Slashdot Mirror
Google To Kill a Bunch of Useful Android Apps That Rely On Accessibility Services (androidpolice.com)
Slashdot reader Lauren Weinstein writes from a blog: My inbox has been filling today with questions regarding Google's new warning to Android application developers that they will no longer be able to access Android accessibility service functions in their apps, unless they can demonstrate that those functions are specifically being used to help users with "disabilities" (a term not defined by Google in the warning). Beyond the overall vagueness when it comes to what is meant by disabilities, this entire approach by Google seems utterly wrongheaded and misguided. "While the intended purpose is for developers to create apps for users with disabilities, the API is often used for other functionality (to overlay content, fill in text fields, etc.)," reports Android Police. "LastPass, Universal Copy, Clipboard Actions, Cerberus, Signal Spy, Tasker, and Network Monitor Mini are just a few examples of applications heavily using this API." It's likely Google is cracking down on apps that use Accessibility Services due to the security risks they pose. "Once granted the right permissions, the API can be used to read data from other apps," reports Android Police.
The developer of BatterySaver received the following message from Google:
We're contacting you because your app, BatterySaver System Shortcut, with package name com.floriandraschbacher.batterysaver.free is requesting the 'android.permission.BIND_ACCESSIBILITY_SERVICE.' Apps requesting accessibility services should only be used to help users with disabilities use Android devices and apps. Your app must comply with our Permissions policy and the Prominent Disclosure requirements of our User Data policy.
Action required: If you aren't already doing so, you must explain to users how your app is using the 'android.permission.BIND_ACCESSIBILITY_SERVICE' to help users with disabilities use Android devices and apps. Apps that fail to meet this requirement within 30 days may be removed from Google Play. Alternatively, you can remove any requests for accessibility services within your app. You can also choose to unpublish your app.
Alternatively, you can choose to unpublish the app. All violations are tracked. Serious or repeated violations of any nature will result in the termination of your developer account, and investigation and possible termination of related Google accounts.
If you've reviewed the policy and feel we may have been in error, please reach out to our policy support team. One of my colleagues will get back to you within 2 business days.
Regards,
The Google Play Review Team
The developer of BatterySaver received the following message from Google:
We're contacting you because your app, BatterySaver System Shortcut, with package name com.floriandraschbacher.batterysaver.free is requesting the 'android.permission.BIND_ACCESSIBILITY_SERVICE.' Apps requesting accessibility services should only be used to help users with disabilities use Android devices and apps. Your app must comply with our Permissions policy and the Prominent Disclosure requirements of our User Data policy.
Action required: If you aren't already doing so, you must explain to users how your app is using the 'android.permission.BIND_ACCESSIBILITY_SERVICE' to help users with disabilities use Android devices and apps. Apps that fail to meet this requirement within 30 days may be removed from Google Play. Alternatively, you can remove any requests for accessibility services within your app. You can also choose to unpublish your app.
Alternatively, you can choose to unpublish the app. All violations are tracked. Serious or repeated violations of any nature will result in the termination of your developer account, and investigation and possible termination of related Google accounts.
If you've reviewed the policy and feel we may have been in error, please reach out to our policy support team. One of my colleagues will get back to you within 2 business days.
Regards,
The Google Play Review Team
As someone who is disabled and depending on speech recognition, I've often wondered how to reconcile the need for security with accessibility systems need for deep access into applications. I think the industry is taking the approach of telling disabled people "sucks to be you, go make a living selling pencils on the street corner".
Deep access is needed because the information present in a GUI is insufficient for building grammars speech recognition environments. But even if we could live with the GUI, accessibility needs are wide open holes in system security. When you're disabled, you need to automate common tasks and you need to make decisions about state of the application in order to do the right thing. For example, if I want to download bank statements from the bank, I should be able to automate and automate naming the given PDF the right name but I can't. However giving me that capability would transfer enormous power not just to me but to any attacker.
It's time to start spending all of those tech billions to sending disabled people to that happy farm in the country where your parents sent your dog when it got old. I'm all for this cause I'm tired of arguing with developers about why accessibility is a needed and important part of giving a disabled person independent and satisfying life.
Can't do that any more unless you have permission from the higher-ups, I guess. So much for my computer, my rules.
That is correct.
Billions of people have voted against "my computer, my rules" by buying devices with phone-home level control given to someone else. Thus, the market provided what those people voted for with their dollars.
The personal computer era is over. What we have now is the spy-device and content-consumption-device era.