Google Cuts Android Privacy Feature, Says Release Was Unintentional

An anonymous reader writes "Peter Eckersley at the EFF reports that the 'App Ops' privacy feature added to Android in 4.3 has been removed as of 4.4.2. The feature allowed users to easily manage the permission settings for installed apps. Thus, users could enjoy the features of whatever app they liked, while preventing the app from, for example, reporting location data. Eckersley writes, 'When asked for comment, Google told us that the feature had only ever been released by accident — that it was experimental, and that it could break some of the apps policed by it. We are suspicious of this explanation, and do not think that it in any way justifies removing the feature rather than improving it.1 The disappearance of App Ops is alarming news for Android users. The fact that they cannot turn off app permissions is a Stygian hole in the Android security model, and a billion people's data is being sucked through. Embarrassingly, it is also one that Apple managed to fix in iOS years ago.'"

Ups and Downs

[Akratist]

One of Android's selling points has always been it's open nature, and the fact that it's not as locked down as iOS. This seems like it's taking a step in the direction of locking down the OS for the user, and unlocking it for everyone else...

Re:Ups and Downs

[Rosco+P.+Coltrane]

Well it's Google, what do you expect...

If you think Google works for the good of the user, think again.

Re:Ups and Downs

[Chris+Mattern]

If you think Google works for the good of the user, think again.

Only Tron fights for the user.

Re:Ups and Downs

[ciderbrew]

Nah, Tron left to work on Babylon 5.

Re:Ups and Downs

[erikkemperman]

The open nature is also being drastically eroded by moving more and more stuff into the Google Play Services. So while the platform is still technically open source, all the interesting things are moved into a separate, closed, layer.

Slowly but surely, android is closing up.

Re:Ups and Downs

[LordLimecat]

It bugs me to see the crap google gets when they are the least abusive of all big companies by just about any measure, and actually HAVE fought for the user on several occasions (China, warrantless data requests, posting takedowns to Chilling Effects / working with the EFF).

I mean I guess you can cross your fingers and hope that companies like Yahoo and MS dont do things like spill the beans on Chinese dissident bloggers or work with the Chinese gov't to create a bugged version of Skype for China, but I wouldnt hold your breath.

I guess why it irritates me so much is that Google really does seem to try to be the good guy, and they get crap for it because people seem to want to forget what their business model is and give them a hard time for being for-profit. Maybe we should boycott them, THAT will teach them to fight extrajudicial data requests!

Re:Ups and Downs

Well it's Google, what do you expect...

If you think Google works for the good of the user, think again.

Google's new motto "Do as much evil as possible!"

I thought it was "Evil Different"?

Re:Ups and Downs

That is very true; much of it is moving to closed source. Unfortunately we can't have nice things. We can't have nice things because of Tivoisation ( http://en.wikipedia.org/wiki/Tivoisation ). We can't have nice things because of Samsung trying to "demote" the Google apps in favor of their crapware. We can't have nice things because of hardware vendors and carriers who won't update their devices (forcing Google to move stuff from core into apps that can be updated without intervention). There are a lot of things driving Google into close-sourcing more of the interesting bits of Android. None of those are "because they want to" or "because they are evil". They are, instead, being forced into it due to the evil of others.

Re:Ups and Downs

[Mordok-DestroyerOfWo]

Zathras used to being beast of burden. Zathras have sad life, probably have sad death, but at least there is symmetry

Re:Ups and Downs

The actual open nature is the question of source code. That's great if you're one of the 0.0005% of people who can honestly read the code for what it is. This doesn't apply to script kiddies of people who've done a Sam's Learn [language x] in 31 Days book.
 
Aside from that Apple really hasn't been closed in comparison. If anything, it's easier to get an iPhone that doesn't have provider crapware. iPhone, by default, is also more functional in the area of application rights to the OS based on the wants and needs of the end user.
 
But people drank deep of the Kool-Aid from a company who's business model depends on them mining end user data. This is how the OS is given for free and Google still profits from it. For all the self-appointed business geniuses we have here it surprises me that it took so long for people to start seeing it for what it is. Actually, it doesn't surprise me because I know how the blinders of Fanboy Pride can keep people from seeing the truth.

Re:Ups and Downs

What did you smoke? They are among the worst. They voluntarily shared user data in China and Russia. They cooperate with the NSA ALL of the time. They data mine their clients (you and I) and they have removed most means to restrict access to personal info. Do you work for Google?

Re:Ups and Downs

M'aiq longs for App Oops. Practical, yet stylish. M'aiq is very sad he does not have one.

Re:Ups and Downs

[Daniel+Hoffmann]

End of line.

Re:Ups and Downs

[tlhIngan]

One of Android's selling points has always been it's open nature, and the fact that it's not as locked down as iOS. This seems like it's taking a step in the direction of locking down the OS for the user, and unlocking it for everyone else...

The only reason Google "gave away" Android is because Google needed to counter the iOS threat. Remember, Google viewed the potential harm that iOS could do - it could lock Google out of the advertising business (being that Google owned the vast majority of online ad networks, and the iPhone couldn't show Flash ads that were extremely popular) in the mobile market. Google was forced to buy and release Android so they'd always have a hook. (And Google may have paid Apple to create iAds - so they could avoid DoJ scrutiny over their purchase of mobile advertising heavyweight AdMob).

Remember, Android exists because Google felt threatened that Apple could cut Google off at any point, thus depriving Google of their main source of revenue.

With this in mind, Google has already been heavy handed - the OHA version is different from the AOSP version, and you need the OHA version if you want to release a phone. And doing so meant you obliged by the OHA terms (which included the inability to load in replacements of Google Apps - so no cometing Maps or other services were allowed). Or even the thought of creating a phone that COULD run Android apps could get you kicked out of the OHA, as Acer found out when they wanted to release a phone with a mobile OS that had Android compatibility layer.

In fact, Google's been locking features out of AOSP for a while now - a lot of new features aren't in AOSP as Google has made them closed-source apps. http://arstechnica.com/gadgets/2013/10/googles-iron-grip-on-android-controlling-open-source-by-any-means-necessary/

Of course, Google can do this as tney no longer need Android open-sourced anymore - it's achieved its goal of preventing Google from being locked out of iOS/mobile. In fact, the biggest threat to Google is AOSP (see Kindle), hence closed-sourcing of features.

Oh yeah, the privacy features in Android were removed because they interfered with Google's revenue - ads. Remember how I said Google owns the largest ad networks? They also own the largest mobile ad network as well. It's curious how a two-bit ad network like iAds could even be considered a "competitor" - most ads on iOS are again done by a Google-owned company rather than iAds.

Re:Ups and Downs

Only Tron fights for the user.

And the EFF.

Re:Ups and Downs

[oogoliegoogolie]

Oh jeez, you really need to stop looking at Google through your Android-colored glasses!
Google was a cool tech company a decade ago when they came up with products that benefited the users, namely an email product that offered 1GB of space free when others gave you 20MB, and of course search. Since then they've morphed from a tech to an advertising and data-mining company, and all of their products reflect this.
Google:"Do you want to sign up for G+" or "Do you want to use your real name on Youtube?"
User:clicks NO
Google:"OK, we'll ask you later"

Do No Evil hasn't existed at Google for a decade, if it ever did.

Re:Ups and Downs

Can you tell me exactly which parts of Android have moved into Google Play Services? I would like you to enumerate the parts, rather than just providing a link to some documentation somewhere to prove that you've actually read and understood whatever it is that you're linking to.

Re:Ups and Downs

Zathras used to being beast of burden. Zathras have sad life, probably have sad death, but at least there is symmetry

You are awesome for that!

Re:Ups and Downs

[RedBear]

It bugs me to see the crap google gets when they are the least abusive of all big companies by just about any measure, and actually HAVE fought for the user on several occasions (China, warrantless data requests, posting takedowns to Chilling Effects / working with the EFF).

I mean I guess you can cross your fingers and hope that companies like Yahoo and MS dont do things like spill the beans on Chinese dissident bloggers or work with the Chinese gov't to create a bugged version of Skype for China, but I wouldnt hold your breath.

I guess why it irritates me so much is that Google really does seem to try to be the good guy, and they get crap for it because people seem to want to forget what their business model is and give them a hard time for being for-profit. Maybe we should boycott them, THAT will teach them to fight extrajudicial data requests!

I imagine the baitfish has a similar mental state at any point in time prior to being eaten by an anglerfish.

Any perceived benevolence, animosity or innocuousness in a completely amoral organism like a corporation is an illusion. For your own safety you should learn to pierce that illusion. There is no reason to "feel bad" for a steamroller when its operator is being reprimanded for running over a dog. The fact that the steamroller was, up until that moment, being used to help create a road system that you will personally benefit from does not negate nor excuse the canine compression incident. It is the dog and/or the machine operator that you should have an emotional interaction with. Not the machine.

Google is neither friend nor foe overall, and is quite capable of being commanded by its human operators to perform both highly benevolent and highly antagonistic activities simultaneously at any given point in space and time. Also, its past behavior has little bearing on its present or future behavior. Your entire argument is therefore pointless.

Re:Ups and Downs

[ugglybabee]

Nope. It's simple. Doesn't matter who you are, how evil or how good. You kill privacy, you get criticized for it, duh.

Re:Ups and Downs

[mounthood]

It bugs me to see the crap google gets when they are the least abusive of all big companies by just about any measure ....

They deserve to get crap for *this* and any other positive actions aren't a get-out-of-jail-free card. Until a few years ago the slashdot faq contained this:

I thought everyone on Slashdot hated the RIAA, the MPAA, and Microsoft. Why do you keep hyping CDs, movies, and Windows games?

Big corporations are what they are. They sell us cool stuff with one hand and tighten the screws on our freedoms with the other. We hate them every morning and love them every afternoon, and vice versa. This is part of living in the modern world: you take your yin with your yang and try to figure out how to do what's right the best you can. If you think it has to be all one way or the other, that's cool, share your opinions, but don't expect everyone else to think the same.

Re:Ups and Downs

[erikkemperman]

Can you tell me exactly which parts of Android have moved into Google Play Services? I would like you to enumerate the parts, rather than just providing a link to some documentation somewhere to prove that you've actually read and understood whatever it is that you're linking to.

And I would like world peace and justice for all. But seriously,
do you make a habit of jumping through hoops for random ACs on the Interwebs? Because I don't. Look it up if you want to find out, or put in the legwork and provide some argument to refute mine.

So no, sorry, I am not going to enumerate, much less prove that I have understood it (how would that even work, were you expecting a lecture?)

And yes, I do develop androids apps professionally -- though looking to jump ship, for reasons that won't interest you. There may be non-nefarious reasons, as another AC (I guess) mentioned above, for moving stuff into GPS, but I am not sure why that would necessarily have to be closed source.

Re:Ups and Downs

> do you make a habit of jumping through hoops for random ACs on the Interwebs?

So, if I had posted using my /. account, you would have serviced my request? I'm the same human at the keys in either case.

> much less prove that I have understood it (how would that even work...

It would work just like I said it would in my original post...

"I would like you to enumerate the parts, rather than just providing a link to some documentation somewhere to prove that you've actually read and understood whatever it is that you're linking to."

by enumerating the things that have moved into GPS. No lecture required, just a solid sign that you actually *read* what you were linking to.

I've gotten into far too many discussions where even a cursory inspection of proffered material reveals that the material not only fails to support an OP's argument, but actually undermines it.

Re: Ups and Downs

[RyuuzakiTetsuya]

Let's dial back the conspiracy bullshit.

My first thought is, is this breaking apps that aren't crappy flashlight apps that are harvesting data from users.

Re:Ups and Downs

And people wonder why the FSF has a problem with "open source" that isn't free software. For all the bitching people do about how they're zealots, it looks like they called this one the right way.

Re:Ups and Downs

[erikkemperman]

Well no, I mentioned your ACness mostly for lack of a handle by which to refer to you. No offense. And rest assured I wouldn't have serviced a random nonymous request either, as it is unreasonably demanding. This is /. ffs, and I am supposed to be working :-)

But what the hell, let's get this over with: push notifications. Used to be part of the core services, new version is in play services. That is pretty much all I need to understand to have made the statement above while knowing what I am talking about. If you consider this adequate or not is not really an issue for me; I just posted about something that bothers me, take it or leave it as you see fit.

Re:Ups and Downs

[hax4bux]

Google Maps would be the first example that comes to mind, followed by Google Cloud Notification.

Re:Ups and Downs

[ImprovOmega]

As long as you can side load apps and the APIs are free for developers it will still be light-years more open than Apple ever allows you to be. Heck, you can't even write an iPhone app unless you're doing it on a Mac with a sanctioned Apple developer license.

Re:Ups and Downs

We can't have nice things because of Samsung trying to "demote" the Google apps in favor of their crapware.
  We can't have nice things because of hardware vendors and carriers who won't update their devices (forcing Google to move stuff from core into apps that can be updated without intervention).

Escaped these two poblems by installing cyanogenmod... And so happy I did...

Re: Ups and Downs

the open source browser is gone and replaced with (mostly) closed source Chrome. Now Google is moving on and implementing streaming like Dash in Chrome, not bothering with proper android mediaplayer support...

Re:Ups and Downs

That is very true; much of it is moving to closed source. Unfortunately we can't have nice things. We can't have nice things because of Tivoisation ( http://en.wikipedia.org/wiki/Tivoisation ). We can't have nice things because of Samsung trying to "demote" the Google apps in favor of their crapware. We can't have nice things because of hardware vendors and carriers who won't update their devices (forcing Google to move stuff from core into apps that can be updated without intervention). There are a lot of things driving Google into close-sourcing more of the interesting bits of Android. None of those are "because they want to" or "because they are evil". They are, instead, being forced into it due to the evil of others.

I have nice things on my iPhone.

Re:Ups and Downs

Thank you kind sir. You made my morning.

Re:Ups and Downs

Maybe we should boycott them

I already do. I've been using Bing for all of my searches for the past few months now.

Re:Ups and Downs

Sorry. To answer your initial question, if an AC makes a reasonable request, I do try to fulfull it. IMO, it doesn't matter if you've a /. account or not, if you're productively engaging in a conversation, you do deserve a thoughtful response.

Re:Ups and Downs

To be fair, do no evil is pretty hard.

Sure, google probably makes most of its money from ads and data mining, but I still think it gives you more control over your data than others. You can export or delete data from drive, google plus etc. - try doing that on facebook. Okay, "being less evil than facebook" is hardly a citation for herodom, but it's a start. And glass is kind of a cool experiment, except it can't be done subtly enough that it's unnoticeable yet. They should have built the hardware into the rim of those 1950s NHS glasses - the frames were easily thick enough and there would be the extra cool retro dork factor. And driverless cars.... There's still innovation going on, I'm not convinced it's all that coherent but maybe that's just because I can't see the full details of their plan to RULE THE WORLD!!! Muhahahahahha!

Re:Ups and Downs

[chihowa]

Google morphed from being a tech company to an advertising company when the bills started coming due for running their search engine. The evil that you're complaining about is what motivated the never-have-to-delete-a-message email boxes.

Re:Ups and Downs

Ah, the old "X is bad", "But it's not as bad as Y" argument. Allowing freedom, politics, and now OS openness to slide continually downward unopposed.

Congratulations, you've brought the "at least we're not as bad as North Korea" argument to the phone arena.

Re:Ups and Downs

[LordLimecat]

Oh jeez, you really need to stop looking at Google through your Android-colored glasses!

Wonderful ad hominem, but I dont actually have an android.

I also like how you completely didnt address any of my points. Yes, a lot of the stuff Google does with youtube is incredibly obnoxious, as is their insistence on making Google+ work despite the fact that noone really cares. None of that really has anything to do with their corporate stewardship or ethics.

Calling them "evil" for their youtube commenting policies just shows that you really dont understand what "evil" is referring to. For some people, Google's privacy policy is a lot more vital to their well-being than whether you are forced to use Google+ for youtube comments, and those people are probably really glad that Google actually honors its policies and resists overreach by law enforcement of various countries.

Re:Ups and Downs

[LordLimecat]

Google's entire business model is "we will give you free stuff if you provide us with information-- which we will keep in-house and never share without a court order."

Its not really their fault that some people (geeks, of all things) want the free stuff but dont want the privacy downsides.

Re:Ups and Downs

[LordLimecat]

They deserve to get crap for *this*

What, for removing a partially completed and never officially released feature? What about the fact that no other mobile phone maker even provides this capability-- why doesnt anyone else get crap for that? What about the fact that none of the other top-4 phone OSes even let you access a third-party store?

The double standards applied to Google are absurd. Seriously, when I see an article recommending that you abandon Google for Bing in Time magazine (which ignores all of the times MS has assisted with human rights violations by providing customer data), you know theres something wrong with the criticisms.

Re:Ups and Downs

lol this is some of the silliest fanboy drivel I've seen in awhile.

Re:Ups and Downs

[ohnocitizen]

Why does it bug you when a company gets crap for being abusive? They also get praise for when the fight the good fight, and criticism for when they are on the wrong side of things. That strikes me as a good thing.

Re:Ups and Downs

[Maow]

The open nature is also being drastically eroded by moving more and more stuff into the Google Play Services. So while the platform is still technically open source, all the interesting things are moved into a separate, closed, layer.

Slowly but surely, android is closing up.

Perhaps, but I thought that moving things into Google Play was mostly in response to the "fragmentation" issue, and / or because manufacturers and carriers were unwilling to issue updates for Android. Perhaps compensating for allowing too much freedom for carriers to add crapware, sell handsets, then neglect the customers.

The separation of many features into Google Play allows them to be updated without the participation of the aforementioned parties - is this not the case?

Having said that, I try to avoid Google services where possible - I don't like any one entity knowing too much about me.

Re:Ups and Downs

you can write for apple devices in java through the codenameone project

Re:Ups and Downs

[IamTheRealMike]

They deserve to get crap for *this* and any other positive actions aren't a get-out-of-jail-free card.

No, we don't. Look. I know some guys on the Android team, I've emailed back and forth with Diane and other Android designers before. They are not idiots and do not spend all day smoking cigars in dark rooms trying to figure out ways to violate peoples privacy.

The "feature" that was "removed" was a debug UI that wasn't actually ever accessible via the phones user interface, it had to be activated using undocumented internal APIs. It wasn't visible in the UI because it's extremely easy to break your apps or entire phone by adjusting those settings, and giving hundreds of millions of users a convenient way to brick their own device by screwing with system process permissions is not how you build mass-market products.

Android is designed, for better or worse, to tell you precisely what apps can do and then you can take it or leave it. Most platforms don't bother to break down what apps can do for you - Android is not perfect but it's still better than most of its competitors in that regard. The reason you can't edit app permissions selectively is that this would be a nightmare for app designers: there are lots of permissions, so you'd have to write your app to handle all the possible combinations of permissions that the user might have deactivated. What if you install a web browser, and the user accidentally or stupidly disables internet access permission? Apps would just end up doing manual permission checks and re-presenting the same screen you already see at install time.

Now I'd personally like to see an ability to apps to ask users to grant a few permissions at runtime for cases where a permission is for a truly optional subfeature of the app, or the need for it is best explained by context. Location requests would often fall into that category. But permission nag dialogs can be annoying as well, so I understand why Android puts it all up front.

Anyway, regardless of what you believe about the Android permissions model, seeing this as some kind of corporate mega-conspiracy is dumb and immature. It's a set of decisions that balance competing user interface design priorities. That's it.

Re: Ups and Downs

[IamTheRealMike]

It's not gone, it's not being updated any more. But the old code still works fine and uses the current UI conventions.

It sucks that Chrome on Android is closed source vs on desktops where it's open. Unfortunately, if it were open source, it'd immediately be forked by OEMs and operators and then Google would lose the ability to quickly update it. Fast updates, especially for security, are a key part of the Chrome brand to end users much moreso than being open source is :(

Re:Ups and Downs

One of Android's selling points has always been it's open nature, and the fact that it's not as locked down as iOS. This seems like it's taking a step in the direction of locking down the OS for the user, and unlocking it for everyone else...

Fortunately, thanks to that open nature, you can get third party apps (like LBE Security Master) that can do the same thing as the now-withdrawn system (only better, because it gives you finer control).

Re:Ups and Downs

[LordKronos]

Oh jeez, you really need to stop looking at Google through your Android-colored glasses!
Google was a cool tech company a decade ago when they came up with products that benefited the users, namely an email product that offered 1GB of space free when others gave you 20MB, and of course search. Since then they've morphed from a tech to an advertising and data-mining company, and all of their products reflect this.
Google:"Do you want to sign up for G+" or "Do you want to use your real name on Youtube?"
User:clicks NO
Google:"OK, we'll ask you later"

Do No Evil hasn't existed at Google for a decade, if it ever did.

Whine whine. Your typical slashdot "google this google that...blah blah blah...do no evil...now give me my +5" post. Are you SERIOUSLY suggesting that asking you to sign up for google+ qualifies as EVIL? My god, the bar for that one has really gotten low lately. You've offered me a decent service for free while only very slightly inconveniencing me....EVIL!!!!!!!!11!!!1!!!!!one!!!

Google does a ton of things in the last decade that benefit users, or at least myself, greatly:
1) youtube - Great place for me to host videos to share with my family. They're all private URLs so not publicly searchable, and I know pretty much anybody that I want to share the url with can see them, even on a tablet or phone. And if google wants to do some video datamining of my 3 year old daughter doing something cute, who the fuck cares.

2) maps - Nevermind that it's not even 10 years old. Most of the best improvements (street view, real time traffic, predictive traffic, navigation, public transit) were all created in the last 5-6 years. All accessible from my android phone. It's amazing how useful this is. In 2004 I visited Chicago for a weekend and used only public transit. As a tourist, I remember how nervous I was using it. I had the maps, trying to figure out what bus to take to where, and what connections I need to pick up and seeing how they all timed up. Nightmare to me. I visited there again this summer and unlike last time, I didn't plan a thing as far as how to get here or there. When I needed to go somewhere, I just put in the location and it showed me all the options for bus or rail. In 2004, I didn't go anywhere without knowing exactly where I was in relation to everywhere else. This time, I couldn't tell you shit about where I was, as I didn't need to know. Just followed a few simple instructions and I was where I needed to be

3) google+ - yes, some of us actually use it. I can't stand facebook. You have little control over what you see, they're always breaking your privacy settings, and it's filled with crap (half the "posts" are some score or achievement somebody in farmville or some other crappy game). Google let me control exactly what/who I want to see, and they've always been pretty good at not "breaking" privacy options.

4) gmail - even this is less than a decade old (launched in 2004), but I'll give you a break there. But still, tons of great improvements in UI design over the last 5 years. There has been cool enhancements, like the Google Talk feature

5) video chat - text chat has already been pretty easy to do among different os and device options, but video was a different story. Even 2-3 years ago, I remember trying to do video chats between android and ipad. So very few options. The ones I did try were all buggy (ex: some devices the video would be upside down), and blatantly missing support for obvious features (like rotating displays). The ones that worked halfway decent quickly made themselves annoying after some updates were released. Since google got serious about this in the last year or so, this is has become a piece of cake

6) voice - Thanks google. With the help of a $40 obi device, I haven't paid a penny for my home phone service in 3 years (sadly it looks like that may be coming to and end in the next 5 months or so). The abilty to ring mulitple phones (and use your contacts to control who rings to what

Re:Ups and Downs

[AmiMoJo]

Don't forget licensing and patents. As any system becomes more advanced it accumulates them and thus becomes harder to open.

Re:Ups and Downs

[peppepz]

Did they require a court order before sharing every detail of people's lives with the NSA? Did they require a court order before collecting private information with their streetview cars? What about lying repeatedly when they were accused of that? When did I accept Google to track, and store idenfinitely, my browsing history, by means of invisible tracking cookies set up on most websites even though I haven't logged into *any* of their services?

Re:Ups and Downs

[peppepz]

They are not idiots and do not spend all day smoking cigars in dark rooms trying to figure out ways to violate peoples privacy.

Whatever their intention, there's little difference for the end users: before they could have more privacy, now they have less. Objectively.

It wasn't visible in the UI because it's extremely easy to break your apps or entire phone by adjusting those settings, and giving hundreds of millions of users a convenient way to brick their own device by screwing with system process permissions is not how you build mass-market products.

Do you mean that Android doesn't have a "factory reset" option? Now this does look like a way not to build a mass-market product.

The reason you can't edit app permissions selectively is that this would be a nightmare for app designers: there are lots of permissions, so you'd have to write your app to handle all the possible combinations of permissions that the user might have deactivated.

Being able to respond to external conditions is a large part of what being an "app designer" boils down to. If you don't even bother to check the return values of the API methods you invoke, then your app is defective at best, and perhaps you should be designing something else.

What if you install a web browser, and the user accidentally or stupidly disables internet access permission?

The same thing that would happen if you use the said web browser, and the user accidentally or stupidly disables the wifi radio. Should we be afraid of this feature disappearing in future versions of Android?

Apps would just end up doing manual permission checks and re-presenting the same screen you already see at install time.

Looks like a solution. This outcome would be no worse than the current situation, so what's really bad with it?

Now I'd personally like to see an ability to apps to ask users to grant a few permissions at runtime for cases where a permission is for a truly optional subfeature of the app, or the need for it is best explained by context. Location requests would often fall into that category.

We all would like to, that's why we are protesting against Google's decision.

But permission nag dialogs can be annoying as well, so I understand why Android puts it all up front.

It's all about being able to choose what can be more annoying, a rogue application designed in an unknown country spying all of my life, or an opt-in behaviour to display a pop-up warning that I can disable if I feel that it's not useful.

Anyway, regardless of what you believe about the Android permissions model, seeing this as some kind of corporate mega-conspiracy is dumb and immature. It's a set of decisions that balance competing user interface design priorities. That's it.

Adding juvenile appellatives to the thesis you're trying to discredit doesn't make you more right. Nobody is claiming about a "conspiracy". There are clear, lawful, public steps of a for-profit company in the direction of collecting more user data and giving the user less choice about what data to share and with whom, and less knowledge about when such data is specifically being collected and by whom.

Re: Ups and Downs

is it possible to downgrade my android version with no backups around?

I would now like to run current version -1 if possible.

if anyone knows how please post the instructions or a link to them.

running on Nexus 7(2013 & 2012) and both got upgraded to latest android version.

ADVthanksANCE

Re:Ups and Downs

[LordLimecat]

They didnt share info with the NSA. The whole point was that the NSA was grabbing data off of the wire without permission or knowledge. Google actually has a pretty solid track record of not rolling over every time the authorities come knocking without a warrant.

Of course, you seem to think that the info streetview gathers is somehow private (its not, we're talking about public wifi beacons broadcast to the whole neighborhood), and wherever you got your information has misled you: far from lying about it, Google is the one who actually dropped the news that they were accidentally collecting info.

When did I accept Google to track

When you visited their sites and began using their services. For non-google sites, when you visited sites whose webmasters made the decision to use google analytics or adwords.

Dont like it, take it up with those sites: Theyre the ones making the decision to drop google cookies on your machine.

Re:Ups and Downs

[LordLimecat]

They voluntarily shared user data in China and Russia.

Wrong, try again. They were threatening to leave China for a while about 7 years ago because China was pressing hard for them to spill the beans on what kinds of searches folks were doing, and Google didnt want to play that game. Of course as I linked Yahoo and MS were all too happy to comply, Im not really clear how that makes them better in your book.

More recently (less than a year ago?) Google started alerting users when Chinas GFW was tampering with their connections in response to "forbidden" queries, which led to a sort of arms race between the two of them.

They cooperate with the NSA ALL of the time

Source? Because the Snowden leaks indicate that the snooping was done without Google's knowledge, and was done to basically all major internet companies.

They data mine their clients (you and I) and they have removed most means to restrict access to personal info.

Bull.
1) Android lets you use third party marketplaces to install whatever you want; as does Chrome; as does Google apps. The first two let you set up whatever privacy features you want.
2) Chrome since beta has allowed you to turn off all tracking
3) they track basically the same info as every major search provider in the last 10 years. Theyre probably better at it, but hey: they do let you opt out, and they DO fight requests from the authorities to hand that info over.

Do you work for Google?

No, Im an IT consultant / contractor. I dont really have a particular vested interest in Google, except that they seem to actually care about building good products and employing actual functional security. I do have a number of acquaintances in China who are directly affected by the shenanigans of the other companies I mentioned, so perhaps Im biased in that manner.

You have a lot of questions, I have one for you: who are you supposing is among the best, if Google is among the worst?

Re:Ups and Downs

[LordLimecat]

They also get praise for when the fight the good fight,

Not really, no, they dont. There has been some sort of bizarre campaign against google for like the past 6-7 years, with some advising to use Bing or Yahoo if you care about privacy-- which shows you just how wacky things are.

I mean, lets look at this case: From what I can determine (not having an android), they built some code to control privacy features, but didnt finish it or release it, and there was a very real chance that it would cause problems. So they removed this hidden, essentially beta-quality code; and if some of the comments are to be believed they rolled it into a later version of the OS. And people are complaining that the whole exercise was somehow to steal privacy from the user, as if that somehow makes sense.

It would be a good thing if there werent ridiculous double standards whenever people compare google and their competitors.

Re:Ups and Downs

[peppepz]

They didnt share info with the NSA. The whole point was that the NSA was grabbing data off of the wire without permission or knowledge. Google actually has a pretty solid track record of not rolling over every time the authorities come knocking without a warrant.

They didn't share info with the NSA, they were effectively the NSA, by having pieces of NSA inside of themselves which could gather as much private data as they could, without any notice of this being made public. Wasn't it for Snowden, we wouldn't know anything about this. Whether this was done with cooperation from Google or without, they never said in an official statement: their statements do not deny nor confirm that they collaborated. Certainly their effort to protect the privacy of their users wasn't sufficient, if we want to believe that their data ended up at the NSA without them even noticing.

Of course, you seem to think that the info streetview gathers is somehow private (its not, we're talking about public wifi beacons broadcast to the whole neighborhood),

What information is public and what is private isn't a matter for me or for LordLimecat to deliberate. It's regulators and courts that decide that, and in fact they have repeatedly fined Google in multiple countries of the world over this matter. Your statement is also incomplete, as Google collected at the time not only wifi beacons, but also traffic paylods.

and wherever you got your information has misled you: far from lying about it, Google is the one who actually dropped the news that they were accidentally collecting info.

They lied two times: once when they said that they weren't collecting payload data, and once again when they said that they had already deleted. It's true that they admitted themselves that they were lying, but only after they were imposed by public authorities to provide data that would have exposed the problem.

When did I accept Google to track

When you visited their sites and began using their services. For non-google sites, when you visited sites whose webmasters made the decision to use google analytics or adwords.

Dont like it, take it up with those sites: Theyre the ones making the decision to drop google cookies on your machine.

I did not accept any license agreement by visiting those sites. They planted cookies on my machine without any form of consent at the moment that I typed their URL on my web browser, or that I clicked an hyperlink on another website.

Re:Ups and Downs

[qfman]

There are some good people at Google that try to do the right thing by including things like appopp. To bad they have to be so greedy that maintaining a massive boat is more important than maintaining any user privacy at all. Removing appopp was NOT at the request of the NSA, GOOGLE just decided that if the NSA can do it, even though they fain decent, well then why not profit to the max off the concept.

Re: Ups and Downs

[RickRussellTX]

Good grief. If the FBI keylogs your machine, or you are compelled to testify and then gag-ordered, does that make you a collaborator? If a convenience store records you on camera, do you hold the camera company responsible? You assignments of blame are misplaced.

Re:Ups and Downs

[bbsalem]

It bugs me to see the crap google gets when they are the least abusive of all big companies by just about any measure, and actually HAVE fought for the user on several occasions (China, warrantless data requests, posting takedowns to Chilling Effects / working with the EFF).

I mean I guess you can cross your fingers and hope that companies like Yahoo and MS dont do things like spill the beans on Chinese dissident bloggers or work with the Chinese gov't to create a bugged version of Skype for China, but I wouldnt hold your breath.

I guess why it irritates me so much is that Google really does seem to try to be the good guy, and they get crap for it because people seem to want to forget what their business model is and give them a hard time for being for-profit. Maybe we should boycott them, THAT will teach them to fight extrajudicial data requests!

You don't need to go into international abuse of the Internet to damn Google. The only thing you need to answer "Do no Evil" is to look at Google's mismanagement of its own products, and even if you restricted the discussion to what they do in the U.S.

The most glaring example is Google Docs and Google Drive, misrepresented as open cloud and content repositories, which in fact they deliberately violate standards to create a captive market environment. They are closed environments and claims that they support content such as web pages that should adhere to open standards are false.

Google has the repository of USENET legacy positings and maintains access to newsgroups while pushing blogging, evidently knowingly choosing a more restrictive medium for social interaction only because of its data mining applications and advantage to its business partners while stunting public discussion and debate with a blog format. Even response to USENET postings have more of the looks of a blog post than a newsreader post, revealing the business and political agenda to embrace forums while in fact curtailing them. They haven't the guts to support true public discussion and debate, contrast USENET newsgroups with Google+ and other blogs. IMHO blogs are intended to give the page owner exclusive power to set the agenda and the lack of forum features, as in USENET, suppresses public debate. Slashdot in a bright spot in the current situation,

Most Google products have been discontinued for a variety of fiighty business reasons, the most famous example is Google Reader, which successfully hid the administrivia of feed management in a way that Feedly and other aggergators do not. Even though it still has the defficiency of any blog it was one of the more successful products of Google, which was discontinued.

I regard Chrome and Google Earth as more successful, but I am leary of the large caches they create on systems. I resist using Google Eath because of that and go to Google Maps whenever I need the former, now.

Re:Ups and Downs

[LordLimecat]

I dont think you understand how cookies work: they arent "planted", the website requests that your browser create the cookie. You went to a URL and said "please send me all of your content", which your browser then rendered "without your consent", grabbed and executed scripts "without your consent", and stored cookies "without your consent". But of course your consent was implicit in choosing to visit that URL and request resources from that server; its your fault if you walk into a store and then complain that you're now on their CCTV because you chose to visit that store and play by their rules.

A lot of browsers (including IE starting with v6) allow you to disable cookies, or prompt you when they are requested. If this actually mattered to you, you could easily be notified when google cookies are "aimed" at your computer, and deny them, and then refuse to visit those sites.

And regarding the "multiple countries fined google", the US did not. Europe has some fairly strict laws on privacy, but anyone with any sort of technical understanding of WiFi understands that unencrypted publicly broadcasted wifi signals are not "private". You may be correct regarding storing the payloads, but as I recall the entire point of their exercise was to gather SSIDs for location info-- not to do any analysis on the payloads. Considering that theres not really any practical way to gather one without gathering the other (you run airodump), its a bit silly to make a huge thing about this. Your computer is already receiving the traffic, all google did was record it.

Find me a conviction for it in the US, otherwise really not interested in what a german court had to say about google.

Re:Ups and Downs

[ThePhilips]

1) youtube

Founded by three PayPal alumni. Later purchased by Google.

2) maps

Yes. But Google also keeps the Maps squarely server-side, making them rather useless when you need them most: off road, or in a middle of nowhere where there is no signal.

3) google+

Moot. There are tons of alternatives.

4) gmail

... Considering to how functionally-limited GMail always was (folders anyone? saved searches? mass operations?) and how they keep screwing up the UI... I doubt it GMail fame would be worth mention in few years.

5) video chat

There are several alternatives. Skype pops to mind immediately.

6) voice

Obihai is not a Google product.

7) android

Originally developed by Android Inc. Later purchased by Google.

I'm sure I could go on, but [...]

Oh, please, do go on. Enlighten us.

Re:Ups and Downs

[ohnocitizen]

Just because you haven't seen it, doesn't mean it isn't there. (http://www.theguardian.com/technology/2010/jan/14/google-praised-human-rights-activists as one example). Another might be their investments in green tech (http://hardware.slashdot.org/story/13/11/16/1655232/googles-wind-solar-power-investments-top-1b). Positive press for the company is out there.

As for the feature itself - Google has an easy PR move here. "The feature was released early without sufficient testing, however we are actively looking at ways to protect user privacy". Instant win.

Re: Ups and Downs

You can save maps offline and gmail has IMAP support.

Re:Ups and Downs

[peppepz]

I dont think you understand how cookies work:

Spare me the condescension, this is slashdot, nobody reads it without knowing how cookies work.

But of course your consent was implicit in choosing to visit that URL and request resources from that server; its your fault if you walk into a store and then complain that you're now on their CCTV because you chose to visit that store and play by their rules.

There's no such thing as an implicit consent. A web site can't force me to buy an encyclopaedia because I visited their URL. That's because entering a URL doesn't imply buying encyclopaedias, or selling your own private information. Stores have notices that tell you there's CCTV installed, and most importantly, they won't share tapes with your face, name and timestamp with all the other stores, and in particular they won't sell that information.

A lot of browsers (including IE starting with v6) allow you to disable cookies, or prompt you when they are requested. If this actually mattered to you, you could easily be notified when google cookies are "aimed" at your computer, and deny them, and then refuse to visit those sites.

Why, there are lots of legitimate uses for cookies beyond spying my life. I can't be forced to renounce them because some commercial company wants to sell my personal information without my consent.

And regarding the "multiple countries fined google", the US did not.

http://www.ct.gov/ag/cwp/view.asp?Q=520518&A=2341 http://www.reuters.com/article/2012/04/16/net-us-google-fine-idUSBRE83F00Q20120416 http://www.theguardian.com/technology/2012/aug/09/google-record-fine-ftc-safari

Find me a conviction for it in the US, otherwise really not interested in what a german court had to say about google.

Not only Germany. The list of countries that fined Google is much longer. Considering that the federal government used Google (and Yahoo, and Facebook, and whomever else) to spy their own citizen and those of the rest of the world, it's no wonder that they couldn't make a big fuss about privacy. Apparently the States are more sensitive about their citizens' privacy.

Your computer is already receiving the traffic, all google did was record it.

I'm certain that Google made no use of the accidentally collected data. The problem is, that when you're collecting large amounts of private data from the whole world, and gathering that information into a single place, you have to be extremely careful about what you do with that much data, and whose hands you put that data in.

Re:Ups and Downs

[DickBreath]

> Google's new motto "Do as much evil as possible!"

That motto would result in an intellectual property lawsuit from Microsoft.

Put in an app

I thought I read that they just pulled it out and into its own app, so that you'd have to seek out this feature. They wanted to keep folks who didn't know exactly what they were doing to stumble upon this and mess up their phones.

Re:Put in an app

[the_B0fh]

https://news.ycombinator.com/item?id=6900762

If that is true, it means Google actually yanked the calls, instead of just hiding them.

Re:Put in an app

[savuporo]

Its easily found on Play store in many incarnations, so if you want it you have it. I've been using it for months. Whats the big deal ?

https://play.google.com/store/apps/details?id=com.colortiger.appopsinstaller

Re:Put in an app

Are you on 4.4.2 yet? I just got it yesterday. That's the version this article says it got removed in.

Re:Put in an app

[squiggleslash]

Not even that really. You ALWAYS needed third party apps to bring up the screen.

Here's the deal. This was never an end user feature. It was a screen that required additional software to actually bring up. It wasn't documented. I'm not even sure how anyone found out about it - my guess is someone trawling through the source code. Google's assertion that this wasn't meant to ever be released appears to be completely genuine and the apparent insinuation by the summary that Google isn't telling the truth is absurd and unfounded.

This is not to argue that the feature wouldn't be welcome. But as someone who used the equivalent functionality in CyanogenMod for a while, I can confirm that turning off permissions dynamically in this way requires quite a bit more care than it might appear at first - apps did crash when apparently denied features quite reasonably, even when you might think they'd have to cater for that situation anyway. I'd deny network privileges to an app, and see it crash, even though it would work without problems when the privilege was given but the network was unavailable for technical reasons.

Unfortunately, because Google has (objectively) gone to shit lately, and because they've lost some goodwill in their recent move towards closing much of Android ecosystem, combined with Facebook and Apple's paid anti-Google shilling campaign, this story is being presented as yet more evidence that Google is doing something wrong.

They're not. They've removed an undocumented part of the operating system that required third party software to access in the first place, that attempted to do something that requires thought, care, and planning. Good. Now, le'ts hope they finish what they started, and release a working version.

Re:Put in an app

[triffid_98]

as someone who used the equivalent functionality in CyanogenMod for a while, I can confirm that turning off permissions dynamically in this way requires quite a bit more care than it might appear at first - apps did crash when apparently denied features quite reasonably, even when you might think they'd have to cater for that situation anyway. I'd deny network privileges to an app, and see it crash, even though it would work without problems when the privilege was given but the network was unavailable for technical reasons.

Speaking as a fellow Cyanogenmod user...

CASE #1

Some apps will crash if they can't read your phone contacts (or whatever absurd permission they asked for) and report them to their remote server...and I'm totally fine with that. They said right out they needed X permission and I said no you can't. CASE #2

A lot of applications (I've no idea what percentage though) ask for permissions that they don't need, presumably on the basis that they might need them in the future and don't want automatic updates to stop (which they will if they suddenly want new permissions) CASE #3

see CASE #1, except the developers used this super secret coding technique called try{}catch, and the application still works fine.

Re:Put in an app

[BasilBrush]

I can confirm that turning off permissions dynamically in this way requires quite a bit more care than it might appear at first - apps did crash when apparently denied features quite reasonably, even when you might think they'd have to cater for that situation anyway. I'd deny network privileges to an app, and see it crash, even though it would work without problems when the privilege was given but the network was unavailable for technical reasons.

And yet iOS allows you to deny permissions to apps without them crashing. That's the benefit of apps seeking permissions at run time, and having removal of those permissions at any time a standard user feature, such that app developers know they may not have permission granted for such requests.

really ?

[fluffythdestroy]

It's possible that this feature got through Q&A without noticing or telling which got through the cracks. They bigger you are, they more complex "papers and bureaucrary becomes thus more mistakes are bound to happen...like this. I won't judge them for this mistake but people will judge them by how they fix this mistake and how fast can it be fixed. Everyone can make mistakes but it takes skills to learn from it. Let's hope Google can learn from it.

Re:really ?

[robmv]

It was never a feature, people access it using a third party application that calls an Activity that is not normally accessible from the OS UI. It is like when people found initial semi-working code of multiple user profiles on Android 4.1, again not accessible to the users, and later releases added the feature when the code was completed and tested. I think we will see this feature enabled on later Android versions when they get to finish it and find ways to make old applications not crash when permissions are removed.

Re:really ?

[Arker]

The difference is that this is really critical functionality that should have been built in and tested from day one, but gets pushed way down the priority stack because of googles conflict of interest in the matter. So it's like that situation a little, but not really.

Re:really ?

[rvw]

It was never a feature, people access it using a third party application that calls an Activity that is not normally accessible from the OS UI. It is like when people found initial semi-working code of multiple user profiles on Android 4.1, again not accessible to the users, and later releases added the feature when the code was completed and tested. I think we will see this feature enabled on later Android versions when they get to finish it and find ways to make old applications not crash when permissions are removed.

Let it crash! Put this feature somewhere hidden with a warning that it only should be used by experienced users. I don't care if an app crashes because it cannot get to my contacts. Although it would be nice if you would get a notice about this.

Re:really ?

[Bob9113]

I think we will see this feature enabled on later Android versions when they get to finish it and find ways to make old applications not crash when permissions are removed.

It is already known how to enable it without crashing the applications; return fake data. The cause of the app failure is not returning any data. There is a tool for returning fake data, which I think was briefly included in CyanogenMod. It causes apps that rely on the data for their revenue stream to continue operating without getting their payment (clean, marketable data). It was decided that tricking apps into operating was, in one way of thinking, using the software without the informed consent of the programmer -- something akin to misappropration -- and so it was removed.

You may not agree with that perspective, but it is the issue that Google is wrestling with: Should they facilitate the ability to prevent apps from knowing that they are not getting the clean data that they currently take as payment for producing the app?

In my opinion, our current standards for acquiring such data are extremely shady, relying heavily on a consumer base that is deeply misinformed of the extent of the surveillance and the risks the data stores pose. Where the balance of good lies between surveillance and countermeasures is hard to tell; it could be that subverting the datastream is pro-social in the long run -- but that is not the side on which Google's bread is buttered. They have a strong motive to see things from the app developers / watchers / revenue stream point of view. A great deal of money flows to Google from informed, uninformed, and misinformed consent to surveillance.

Re:really ?

[robmv]

You can do that, and be an OS with bad reputation or you can be a good OS vendor, and start documenting those changes for future versions, give developers time to update, etc. Quoting Linus Torvalds, "don't break userspace", if you are going to break it, give people time to update

Re:really ?

[the_B0fh]

https://news.ycombinator.com/item?id=6900762

This indicates that Google actually pulled code out. They could have just re-hidden it. Instead, it is now completely unavailable.

Why are you making excuses for them?

Re:really ?

The old CyanogenMod that I use on my HTC G2 has permission controls. It works by faking the interface that the permission normally provides. Therefore apps do not crash because they still get permission but it's to fake data.

The only problem with it is that it is very out of date at this point and it does not fake the data for all permissions.

Re:really ?

[mrchaotica]

They are giving developers time to update... the only people using this feature are ones who had to specifically go download an app to access it, and who therefore know exactly what they're doing. The only thing this change does is harm the users that had already explicitly accepted the consequences of using the unstable feature by removing their choice.

Re:really ?

iOS solves this in a trivial way. It's an app store requirement to continue to work, with the maximum functionality possible with each permission turned off.

Re:really ?

[MalleusEBHC]

It's possible that this feature got through Q&A without noticing or telling which got through the cracks.

It's QA, not Q&A. It stands for Quality Assurance, not Questions and Answers.

Re:really ?

[robmv]

Do you really think everyone that download those applications that enable access to this hidden code know what they are doing? People will download it because they saw it on the media, use it, and go to Google Play and start giving bad reviews for applications that have bad behaviour, and not only crashes, what will happen if the access to the IMEI number is hidden giving fake numbers and for some reason a crap application used that to identify the user and for some reason privacy is broken, accessing data of other users?

Google is very strict with application compatibility on Google Play. I remember they advised the Cyanogenmod team to not enable multi window feature for all applications because not all of them work without problems with dynamic screen sizes and they didn't want to alienate developers on Google Play with bad reviews for something that doesn't follow the Android APIs. There is a reason Samsung multi window feature only works with some applications and not all of them

I still think this a feature that we will see later when better developed and there is a better way to ensure old applications compatibility. We will see then

Re:really ?

[geminidomino]

It never made it past testing in CM, but it's available for most Android versions, in some form, since 2.3.6.

Gingerbread had pDroid. Then there's pdroid2.0 and openpdroid, which are separate projects to do much the same thing, and openpdroid works for up to 4.2.2 now, AFAIK.

They're a little tricky to get going, You need to be using a deodexed rom (which pretty much means a non-stock custom) and you need to patch whichever $pdroid into it. Once that's done, it's just a matter of running the pdroid manager app and you're set.

NB: Not affiliated with any of the .*pdroid.* projects, just a (paranoid|spiteful) bastard who refuses to use android without them anymore.

Re:really ?

[mrchaotica]

Do you really think everyone that download those applications that enable access to this hidden code know what they are doing? People will download it because they saw it on the media, use it, and go to Google Play and start giving bad reviews for applications that have bad behaviour

In this case, the people who are too stupid to use it are also too stupid to know or care why they'd even want to in the first place. It's not as if this is a game or something; it's a settings menu. Nobody's installing it for fun.

what will happen if the access to the IMEI number is hidden giving fake numbers and for some reason a crap application used that to identify the user and for some reason privacy is broken, accessing data of other users?

You answered yourself. They key words were "crap application."

Also, I wish IMEI access was a disable-able permission. Either it isn't, or it's a permission that absolutely nothing on my phone has tried to request.

The bottom line is scenarios like you described, where restricting an app's permission could ever cause a worse problem, tend not to be plausible.

I remember they advised the Cyanogenmod team to not enable multi window feature for all applications because not all of them work without problems with dynamic screen sizes and they didn't want to alienate developers on Google Play with bad reviews for something that doesn't follow the Android APIs. There is a reason Samsung multi window feature only works with some applications and not all of them

I've never used either Cyanogenmod or Samsung's multi window feature, but I would have assumed it just reported the next-smaller screen size class (i.e., a 10-inch tablet in landscape mode would display two apps side-by-side by pretending to each app to be a 7-inch tablet in portrait mode). That sort of thing should be inherently compatible with all apps (at least, all apps that adhere to Google's UI standards).

Re:really ?

[X0563511]

It's not Google's responsibility. If the app wasn't written by a chinese fly-by-night, it would handle the null data return and properly admonish the user, etc.

Re:really ?

[Rob+Riggs]

You may not agree with that perspective, but it is the issue that Google is wrestling with: Should they facilitate the ability to prevent apps from knowing that they are not getting the clean data that they currently take as payment for producing the app?

In my opinion, our current standards for acquiring such data are extremely shady, relying heavily on a consumer base that is deeply misinformed of the extent of the surveillance and the risks the data stores pose. Where the balance of good lies between surveillance and countermeasures is hard to tell; it could be that subverting the datastream is pro-social in the long run -- but that is not the side on which Google's bread is buttered. They have a strong motive to see things from the app developers / watchers / revenue stream point of view. A great deal of money flows to Google from informed, uninformed, and misinformed consent to surveillance.

I completely agree. There is another, related problem that Google needs to address. Users have little recourse when app producers renege on the privacy that was initially sold to the user. For example, I paid for WeatherBug Elite simply because it did not require "phone state and identity" when I purchased it. Guess what? A year later they wanted that information for "Elite" too. I can either accept or not upgrade. I don't upgrade. I have a bunch of apps that are not getting updated because the new perms they ask for are ridiculous. If users cannot maintain the privacy that they paid for, what other options exist for them?

Either privacy has value and must be honored by app producers as part of the sale, or it doesn't and users have the right to block access to private information.

Re:really ?

[lgw]

Userspace is entirely broken on Android today. I have uninstalled every app, except a couple of big commercial apps, because everything wants to fondle every part of my phone. The design of Android is fundamentally flawed because I have to worry about this.

Re:really ?

[mdielmann]

I can agree with much of what you say, but I would be happy if I could set my global permissions, give exceptions when I feel like it, and the apps just said, "Sorry, but we will not operate if we can't upload copies of all your selfies." Then I could choose to let it see my pictures, or I could uninstall it. Either way, I know what's happening, and I get to choose the outcome.

I currently have Blackberry, probably my last, and will likely replace it with an Android. But it has this feature, and it will be missed.

PDroid

[JeffOwl]

Gives granular control of app permissions. Requires Root, but it's worth it. I figured this change was never going to be permanent because it messes with Google's (and app developers') revenue stream.

Re:PDroid

Thank you

Re:PDroid

[Kazymyr]

There are many apps that do that. I have been using "Permissions Free" for a couple of years now. I guess the news is that Google released similar functionality as a built-in, then removed it. Sounds nasty.

Re: PDroid

XPrivacy is even better

Re:PDroid

[gstoddart]

And just how easy is it to root the device? Every time I've looked at it, it seems like it's a lot of hoops to jump through, and with some concerns about still having a working device.

Why Android can't just give me root by default, I don't understand. It's MY device, why can't I be the one who decides if I can have root?

Re:PDroid

Because it's not your device. Not fully at least since you're merely licensed to use the software.

Re:PDroid

[drinkypoo]

Why Android can't just give me root by default, I don't understand. It's MY device, why can't I be the one who decides if I can have root?

There are security implications for both unlocking and rooting. It's best that they default off.

Re:PDroid

And just how easy is it to root the device? Every time I've looked at it, it seems like it's a lot of hoops to jump through, and with some concerns about still having a working device.

On my Nexus 4? Install android sdk tools. Download custom recovery and supersu. Plug the phone in and type three or four commands.

Re:PDroid

[JeffOwl]

Ease of rooting depends on the device and can vary greatly from "download an app and press a button" to "download part of the Android dev environment to your PC, put the phone in dev mode and run a script." My current phone fell into the latter category, and even that wasn't bad with the detailed instructions.

As to your second point, I agree that there should be an easier way, but I don't think it should be enabled by default. Not having Root provides a level of security from malicious apps. Even with root, the phone will prompt you every time an app wants super user access.

Re:PDroid

Eh, the bigger problem is that app developers have this whole time been assuming that all the permissions that they ask for in the manifest have been already approved, so they aren't handling exceptions properly when something like this or Cyanogen's similar feature decide that they can't access something. Google doesn't like it because the Play Store has enough crashy apps as it is.

I figure when this feature finally does become official it will only work on apps written for some later API version and won't be usable on older apps.

Re:PDroid

[Anne+Thwacks]

why can't I be the one who decides if I can have root?

Because your carrier thinks you might use it to avoid intrusive advertising.

Re:PDroid

[Razalhague]

I guess the news is that Google released similar functionality as a built-in, then removed it. Sounds nasty.

They didn't release it, per se. The code was there, but it was only accessible with third party tools. Not saying disabling access to it was the right choice, but it isn't as nasty as it sounds.

Re:PDroid

[DrXym]

I doubt Google cares that some app is too buggy to function without a particular permission. Their general approach is to let the cream float to the top.

Most apps already have to cope with features that are missing. e.g. an app might want to read SMS or make calls, but neither facility is available on most tablets. Or they might ask for GPS coords and again they simply can't have it. If they can't cope with the variety out there already then I don't see much difference if the user has an explicit switch to disable that functionality.

That said, the current situation is completely unacceptable. The upfront permissions are getting worse and worse for some apps and often for completely esoteric reasons. Twitter recently updated their app to ask my location. Fortunately there is a switch in their app to turn this off, but really I shouldn't have to count on their charity - I should be able to turn that setting off whether they want me to or not.

Re:PDroid

You can be the one who decides. Buy a nexus, unlock the bootloader and root it. Done.

Re:PDroid

[tepples]

Doesn't doing that on a Nexus 4/5/7/10 wipe all data from your phone? What'd you use to back up your data before that?

Re:PDroid

[mrchaotica]

Twitter recently updated their app to ask my location. Fortunately there is a switch in their app to turn this off, but really I shouldn't have to count on their charity...

More to the point, you shouldn't have to count on their trustworthiness. Who's to say the app doesn't actually leave the location reporting turned on regardless of that setting?

Re:PDroid

[IronChef]

It would be nice if I could unlock/root my device without wiping it at least.

Re: PDroid

That's stupid. If your device is stolen you don't want to allow someone access to all your data. Forcing a wipe protects your dumb ass.

Re:PDroid

[X0563511]

This, most likely... though it can't seem to back up Play applications that you've paid for (AFAIK there's encryption involved)

ADB (debugger, part of the SDK) also has backup/restore functionality - though I've never used it personally so I don't know if it's actually usable without already being rooted.

Re:PDroid

[X0563511]

Even with root, the phone will prompt you every time an app wants super user access.

Nope. That is entirely up to the 'su' binary on your device. On mine, rooting simply meant I was able to alter things. It wasn't until I replaced the 'su' binary that I was able to effectively run things superuser, and the replacement binary (chainfire's supersu, incidentally) does the prompting.

Re:PDroid

[tomhath]

You mean like when Windows would install with the default user having Administrator privileges. That didn't work out very well.

Re:PDroid

That is exactly the point - granular permissions break the data gathering and ad delivery mechanism baked into Android, which is critical to Google. As with so many things with Google, they view the user as their commodity and they will exploit the users for their gain over the user's needs every time.

But as long as the public insists on getting something for "nothing", this isn't going to change. If people would recognize that they have to pay for things, and simply paid for them like mature human beings, there would be less incentive for companies, developers, etc to try to market their user bases.

But that isn't going to change because people are basically lazy, stupid, greedy and short sighted. I just wish there was a way to say "I'm not one of them, I'll pay for services and products, please don't group me with them".

Re:PDroid

[kenshin33]

even paid for apps can and will gather info.
Take cable TV fort instance .. paid for (a hefty sum sometimes) and still there's almost as much ads as content! paying doesn't magically aleviate or rsolve th problem. it is as you said " because people (generally) are basically lazy, stupid, greedy and short sighted." that we are in this situation !

Re:PDroid

Not only that either. Google is now adding permissions to apps after the fact. If they create a new permission, after you have released your app, they're adding that permission to the list required by your app. So permission proliferation is getting worse.

Re:PDroid

The latest update to Google maps wants permission to be able to delete files from my SD card. WTF?

Re:PDroid

[mrchaotica]

You ought to be able to re-download Play applications you've paid for anyway (unless you don't plan on reinstalling the Play Store, of course).

Re:PDroid

What exactly is worth it?
Giving root access to applications that you don't have source code for?

Re:PDroid

Because the millions of idiots out there will click yes to everything and completely fubar their device and blame the device. Happens all the time.

Re:PDroid

I assume you have the source code for that binary that can do anything on your phone?
Oh, what's that? You don't?

Re:PDroid

[Technomancer]

I am a happy user of Permissions as well. And while I like it as a hack, I use it with full understanding of consequences of disabling random permissions in Android apps.

I also understand Google's position. This feature has capability of breaking apps in various ways. It makes it much harder for app developers to test and deploy the apps.

If the app requires some permission and it gets disabled, suddenly some OS calls will fail and the app will usually not be able to handle it. In best cases it may not matter, in a lot of cases it will cause crashes, in worst cases it will cause user data corruption.

For feature like this to be fully supported whole Android permission model would have to be upgraded with 3rd state, in addition to permitted and denied states for each permission it would have to add "optional/user" state and app developers would have to test with that setting on and off. This would also explode number of test cases so I don't expect any developer going for it. So disabling permissions will always be a hack and a testing/developer tool.

Re: PDroid

[Damarkus13]

Google doesn't add permissions to anything. That's done by the developer. And any app that adds permissions will not auto-update until you have reviewed the new permissions and accepted them again.

Re:PDroid

Unlocking and rooting are two completely different things. You CAN root without wiping a thing. I do it all of the time.

Re:PDroid

[thegarbz]

What device do you have? I have owned several Android phones from a few vendors and non needed to be wiped for a simple thing as root. My latest phone (Galaxy S4) actually had a simple exploit to root and sideload the superuser app. It was as difficult as running a file on my computer and clicking go.

Re:PDroid

[IronChef]

I have a Nexus 7. Both the 2012 and 2013 versions will get wiped if unlocked. If I find that I really do need to root, I will, but it's enough of an inconvenience that I haven't done it yet.

At least there's a nice tool for it:
http://www.wugfresh.com/nrt/

Re:PDroid

[thegarbz]

Oh Irony. I've not owned a Nexus device. Most devices I've used, root involves flashing a custom kernel image. In each case this has left the system unchanged, though a factory reset was "recommended".

Re:PDroid

[drinkypoo]

I have a Nexus 7. Both the 2012 and 2013 versions will get wiped if unlocked.

That's a problem if you're not using google services. If you are, however, it's a minor issue. You'll have to redownload stuff, but google will handle storing all of it for you. You can upload anything not already synchronized somewhere else to google drive. Most people will be hard-pressed to run out of space there if they omit anything they can redownload, but there's probably enough cloud storage services with android apps to back up even a 32GB phone for free once the apps are aside. And that's just if you don't own a computer with enough free space to back up anything on your phone.

If you're not using google services, you're probably not doing that much with your unlocked phone :)

Obviously the ideal situation would have been to unlock the phone before you started using it if you thought you might want to unlock it later. The reality, though, is that you'll probably want to wipe your phone anyway because who just unlocks and roots when they can install a whole ROM?

Well, actually, I probably will do that with my lady's N7, because it's best if it's closer to stock. But my N4 is running CM... And the N7 is already unlocked.

"Do No Evil"

[korbulon]

See also: "See No Evil", "Speak No Evil", and "Hear No Evil".

Re:"Do No Evil"

See also: "See No Evil", "Speak No Evil", and "Hear No Evil".

But "Do as much Evil as possible"

Re:"Do No Evil"

Says Dr. Evil.

Sounds like it worked

[Carrot007]

> it could break some of the apps policed by it.

Is that not the entire point?

Re:Sounds like it worked

[barlevg]

Why wouldn't you just uninstall those apps? Unless you're talking, like, Samsung bloatware, in which case, fair point.

Re:Sounds like it worked

Current Android API's do not allow an app to query to see if a requested permission was not granted very easily, so by "break the app" means the app could not work at all (since it can assume it can do something, but can't).

If an app has a permission you don't like, the general idea with the current state of affairs is just uninstall it.

Re:Sounds like it worked

[mlw4428]

Not necessarily. A poorly coded app that needs to use the GPS and crashes if you deny the permission is different than a well coded app that doesn't crash when you try to use the GPS and continues running. Google is most likely saying that they haven't figured out a GOOD way to prevent apps from just exploding when a permission that they expect to have is denied. Personally it doesn't make much sense for an end-user to retroactively deny permissions. You should review them up front and say up front...if my app requires specific GPS coordinates to work and you randomly decide to stop giving me permissions then there's a chance you'll get all pissy because the app stops working as intended. If I tell you my app needs X permissions then I should get X permissions or you shouldn't install my app. There's a reason I asked for them (regardless of legitimate or illegitimate reasons -- install apps from those you trust).

Re:Sounds like it worked

[Kazymyr]

Doesn't work when you're talking built-in, as in manufacturer-made ones that are part of the ROM. Or, in some cases, Google apps. :)

Re:Sounds like it worked

[jonnythan]

You can easily disable those apps.

Re:Sounds like it worked

[StripedCow]

Imagine an app that does:

try
{
    fileSystem.read("/path/to/file");
}
catch(error)
{
    launchMissiles()
}

What if you suddenly take the filesystem permissions away after allowing the app to be installed?!?

Re:Sounds like it worked

[Sockatume]

By "break" they mean the app would respond in an unpredictable way, more often than not in the form of a crash. (As opposed to the preferred behaviour that the disabled features would calmly be disabled.) You don't want a user-friendly settings panel to behave in a user-unfriendly way.

Re:Sounds like it worked

[mrchaotica]

Why wouldn't you just uninstall those apps?

Because the app is useful for feature A, but you don't care to allow it the permissions necessary for [mis]feature B.

Re:Sounds like it worked

[gstoddart]

You can easily disable those apps.

Not all of them.

For some of the Google apps, I've had to uninstall updates to get them rolled back to an older version that I could disable. On many apps, there's simply no option to disable them.

In many cases, the update marks the app as something you can't disable.

I would dearly LOVE something which allows me to set more granular permissions on apps. I just tried "Permission Manager", and it essentially just crashes. In the mean time, I mostly run my Android devices with wifi off, and with no data plan so there's no way for them to reach the network.

Re:Sounds like it worked

[jonnythan]

In the app properties page for pre-installed apps, the "disable" button is replaced when the app is updated with an "uninstall updates" button. After you hit "uninstall updates" you can hit "disable."

The only apps you can't disable are actual system apps. Things like Google Services Framework, Google Account Manager, Google partner Setup, etc, can all be disabled.

Re:Sounds like it worked

[beaverdownunder]

The real story-behind-the-story is developers threatened to test their abilities on launch and quit if the tests failed.

Which they are well within their rights to do. But it wouldve meant many apps wouldnt have worked without connectivity for example, which would have been bad for the ecosystem.

iOS is a different case, with a richer demographic and more paid apps. Free Android app developers need that usage data, not necessarily to sell it, but to be agile.

Sure there's sometimes blatant abuse but that's better solved with refinements in the Google Play agreement (particularly regarding fine location data.)

Re:Sounds like it worked

[MozeeToby]

Yes, you can but then again, no you can't. They're such a convoluted mess of dependencies that you can never tell what disabling one of them might do to the rest of your phone. Others cannot be disabled through the application manager and even worse, some of them you cannot turn off notifications for. Not to mention that many calls are hardcoded to bring up those apps (holding the menu button on the latest Samsung phones is hard coded to bring up "S-Finder" for instance). I love Android, but you can't just wave away valid criticism with a poor work around.

Re:Sounds like it worked

[Nerdfest]

Did you used to work i the software security division of Adobe?

Re:Sounds like it worked

[Chris+Mattern]

Nothing. Of course, I would have also taken away its Launch Missiles permissions as well.

Re:Sounds like it worked

[barlevg]

You missed the context of my question.

> it could break some of the apps policed by it.

Is that not the entire point?

If the entire point is to break the app, then why not just uninstall it and be done with it?

Re:Sounds like it worked

[Artraze]

> Google is most likely saying that they haven't figured out a GOOD way to prevent apps from just exploding when a permission that they expect to have is denied.

That is (or at least was) their excuse with regards to not allowing permission controls. However it was bullshit then and it's even more bullshit now. Not all phones/tablet have GPS and even if they do it can be off. SD cards be be ejected (time was when that was the only bulk storage), tablets don't have phone modules, etc. There are probably a very small number of things guaranteed to be available, your contacts being maybe the only one. I'd hazard that the danger for the model as they had it was that an app might write something to the fake dataset and expect it to be there on the next read. Solvable as this all is, but they aren't trying.

Anyways, it was poorly conceived and poorly implemented and I don't mind it being gone. It ignored app permissions so that it would be active even for apps that requested nothing and made it difficult to identify apps that were actually problematic. More frustrating, it was targeted only at privacy and not security, which I'd think was just as much a concern.

> Personally it doesn't make much sense for an end-user to retroactively deny permissions.

You're assuming a perfect free market where there are infinite apps and you can find one that does exactly what you need and doesn't require any excess permissions. In reality, however, there aren't that many options. Sometimes there's only one: social games, bank, etc and that app requires more permissions than you want to give. Certainly you can go without, but why am I forced to let your app do whatever it wants on my device? Yeah, it's your copyrighted app, but it's not like I'm agreeing to install a GPS in my tablet, turn it on and ensure I have signal. So why can't I simply deny access to the GPS?

Honestly, the ability to revoke permissions would be great for developers too. There is (was?) a unit conversion app out there with two versions. One had currency conversion and needed an internet connection to determine the current rate. The other lacked the currency conversion and the internet permission. If users could revoke permissions or developers could set them as optional it would have made the second version unnecessary. A great deal of apps suffer the same issue. Most permissions are intended to be little niceties: a store wants GPS to find the nearest but could use zip code, an app wants contacts to auto complete but could just fire up the builtin contacts app. So on and so forth. Forcing permissions to be all or nothing forces develops to choose between adding features and appearing like a front for the NSA.

Re:Sounds like it worked

[Andy+Dodd]

FYI, this is EXACTLY why the first iteration of privacy controls in CyanogenMod (that which was present in CM7) was removed - too many apps crashed.

The newer PG implementation in CM10.1 was such that permissions would not be denied, but an empty dataset would be returned.

Now the claim made in TFS - "The disappearance of App Ops is alarming news for Android users. The fact that they cannot turn off app permissions is a Stygian hole in the Android security model, and a billion people's data is being sucked through."

Every single permission granted to an app is listed in that app's summary, and ALSO is explicitly listed in such a way that the user must accept the list when installing.

Don't like a permission? Don't install the app.

Re:Sounds like it worked

[StripedCow]

But what if the sole purpose of the app was to launch missiles (under certain conditions)?

Re:Sounds like it worked

[N1AK]

Wouldn't the logical thing here be for the Google to make the install menu advanced enough to allow devs to give users install options and permissions as required rather than letting users switch stuff off and see what breaks? If I was a dev I'd produce apps that check for all required permissions and explain and shutdown if some are restricted. Why? Because I don't want negative reviews because someone decided to turn off a permission and the app didn't work right.

Re:Sounds like it worked

[Cornwallis]

Where can I get that app? I want it.

Re:Sounds like it worked

[mlw4428]

> Certainly you can go without, but why am I forced to let your app do whatever it wants on my device? Yeah, it's your copyrighted app, but it's not like I'm agreeing to install a GPS in my tablet, turn it on and ensure I have signal. So why can't I simply deny access to the GPS? Because that's like expecting Windows to work on a device that you, post-installation, ripped out the keyboard, graphics card, network card, HDD, 1/2 the RAM, and set the registry to only allow access to only one of the Hives, but you left the mouse. As a programmer, I design my application to do SOMETHING bearing in mind that I should have certain hardware and permissions to the OS. If you feel you can't trust my application then don't install it. It becomes a support nightmare and a functionality nightmare and a programming nightmare to try and code around every single user's specific desires as to what hardware/permissions I should access. It's a bad thing through and through -- the better approach is to have a special review process wherein you submit your source code/materials to Google, they review it, you pay a fee, and if everything is deemed safe, you get a "Google Trust Developer" type certification.

Re:Sounds like it worked

[mrchaotica]

I did not miss the context. I was saying that the entire point is to break part of the app.

Re:Sounds like it worked

[the_B0fh]

Does not apply when it is an ubiquitous app that you have to use in order to interact with your peers, friends and family.

On iPhone, you can block all the permissions you want (contacts, photo albums, microphones, calendar, etc).

On Android, you can either use it, or not use it. If you use it, it will have all the access it wants. No blocking for you, my dear user.

I *STILL* cannot see how come Android users can justify this as "good" and "free" and "open. Please do not bring up ROMs or rooting. I'm talking about a vendor supported under warranty phone.

Re:Sounds like it worked

[mrchaotica]

Here's the fundamental issue: "allowing devs" to decide this sort of thing is user-hostile, because most devs will obviously decide to include every misfeature they think they can possibly get away with.

As a user, I want the app to do what I want it to do and nothing else, and fuck you developer if you don't like it. It's my device and it will stay under my control, not yours, thankyouverymuch.

If you develop software for Android -- or for any other platform, for that matter -- these are the terms you accept. (The only other possibility is to create a fully-DRM'd dystopia, over my dead body.) If you don't like it, go be a plumber instead.

Re:Sounds like it worked

[tepples]

Don't like a permission? Don't install the app.

That doesn't help when there aren't enough competing apps that don't need the permission.

Re:Sounds like it worked

[barlevg]

But then that's not breaking the app. That's doing what was intended. "Breaking the app" to me means losing core functionality.

Re:Sounds like it worked

Well then, it's a poorly coded application, now isn't it?

What about an application that does:

try {
    fileSystem.read("/path/to/file");
    launchMissiles();
} catch(error) {
    launchMissilesAfterCheckingWithUser();
}

? Both are terribly coded, both will probably launch missiles when missiles are not intended to be launched. What makes your example program better than mine?

Re:Sounds like it worked

[LordLimecat]

They're such a convoluted mess of dependencies that you can never tell what disabling one of them might do to the rest of your phone.

So clearly, breaking them is the better option? Im not sure if Im following the logic here.

Re:Sounds like it worked

[LordLimecat]

Apps dont generally work that way. Crashing part of an app generally crashes the whole thing.

Re:Sounds like it worked

[tepples]

I can think of several such apps:

• Missile Command (Google Play or Amazon)
• Missile Defense (Google Play)
• Thwaite (NES ROM with source code, runs in NES emulators for Android)

Re:Sounds like it worked

... I mostly run my Android devices with wifi off, and with no data plan...

Why the ever loving' hell would you buy an Android device then?

No, seriously - I'm not trying to be a smart ass and I'm not trying to troll - I would like to know why you would buy a mobile communication device that you distrust so severely that you disable ALL mobile communications features. What possible rationale would you have for buying such a device?

Re:Sounds like it worked

[mrchaotica]

"Breaking the app" to me means losing core functionality.

Well in that case, your question presupposes its own answer. -- if it means making the app unusable by definition, then obviously there's no reason not to uninstall it instead.

However, what the OP and I meant by "breaking" was more akin to "breaking a horse."

Re:Sounds like it worked

[mlw4428]

I *STILL* cannot see why iPhone users can't take responsibility. You rely on the OS to protect you and Apple has shown that it CAN be fooled, that exploits CAN be written for the iPhone and approved through the store. I'm not stupid and I'm not going to download some ubiquitous app from a vendor I've not heard of or trust. iPhone users who make this argument are like people driving cars who refuse to learn the laws of the road...they shouldn't be driving and you shouldn't be using technology you don't understand. Especially when that technology has the ability to do things like run up huge bills.

Re:Sounds like it worked

[mrchaotica]

Have you ever used the feature being discussed? It not only provides a list of what permissions the apps want (and switches to turn them on and off), it also tells you how long ago the app actually tried to use the permission. For example, on my Nexus 5, Chrome last used my location December 6, read the clipboard 5 days ago, and has never tried to use the camera or record audio. What this means is that these features are optional, and it's perfectly reasonable to disallow them and continue using the app without it even noticing they're missing.

Now, there's an even more important use case: I don't have a whole lot of apps that require permissions for user-hostile reasons (because I avoid installing them in the first place), but there are a few. Fruit Ninja, for instance, wants access to the user's location for no good reason other than evil tracking & advertising purposes. Just now I tested it to see what would happen if I turned off that permission. Guess what? The game still played perfectly fine. There was absolutely no downside for me, the user, in turning the tracking off. Contrary to your assertion, I expect this is what will actually happen in the vast majority of cases (until developers start purposefully sabotaging their apps when the misfeatures fail to work).

Re:Sounds like it worked

Of course it does. We're not talking of necessities like water and air here. One can go on with their life without any particular app.

Re:Sounds like it worked

[tepples]

Or without a smartphone at all. The only mobile device you have to have in order to function in industrialized society is an $80/year pay per minute dumbphone. So why doesn't everybody just get an $80/year pay per minute dumbphone instead of an Android phone that lacks privacy features?

Re:Sounds like it worked

[0123456]

Why the ever loving' hell would you buy an Android device then?

Because you want a cheap phone? To, you know, make phone calls? And Android are the cheapest 'smart' phones?

Can you even get 'dumb' phones any more?

Re:Sounds like it worked

[sylvandb]

But what if the sole purpose of the app was to launch missiles (under certain conditions)?

You, as the author of the app, believe that is the sole purpose of the app.

I, as the owner of the device on which I have installed the app you authored, believe otherwise. If I can get what I want/need from the app by simply restricting it from launching missiles, that is my business, not yours and not google's.

Re:Sounds like it worked

Most likely they don't care enough. My choice is a 50 euro dumbphone. Obviously (and necessarily) it is being tracked all the time, but I don't think it's possible to evade all forms of tracking. My threshold for acceptable levels of surveillance is lower than those who use Facebook for example, but I accept that I leave a trace online. I just try not to make it easy for every agency and company out there to follow the trace.

Re:Sounds like it worked

You should review them up front and say up front...if my app requires specific GPS coordinates to work and you randomly decide to stop giving me permissions then there's a chance you'll get all pissy because the app stops working as intended. If I tell you my app needs X permissions then I should get X permissions or you shouldn't install my app. There's a reason I asked for them (regardless of legitimate or illegitimate reasons -- install apps from those you trust).

If I only install apps from those I trust, then there's no reason for any of these things. Just let them all run as root. I used a post-it note style app for a while. Then an update added a feature I didn't want or need. That feature requires positioning, so I uninstalled that app. Just handing it an empty position would have worked much better for everyone.

Re:Sounds like it worked

[Ja'Achan]

throw new nap();

Re:Sounds like it worked

[kenshin33]

ok, I'm no expert but I had few courses in programing. and I remeber that if you did somthing like this you'd get a very bad grade:
int *p ;
p = malloc (sizeof (int));
*p = 1 ;
free (p);
the reason was : what would happen if malloc fails. The answer : possibly all hell will break loose. The lesson was don't assume, always check!!! in C++/JAVA it's is even easier: there's that thing called try .. catch

Re:Sounds like it worked

[S.O.B.]

Don't like a permission? Don't install the app.

What about installing updates to an app I've already paid for?

I currently have a problem with an app that I paid for that has an update that adds a new permission for a feature that I have no intention of using. So if I want to fix the problem I have to accept the new permission.

If this was a $1 or $2 app I would just find an alternative app that didn't require these permissions but this app cost $15. I have quite a few expensive apps and if they all do this it's going to cost me a lot of money to replace them with no guarantee that the next app won't do the same thing.

I don't see this as an issue for free apps. If you don't want to pay for the apps you use then you have to accept some advertising and loss of privacy. Free app developers still have to pay the bills. My complaint is that if I pay for an app I should have some control over what access they have on my phone. And it is my phone after all.

Re:Sounds like it worked

[mrchaotica]

Because that's like expecting Windows...

Funny you mention Windows, because that is kind of what it's like. If you're developing a Windows application you have to accept the possibility that -- for example -- the user might firewall your program (so making it add-supported won't necessarily work) and that there's not a damn thing you can do about it.

I should have certain hardware and permissions to the OS. If you feel you can't trust my application then don't install it.

You're one of those dumbass programmers who designs Windows applications that require Administrator access to run, aren't you?

It becomes a support nightmare and a functionality nightmare and a programming nightmare to try and code around every single user's specific desires as to what hardware/permissions I should access.

If accepting the inevitable reality that the user is going to decide what happens on his own device is a nightmare for you as a developer, then go find some other line of work. The world will be better off without your malware.

Re:Sounds like it worked

[0123456]

the reason was : what would happen if malloc fails. The answer : possibly all hell will break loose.

No, you get a null pointer and you crash. Which is almost certainly what you want to do, because, if malloc fails, you're unable to do anything that requires allocating memory. Which is just about anything other than crashing.

You could try to do a clean shutdown, but then, say, some cleanup code tries to allocate a string to write persistent data to a database, fails, and writes garbage into the database instead.

In most cases, 'just crash' is the better choice.

Re:Sounds like it worked

[kenshin33]

as I said .. "possibly".

You could try to do a clean shutdown, but then, say, some cleanup code tries to allocate a string to write persistent data to a database, fails, and writes garbage into the database instead.

clean/graceful crash is just that. If an operation you depend on fails, try to recover or exit in a clean fashion.

In most cases, 'just crash' is the better choice.

in production systems it never is (or at least the very last resort).
Also making assumptions may lead to something like this : http://en.wikipedia.org/wiki/Ariane_5#Notable_launches
try doin somthing like this : ....
i = some_calculation function_that_might_return_0();
return res = 1000/i; what would happen if it = 0, and that piece of code is part of some control software for a say a rocket or a plain.

Re:Sounds like it worked

You're funny. If you buy software, you get what I give you. What you want is irrelevant. Now, if I really want to sell software, I'll try to give you what you want, but I sure don't have to. It's you who must accept these terms, not me, the developer. The only terms the developer needs care about are monetary. Can I sell more with or without this feature you hate? Got nothing to do with what you, personally, want.

Re:Sounds like it worked

[mlw4428]

> and that there's not a damn thing you can do about it.

Yes there is, the program requires the access or it doesn't work. You tell the user what your program requires.

You're one of those dumbass programmers who designs Windows applications that require Administrator access to run, aren't you?

If Administrative privileges are required, yes. You don't write software much, do you? You're also rude..maybe this is why no one has taught you the basics.

> If accepting the inevitable reality that the user is going to decide what happens on his own device is a nightmare for you as a developer, then go find some other line of work. The world will be better off without your malware.

This is hardly what I'm saying. What I'm saying is that if your application requires certain rights then the end-user shouldn't pick and a choose what ones they want you to have. Why? Because end-users are stupid. My app might require use of text message to, for example, send text messages because it's a text messaging application. If Stupid End User thinks "ZOMG TEXT MESSAGING " and denies my application those rights then how do you expect my application to install?

You can't, but SEU doesn't understand this and leaves my app with a bad review. It's not malware because I, the developer, know what my application needs to run. Your responsibility as the user is to decide "Gee...do I want to give him all of the rights necessary for his app to run, if not I'll find a different app"...not "MESSAGE TEH DEVELOPER AND DOWNVOTE HIS APP BECAUSE IT NEEDS DATA TO WORK AND I DENIED DATA BECAUSE HUURRRR MALEWARES".

It's not a difficult concept and it's hardly malicious. Android lets you review the permissions an app says it needs before you install it...I'm proposing that if you don't want to grant the privileges that the app says it needs, then don't install the app. It's retarded to try and develop an application where some of the stuff my application needs may not be available.

Re:Sounds like it worked

[citizenr]

Not necessarily. A poorly coded app that needs to use the GPS and crashes if you deny the permission

Who said anything about denying? Just let users define template defaults. Empty contact list, GPS locked at White House coordinates, IMEI: BEAFBEABEAF and so on

Re:Sounds like it worked

[mrchaotica]

You're talking about the situation where an app legitimately requires a permission (e.g. a text messaging app requiring text messaging permission). I'm talking about the situation where an app illegitimately "requires" a permission (e.g. a live wallpaper app requiring text messaging permission). "If you don't want to grant the privileges that the app says it needs, then don't install the app" does not work because Stupid End User thinks "ZOMG PRETTY PICTURES! ...PERMISSIONS? LOL WUT?" and installs the damn thing anyway.

Given that the vast majority of Android apps illegitimately require permissions, this kind of permissions management is absolutely necessary to protect SEU from himself (at least SEU's less-stupid friend can disable the permissions for him, instead of trying to explain why he ought to quit using his favorite spyware-infested live wallpaper). If that harms the developers of the spyware-infested apps, the too fucking bad for them, they deserve it.

The fundamental thing here is that the needs of SEU outweigh the needs of the developer, period.

Re:Sounds like it worked

No, he's obviously from the software *quality* division at Adobe.

Their security division ran out of bananas and typewriters a long time ago.

Re:Sounds like it worked

[the_B0fh]

Funny how *one specific* criticism of Android inevitably brings out Android apologists who go off on a tangent?

I CAN BLOCK AN APP FROM ACCESSING MY CONTACTS ON IOS.

I CANNOT BLOCK AN APP FROM ACCESSING MY CONTACTS ON ANDROID.

Address that issue please.

Re:Sounds like it worked

[mlw4428]

Oh look, Android apps have to ask permission to access contacts -- you can choose not to install the app and LOOK AT THAT, the app is blocked from getting your contacts.

It never ceases to amaze me how utterly helpless iPhone users are, even better is how iPhone users who seem to love bashing Android can't seem to grasp something as simple as "If you don't want an app to access your contacts you shouldn't install the fucking app."

http://developer.android.com/reference/android/Manifest.permission.html#READ_CONTACTS

My question is why are you installing apps from developers you don't trust? Do you really trust your holy god Apple to not make any mistakes and there not be any sort of exploit that a developer can use to bypass the permissions system? If you don't trust the developer don't install the app to begin with. It's a dumbass security practice to install a virus on a computer, even if that machine is locked down...why do you insist on doing it with an iPhone?

Re:Sounds like it worked

[the_B0fh]

You missed the original post then?

Does not apply when it is an ubiquitous app that you have to use in order to interact with your peers, friends and family.

So, ignore them then? Why did you get a smartphone for again? Not to interact with your friends and family?

Re:Sounds like it worked

[mlw4428]

Ubiquitous apps are generally done by developers that are well known or have proven themselves. If, however, I felt the app had serious issues I wouldn't download it. Tell me, are you one of those idiots that downloads any executable from a friend's email and runs it? Because you should use your brain and decide for yourself if an app is safe. But then I bet you're one of those people who bitches about Facebook violating your privacy, but you still use it because your friends do.

Put another, simple, easy way that even a moron can understand: Don't install applications that request more permissions then you wish to give. I should not, as a developer, be expected to cater to 200+ million people's unique permission requirements. Don't install my app if you don't want to give it permissions. Look how simple, easy, and clean that was.

Re:Sounds like it worked

[the_B0fh]

You are unaware of the multiple times Facebook screwed over Android users then? That one time replacing the default email with their facebook email, the other times, sucking up all your contacts and using it to build your "dark" profile, etc?

I love how Android users always try to use the exact arguments you use when they get defensive. No platform is perfect. Not iOS, not Android. When there are valid criticisms, take it, and use it to improve the platform instead of behaving like someone with Stockholm Syndrome.

Re:Sounds like it worked

[mlw4428]

So don't use the fucking app. I don't understand your entitlement complex that you think you should have an app and to hell with the development challenges of making it fit your preconceived notions of what it should or should not do. No one is arguing the perfection of the platform here, I'm arguing that it's a fucking retarded way to try and develop software. I, as the DEVELOPER, will tell YOU the end-user what my app NEEDS...if you don't LIKE that then don't INSTALL the app.

It's so fucking simple and yet people have to get all butthurt because they can't dictate every little thing they want. If you're so butthurt about the permissions use another application...and no I don't give two shits if 100000000 of your bestest pals all have the same app and you JUST WANT TO COMMUNICATE. Quit making my life more challenging because you don't understand how my application works and you want to dictate how I write the app.

Re:Sounds like it worked

[the_B0fh]

Very interesting. I thought Android was all about freedom for the users.

Now, it turns out that Android is all about control by the developer.

Re:Sounds like it worked

[mlw4428]

You're free to not install the software. You literally have never done software development, have you? You certainly don't make a living off of it if you do. Those of us who do understand that the more time/work we have to put into software for "special use" cases is less profit. No one is controlling Android, I'm stating a fact that is is easier to just NOT install an application vs a granular permission system wherein you need to define HOW an application is denied access and whether that can happen any time. Also you need to add into that that those denials and what/how they return the denial need to be handled and there's a certain point where an application may simply be unable to function because you gave it absolutely no permissions.

My question is why is this such a big deal? If you're so untrusting of the developer why are you installing the software to begin with? It's literally the stupidest security mistake a person can make. Or do you want to run my AWESOMEAPP.EXE?

Re:Sounds like it worked

[the_B0fh]

You're free to not install the software. You literally have never done software development, have you? You certainly don't make a living off of it if you do. Those of us who do understand that the more time/work we have to put into software for "special use" cases is less profit.

Strange that iOS developers have no problems doing this. Wonder why this is.

Privacy, riiight

A mobile tracking device OS maintained by a data mining company has privacy?

Crapware equals Google

What other stuff has been an accident that they haven't mentioned yet?

Re:Meh

[Rosco+P.+Coltrane]

I grew fed up with android years ago. What kind of calculator app requires weekly updates? Dumbphones FTW

You don't *have* to update. Once I find a fully working app, I never update it. What would be the point, since it already works?

Just plain wrong.

It always irked me when you install an Android app it often produces a big long list of the things the app can access, some of which you don't want it to, but you can't pick'n'choose the access permissions, it''s all or nothing.

That's just plain wrong.

And for Google to release an app which can allow you to set the access permissions of apps, and then withdraw it is even wronger (yes I know that's not a real word), even if changing some of the access permissions breaks the app there's the issue that many apps don't actually need to access everything on your Android device to run.

Re:Just plain wrong.

[koan]

It is also very odd considering how many more security issues and malware Android has compared to iOS.

Re:Just plain wrong.

[Andy+Dodd]

Google never released an app. They accidentally left code enabled deep in the frameworks for which user-facing control was never exposed except via third-party modifications.

Re:Just plain wrong.

[N1AK]

It always irked me when you install an Android app it often produces a big long list of the things the app can access, some of which you don't want it to, but you can't pick'n'choose the access permissions, it''s all or nothing.

You can choose not to install it. If you don't trust the app dev to correctly disclose what permissions they need then walk away. People will turn permissions off, break the app and then slate the app for not working. Better to build the app to test for permissions on launch, explain to users that haven't given all permissions that it can't run till they re-enable and close.

Re:Just plain wrong.

[LDAPMAN]

Not all permissions are essential to the operation of the app. Thats the point of being able to selectively choose. Many IOS apps just disable certain functions or niceties when you deny a permission. They can also pop up a nice dialog when you try to do something requiring that permission and ask if you want to turn it back on. An all-or-nothing approach is just stupid and leads to users just blindly accepting what the app asks for.

Re:Just plain wrong.

[0123456]

If you don't trust the app dev to correctly disclose what permissions they need then walk away.

They don't 'correctly disclose what permissions they need', they 'disclose what permissions they want'. Most apps I go to download want vastly more permissions than any sane person would ever give them.

Re:Just plain wrong.

[Real1tyCzech]

How many more?

No; really. You're using the ratio as an argument - so what do you consider "many more"? What is that ratio? Where's your source for how many there are for each?

Problem is: Every single article ever written about "malware" for almost every mobile device has been written based on "percentages" given by malware companies. These percentages are never given with actual numbers that would make them meaningful in the least. 99% of...what??

Re:Just plain wrong.

[koan]

STFU
"The internal memo reported that Android attracted 79 per cent of all malware attacks, followed by Nokia’s Symbian software with 19 per cent. Apple’s iOS software attracted just 0.7 per cent of attacks."

http://www.independent.co.uk/life-style/gadgets-and-tech/news/android-devices-attract-79-of-malware-attacks-ios-gets-just-07-8788158.html

Re:Just plain wrong.

[Real1tyCzech]

Way to miss the point entirely. That had to take some real effort.

79% of what, smart-guy? "all malware attacks" is a meaningless number since they do not supply the actual number. They never have...and they never will. It's nothing more than a marketing ploy.

79% of 100?? 79% of 1,000,000,000?

79% of zero is still zero.

Re:Just plain wrong.

[Solandri]

It always irked me when you install an Android app it often produces a big long list of the things the app can access, some of which you don't want it to, but you can't pick'n'choose the access permissions, it''s all or nothing.

That's just plain wrong.

There's nothing at all wrong about that. You are proposing one extreme where the user gets to control everything software can do on his phone. Apple does the other extreme where the developer controls everything and Apple provides oversight.

Google is trying their best to split the difference. A developer creates an app and distributes it on his terms. e.g. He might give it away for free but have it play ads to generate some revenue for him. You have no right to take his copyrighted app and use it in violation of the terms he's released it under. This is the fundamental tenet which makes Open Source work - most of their licenses require you to share any code modifications you make as the price you pay to use the software. It is wrong to take someone else's work and use it in violation of the terms under which they've decided to allow you to use it.

But it is also wrong for the software to purport to do one thing, then secretly do all sorts of things behind the user's back. So Google forces apps to disclose what info and services they will have access to. Google sets up the open, level playing field. The developers provide their apps, Google makes sure the user gets a concise summary of what the app does, and it's up to the user to decide whether or not to use the app.

Speaking both as an Android user and a developer, I think it's about the perfect balance between developers' rights and users' rights. The only flaw I've seen abused is that an app which needs network and account info for one purpose may abuse it for different purposes. e.g. The Amazon app needs network access to contact the Amazon app store, and it needs to verify your account info to enable you to make purchases. But according to my logs their app is trying to ID my phone every time I start any app, like it's trying to track what apps I use and how often.

Re:Just plain wrong.

No app, except mail apps, need my contact list. That's pure bullshit. I'm uninstalling everything from my Nexus 7 that I don't require.

Re:Just plain wrong.

Except the permissions on I OS only apply to third party applications.

They're still harvesting your location for their i Ads platform, and lord knows what other information they're harvesting while the masses are "oh, but I can turn off location services for my applications!"

Re:Just plain wrong.

[BasilBrush]

Shut the fuck up, Google apologist. Your stupid question was answered.

The statement to which your question came was "It is also very odd considering how many more security issues and malware Android has compared to iOS."

You've had your answer. Android has two orders of magnitude more malware, and that comes because there are far more security vulnerabilities.

Marketing ploy? You are a fucking idiot.

Re:Just plain wrong.

[Real1tyCzech]

"Android has two orders of magnitude more" ...than an unknown number that could be virtually *anything*.

More tripe...

Two orders of magnitude greater than 2 is what? (Don't hurt yourself...)

Nice try with the FUD. Swear more next time, though...I almost got the impression you weren't completely driven by irrational hate.

Re:Just plain wrong.

[BasilBrush]

I like that you complained about the swearing. After all you couldn't argue with the fact that you are a Google apologist and an idiot.

Re:Just plain wrong.

Google's model splits the difference in the way that most screws the user: the user doesn't get control over what apps can access and Google provides no oversight.

If you've ever seen any normal person install an app on their phone, you'd know that the permissions screen may as well be a fifty page EULA for all the user knows. The permissions are vaguely worded, extremely coarse, no justification for needing them is given, and the whole thing is accept all or none. Don't pretend like any of this is set up for the user's benefit.

If iOS is a walled garden, then Google's ecosystem is a safari: Google provides the jeeps and the rifles (for a fee) and the developers get to keep what they shoot.

Re:Just plain wrong.

[Real1tyCzech]

Pfft...

Re:Just plain wrong.

Not all permissions are essential to the operation of the app. Thats the point of being able to selectively choose. Many IOS apps just disable certain functions or niceties when you deny a permission. They can also pop up a nice dialog when you try to do something requiring that permission and ask if you want to turn it back on. An all-or-nothing approach is just stupid and leads to users just blindly accepting what the app asks for.

The problem is that the Android API was never designed with this in mind. An Android app running into a problem with a permission that it expects to have is likely to simply crash, because the defined response to lack of a permission is throwing an unchecked exception that the developer is not likely to have set the system up to catch. And why would they? They _know_ the permission is there, because they put it there and the user has no way of removing it. Suddenly changing the game so that permissions can be removed by the user when previously they could not causes all of these existing apps to fail badly.

There are some third-party systems (e.g. LBE Security Master) that work differently: they don't cause the API call to fail with a SecurityException, they just make it behave in a way that prevents it being used (e.g. return an empty string rather than the phone ID, or a default GPS location rather than the real one, or a connection failed exception if trying to use the internet, etc.) instead (via API interception). These are much better than the system Google accidentally released here, because it means that when those permissions aren't essential, it doesn't (usually) cause the app to crash.

Re:Just plain wrong.

Open source licenses generally don't dictate how you use software, they set terms on redistribution. So your comparison to open source licenses is faulty.

Then grab the 4.3 firmware

[koan]

https://developers.google.com/android/nexus/images

IOS?

Then tell me how I can enable/disable apps from accessing cellular data on IOS on a per app basis? Article sounds trollish.

Re: IOS?

Settings -> Cellular Data -> Use Cellular Data for

Re:IOS?

[Desler]

Settings -> Cellular and then toggle off the apps you don't want using it. For apps you don't want using your location data, you simply deny them when the app runs the first time. If after the fact you want to deny them this permission you go to Settings -> Privacy -> Location Service and again toggle off the apps you don't want to have that permission. And guess what? None of the apps will crash due to these things being turned off.

The saddest part of your post is you probably thought you were going to completely baffle people with the question when these toggles have been part of iOS for years now (if not since the beginning).

Re:IOS?

[mdielmann]

I've had Blackberry apps that refuse to operate after their permissions are removed. Note that they don't crash, they just refuse to work (they ask for the permissions, and if you say no, they close). I would be unsurprised to find a similar outcome on the iOS. I'm generally okay with that, I just wish they'd show their permission requirements before I downloaded them - I don't need a flashlight app that wants to see my contact list.

Re:IOS?

[Desler]

I'm sure there are apps that might. I've yet to see any that has though. I even just denied Waze location services and it still created a route and everything for me. It simply just didn't have a GPS lock.

Re:IOS?

have been part of iOS for years now (if not since the beginning)

Except those apps will still use WiFi to do their thing.

a straw

[fche]

I wonder how many more overt measures that can be easily interpreted as pro-surveillance pro-advertising need google take, before the masses turn to alternatives like cyanogenmod etc.

Re:a straw

327.

327 more overt measures.

Re:a straw

[SixGunMojo]

Masses? Never. I also came across a post, cant remember if it was on XDA or CM's g+ page, that App Ops was a big reason that CM wouldn't bake the Pdroid framework into the rom. Between that and CM trying to become Google certified I don't think they will ever be an option for privacy minded people. Which is a shame because I used to love CM. That and a few other issues, that I may concede have to do with them having to much focus elsewhere right now, is why CM isn't on my phone right now and I probably wont look at it again until after kitkat. Still appreciate everything they have done for the community though.

Re:a straw

I'd love to. I've run Cyanogenmod in the past. Given that I'm stuck with Verizon (it's the only damn carrier that works at my house reliably) and that those F***ers locked the bootloader on my S4 I'm kind of screwed. I suspect that it's only a matter of time before the other carriers do the same. So simply put, till such time as the law says that they have to keep devices open such that users can choose what ROM they want to run (fat chance), the carriers will do their damnedest to make sure that Cyanogen is not an option. At least I was able to get root and disable most of the crapware.

Deal breaker for sure

[BringsApples]

I opted out of the whole smart-phone schtick a few months ago. I had an iPhone. I loved the feature that enabled me to disable certain apps from reporting certain things that I couldn't see why anyone in their right mind would want. If I was currently using an Android phone, this would make me toss it.

Re:Deal breaker for sure

why? there are other roms that retain this functionality.. that's the beauty of open source if you don't like something they did, change it and compile it your self..

cyanogenmod is a great alternative, and i think ver 11 can encrypt text and mms messages

Re: Deal breaker for sure

Wouldn't Android be reason enough to toss an Android phone?

Re:Deal breaker for sure

So, you stopped using a smart phone for reasons unrelated to the topic at hand. Good story.

Eagerly awaited

[dargaud]

I've been waiting for this for... forever. But not just [Enable]/[Disable], I also want [Produce random fake data] and [Produce data generated by external app hereby selected]. So that I can write or load an app that feeds intelligent but fake info to the others.

Re:Eagerly awaited

[dido]

If you're rooted, you can install the XPosed Framework and the XPrivacy module for it, which will allow you to lie to an app about the permissions it requests. CyanogenMod 10.1 also has such a feature, although the UI is rather clumsy if you ask me.

Re:Eagerly awaited

[guardian-ct]

Android has had a "set fake location for testing" feature for a long time. Even my mostly locked down Virgin Mobile phone has that allowed.

"Settings -> developer options -> Allow Mock Locations"

If you don't have developer options, you may be able to get them turned on from "Settings -> About Phone" by clicking the Build Number, at least 7 times.

Then install one of several location setting tools from Google Play. Set location wherever you want.

Other permissions are harder to fake, but location results are pretty easy to change.

Re:Eagerly awaited

If you're rooted, you can install the XPosed Framework and the XPrivacy module for it, which will allow you to lie to an app about the permissions it requests. CyanogenMod 10.1 also has such a feature, although the UI is rather clumsy if you ask me.

i second this was coming here to suggest it.

Is there anyone here

[bravecanadian]

Who is surprised?

That data is Google's entire business.

catch (SecurityException e)

[tepples]

Current Android API's do not allow an app to query to see if a requested permission was not granted very easily

Why isn't it just a case of trying something and catching a SecurityException?

Re:catch (SecurityException e)

[Sockatume]

Even if you could do that, app developers have had half a decade in which they never had any reason to do so.

Re:catch (SecurityException e)

[0123456]

Even if you could do that, app developers have had half a decade in which they never had any reason to do so.

And that attitude is why Android is becoming the new Windows.

'But, but, we can't add security and privacy features, because they would break SuperWhizzoWriter 1993!'

Re:catch (SecurityException e)

Exactly. Android promises apps that at a given API level, whatever worked will always work for the most part.

They would have to make it part of the SDK at a new API level, and then as apps update to the new API level, they would then get this ability. Problem is, it would only work on apps that target the new API level, and older apps or apps that target older API levels won't get that feature.

"it could break some of the apps"

[csumpi]

Especially the ones that slurp user data and send it back to the mothership, then whoever the mothership sells it to. I definitely see why they think it was not a good idea.

Who'll be laughing then ....

[Chrisq]

I grew fed up with android years ago. What kind of calculator app requires weekly updates? Dumbphones FTW

You'll be laughing on the other side of your face if we switch our number system to duodecimal or balanced ternary!

Re: Meh

[david_barreda]

Better battery consumption? Optimization? There are lots of reason to update an application.

4.3 has its own problem

[tepples]

4.3 doesn't work with several brands of Bluetooth keyboard that use a Broadcom chipset. It recognizes them as a "non-alphabetic keyboard". But if you have root to install a 4.3 ROM, you probably have root to work around this 4.3 problem.

Re:4.3 has its own problem

Root's got nothing to do with it, exactly like Admin/root escalation is unrelated to reinstalling the OS on your desktop.

Re:4.3 has its own problem

[tepples]

But if you do reinstall, you get to choose a new root password. So let me rephrase: There's a bug in 4.3 that requires root to work around, but if you have privileges to reinstall, you have privileges to reinstall a rooted ROM.

If launched without permission to save games

[tepples]

All that'd mean is that the cut scene of an enemy force launching the missiles, which the game shows if there are no saved games (that is, on first run), would play again. No file system permissions means your game wouldn't be able to save the player's progress anyway.

Don't like it, don't use it.

[beaverdownunder]

Enough said, really...

App Ops X

Works with app ops x - https://play.google.com/store/apps/details?id=com.colortiger.appopsinstaller ...needs root...

Time to root!

The AOSP has the code for this, and many distros integrated that feature, for example CyanogenMOD.

Re:Time to root!

[Crayz9000]

The AOSP has the code for this, and many distros integrated that feature, for example CyanogenMOD.

I can confirm this. CyanogenMod 11 nightlies (Android 4.4.2) contain the AppOps code and the available launcher continues to work.

Am I the only one who sees this?

[The+MAZZTer]

First of all, there was NO UI to activate this feature. The only access was through third-party apps that allow you to launch arbitrary activities (for those not familiar with Android, think application windows) in other apps.

So it was obviously unsupported by Google. The first thing I think of are Chrome's Labs at chrome://flags which carries this warning:

WARNING These experimental features may change, break, or disappear at any time. We make absolutely no guarantees about what may happen if you turn one of these experiments on, and your browser may even spontaneously combust. Jokes aside, your browser may delete all your data, or your security and privacy could be compromised in unexpected ways. Any experiments you enable will be enabled for all users of this browser. Please proceed with caution. Interested in cool new Chrome features? Try our beta channel at chrome.com/beta.

And THOSE are UI-exposed, unlike App Ops. The same warnings would apply to App Ops, if not worse.

Android permissions were built on the assumption that they were all-or-nothing: either the user would install the app and grant all permissions, or the user would deny the permissions and not install the app. It isn't like webpage permissions where the user may decline to allow a page to display desktop notifications or go fullscreen and the page can react to that.

Because apps expect permissions to always succeed, the common approach to making permission-limiting frameworks is to make the app think it still has permission by serving it dummy data, like an empty contacts list, or a blank image purportedly from the camera, so the app still operates.

Google is saying some apps were not compatible, which tells me App Ops still needs work, which explains why they have not formerly released it.

Some people have been using App Ops and now find the UI crashes when you load it, but the underlying feature is still applying the settings. Considering it was an unsupported and experimental feature this is not surprising, and it is not surprising Google removed access. Back when Google Chrome was brand new, occasionally Google would ship Dev builds that would crash on launch for a not insignificant portion of the user base. Such is the risk of alpha software (or in this case, an alpha feature).

Look at it from a dev's perspective.

[BurfCurse]

It would be great for an App maker to be able to selectively ask for permissions from a user. But letting the user pick and choose what permissions they want ANY app to have creates a giant headache for app makers. Think about all of the permutations you have to test for if a user selectively grants permissions. Think about the intelligence of half the people who use smart phones. A user disables a critical permission, app fails to function, and user rates the app 1 star. And don't tell me its the dumb user's fault, cause you know the app maker is going to have to deal with it regardless.

Re:Look at it from a dev's perspective.

I would just check all possible permissions, and if one wasn't granted, pop up a message telling the user he needs to grant all permissions for the app to run.

Re:Look at it from a dev's perspective.

[LDAPMAN]

It would be a pain if you had to do all that yourself. Fortunately, for IOS there is a really nice framework that does most of the work for you. It's very easy to make your app react properly when permissions are denied.

Re:Look at it from a dev's perspective.

[0123456]

Here's an idea: maybe the app maker should only ask for the permissions they actually need to make the app run, and not ask for every damn permission in the operating system?

No, that picture slideshow app does not need my GPS location or to be able to send text messages, and sure as hell shouldn't crash if I deny them.

Every time I turn my Android tablet on, I get a bunch of alerts saying some app that should be local to the tablet is demanding new permissions that I never gave it before, to do things I wouldn't even think of letting it do. Screw 'em.

Re:Look at it from a dev's perspective.

[BurfCurse]

That's exactly what I proposed. But can you selectively reject any permission on an IOS app? I honestly don't know. Its a pain in the ass for an internet browser app to have to handle the case where the user has rejected internet access to the app. That's something that should be opted into before installing the app. If the user doesn't trust the app, they can install something else.

Re:Look at it from a dev's perspective.

[LDAPMAN]

You can selectively reject any permission. In your example, the app would pop up a notification saying that it needed internet access to function. The user could then click "Allow" and the app would continue.

I'll give you another example, an app that can optionally store something in DropBox. Why should require that the permission to do so be granted at install time if it's an option the user might never use?

That's Funny

[Greyfox]

It seems to be working great, even with some of Google's own apps. Comes out the same way whether I don't install an app because I don't think a fucking flashlight app should get network and GPS permissions or because that app breaks when it attempts to request them and it doesn't get them. I'm just less likely to install the app if I think the developer was just being lazy and requesting all permissions. Arguably I shouldn't be installing apps from bad developers anyway. Also arguably Google shouldn't be allowing them on their store in the first place (Including some of their own apps which apparently don't actually need all those permissions either.)

Makes sense

[gnomff]

Why would you bake in the ability to disable things like network access when ad serving is the main source of revenue for app developers? Sounds like shooting the meal ticket to me. Ads are how you pay for content. If you don't like it you can build your own app and release it for free. The rest of us have to eat.

Re:Makes sense

[BasilBrush]

Try to veer away from the crapware model. Make a good app and put a price tag on it. Or make it a free app, with an in-app purchase for some desirable feature(s).

No updates

[Frankie70]

I don't update the OS or apps on both my phone and tablet.

duh.... they are working with the nsa

N S A

google spys

[FudRucker]

i dont trust google or their products, same with any other spyphones by Samsung or iphone, i do have a cheap tracfone but i dont trust it either, it stays at home a lot more often now that i know what i know, dont trust the internet or cellphones, DONT TRUST ANYTHING ANYMORE EVER AGAIN!

Re: Meh

[Wookact]

There are reasons not to update as well: additional ads, removal of liked features. When I find an app and version I like I make a copy of the apk. Then if there is an update that I don't like I can always go back to the old version. I've had to do this with the local newspapers application as it has become bloated with ads, and crazy permissions.

XPrivacy

[rimugu]

You mean not everyone is using XPrivacy already?! Ok, live and learn. Like when I actually first saw an ad in an android phone, mine never shows one.

Great in Theory

[ironicsky]

The app is great in theory, but horrible in implementation. I checked out the App Ops functionality and if you don't know what you are doing you can cripple your phone. The problem is it allows you to change the functionality of system apps and core services by denying them access to the device *oops*.

I definitely think this is a needed feature, but it needs to be implemented at installation of apps from the play store. When an app says "We'll need the following permissions" the user should be able to toggle off each one they dont want the app having access to, then use the traditional permissions manager to modify it in the future.. From the App Ops, I learned that Angry Birds accesses your location when you run it. For what user-supporting function? None... There is no reason why it needs access to my location. My Grocery Store locator? That needs access to my location, but not my contacts.

Re:Great in Theory

[SuperKendall]

My Grocery Store locator? That needs access to my location, but not my contacts.

But you might want to be able to share deals at stores with other people you know. Or be told how many people you know are using each of the possible stores.

Even the Angry Birds thing may make sense, if they want to alert you to special deals on Angry Birds merchandise you happen to be near.

There are lots of possible reason why any given permission might be needed, which is why it's way better to ask at the time the application actually wants to use the protected resource. Then you the user can judge if it makes sense at that time.

Re:Great in Theory

[Bucc5062]

I'd take it one step more. In settings, list all available permissions and allow the user to set a "default" settings or other settings so that they do not need to always go through all permissions. This way when the app is being installed they can apply the template of their choice then adjust for any custom issues.

Honestly, I am surprised that this is even an issue. I've only started into the smartphone world recently, but find it disconcerting that I have to allow so much access to what should be my system. A free app that wants to dish up ads I can accept though why they need contacts location etc etc etc no I don't. But an app I paid for scrapping my personal data without any way for me to say no...bad. I've not downloaded/paid for a number of apps for just that reason. In the end, it is still a phone, like my old dialer and I'm okay not having the world at my fingertips 24/7 if it means the world does not know so much about me.

Re:Great in Theory

[thegarbz]

From the App Ops, I learned that Angry Birds accesses your location when you run it. For what user-supporting function? None...

Some things are for supporting developers not users. Most of the in-app advertising systems require at the least course location to work. This is a limitation imposed by the ad service. I'm not at the least surprised about apps asking for location. It seems to be more par for the course in the Android world where a large portion of the apps are ad supported.

Now the large portion of Disney games also requesting access to the contact list is quite a different matter.

Re:Great in Theory

By that logic, you can also accidentally format/change a drive partition too.

Even if the app doesn't specify which apps are system... just blindly going in and clicking is a recipe for disaster on ANYTHING. If the app specifies which are system (which both the permission modifiers I've used do) then it is less of an issue, but still an issue.

Xposed Framework

[mizkitty]

There's already an Xposed Framework Module that brings back App Ops on Android 4.4.2. The xPrivacy module is also an alternative.

Wrong direction

[coldmist]

There are a ton of apps I won't install, because they want to be able to make calls, see my call history, my contacts, get precise location, etc. Right now, it's an all-or-nothing approach. Either accept all of that, or don't install. More often than not, I don't install.

Listen up Google:

When you install or update an app, and it shows the permissions for the app, every single one, right there in the install/update popup for the app, should have the on/off slider, and let the user determine what permissions to give the app.

If this inconveniences the developer, too bad. Because as it is, I don't install those apps in the first place.

I have been quite disappointed that this isn't available. If CM has something like this, then I might just go to CM for all my devices.

Breaking Apps

On a related note, I love how a BlackBerry flashlight app would require Internet connection in order to work. If I reject the permission to go online, it will not work at all. I love it. Tried three apps and all three fail to work properly when denied Internet access. /rant

For all my Android devices, I use LBE to assign permissions. Yes, it does require root, but that is easy to do on my devices.

The only app that "breaks" because I denied it access to certain information is the Minion Rush game. It would keep giving me coins for no reason when I am connected to the Internet and have the app running (normally you need to pay for them with real currency). I ended up getting 1000+ of coins before they fixed the issue.

Freedom

But I thought Android was better.. because.. because freedom...

Re:Freedom

[x0ra]

AFAIK, there is no iOS equivalent of CryogenicMod ;-)

developer ego

[spaceman375]

By far the most annoying permission is abused by developers on every OS I've tried: Launch at boot. Of Course, YOUR app is so very important that it HAS to use time and resources just so it can be ready at all times. Get over yourselves: I'll launch it when I want it. I'd be WAY happy to just be able to deny that one permission on Android.

Google screwed up payment

[tepples]

Why would you bake in the ability to disable things like network access when ad serving is the main source of revenue for app developers?

Because Google screwed up early on. When Android launched, Google Checkout (now Google Wallet) was available in too few countries. Paid apps would not appear in the Android Market (now Google Play Store) application, and in the web, they would appear as "Not available in your country". So in order to get any sort of international user base for an application, the developer had to distribute it without charge. This led to a culture where users expect free apps. Apple, on the other hand, never launched the iPhone or iPad in a country until it had payment working in that country.

Re: Meh

[Black+LED]

That is why I always check the change logs before manually updating any app.

Notifications

[tepples]

Without launching at boot, how would an application designed to connect to an Internet service notify you of things relevant to your account on that service? For example, if an app store doesn't launch at boot, then you won't get notified about security updates to your existing apps until you happen to look for new apps, which might not be for weeks.

Re:Notifications

[0123456]

For example, if an app store doesn't launch at boot, then you won't get notified about security updates to your existing apps until you happen to look for new apps, which might not be for weeks.

Oh, the horror.

I'd much rather it hogs the CPU and wireless LAN for ten minutes at startup when I only wanted to use the tablet brielfy to check something on the web.

Android is even worse than Windows for horrifically slow startup times due to installed crapware that believes updating itself is more important than whatever I want to do.

Re:Notifications

[MobyDisk]

1) He didn't say all apps. Clearly, some apps do need to launch and boot.
2) In the example you listed, the launch could be "daily" instead of "at boot" although I don't know if Android supports that.

The issue is most prominent on Windows, where things like PDF readers, Microsoft Office, and Java pre-load at startup to make their startup times seem shorter.

Re:Notifications

[Karlt1]

Without launching at boot, how would an application designed to connect to an Internet service notify you of things relevant to your account on that service? For example, if an app store doesn't launch at boot, then you won't get notified about security updates to your existing apps until you happen to look for new apps, which might not be for weeks.

https://developer.apple.com/library/ios/documentation/NetworkingInternet/Conceptual/RemoteNotificationsPG/Chapters/ApplePushService.html

tl;dr;

If you have 20 apps that allowed to send notifications, all 20 apps don't need to be in memory. All the apps send the notification to Apple and Apple sends all the notifications to your device. When you click on the notification, it opens the app.

Re:Notifications

[tepples]

That's similar to how Android is supposed to work. Google Cloud Messaging "allows 3rd-party application servers to send messages to their Android applications. An Android application on an Android device doesn't need to be running to receive messages. The system will wake up the Android application via Intent broadcast when the message arrives, as long as the application is set up with the proper broadcast receiver and permissions." But I see a few practical problems:

• The device has to ship with Google Play Store. This rules out OUYA, Kindle Fire, and almost any 2.x device that isn't cellular (such as Archos 8th generation and several Chinese brands).
• I will grant that I don't yet know about Android to know whether the the procedure for "set[ting] up with the proper broadcast receiver and permissions" survives a device reboot. Ideally, as I see it, an Android app that supports GCM should run only enough to set up the GCM receiver at startup.
• A lot of applications are set up to poll servers operated by third parties that lack direct support for GCM. For example, an e-mail client might be communicating with an IMAP server that lacks GCM support. Or if the developer of such an application is expected to rent a server that polls the e-mail server on the user's behalf, how should the developer recover the cost of operating that server? And how comfortable will the user be with giving the user's e-mail password to the developer's server so that it can check the user's e-mail on the user's behalf?

Sounds familiar....

[fahrbot-bot]

The fact that they cannot turn off app permissions is a Stygian hole in the Android security model, and a billion people's data is being sucked through.

I think Obi-Wan felt something like this when Alderaan was destroyed.

The summary is utter crap.

[Real1tyCzech]

It wasn't a feature. It wasn't "released". It didn't debut in 4.3.

It was in the code for testing only, and never meant to be used outside of Google.

There is almost nothing about this summary that is correct.

But hey; good fodder for the haters to start crying "Foul!" about an OS they don't use....

Re:The summary is utter crap.

[bankman]

You may be right, but that doesn't diminish the fact that this should have been a feature from the very beginning and that its removal is not a step in the right direction from the user perspective.

Oh, and yes, I don't use this OS (or any other smartphone for that matter) for precisely this reason, I can't properly contain and manage the installed software on a very privacy sensitive device.

Re:The summary is utter crap.

[Real1tyCzech]

"but that doesn't diminish the fact"

I believe you mean: Opinion. (facts and opinions are not the same thing, you see, and your "fact" is 100% subjective)

Oh, and no, I really don't care what you use or don't use...or why.

Re:The summary is utter crap.

This.

Why the hell does almost every app need access to my microphone, camera, GPS data, etc? Why the fuck does anything need access to my contact list except for Phone and Messaging? If I'm not using something explicitly for the camera (taking pictures, video, or using the "keep screen on if looking at it" option), absolutely no apps have any business having access to it. And so forth.

Re:The summary is utter crap.

[AmiMoJo]

Hindsight is a wonderful thing. IOS didn't have it at first either, and Google is developing it for future versions. It just isn't ready yet.

It's interesting you say you don't use a mobile os because of lack of control, but I don't think any desktop os gives you even what Android/iOS does already. Every app in a sandbox, detailed permissions, resource limits that include things like energy consumption...

Re:The summary is utter crap.

[lissnup]

This, absolutely

Oh, and yes, I don't use this OS (or any other smartphone for that matter) for precisely this reason, I can't properly contain and manage the installed software on a very privacy sensitive device.

I do have two other reasons for not using a smartphone: the ridiculous cost, and the way 'mobile everything' seems to dominate new app development despite smartphone users being a minority in terms of global penetration.

App Ops defeats the purpose

Seriously people. You do know how Google makes money, right? Their entire business model is to gather data about you and your contacts, associations, behaviors, habits, and other things, and sell it.

I would bet dollars to donuts that the "App Ops" feature only exists for privileged google employees and executives, politicians, and other well-connected elites.

hint: IBM -> Apple -> Google

[Thud457]

surely, in keeping with time honored tradition, it should be :

Think -> Think Different -> Think Evil

Let's see how badly slashcode mangles my post between preview and submit

WTF ?

what is with being auto-switched over to slushdat beta ?
it sucks, the comment text is almost unreadable, and has that weak, globby, maybe-you-see-it-maybe-you-don't look...

Just Go Cyanogen.

You miss this feature?
You miss Android Openness?

Just Go Cyanogen.
It is what I expected from an Open Source Mobile OS.

i bought a nexus 7 for black friday

worst buyers remorse ever, should have got an ipad mini. android is fucking awful, i won't count the ways but there are at least a dozen ways this crap sucks compared to ipad. i thought maybe last night's 4.4.2 update would fix some of the shittiness but it turns out it actually made it shittier! god damn how much can android suck? A LOT!

Still better than iOS

[tom229]

It's still better than iOS because you still have more choice. For instance, if you wish, you can run aosp without Google apps and only install other FOSS apps. It's what I do... mostly.

Re:Still better than iOS

why is choice "good"? this is one of the most pathetic assumption of the open source community. Choice is good because ... because ... it is! Maybe choosing between a bunch of redundant crap is actually a fucking waste of time.

Yup.

The NSA is totally not behind this.

Examples of other apps that need to start early

[tepples]

Clearly, some apps do need to launch and boot. In the example you listed, the launch could be "daily" instead of "at boot"

Even "daily" might not be enough for a messaging app that needs to check whether you received new e-mail or whatever since you last booted your device, or an online trading app that needs to check whether you've been outbid on your auctions since you last booted your device.

Re:Examples of other apps that need to start early

[0123456]

Even "daily" might not be enough for a messaging app that needs to check whether you received new e-mail or whatever since you last booted your device, or an online trading app that needs to check whether you've been outbid on your auctions since you last booted your device.

If I just booted my device, odds are I want to use it to... you know... do something... and not have to wait for all this crapware to phone home before it becomes usable.

Boot time is the absolute worst time for just about any non-OS app to start up, and the reason we use the Linux netbook a lot more than the Android tablet when we want to look something up on the web.

Re:Examples of other apps that need to start early

[tepples]

If I just booted my device, odds are I want to use it to... you know... do something

That depends on whether "do something" includes "see if anything important has happened that I need to attend to". E-mail and auctions are among these. Perhaps one workaround that Google could implement would involve not starting apps at boot and instead placing an ongoing notification that other notifications have been delayed for x minutes because apps are waiting to start. Then the user could tap that notification, which would launch all the apps that want to run at boot.

and the reason we use the Linux netbook a lot

I too have a Linux netbook, but I wonder what I'll replace it with now that netbooks are more or less discontinued.

Re:Examples of other apps that need to start early

[0123456]

That depends on whether "do something" includes "see if anything important has happened that I need to attend to".

If it does, I'll start up the apps I need to find out.

Not... possible?

[SuperKendall]

Who's to say the app doesn't actually leave the location reporting turned on regardless of that setting?

Well it's not possible to override your setting unless you root your phone.

Of course the only way to granularly adjust permissions now is to root the phone... hmm.

Re:Not... possible?

[mrchaotica]

You misunderstand me. The setting in question was one within the app itself (referring to "there is a switch in their app to turn this off"), not the system setting. It's inherently and trivially possible for the app to show a switch that doesn't actually do anything.

Re:Not... possible?

[SuperKendall]

I see, yes that is a good point. The system setting has a lot more weight to it.

Horribly Elitist Attitude

[SuperKendall]

Don't like a permission? Don't install the app.

Fuck You.

Sorry if that sounds rude. But I am just echoing what YOU are saying to 99% of Android users. How many non-technical people do you know that still cannot comprehend the difference between storage and memory in a device? And yet those people are supposed to look through a long laundry list of incomprehensible technical terms and make a judgment if it's worth downloading any given application?

This is exactly the attitude that led to the dark days of insecure PC's and virus/malware that we are still trying to recover from.

Spyware now the norm

No third party app should require my contact information nor have permissions to send and receive data unrelated to the app. This makes just about every Android app spyware.

Re: Meh

Yup. But if you are developing a calculator app, why not optimize it and _then_ release it.

You know, like real programmers.

Temporary, but Costly W'around as we wait 4 Google

[ivi]

[ Could this privacy / security downgrade be NSA inspired? Could Apple's products be next to follow? ]

1. Turn OFF all Android 4.4.2 devices - [ Could be inconvenient, particularly for phones & phablets. ]
2. Don't allow any other devices to [Auto-]Update to 4.4.2
3. Find -older- devices to replace those Turned OFF (in Step 1) - [ Could be costly, if you don't have old devices on-hand. ]
4. Remove installed [Google-] apps' updates.
5. Wait for Goggle to notice [hopefully, FAR] FEWER 4.4.2 systems online (assuming they can't switch them back On...)
        and to decide to -lift- their game, before we have to -seriously- consider migrating to Apple...

(Any additional suggestions would be most welcome.)

We had some unopened [backup] devices on-hand, purchased at discount, after release of newer models.

PS We now appreciate Samsung's "slowness" to release system updates... maybe they quietly test each one & wait for tests to indicate no reduction of privacy / security features, before passing them on to us...? I -hope- so, we do -not- know for sure.

Wave to the Google Employees

It's easy to tell which comments in this thread have been made by Google people :)

Re:Ups & Downs - I now like Samsung's "slownes

[ivi]

So, since reading this news item about 4.4.2, we've had to Power Off & shelve a fleet of Nexus 7's that have just self-updated to 4.4.2.

But we were -lucky- to have [remnants of] an older fleet - made by Samsung - on-hand, that we'd -almost- forgotten about, ie, after noticing Samsung's "slowness" to release Android upgrades. We -had- a dangerous habit of "only the latest will do" but have quickly come to appreciate Samsung...

Now, we wonder if our Korean friends there weren't just doing -tests- for privacy / security downgrades, in Android... and holding back the "latest" versions, until they notice -restoration- of our privacy / security levels. Perhaps a fiction... but... it was really nice to find some Samsung Android 4.1.2 devices near at hand, this morning. :-)

Re: Ups and Downs - so, use Firefox & / or Ope

[ivi]

You want Open Source? Cool... Firefox is your friend.

Fast? Try Opera.

Both are our friends, at the moment.

Blackberry

BB10 has this feature since the release. Unfortunately, some apps just refuse to work if you do not give them access to your pictures or whatever - something they do not need. This kind of apps are removed right away from my device.

google, please fix this

I am (was) one of the biggest google advocates of all time.

However, my Samsung S3 S Planner apparently has given itself a huge number of permissions, including apparently reading my gmail, and I have no way of un-installing it. (Other than dropping my $700 investment in the garbage).

Anybody know how to set up a class action lawsuit? This is screwing the customer over big time.

Maybe time to check out the firefox phone -- what else can I switch to?

Re:google, please fix this

[ThePhilips]

S Planner apparently has given itself a huge number of permissions, including apparently reading my gmail, and I have no way of un-installing it.

The poorly names "S Planner" was found by my colleagues to be the only Android app which is fully compatible with Outlook Calender. So yeah, it needs to read your e-mail, because Outlook meeting requests/etc are sent via e-mail. (In comparison were also Sony and HTC phones. Google's own Calender is so feature-poor that it is even not preinstalled by default.)

No, I don't like it either (nor use that). But many users are very very happy about it.

(Other than dropping my $700 investment in the garbage).

There are plenty of tutorials on how to root your phone and remove the preinstalled bloatware. With some versions/phones, it is/was even possible without rooting.

Otherwise, I'm using S Planner occasionally as a calender app and it is pretty OK. Also, when investigating some problems with my S3mini I have monitored the whole of the my phone's (wi-fi) traffic with the WireShark for 2 days (~40 hours). There were only few short packets going Samsung way, while there was continuous stream of something Google was loading to/from my phone. (That was causing my phone's battery to go flat within 12 hours. And the reason why I stopped auto-updating Google apps completely. Phone runs soo much better now. Almost 3 days on single charge when idle.)

LBE - Android Permissions Manager

[meehawl]

Android has had a good permission manager for years: LBE.

You can do blanket bans, whitelists, etc or drill down into granular permissions for each app. It can also block abusive texts, etc. You do need root.

Re: Meh

[Maow]

Better battery consumption? Optimization? There are lots of reason to update an application.

I'd add to that bug fixes for obscure hardware as new bug reports are filed.

But I also agree with a poster above and below - once I have a working app, I skip the upgrades generally.

Disable network access for offline apps == no ads

[ThePhilips]

Many offline apps (most notable example is the games) require network connection to load the ads. If you remove the permission to access the network, they wouldn't be able to load and display the ads. Instant (and data traffic saving) win!

Google simply can't allow that.

Most effective way to change Google's actions ...

[RockDoctor]

Embarrassingly, it is also one that Apple managed to fix in iOS years ago.'"

Stressing that Apple can do it better is probably the most effective route to shaming Google into re-enabling this feature - or to getting the code fixed so that it actually works properly.

Check for updates

[phorm]

Uhhhh, well let's see:

a) Android will notify you if there are updates to apps via the apps store processes *ALREADY* running in the background. There's no need for apps to do this individually
b) This can also easily be done when the app is started by the user, just check for updates on startup, don't start up on boot.

Re:Check for updates

[tepples]

Android will notify you if there are updates to apps via the apps store processes *ALREADY* running in the background.

Not if the user has chosen to disable starting at boot for Google Play Store, in the hypothetical Android variant under discussion that lets the user control starting at boot.