyanogenmod for Gingerbread and I haven't looked back since. I love it. I am thrilled about this feature and am now downloading the nightly as we speak! I am very excited.

Re:Awesome!

[Lunix+Nutcase]

And when you block that the app is just going to crash. Have fun when most of those apps no longer work.

Symbian went too far

[pmontra]

Foreword: I've got an old Nokia N70 so things might have changed a lot in Symbian.

A very annoying feature of its permission management system is that it is too fine grained and it doesn't remember user decisions across different executions of the same app. It asks me allow/deny every time I open a file or folder (imagine traversing a 4 folders hierarchy, the SD card counts as one) and that's bad enough. Forgetting my answers when I close the app is even worse. Sometimes I leave the phone on in airplane mode at night not to have to go through all those dialogs.

Android seems to have taken the opposite road. Maybe this mod implements a better middle ground.

Re:Seriously, that was the stupidest thing Google

[CharlyFoxtrot]

Sounds like a headache for developers: "these are the permissions you can ask for, but it's not sure they'll actually be granted." Then you'd have to build in checks absolutely everywhere because you can't rely on anything. Sounds more like a compromise position than anything malicious to me.

Re:Seriously, that was the stupidest thing Google

[maxume]

Or just check at startup and refuse to work at all if the permissions that the developer deems necessary are not available. I imagine that would be a common method of dealing with it, with things eventually reaching the point where developers bothered to ask for minimal permissions and requested that Google create new permissions where users were reluctant to grant broad rights to an app (the latter would happen less, most users aren't going to bother fiddling so much).

Google could avoid a lot of headaches by hiding it behind some preference like "Use Default App Permissions" or "Manage Advanced Permissions" or whatever.

Re:So That's What Slashdot Is Today

[tepples]

How could an app developer program around this fine-grained control? Even if he could make sure tha the program failed gracefully when certain permissions were changed, key functions in his app could no longer work.

// This is pseudocode.
try {
doSomethingRequiringPrivileges();
} catch (SecurityException e) {
alert(appName + " cannot retrieve updated listings because the privilege to connect to the Internet was declined at install time.");
}

Re:Seriously, that was the stupidest thing Google

[h4rr4r]

That is what this does. You ask for contacts, you get an empty contacts. You try to use network and sadly there is just is no network connection at all now.

Dancing Bunny / Dancing Pigs Problem

[tlhIngan]

Sure this is a great addition... for power users who are infallible.

But for Joe Average and power users who fall prey to it (who doesn't?), it doesn't address the primary issue - called the Dancing Bunnies or Dancing Pigs problem. And it's a problem with every OS today - Linux, Windows MacOS X, Android, iOS, and others.

A user will run through many hoops to get what they want. They'll root, jailbreak, install alternative app stores, etc just to save 99 cents for an app. Even if they have to do seemingly complex tasks like install an SSH server, run SSH, type command line commands, etc. It can be amazing how much technical skill the untalented suddenly have.

And the problem is, these are the people that get pwned. Jailbroken iPhones with default SSH passwords. Android phones with botnets installed (courtesy alternate marketplaces), Windows/OS X trojans running botnets, etc. Heck, even Bender skipped his antivirus check for pr0n.

And it's a really difficult problem to solve. Even if these options were global and set reasonably, you can anticipate some app telling you it works better if you do these things to let it get the permissions it wants.

Hell, see the latest Facebook spamming trends, where people are doing things like copying-and-pasting URLs or godawful long javascript blobs. We're at the point where really, the Honor System virus does exist.

Re:Dancing Bunny / Dancing Pigs Problem

[bemymonkey]

Waaaat?

I think you've misunderstood - this feature does not allow you to enable permissions that were previously unavailable for apps - it only allows you to DISABLE permissions that you feel are unneeded by the app. There is no possibility for the user to self-pwn himself, only to protect himself...

Sounds similar to LBE Privacy Guard

[izomiac]

This feature sounds like what LBE Privacy Guard does. Essentially it's UAC with most of the permissions you may want to deny. A big plus is that it runs on any rooted device, and not just a custom Cyanogen nightly.

Requirements
**NEEDS ROOT**
Works on Android 2.0 and above.
Tested on various devices and firmwares, but not tested on Android 3.0 and 3.1 devices.

Current Features
1. Block unwanted send SMS / call phone operation
2. Block unwanted access to phone location, contacts, SMS/MMS conversation database, IMEI/IMSI/ICCID/phone number.
3. Integrated low-level firewall, no netfilter/iptables required, works on pre-froyo devices

Market Link
https://market.android.com/details?id=com.lbe.security