Slashdot Mirror

← Back to Stories (view on slashdot.org)

Android Q Will Kill Clipboard Manager Apps in the Name of Privacy (androidpolice.com)

Posted by msmash on from the up-next dept.

Bolstering privacy is one of the primary focuses for Google in Android Q, the latest version of its mobile operating system, and that may spell trouble for some of your favorite apps. From a report: In Android Q, Google has restricted access to clipboard data as previously rumored, which means most apps that currently aim to manage that data won't work anymore. Having an app that sits in the background and collects clipboard data can be a handy way to recall past snippets of data. However, that same mechanism could be used for malicious intent. Google's playing it safe by restricting access to clipboard data to input method editors (you might know those as keyboards). Foreground apps that have focus will also be able to access the clipboard, but background apps won't.

3 of 42 comments (clear)

  1. Re:Have other os's done this yet? by BringsApples · · Score: 4, Funny

    This App needs access to the following:

    Add/Remove Contacts
    Make & receive phone calls and texts
    Storage
    Wifi
    Bluetooth
    Multimedia
    View Network State
    Automatically start at boot
    Read Phone State and Identity
    Write Contact Data
    Modify/Delete SD Card Contents
    Access to Clipboard

    Whoa, that last one is just too much!

    --
    Politics; n. : A religion whereby man is god.
  2. Re:If Google took Android security seriously by Solandri · · Score: 4, Insightful

    If Google took Android security seriously, they'd add a lot more permissions, and they'd make default permission setting "lie to the app and tell it that it has the permission it requested, and then just let it fail silently / return all zeros."

    That is in fact what Android has done since Marshmallow (version 6.0, released 2015). When you install an app, it has no permissions unless the user explicitly grants them. Marshmallow had a somewhat clumsy app permission settings interface. But later versions pop up a dialog asking whether or not you want to grant a permission the first time an app tries to do something needing that permission. If you don't grant it, the OS lets the app proceed as if it has permission, and it will either fail silently and work, or return all zeros and crash. Depends on how the author coded the app.

    The only major permission that's allowed by default and cannot be blocked is network access. Probably because giving the user control of that turns ad-driven apps into free apps (at least that's what happens when I deny network permission to apps on my rooted Android phone). Clipboard access is currently allowed, but apparently that's going away (TFA doesn't make clear if it's going to be prohibited entirely, or become user-selectable with Q).

  3. Re: If Google took Android security seriously by jrumney · · Score: 4, Interesting

    What they are currently missing is an "always ask" permission. You can either grant it permanently or deny it permanently (you can change the permissions deep within settings, but it isn't trivial to do, and there isn't an option to ask again). Even if the app doesn't make sense to use without a permission, I might still like to know when it is using the permission, especially if it is accessing my mic, camera or location.