We can't check the app permissions on Google Play anymore(bluespace.tech) |
We can't check the app permissions on Google Play anymore(bluespace.tech) |
Some users would never even install apps that asked for too many static permissions on the Play page.
But now, if an app seems to meet their needs and they aren't sure, some of them will go ahead and install it just to try it out. How much can one run hurt after all? Due to unresolved questions or sunk cost dilemmas, they may even grant dynamic permissions. How much can one run hurt after all?
So this will manipulate a percentage of reluctant users into data-providing users by hiding a reason for their reluctance. I'm inclined to suspect it'll benefit Google's ad impressions business and that's the actual motivation, not "feature parity" with Apple.
This, so much!
Like 90% of the apps on Play ask for an insanely excessive amount of permissions.
It was the #1 indicator for sorting out garbage apps.
Example: Some time ago I needed a kitchen timer app (stock one had some issue). The great majority of them wanted permissions like contacts, access to my files, GPS location, and on top of it internet to upload all of this probably. Even though a kitchen timer shouldn't require any private data at all!
Now think about this:
Even if you're asked by Android before it actually gets the permissions, why would you WANT to run code from someone who does such shady stuff as having a kitchen timer require access to private data? Won't those people probably take any opportunity they can get to do shady stuff with things for which Android doesn't require permissions yet? And even if they don't - isn't it likely that their app just doesn't work properly and has a lot of bugs because they don't care about the user at all?
And this isn't just such utility apps. It's basically ALL apps which are flooded with this garbage.
What Google did here to me personally is the last nail in Android's coffin. I cannot acquire software anymore like this.
That's completely legitimate. It needs those permissions to tell your guests when dinner is ready, where it is being served, and what is being served.
More seriously though, I bought a tablet many years back which shipped with a simple word game that had insane permissions. Among them was access to contacts. When I pointed that out to people they would claim it was required for multi-player support. When I pointed out that one could add the contacts manually, most of the people thought I was insane even though this was at a time when people usually added contacts to desktop applications manually. They didn't understand that some people viewed it as impolite to share contacts of others without their permission (never mind the privacy implications). They didn't understand that most people would only play the game in single-user mode because it was a single play game with a "multi-player" mode tacked on. The multi-player mode was literally tacked on to harvest marketing data.
is internet a permission?
I've never seen that in any menu or prompt. I don't think Android has this. Which is a shame bc i mostly use offline apps and would love to know if an app is all offline
Understandably, I don't think Google cares about the offline use of their OS. It doesn't align with their business interests
For example, if I reject location permissions, then play back a random GPS trail in a randomly selected city on the planet, complete with simulated error and drift. If I reject Wi-Fi scanning, then show a constantly changing set of fake access points. If I reject camera, then play back some cartoons or deepfaked video as a camera device.
The app should never have to know its permission request was denied.
In general, I'm not sure spreading random fake news about yourself is such a great idea unless everybody does it. And everybody doesn't do it, because if everybody cared so much about these things the problem wouldn't exist in the first place.
If the users don't control the software, the software controls the users.
For example, the app wants to access your contacts. Instead of "yes or no", you choose a subset of contacts that the app is allowed to see: could be all, could be none, could be a selected set (perhaps a special set of fake contacts). Whatever you choose, the app is told that these are all the contacts that exist on your phone.
If the app wants to access the camera, the options are: actual camera, always black pixels, a selected static picture, a selected picture that is shaking to add extra realism. Whatever you choose, the app is told that this is the actual camera.
If the app wants to access the disk, you could specify that a new directory should be created and the app would be told that this directory is the entire disk. Etc.
The way it is, all apps want to "READ_EXTERNAL_STORAGE" so they all can read all the data I save.
Gives me 2015 sourceforge vibes
Thank you for pointing out that you can get APKs direct from the site too. That could be useful sometime!
The app should never have to know its permission request was denied.
Is the App Store much better?
I think Android permissions are like xattr. its the noise behind chmod, it shows up in odd ways like when you can't move or delete a setuid file, or in ls -<flags> contexts if you tickle it right. its the nitty gritty, the details. Not "does this s/w respect my privacy" but "of 100+ distinct attributes, data items about 'me', can I atomically grant/deny access or apply some conditionality to them"
So I think the same thing about AWS Privs. My god, theres a million of the suckers. Do I want Amazon to simply remove the pane? God no. I just want to understand it better.
Why can't google "do both" and have a path to see these, but feature-parity with Apple and simplify it on the surface?
Every app is required to work correctly with the mock data or is removed from the store. You could even have mock folders in the photo app or mock contacts on your phone so you as a user can see how the app works on those without giving it access to the real stuff.
Example: a parking app asks for access to your contacts and ability to call, you give it a mock permission. It just works. When it tries to call someone you see info: "app XYZ calls mock contact A". When it tries to read your contacts it just gets a stock list. If it tries to tell you it needs real contacts you report it to Google and it gets removed.
I would like more permissions to be different than all or nothing though. I wish you could segregate contacts. like, if I don't tell people around me that I know a high ranking official, why should a random app just because one of us uploaded our contact list.
I expect a lot of crapware authors are currently adding permissions that they've wanted to but couldn't justify to their users, now that Google has stripped their users of visibility and recourse.
E.g. last time I looked at this a lot of obvious crapware was requesting the "ACTIVITY_RECOGNITION" permission for God knows what reason - a permission that can't be denied by the user.
As a rule Google only gives users the option to disable a permission after it has been widely abused, or maybe not even then. It's downright hostile to take away one of the only ways users have to spot spyware before they install it.
Apple had data safety, Google now has it.
Apple didn't show permissions, now Google also doesn't.
Presumably most people don't really care about permissions anymore.
Huh? Apple has always had permissions; Apple calls them "entitlements". Some of them are granted on install (like Game Center or Siri intents); some of them also require explicit user permission (like push notifications or contacts access).
What Apple doesn't do is list entitlements in the App Store. This is because users don't generally need to be aware of them; entitlements with significant security or privacy implications are always coupled with an explicit permissions prompt, and many entitlements represent internal details of how an app works which users don't need to be aware of.
https://developer.apple.com/documentation/bundleresources/en...
I had Instagram for a while as an example, because I liked to look at miniature painters, but Instagram never had access to my contacts, images, location data and so on. It would ask for permission of course and I would decline.
Does Google do something similar or are permissions on per default? I mean, the info is still a nice feature in the App Store to help people make better choices, but the real protection for people like me is the “This app would like to access your pictures, will you let it?” box that pop ups when you run the app.
My data and Google's safety. Why does my phone needs access to storage ?
Speaking of which, anyone from Spotify around?
Could you kindly take your request for control over Bluetooth and shove it up your fuckin arse?
Why must I say no to this every time I open the app?
No means no.
For some permissions, but not all of them. For example, they don't for Internet access.
> Why must I say no to this every time I open the app?
Doesn't Android have a "don't ask again" option for permissions?
It's a custom nudge. It's shown by the Spotify app. Clicking on the CTA takes you to the settings page or something.
> For some permissions, but not all of them. For example, they don't for Internet access.
see also: XPrivacyLua
I suppose the most common "regular user" scenarios sort of mostly work (except possibly for some performance overhead in some cases), but for more "power user"-like usage scenarios it's all too easy too run into all sorts of edge cases, limitations, and bugs that break your workflows.
The behavior you describe is not what I experience in real life. I see apps being able to read and write from all directories on my SD card.
It says "READ_EXTERNAL_STORAGE when accessing other apps' files on Android 11 (API level 30) or higher"
So, as I understand it, a user has no way to allow an app to read only from a single directory on their SD card.
The situation now where you approve or reject permissions as they are used in the app is vastly better than the original android model of being shown a wall of text with the options to either give away all of your data and security or not install the app.
There was no reason to remove them from the store page. In general, there's no reason to remove additional information, that too info which was already hidden behind an obscure button that only a few power users ever checked. The dynamic permission model is the better runtime one but there's no good-faith justification at all to delete information about permissions. The latter is like the documentation for a feature and removing it is like hiding documentation.
This is not true. I avoid apps that require unreasonable permissions. I don't expect regular users to know what is reasonable or not, but hiding this information would definitely make installation process less convenient for me. Then again, I no longer use Google Play store and I install very few apps anyway, so maybe I'm not exactly their target user.
It was only useless for you, I don't have time or KB to waste on my data plan.
As an example: NFC is defined as a 'normal' permission.[0]
As far as I'm aware [not an expert here], there's nothing stopping an app developer from updating their app with the ability to steal credit card/passport information (if the card is tapped against the phone).
[0] https://developer.android.com/reference/android/Manifest.per...
The thing users want isn’t what permissions the app could possibly request, but what permissions are required to use what specific features of the app.
I very much appreciate apps where I can trial or subscribe for a short period for a small price. If they do what I need I always end up buying or not cancelling the sub.
This sounds a little contradictory (too tired to word it better right now) but I hope the general feeling is conveyed.
https://developer.android.com/about/versions/11/privacy/stor...
3rd parties solved this with optional Storage Isolation:
https://play.google.com/store/apps/details?id=moe.shizuku.re...
- Whatsapp keeps all its internal data in your Photos folder.
- Whenever you want to send someone an image, you need to manually copy the image from wherever it is to the Whatsapp folder.
If Google worked on that, results could be fairly creepy for those who store their data in their cloud. They can probably infer what you look like from your photos (you’re the one appearing in selfies most), know what weather it is locally, know that you’re, for example, looking at the Eiffel Tower, and maybe even have a photo from 2 minutes ago made by another user from the same place.
I think Google certainly could make a fake address book that’s creepy for many users by looking at the address books they have.
I can't just tell all my friends to use Signal, it's just not going to happen and would result in me getting left out of 95% of social events.
I do keep a separate phone for proprietary apps, though.
So apps have to request all these scary permissions so they can do regular things. But there is really no alternative.
> To give users more control over their files and to limit file clutter, apps that target Android 10 (API level 29) and higher are given scoped access into external storage, or scoped storage, by default. Such apps have access only to the app-specific directory on external storage, as well as specific types of media that the app has created.
If you really want to get into the weeds, previously you could work around scoped content requirements with the manifest property "requestLegacyExternalStorage"
But it's not respected if your app targets the latest version of Android, and new uploads have to target a recent enough version that the loophole is closed.
Legacy apps will be unaffected though.
Outside of flashlight and QR scanner apps, there is basically nothing the user can action aside from completely rejecting the wider service over some ambiguity in the permissions list.
Keeping an LRU list for files that were opened from outside of your own app becomes needlessly complicated [2].
Access gained that way isn't directly compatible with things expecting classic File API access (and sometimes those things are outside of your immediate control, like external libraries and even parts of the Android framework itself), and unfortunately the easiest workaround to that problem is just copying the file into your own private storage.
[1] As far as I'm aware, only macOS attempts to at least handle related files that only differ in their file extension, but even that still doesn't cover more complex file formats like playlists, or HTML or DWG files or whatnot that can reference arbitrary other files.
[2] If the same file is shared via different apps, the way things have been implemented on Android it becomes more complicated for the receiving to check whether those two incoming file shares actually refer to the same underlying file or not. Plus for an LRU list to make sense you need to try persisting the file permissions so you can still access the file later on [3] and also especially take care not to leak those permissions when you clean up the LRU list.
[3] Which also leads to some strange scenarios like when you switch to a new file manager and uninstall the previous app, all LRU entries in other apps that were originally opened via that previous file manager now suddenly become invalid.
It's like proper exception handling: Do not just close the app, fall back gracefully and allow the user to retry.
Really anything involving personal data should be up to the user. Especially something like your contacts.
I’d love to see a button on the contacts permission window to give the app a list of AI generated fake contacts. (And fake GPS coordinates, and so on).
Philosophically, your phone should be your user agent. It should act on your behalf, not on behalf of some tech companies.
From a casual further inspection, there are videos on YouTube which demonstrate this: https://www.youtube.com/watch?v=K_6oMZb8UOI
I'm willing to bet that video is just plain fake. Especially given it only has 2k views.