Slashdot Mirror
New Permission System Could Make Android Much Less Secure
capedgirardeau writes: An update to the Google Play store now groups app permissions into collections of related permissions, making them much less fine grained and potentially misleading for users. For example, the SMS permissions group would allow an app access to both reading and sending SMS messages. The problem is that once an app has access to the group of permissions, it can make use of any of the allowed actions at any time without ever informing the user. As Google explains: "It's a good idea to review permissions groups before downloading an app. Once you've allowed an app to access a permissions group, the app may use any of the individual permissions that are part of that group. You won't need to manually approve individual permissions updates that belong to a permissions group you've already accepted."
I don't think it has to be explained why this is a potential problem. So then, it should be explained why this is such a great idea that the problems it creates are insignificant.
Makes me glad I run a Windows 8.1 phone.
Hey, Google. If you're going to jack with play store permissions, at least give us back AppOps.
Or, I'll just...you know....run it myself.
So this is a bit off-topic, but probably the right time to ask...
I've been increasingly concerned with my lack of control over my Android (Verizon) phone. This current issue lies in the same area as my earlier worries.
Is this the kind of problem that cyanogenmod addresses? I didn't have the time, or ability to live with a broken phone, to try it out earlier. But I'm about to stop traveling so much, so I'm wondering if it's time to give cyanogenmod a try.
cripple apps by denying parts of their permission request. right now its all or nothing
Wish Google would go to the same "ask first" permissions model as everyone else. This is one possible reason why Android keeps getting a rep for malware.
The Xposed framework helps, but as of Android 4.4.3, it can't be used due to recent SELinux code changes.
If users aren't paying attention (I do, my flashligh widged and scientific calculator do not need SMS or contact access thank you), then no amount of tweaking by adding or removing complexity will help.
As much as I hate walled gardens, I guess the hope is that the play store is well curated enough to remove most significant threats.
Silence is a state of mime.
One feature I really want on my cell is the ability to tell the app that I've given it all the permissions it is asking for, but behind the scenes remove that ability from the app. This is especially for apps like games that ask for all permissions, but only really need a few. I should be able to accept the game onto my system and then after adjusting the app's permissions, it would receive garbage contact details, garbage friend details, garbage location data, garbage file listings, messages go to /dev/null, etc.
I'm sure if I root my device I could do something like that, but I just wish something like that was built in. {I kinda feel safer in my walled garden, easier to recover from garbage apps.}
Just finished updating a few apps on my phone.
Adobe Air has a new permission group it requests. However, on the 'here's the permissions Air is requesting' pop-up after you hit the update button, they no longer mark the new permissions with "NEW". So now you have to cancel out of the update and go check each and every app you're going to update to see what the new permissions it's requesting.
Totally stupid move by Google to not even mark the new permissions with 'NEW'
I routinely deny apps their updates because I don't like their modified list of permissions. This sounds like it'll make it harder for me to use my phone the way that I want to (which is the reason that I decided against an iOS phone in the first place). Google, you're whittling down my reasons to stay with your devices (or at least with the stock OS).
It is pitch black. You are likely to be eaten by a grue.
Install XposedFramework: ...then the Xprivacy module.
http://repo.xposed.info/module...
This isn't a great option for many, however, as you need root access. It does give you extremely fine-grained control over permissions, and includes options like randomizing (on each boot) the garbage data returned to apps to keep them happy.
Xposed is great; the GravityBox module, for example, has a ton of interesting and useful functions, like setting your cellular radio to 2G when connected to wifi, a mode to have an increasing ring, a network speed indicator, etc.
While I'm plugging Android software I use: the F-Droid open source repository is full of nice stuff (like AdAway.)
https://f-droid.org/
Please help metamoderate.
I want to have a settings page where I can go in whenever I want and selectively disable permissions.
This just sounds like more dumbed down version.
And, cynically, I believe that Google is doing this to ensure they can still collect data on you, and the people using their advertising services can continue to do to.
This is why when I download a new app, the first thing I do is try it in airplane mode. If it's not an application which should require access to the interwebs, but tries to access it, it gets deleted.
I must say, I'm disappointed in this. Because I want more control over app permissions, not less.
Lost at C:>. Found at C.
The fact is, if an application is desired... and isn't abusing the privileges currently...
Then 99.9% of users simply click thru a list of 17 permissions the same as they do for a list with 5 permissions.
She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
fixed that for ya
A whitelist permission system makes sense in theory but has the following problems
- too many permissions confuse the user and have the OPPOSITE effect (they just ignore the permission request). Heck I'm a techie and I admit I don't read the entire SCROLLING list of permissions everytime I install an app!
- not granular enough - the risk of not being granular enough or being too granular.
- unclear what you are granting and borders often aren't solid.
add to this google has not come up with OPTIONAL permissions, where the user can choose to only grant some of them and the program must adjust/check for this.
add to this there's no nontedious way to CHANGE the permissions (AFAIK, happy to be wrong - and no uninstall and then reinstall IS tedious) post install.
It's a mess. I suspect they were hoping to address the confusion/ignoring part, but I agree it seems a bad approach
It might even turn the platform into a toxic hell stew.
Something like 90% of all apps require access to the IMEI of the phone which requires read_phone_state and that pretty much abandons all pretense of security compartmentalization since it can also see who you're calling, when you're talking, etc.. Most applications should only care and use it for a unique ID token. IF they want to fix permissions models:
1. Separate the 'phone unique number' from the phone's call state functions. Must have, end of line. This is just plain retarded form day 1
2. Write in permissions which are optional vs. required. Optional permissions are requested on demand like IOS and can be rejected or permantently accepted. Required permissions must be explicitly allowed when the application is installed
3. Re-introduce AppOps functionality or at the minimum an audit trail of when-last and how often the application attempts a specific permission operation/category
4. Consider second tier permissions model where if you want to include common and generally well understood permissions like read_gps there's no hoops to jump through, but if one wants to read and access the variety of accounts I have on my phone, I want to make damn sure that the company asking for this information has at least passed the stink test.
5. Lastly, I want third parties to be able to flag applications (based on APK signature or through store functionality) as a problem so that even if Google doesn't have the time or resources to police all applications in the sun, I should be allowed to trust a thrird party who can flag programs problems based on any reason they find.
This allows for uses like:
- Flag applications for parental categories
- Flag apps as 'ad-enabled'
- Flag apps that are outright malicious in terms of stealing data/information
- Flag apps that violate certain country laws
- Flag apps that are banned based on administrative oversight (for work phones)
Having this barrier mandatory or optional is up for debate as well as the ability to unistall is using a 'master' control password, etc..
Bye!
For Google. Android is for the masses. The masses are stupid. Therefore the software for the masses must be written for the stupid. The less functions the better. You don't like it? How often in IT related discussions come lines like this: "MeeMeeMeeMee... I just want to use and not study computer science. You are arrogant. Stupid nerds". In the right forum, 80% applaud this crap. So, this is the result. I am certainly not Google, but I write my software the same way.
Well, finally time for Cyanogenmod for my fricking mobile.
I had several apps that I refused to upgrade due to several "new" permissions they were asking for in versions newer than I had installed. Now when I look at their permission lists, I can't identify what permissions are "new", or even whether the app is asking for more than the current version has.
This is completely unacceptable, and until this changes, I won't be updating ANY apps. I need to at least be able to identify new permissions, if not specifically allow or disallow specific permissions for each app.
Google wants companies to actually write apps for the Google Play store. If they give end-users too much power over the permissions, they drive companies out of the Google Play store and over to the Apple store.
On the other hand, Google also wants end-users to actually buy these products. By grouping permissions up, they seem innocuous, so users feel less threatened (even though they should feel more threatened) and will buy the stuff.
From a business perspective, this move makes perfect sense. From an educated geek end-user's perspective, it really sucks. But what are you going to do? The world you want to live in does not exist.
Someone tell me if I'm wrong here, but I just read the Google support page discussing the changes, and here's what I came away with.
Permission groups are new. If you grant permission for an app to have access to the features controlled by that permission group, then the app has access to all of them. Using the SMS example, if a developer requested the SMS group permission, the developer is asking you to allow the app to do all the things listed under that group. That would include reading SMS and sending SMS messages, among other things. If an app requested the SMS group, and you installed the app, even if the app previously only read SMS messages, it still had permission to send them. A future update may also send SMS messages, but you've already approved that action by installing and manually approving the previous version of the app. Where it gets dicey is if a new permission were added to a group. For example, if a delete SMS feature were added to the group, I don't think the Google page discusses whether that new permission would need to be approved.
An app developer can still ask for individual permissions, like reading SMS messages. If a future update wanted the ability to send SMS messages, they would still have to ask and the app would not be auto-updated. Or, if the app developer later decided he/she wants to add the SMS group permission request, that download would require manual approval.
I don't think there's anything nefarious going on here. You just need to be aware of what permissions you're granting an app. If you grant an app permission to send SMS messages (whether it's via an explicit request for that ability, or whether that ability is granted via a permissions group), don't get upset when it does send an SMS, even if that feature isn't baked in until a later update. As far as I can tell, no app is being granted permission to do something you haven't already given it permission to do. Except for internet access.
The internet access permission being demoted to a secondary permission, on the other hand, might be cause for worry.
When does this happen in the movie?
I would be a lot happier....even with this change.... if they made one other change: allow me to override.
Very simple "App X requires A, B, C" Why does that mean I HAVE to grant A,B,C too it? Why can't I say "Give it A,B and run it anyway, yes I, the owner of the device, approve this" I don't see why its all or nothing like some sort of stupid contract
"Well to run our app you must give us access to your SMS messages"
"I don't plan to use those features"
"Then you can't run our app on your hardware"
I mean don't get me wrong, I understand nobody can stop an app developer from making his app break if it doesn't get every permission it wants....but, as the owner of the device....isn't it well.... my problem if I break an app?
"I opened my eyes, and everything went dark again"
I thought the Google Play store always showed the top level permission in the list as opposed to the more fine grained ones? Is the only difference that applications will now be able to use anything in the category displayed?
In either case Google does need to ressurect AppInfo, the argument that applications can't handle not being provided a given permission is bogus - I don't believe there are any permissions which do not have an empty value which the application should already be capable of happily consuming.
So what does it matter? How many people read the finely grained permission pages when installing apps as is? Perhaps this approach will be better because it will condense it into something people will be less likely to "ok" without reading.
Doubtful.
And they'll stop geeks, some of the potentially most heavy users of their technology, from leveraging them, recommending them, or wanting to develop for them.
I don't see that the current permission system was preventing anyone developing anything. Have you noticed how many apps are on Google Play? This seems like trying to pursue business that is already being done....
-- Mal: "Well they tell you: never hit a man with a closed fist. But it is, on occasion, hilarious."
You're about to install "Angry Birds 7.0". This app wants to...
1. Do whatever the hell it wants to with your tablet setup, your phone connections, and the Internet
2. Not tell you about it
[ ] Yes: I'm bending over right now!
[ ] No: uninstall Android, brick my tablet, and post all my downloaded porn to Facebook
Koans and fables for the software engineer
hey drive companies out of the Google Play store and over to the Apple store.
That's not 100% true. App developers will follow the users and users will follow the app developers. It's a herd mentality on both sides and as such is much harder to predict than "companies will just go to apple."
Looks like Google is doubling down on making it harder for you to stay private. Classy move, Google. You make it easier for me to avoid recommending the Play store and Android altogether.
Make sure everyone's vote counts: Verified Voting
Why do people like and use Android again? And who are these people?
Applications shouldn't be 'asking' for permission. They should just attempt access. The security configuration for each service or resource should have three settings: reject (with api notification), deny (return success but with bogus/user entered data), or allow (work as intended), for each application. The default should be reject, with a first time startup prompt (from the OS, not the app) when the app starts. This way a user retains his dominion over the device and what it does with network IO. For example, he can use an app that demands access to location information when it doesn't really need to. The user should own the android device and applications, not the other way around.
Of course this would break the market and surveillance imperatives of google, app developers, and the state. Fuck them.
Android apps do not "request" permissions, they "demand" permissions.
Your choise is: "Yes, and install", or "No, and don't install".
I should be able to deny certain permissions and install the app anyway.
There is no reason for a flashlight app to demand access to my phonebook, or to read/send SMS - wtf.
Often times, a well meaning dev will explain that he has to have X permission because google has buried one particular function (not always obviously related) into that permission and that function makes sense for the app. You almost get the feeling the dev is apologetic in many cases and would like to just have a single finer grained permission.
Where I come from, such an explanation has a name: a "privacy policy".
And one more thing: How about installation require the minimum number of permissions to make the basic app functions work and additional permissions queried and granted/denied if optional features are enabled?
If you're talking about a checkbox to turn permissions on and off, the party line is that that would cause apps to crash. Too many existing apps are not designed to catch the SecurityException that the system would throw if the user were to disable a permission.
Otherwise, in Android's current security model, the developer could separate each optional feature into a separate helper app that gets its own set of permissions, and the helper app would perform an action on the main app's behalf. (In Android, different apps from the same publisher can communicate with few restrictions.) For example, a keyboard app like Swype could offer a separate app for each dictionary: one for each language (such as "Swype en español"), one for the names of your contacts ("Swype Knows Your Name"), and one for the names of nearby landmarks ("Swype Local") that needs GPS and Internet. When the user turns on an optional feature that needs a helper app, the app directs to the helper app's Google Play Store page.
Google must know by now how bad a light its broken permission system is putting on Android. I can't run half the android apps I want to run on any of my Android devices any more because of the permissions they want. And a lot of the ones that I intentionally do not upgrade no longer work. It's making my three android devices useless and almost worthless.
I'm flabbergasted that there are full-on idiots in the Google command chain who are unwilling to address such a severe and obvious problem. Truly flabbergasted. Has Google gone insane?
I've already stated but I will again... when the iPhone-6 comes out, I'll be moving over to it from my perfectly working but horribly insecure Motorola Razr. At least then I can browse my facebook account from my phone without it sucking up all the stuff I've tried so hard to keep partitioned off of it. As it stands now, I can't even run customized UIs on my Android because the g*d* program insists on advertising on my notifications screen, even though I bought the paid-for version.
At least with iOS I don't have to worry about all this in-the-face crap ruining the experience.
-Matt
First, and impressive showing at WWDC, and now Google is nerfing their security model to be weaker than iOS's (iOS will notify when a new permission is required as part of an update when the application tries to make use of that permission.)
I think Windows Phone and iOS are both in a good position to start taking some market share from Google. If Google doesn't have a good Google/IO with Android, they may have officially dropped the ball on Android.
The educated geek accepts this, shrugs and mutters, "such is life," and then goes and installs the Xposed framework and Xprivacy, which restores fine grained permissions (to a granularity that Google never provided) and opens up all kinds of other interesting possibilities. Ultimately, Android is still open enough that this is possible, unlike iOS.
and as soon as it's over, on goes Cyanogenmod.
Laissez lire, et laissez danser; ces deux amusements ne feront jamais de mal au monde. - Voltaire
I use Xpivacy which is a module add on to Xposed Framework to control permissions now. Have been using it for sometime. Allows using something like the Facebook app without allowing it all of the permissions it thinks it neededs.
Not really sure what Google is thinking though. There needs to be more fine control of permissions not less.
as the owner of the device....isn't it well.... my problem if I break an app?
The problem is that too many end users are not knowledgeable enough in how computers work to know whose problem it really is. They think it's Google's or the phone manufacturer's because the app broke.
Being a Linux geek since '95 (and somewhat of annoyed-by-all-things-apple person), I bought an Android phone ever since they became available commercially. Did that for five years, ran custom roms and put in an Android patch to maintain a permissions firewall. It was one big PITA from a usability point of view. One day, I saw my banking app looking at my call log and that broke the camel's back, for me. I realized Google simply isn't interested in protecting my privacy. The whole you-can-see-what-perms-app-is-asking-for-before-install is a smokescreen. It doesn't scale. Pushing security problems to the user won't work for 99% of the userbase. Hell, it didn't even work reliably for a Linux nerd like me. By contrast, Apple only exposes a handful of data/attributes to ANY app. An iOS app can't look at or even ask look at my SMS, call log and practically most of the stuff - now, that is a sandbox. Also, from a business point of view, Apple makes money by selling me a phone so yes, they have some incentive above that to milk me for analytics but they aren't Google, who don't make much money when I buy an Android phone. For Google, I am the product. So, I switched to iOS (phones and tablets) and actually since then have switched from Gmail to Fastmail, Picasa to SmugMug. With these switches, my privacy is better protected and even usability is better (Picasa, for me, died when Google started shoving G+ Photos down everyone's throats).
I noticed the change a few days ago. I always scan for "new permissions" during updates. The new UI makes this much more difficult. It's clear that the Google Play app uses WebView so Google can change the layout without an update. I had hoped Google would fix this in a day or two. No fix so far. I feel Google has jumped the shark.
I also noticed that the latest version of Google Maps will find me something in France with the same name as the thing I am looking for in my country (Israel). Was I really planning to drive to France today or drive 20 minutes? C'mon Google. Maps used to return saner results.
Google never cared about permissions to begin with. If they did they'd have a way to revoke permissions to apps. Want to download Facebook App but don't want it having control over your entire phone... can't do that with stock google... so fuck google
Comment removed based on user account deletion
I don't imagine that it's worth it to a lot of people to buy a Mac and several years of iOS Developer Program membership just to make an iPhone do what an Android phone does.
Google doesn't care about the security and privacy of Android users. Their own products mine their users data, as many people have pointed out. Apple is not interested in protecting users either. Luckily, Android users can protect themselves by rooting and installing real security software that limits what applications are able to do. XPrivacy is one of the best ways of protecting your privacy and device security. Add a firewall and the job is largely done. Sadly, you simply can't be protected without rooting and Google is always trying to prevent root level access...
Once there is a jump in malicious software due to this change to permissions, the resulting negative publicity might get Google to actually do something to protect users. The consequences will increase with the increasing amount of highly confidential information on Android devices and the increase in high value activities to be targeted. Internet banking and financial services tied directly to devices must be very attractive to criminals. Forget about stealing contact information, browsing history, location tracking, etc. Your right to privacy was lost long ago.
I really miss the days when Adware and Spyware were identified as malicious software by antivirus programs and we still had some rights.
Simplified permissions on Google Play
..
"To help make it easier to understand what an app will have access to, the Play Store has recently made improvements to how permissions are displayed. Permissions are organized into permissions groups, easily identified by icons (example: Location Location) to help clarify the most important information and capabilities an app can access on your device. This information can help you make an informed decision more easily on whether you would like to install the app."
Permissions groups
"Permissions groups are designed to show what an app will be able to access on your device. With permissions groups, you can quickly see what capabilities or information an app may use before downloading it. Also, you can review individual permissions at any time using the Google Play Store Play Store app."
"It's a good idea to review permissions groups before downloading an app. Once you've allowed an app to access a permissions group, the app may use any of the individual permissions that are part of that group. You won't need to manually approve individual permissions updates that belong to a permissions group you've already accepted."
This is why as mobile internet service gets better more things move to "the cloud", it's the logical solution for exploiting an open platform where (most) companies are too greedy to just sell me the app and too greedy to not pay for my bandwidth for spamming ads at me.
I have an purchased Android phone, a B15 from Caterpillar, not from a carrier. I bought a T-Mobile SIM card for it. When, at first startup, it asked me to sign up for GMail, I exited that dialog. I don't have a Google account. Turned off Google App Store, Google+, Google Market Feedback Agent, Google Play Music, Google Play Store, Google Play Magazines, Google One Time Init, Google Contacts Sync, Google Bookmarks Sync, Google Account Manager, GMail, Google Chrome, and Picasa Uploader. (Kept the phone preloaded apps: CAT Equipment Rental, CAT Parts, etc. Yes, this thing really is from Caterpillar Tractor. Waterproof, shockproof, dustproof, of course.) Works fine. Phone network data consumption is low, about 250MB/month.
There are a few glitches running in this mode. Google Maps will crash if you access Settings, which is a clear bug.. But that's about it. Google Now works, but doesn't know my location. Nothing ever gets updated, since the carrier knows nothing about the phone. Apps have to be side-loaded. I may load up the Amazon app store to see what that's like.
I was thinking of loading Cyanogenmod, but don't see the need now.
If you just have to play Angry Birds, run the Flash version.
Have you thought about how an app might act if a permission it expects to have been granted isn't actually available?
Doesn't seem like a viable solution to me.
But I also agree with the poster above who plans to use the smartphone for maps, web browsing, photos, texting and phone calls. It's a good plan.
I've fallen off your lawn, and I can't get up.
What is the point of asking a security policy question when the only answer is yes? Why do apps want access to so many different services? The android/apple security permissions frameworks are fundamentally flawed. A polite term might be naive.
At DeveloperWeek 2014 I went to a talk by a Mozilla developer on the Android security policy framework. He put forward two ideas:
Fine grain access control.
Prompt for permission the first time an app accesses a service, not at install time.
His first observation was that the granularity of the permissions was far to coarse. Access the Internet. Use the phone. Access memory. Why are you forced to allow near complete access to the Internet when a service might only want to write to a specific site? Why read/write entire user memory when it only needs to store a state file or a small collection of cache files. Fine grained access controls are all standard features of the operating systems that underlie Android and Apple smart phones.
The argument might be made that it would confuse users to be asking for complex permissions. I would say, what's the diff? The user is going to say yes either way. The only other option is to not use the app.
Fine grained permissions enforced by the OS would limit damage that a rouge app could do by limiting what it could do without popping up an access request.
The speaker's second idea was that the permissions policy questions should be asked the first time you use a service in an app, not at install time. The first time an app might build a current list of requirements/sites/etc and ask in one question. If an app needs to access something new like a new tracking URL or call a new phone number, a new permission request pops up enforced by the OS. A user who is annoyed by the pop-ups can always click "Don not show this message again".
The benefits of these two changes is that you do not have blanket permissions granting for apps even for services the user may never use. This would prohibit a virus from starting to use a service that had not been previously accessed. Even a naive users might think twice when his GPS app suddenly wants to reformat the memory card.
The two prongs of making permissions more granular and not granting them until they are actually accessed by the user would fundamentally improve the smart phone security policy. Both of these should be implemented by the OS so they are automatic, uniform and enforced.
The argument of its too complex for the user is null because the users it might confuse are going to say yes in any case. They always do. The argument that it is too complex for the developers, my answer is "tough, you're a developer, deal with it".
I wish I could find a reference to the talk. It was the afternoon of the last day of DeveloperWeek 2014 in San Francisco. The guy was from Mozilla. I recall it being a last minute change because someone canceled.
Standard arguments about how nothing is perfect and everything can be bypassed apply. The standard reply of something is better than nothing apply as well.
Brought to you by Captain Obvious
This could turn out to be a good thing, imho.
Consider that there are basically two types of users, where privacy is concerned: people who are oblivious and/or don't care about their privacy, and people who try to preserve some of their privacy. For the former group, this change will not affect their app usage, and will make it easier for them to get app updates automatically, which will make their experience better. For the latter group, the Android developers are actively hostile toward your privacy desires, have no desire to help you, and in fact probably _want_ to drive you away from the platform. In both cases, it's a win for Android, the "all your data belongs to us and everyone else, and there isn't anything you can do about it" platform.
I personally think there's a market for platforms which allow some privacy (Apple does a much better, but still imperfect, job of this), but I acknowledge that there's also a market (and probably a larger one) for platforms which cater to people who share all their personal data with everyone, and are totally oblivious to what any/all of their apps are doing behind their backs. Google is making it crystal clear which type of platform Android, and their other services (see also: Nearby), will be.
No one reads the permissions or even understands what they're actually agreeing to when the do bother to read them. People just want their apps without any hassle. Adding MORE granularity and MORE permissions would make it even less likely that anyone would read them. I'd rather not see any permission shit at all when I install something. When an app's trying to access sensitive stuff (like my location or access to my contacts), ask me in the context of trying to do something with the app that requires those permissions so I can understand why the permission matters.
More to the point, apps on the Play Store should just be trustworthy by default. Weed out developers and apps doing shady shit so I don't have to worry what I install blindly on my phone. Being on the Play Store should be equivalent to Google saying "We can vouch for this app. It won't harm you or your phone. Install and prosper."
Is there an app that can let the user set permissions of other android apps?
I think now a days google is more strong in comparision of others. Google works on his privacy policies. I think if it genrate new thing then he also work on his negative site. So we want to wait and lets see.
Google wants companies to actually write apps for the Google Play store. If they give end-users too much power over the permissions, they drive companies out
Nope. As long as android phones sell, corps will sell apps for them. If users can trivially block any ad server, then you won't see those ad-financed apps. But you will still get the payware.
Corps want to make money. They can do that selliing games, content, and all sorts of useful apps. They don't really need my contact list or any snooping powers.
What exactly is missing so crucial from iOS?
I've compiled a list based on Apple's guidelines. For example, Apple provides no public API to create anything like MozStumbler or WiFi-Where. Nor does Apple allow for development of a web browser that supports WebGL.
This sounds very much like the way Microsoft tried to do security in Windows Vista. People did not react well to so many dialog boxes popping up.
Maybe that is why google decided that most people would rather just not have to deal with permissions in any real and meaningful way.
"From a business perspective, this move makes perfect sense. From an educated geek end-user's perspective, it really sucks. But what are you going to do? The world you want to live in does not exist."
I'm gonna download F-Droid and only use software from there. Google can suck it.
I just found out last night that my Galaxy Note 8 can't write to it's SD card any more (after a KitKat update). This also is some brain-dead move by Google to make my tablet "more secure".
What it's actually done is pissed me off so much that I'm now going to spend the time rooting the thing. I can understand limiting apps to certain areas of the system, but giving them 100% unfettered access to the internal storage, and deny just about anything from the SD card isn't it.
I'd like to be able to see the list of permissions an app needs (in groups, if you like), and then deselect any I don't think it should have - if an app I don't like the look of wants to use my SD card, then I should be able to turn it off. I know this is possible with a rooted system, so it seems that's the only way to go for me (particularly as I quite like being able to use my SD card that Samsung took the time to bundle with my tablet).
If my phone asks me to upgrade to kitkat, I'm gonna say no. I'm sure that doesn't make me more secure. I'm sure rooting my tablet isn't really Google's idea of "more secure" either. Assuming I'm right about that, then they should find a way to let me override their brain-dead missteps.
dont buy a smartphone. problem solved.
Undo history is nice, but it can be overdone. Consider what the user might think when he finds that he can't install an application because the device's storage has become clogged with another application's undo history. What would you recommend that developers do to avoid a case like that?
Do you seriously believe that's how it has to work? Choose your RPO and RTO appropriately for what you're doing.
Recovery point objective expectations differ among users. One user (lgw) prefers a longer RPO and is willing to lose several seconds of work so long as an application doesn't require the phone state permission. Another user (not lgw) prefers a shorter RPO and is willing to use the phone state permission to achieve this objective. How should a developer serve both classes of users? Would it be practical to put one app on the store ("SurfWriter") and a second helper app whose only purpose is to reduce the first app's RPO but which requires the phone state permission ("Autosave for SurfWriter")?