Is there also a BIG button which can be used to stop the phone/addressbook/browser/etc from phoning home to Google with user stats.
The latest version of Google's Android, 4.3, has a panel controlling access permissions on an app-by-app basis - but only for those users ready to experiment with untested functionality. The App Ops control was found by Android Police and initially required a hack to bring it to life. Now there's an app in the Google Play …
Are you "absolutely" sure about what you are saying or are you new to the game?
Will your solution really stop "Wifi" location being sent to Google, directly or indirectly through third part apps.
Will it also stop GPS location information being sent to google.
If I were to find a wireshark equivalant, you are saying that, I could be assured that by turning of "syncing for the Google account." no traffic would any longer be sent to google.
C'mon wake up man, there is far more to google/android than your contact list and porn browsing habits.
"If I were to find a wireshark equivalant, you are saying that, I could be assured that by turning of "syncing for the Google account." no traffic would any longer be sent to google."
From Android itself? Only the most paranoid would think otherwise.
Of course you'd also have to ensure you don't install/use any Google apps, or any 3rd party apps that utilise Google services, or visit any of their sites to keep them totally ignorant of your existance.
Well khaptain, why don't you try it. Set up a brand new device, when asked about sharing location, synching, setting up a google account, using the omnibox etc choose the no (or privacy setting).
Set up wireshark to sniff the data and then if there is an personal data going to Google you have a lovely big lawsuit that will make you rich.
Easy, and well worth it!
"Are you "absolutely" sure about what you are saying or are you new to the game?"
I wish I was, because if I were to do it all again I'd choose a different game.
"Will your solution really stop "Wifi" location being sent to Google, directly or ...."
No it wont. But you already knew the answer to that question before you asked it. I was referring to the points raised in the original question.
I'll give you the benefit of the doubt that you aren't "new to the game" either. So you should be fully aware that if you're getting a phone from Google/Apple/Microsoft/Rim then that sort of data is leaking. It's also leaking if you have a Sat Nav that's capable of making a network connection or a Satellite/Cable box or using a web service/store or a connected games console. Or as we've seen over recent weeks pretty much anything with a network connection will get you swept into a mass surveillance dragnet.
But there are options. You can choose to use them or not depending on the cost to your data. If you choose to use them then be aware of what you need to leak and what you can avoid. If you choose not to use them then congratulation to you, that's your call.
It's Friday, let's have a beer and agree to differ like gentlemen.
Lame trolling aside. Straight from the Microsoft whore ZDNet itself.
"The Trustwave report says the number of critical vulnerabilities, as determined by the Common Vulnerability Scoring System (CVSS) assessment of factors like potential impact and exploitability, identified in the Linux kernel was lower than in Windows last year , with nine in Linux compared to 34 in Windows. The overall seriousness of vulnerabilities was also lower in Linux than Windows, with Linux having an average CVSS score of 7.68 for its vulnerabilities, compared to 8.41 for Microsoft."
I believe this feature has been available in a few root-only apps and in Cyanogenmod for a little while, it's nice to see it get into mainline android.
There are a variety of apps that are useful that want way too many permissions. Skype is a major offender in this area. Being able to deny it some of what it wants is a good thing.
...and that's a problem because... ...?
Maybe it would encourage better programming techniques - learn how to fail gracefully.
It would also serve as a notice of an application that requires far too many permissions to do the job that it said it was going to do, but is instead doing other "stuff" that wasn't menioned in the puff-piece trying to attract users.
Would love to see a fake-feature too. ie, some apps request access to my call log? Sure.. here, have a fake one.
App wants to read my SMSs? Here, have some test ones. My location is absolutely required or the apps crashes? I'm in Times Square, honest.
That way, compatibility remains, and privacy is enjoyed.
Permission control for applications has been there since year dot. This is just a more granular method.
At the moment (unless using 3rd party tools on a rooted device) it's basically a case of granting access to everything the app asks for, or not installing it if you don't like the permissions it asks for.
The new process allows you to say yes to all, and then go in and turn off access to specific items.
For example, why does the Facebook app need to be able to make phone calls, or be listed as a System Tool which gives it a lot of potential control over your phone. The point being of course it doesn't, not unless you use those features that rely on these permissions, So if you don't use those features, you should be able to switch of access to those areas.
Thank you for the clarification, I appreciate it. (I didn't want to dig through the ton of ballast to get the information I wanted, heh).
I was under the impression that what you say ("say yes to all, and then go in and turn off access to specific items") was there by default on every stock device without having to root it or anything.
For example, why does the Facebook app need to be able to make phone calls
They doubtless want facebook to be the centre of your life and thus you will have all your contact details stored in facebook so that when you want to call someone then they don't want you to exit the FB app and go to the dailer but instead go to the contents section of the FB app, find the name and select the "call this person now" option .... so, the FB app needs to initiate the call.
That would make sense (almost) if ithere was a direct way to access your friends list with the Facebook app, or it was made more central to it.
Currently the 'Friends' button in the Facebook app doesn't actually list your friends! Instead it takes to the 'Find Friends' page (same on the web site).
I don't know about anyone else, but this just seems to be brain dead. Surely one of the main purposes of facebook is to keep in touch with existing friends, and to a much lesser degree, to find new friends on FB.
Therefore why would an option rarely used in comparison, 'Find Friends' , have a main shortcut button in the front page of the app, and the main 'Friends' list, that is used far more often, is almost hidden away under the 'Apps' list!
Fb probably is making the phone silently phone home, or they are probably embedding a special packet in their call TO a phone, and when either or either cannot shake hands, they send the user an online prompt about updating his or her contact info and phone. Probably it helps them correlate phones to users and helps them either fudge on reported data and work on heis... Umm, acquiring new, fresh users.
At the moment, when you install an app, it will list the permissions the app requires and ask if you are happy to give it to them. So, for example if a unit converter app asks for permissions to access your location and address book, and to make phone calls, you might conclude that it doesn't need those things to convert centimeters to inches and decide not to install the app.
Alternatively, you might conclude for example that it needs internet access to convert dollars to euros, but it doesn't need the other permissions it is asking for. At the moment, you can't approve internet access and block the other permissions, it is either all or nothing.
Rather than using a separate app, wouldn't it be better if the current permissions list on install (or updating if permissions change), just had a tick box next to each option?
i.e. Install app, it lists x number of permissions as it does now, but each has a tick box, selected by default. Just untick the ones you don't like and continue with the install.
To change settings afterwards, use the app manger. It already lists the permissions, just add a tick box by each one. Tick on/off as needed.
It probably will be on install when it finally becomes an official feature. My guess is that there'll be a set of required permissions that you have to accept to install and then a number of optional permissions that the app would like but that you can optionally deny (both at install time and later).
I doubt you'll be able to specifically block Ads themselves with this, although you ought to be able to stop Network access, which would stop the Ads.
But of course that might also break the App itself, depending on if it needs Network access for it's main functions. i.e. something like Rain Alarm needs Network access to be able to download the rain maps, which of course automatically means it can download it's Ads.
Also authors would probably be able to add code to detect if you've disabled Network access* , and so could disable or otherwise cripple the app in someway.
* Direct, for example 'ping' an Internet address and see if it responds, or indirect, i.e. have my Ad banners downloaded okay since the app launched?
"Also authors would probably be able to add code to detect if you've disabled Network access* , andso could disable or otherwise cripple the app in someway."
I'd suspect there would be an API call to check for granted privs, although a wise app would still ccheck 'manually' if the priv appears granted, as a rooted phone could lie!
You know, it springs to mind that some app developers and their data controllers (i.e. think UK only for a limited scope) are absolutely ripe for a good education/hiding from the ICO*
*It seems that the ICO believe quite a few developers/data controllers are unaware of their current legal obligations. As a result the ICO are currently preparing formal documentation on this matter. Hopefully 'gimme all ya got' data collection and retention policies for mobile apps won't be around for too much longer (in the UK at least).
Finally! As I've mentioned in few threads before , the app permissions has been one of the really annoying things in Android.
lansalot' s comment about a faked response would be rather nice addition as I can imagine many apps may well crash horribly if their expected permissions aren't available.
Just have to wait and see if any of my older devices will be offered 4.3 update.
Some good news. Will be trying this out when my Nexus 7 is updated and will be a deciding factor in which phone I get next... no 4.3, no sale.
I'm one of the few that actually reads the permissions. The last update for Real Racing 3 wanted user account permissions.. for a racing game? Needless to say it remains un-updated. When Facebook Home reared it's ill-fated head, the main FB app added a ridiculous number of permissions, and was promptly uninstalled completely, and I use the web page instead. The FB app has always been intrusive though, I had it on my old rooted phone, and had a permission blocker installed. Even after unticking the options to sync contacts and access location, the blocker showed repeated attempts by the app to access both functions, even when it wasn't being used and was sitting in the background.
Any app that crashes as a result of no access to location or network isn't worth keeping, as both those can be legitimately unavailable, either due to Airplane mode being on or no GPS chip in cheap tablets etc.
Will there be a way to report to the FBI all usa-crossing apps tha try to steal, access, or link to denied content?
Hell, if companies can report unauthorized access attempts, then so should users be able to. Clog up the FBI and force it to deal with these companies. If the FBI and Homeland Security lbosmcan be appropriated and made to look appropriate when DVDs start the feature film or other content, the users should be able to send warnings to dvelopers who atrempt unauthorized crawling, trawling, and hauling of user content.
This means nailing in the ass the likes of skype, facebook, kakao, and hundreds of thousands of others that wantonly steal data without clearly asking for case-by-cases access and permission. An off the cuff analogy I can think of would be the random legit door-to-door insurance sales rep stating to some unwittin home occupant "By even LISTENING to me, not just allowing me into your abode, you grant me worldwite, perpetual, non-revocable permission to ransack your home or mind for any data I can find, use it as I see fit-- to perform it, to share it with my tributary partners, tomredevelop it, to use it against you in any conceivable way throughout the universe, and even to SUE YOU if you try to compete with my employer or EVEN me with YOUR OWN content."
Well, at least that is what it seems is coming down the pike, if not already happening.
But it doesn't really do anything for the average person, who even if this capability was front and center wouldn't be able to make much use of it.
Wouldn't a better solution be for the Play store to insist on reasonable permission limits so some of the abuses talked about by other commenters (clock apps that want to access your contact list, Facebook being listed as a System Tool, etc.) could be stopped for EVERYONE, not just the technically knowledgeable.
To avoid the cries of "but that's too much like what Apple does in its app store" the apps could be made available in two versions, the direct from vendor version with their settings and the "Play store recommended" version that offers more security.
WTF are you talking about? First of all, any developers who leave Android because Google offers users an easy way to download apps preset to more secure settings are no big loss to Android. And they sure as hell won't go to Apple, and deal with their more difficult vetting and approval process, which wouldn't allow stupid stuff like a clock app that wants access to your contact list either!
While it is possible some of these developers taking more permissions than they need are a mistake (using a template from some other app they wrote, perhaps) in some cases it will be because they intend to misuse the permissions. A "free" app that can access your contact list may be making its money by selling your information. A "free" app that can send text messages or place calls can do even worse.
The 99% of honest, careful and security/privacy conscious developers would not mind at all if the Play store offered a version of their app with more secure settings - in fact, if they did their job right, there would be no alternate version because there would be no unnecessary permissions for their app in the first place.
I get to this discussion 50 comments in and there is NOT A SINGLE ONE noting that this so-called innovative control was pretty much there from day one in iOS. Yes, that maligned, not-free, and non - "do no evil" proprietary, locked down scandal to the free world (I'm sarcastically paraphrasing here) that got dissed by all the Android fanboys not only had (and still has) less problems with malware, it also had all this fancy, heralded-as-novelty privacy control framework from day one.
It's not perfect (it doesn't tell you upfront what it needs), but not only doesn't it force you to accept the whole invasive package at once or refuse to install an app, the install also then steps through all the required permissions individually. And get this - gasp - if you refuse some of them the App will *still* work for as far that is possible without the resource you barred. You can tell TomTom to keeps its fingers off your contacts (but denying it access to location data is, well, duh, of course).
Would it shock you if I tell you can even change your mind afterwards? I mean, I know it may come as a shock, but hey, you can change your mind! Wow, I mean, just, like, WOW! Mind blowing!!
(I use both platforms, but I figured I'd see just how many downvotes I could get by throwing a reality brick into all this adulation)
Seriously folks, let's not get tied up with the details. This is a BIG WIN. Pretty much any serious user wants this. I'm particularly annoyed with games that send you alerts reminding you to play them. And I'm sure as soon as I have this, I will prohibit nearly every app from running in the background. Android apps are required to know how to save their state when the kernel tells them to go away, so why keep them running? Only things like email sync should be permitted to background, and now we have *absolutely* that functionality.
Forget the Facebook app. Facebook turns people into idiots and you shouldn't be running that app anyway.
App descriptions frequently lack the useful information needed to make an informed choice. I've observed it with both the Google play store and Microsoft store for windows phone.
Eg a route app says it needs permission to read your contacts list. The app might want this so that it can email your location at intervals to a friend of your choice. Or it could want them to spam your friends about this app. but you cant tell from the meagre details given.
Biting the hand that feeds IT © 1998–2020