...and so it begins.
Don't be evil? yeah right.
Privacy campaign group the Electronic Frontier Foundation is more than a little miffed with Google – after the Chocolate Factory pulled an Android tool that lets users control the information apps can harvest. The software, dubbed App Ops, was bundled into Android 4.3 as a hidden application. For each installed program, it …
If anything, this action combined with the stupidities happening on Youtube caused me to pick out a Blackberry as my new phone yesterday when my old N97 died again and there's no point in repairing it anymore due to M$ burning the platform. (*1)
I trust neither Google nor M$ nor Apple. I used to trust Google more than the latter two, but I am now cynical and bitter.
(*1) Choice made primarily on which phones has a Qwerty keyboard, which left me between several Android-based phones and several Blackberry based phones.
Not enough apps is no longer a problem for me. I've grown old and have wisen up enough to use a proper toy (i.e. an iPad) for playing games and using only the phone for what it is- a communication tool.
Anyone who expresses any trust in any corporation or government probably deserves everything they get. Both should be approached with continual and complete distrust because they are there to make money, wield power.
Both will happily tread on our throats if it suits them and think it won't hurt their future prospects...
From this you can probably tell that I'm old and cynical :-|
"I trust them more than MS"
I don't. I trust greed. MS want my money - they're old fashioned and I like that. I give you money, you give me product. The only people who ever disliked the pay for X with money approach are those with less money. Google are all about the hidden intangibles. I don't like that. I can control money flow. It requires my consent. Personal information control is a constant war against Google. Seriously - try blocking google analytics at the router level - about half the Web will suddenly start timing out as it waits for a response before loading the page.
No-one should trust a company "just because". They're all about self-interest. MS's self-interest has historically been about money. I trust that. Tracking me everywhere I go and building a Stasi-like profile of my interests, habits and social connections, I do not. The former is a choice.
The EFF is complaining over something that wasn't officially supported, and could cause unknown problems with apps if you fiddle with what they have in the way of permissions.
This is right up there with all the stories of companies being butthurt about their products no longer working (hint: they didn't follow the published interface spec and design documentation) when the workarounds they were using went away. Apple did it, MS did it, Google did it. RTFM.
For Google to remove this is inexcusable. It provides a partial answer to the bloat of applications:
1) A web browser that now wants to access my camera (I have the camera app, Skype, and Google Hangouts for this) -- Chrome
2) A weather app that wants access to my camera so I can send snap of the weather along with current temperature, and a hardwired advert of the app -- Weather Pro
3) A wallpaper app that wants coarse location, and is not a removable app on my Nexus 7 2013 -- Android Live Wallpapers
4) read contacts -- Google Korean Keyboard and Google Pinyin keyboard -- both non-removable
I am sure there are a lot more examples even on my lightly loaded tablet, but it's hard to tell as the App Ops app doesn't see all the privileges that an app may have.
If it comes back it will be because of peer pressure.
Dianne Hackborn stated that it was never meant to exposed to users and is an internal testing tool.
While initially quite happy to talk to users about the removal, she has since stopped commenting - which is a shame, I suggest an interim solution might be to remove the switches but leave the data (eg this app has accessed the following data). The most obvious reason Google have removed this - is because users can turn off the internet permission on apps that only require the internet to display ads.
See more here: https://plus.google.com/u/0/+DannyHolyoake/posts/FkfBxA5i3iG
> 4.4.2 killed it.
> I want it back.
I'm posting from a position of ignorance with respect to Android development, although I am an Android user. This issue wouldn't arise if Android was properly Free Open Source Software, would it?
If this happened with a Linux or a BSD kernel, there would rapidly be a source patch set developed that we could use against the published source, to compile a kernel with the deleted functionality restored.
It seems to me that there should be an Android source branch with App Ops in it, and then there's 4.4.2 with App Ops removed. What stops people or organisations who care enough, forking or patching Android to replace App Ops? I'm asking, wanting to know.
Technically it is possible. However, Google have become pioneers in the field of subverting Open Source. Microsoft attempted to meet the OSS movement head on and at the time we (OSS zealots) were all ready to fight MS and we did. Google did something worse - they co-opted the movement. Here is an interesting read:
So why not have the permission for the internet connection disabled for apps that require it for adverts? I've not got ad supported apps for that reason, I don't like apps that have free rein to fetch whatever they want. I'd prefer google to make separate permission that is 'internet access to the ad network' as opposed to the whole internet (i.e. the app only has permission to access a single ip where the ads come from). Then that option could be un-blockable from app-ops.
Such apps have a choice: they either run without Internet access, or they don't. I rather expect the ad-supported apps that I have to work even when I don't have a 'net connection, e.g. if I've got mobile data turned off, or if I'm in an aeroplane, and that's usually what happens. Being able to deny net access with App Ops seems to me to be no different to an overall mobile data switch, in terms of its effect on advert serving.
I don't block ads, not deliberately. I do, however, turn of wifi when not at home and mobile data is turned on only when I want it. I chose a PAYG deal, and don't need various processes running in the background, checking for emails, updates etc. So, most apps must run without internet access.
Those type of apps aren't the problems, it's those that demand a whole host of permissions, none of which can be justified. The developers have three choices, remove those permissions and get installed, leave them and have them blocked by me, or, not get installed at all. AppOps allowed me to choose, so, now my choice is simple. I won't install.
Actually, what you describe is pretty what I do myself. One problem however in this context is those devs who refuse to do a paid version of their app with no more permissions than are necessary for the app to function. I have on several occasions had to reject an app because of this problem. One gets the impression that a fair number of devs are utterly uninterested unless they get to own your phone's arse.
"I don't really object to ads. I think most people don't really. It's the tracking we loathe and oppose."
Really, it's a little bit of column A, a little bit of column B. I don't mind unobtrusive ads, but there are some that I do mind, especially the great big flashing ads textually shouting "YOUR ANDROID MIGHT BE INFECTED!!", trying to get people to download junk apps that at best they don't need or at worst will actually install malware or adware on the phone.
I know to avoid these ads, but some older people I know get worried when they see them. It's the same problem as on Windows, really, not that I'd want to be locked into any one walled garden with no gate. I just uninstall anything that has ads like that and advise others to do the same.
After the permission manager went missing, I went through my installed apps and removed all the ones with sinister permissions. Air Droid, for example, wants access to SMS. Why? I can't think of a good reason, so it's back to moving files over a cable for me. Several wanted to read phone status and id. Those are mostly history as well.
Giving excessive permissions to apps isn't just about paying for "free" apps by looking at ads, it's about paying by handing over personal information. Many people won't realise what they are paying. If they did, they might decide the price is too high.
If someone wants to keep track of my location and sell that information to an advertising network, they're going to have to give me something a lot more valuable than a crappy little app. A house might cover it, but it'd have to be a nice house by the sea.
Well Air Droid claims it can send and receive SMS from the web browser so that will be the reason it needs SMS access.
This is where more granular permissions are a benefit.
e.g. Air Droid NEEDS permissions X, Y and Z to function - if you don't like that tough you can't use Airdroid. It would also like "SMS Send/Receive permissions to allow you to send and receive SMSes from your browser" - I don't want to allow that - okay I'll hide that function in the app for you!
Apps requiring internet access for adverts only could be mitigated so some degree by adding a sandboxed framework - i.e. the advertising providers plugin app gets the internet and location (Which I can switch between "country", "course", "gps") and the actual app itself gets the basic permissions needed.
funny how everything goes through cycles. the Blackberries were/are being vilified for not having enough apps, where the argument was 'but the website offers the same or better functionality'. No, everything had to be apps.
so now that everything is apps, the complaints are that the apps have too much access to what's happening on your phone.
mind you, am not trying to sound snarky. I think it's just funny, in a sad kind of way.
OK, serious question: How in the Hundred and Seventeen Hells did you manage to use AirDroid without noticing its SMS functionality? I mean it's right there when you login in your browser.
Genuinely baffled by that comment. Even if you somehow thought file transfer was all it did, you must have some wicked tunnel vision.
I hope there will be a lot more competition in the handheld space that can make Google rethink a couple things. Excessive apps-permissions are simply unacceptable. Scare-ads ("your phone is infected by a virus" - type) should be stopped, and every app in the store must be checked properly for malware. Tech-media should act responsibly and really hammer these very basic issues which are essential for both security and privacy. Maybe recommendations for users to consider other alternatives could make Google rethink their actions.
Just noticed that maps and hangouts now require access to control WiFi, BT and NFC. That's simply outrageous. I need to be able to trust that any RF-transmitter I have turned off remains off for as long as I want. I seriously need to investigate other alternatives. And no, iOS and WP won't do either.
The ones that creep me out are applications that want (among others) (i) permission to take pictures and (ii) full access to the network. What could possibly go wrong, eh? I've been declining updates to several apps for a while now, particularly in order to avoid that combination.
What about if lets you take pictures to integrate with the program?
It's been something I've been thinking about. Perhaps in future, Google should demand that app makers provide not just an access list but also an EXPLANATION for each and every permission. For example, if an app needs to take a picture, there must be an explanation (written by the developer) such as "We use the camera so you can take pictures for your avatar." (for some communication program) or "We take pictures to process in the cloud for product recognition." (for something like Goggles).
"It's been something I've been thinking about. Perhaps in future..."
That's OK, to a point.
In the UK and the EU in general, there are laws and guidelines that all data processors are supposed to adhere to i.e the Data Protection Act. This act equally applies to mobile developers in the UK who control data (other EU countries have their equivalent). What dismays me, as an occasional mobile app developer, is that many mobile developers in the UK seem to think that they are in some way excluded from their duties under the Act.
So, whilst your suggestion is reasonable, there are other more fundamental requirements placed on developers/data controllers. If developers/data controllers choose to ignore their legal obligations then send them to the bloody wall. There's simply no excuse for the often outrageous permissions.
The ICO has been running developer outreach for nigh on a year. I for one, as an occasional app developer, think it's about time the ICO grew a pair and started using their teeth. After all, ignorance is no defence under the law.
Also, as some (including the ICO's senior tech and policy bods) point out, it pays to remember that permissions != privacy and also that permissions != data security.
"And no, iOS and WP won't do either."
Very true. I see I will be using my old Nokia E7 with Symbian Belle II as long as it will last and then it's back to old, trusty Nokia 3110: Not a single smart thing on that, it just works.
Unless Jolla boots up but anyway: It's touch only and no qwerty available. At least for now.
Last I checked, Airplane mode is a separate setting that overrules all the data settings (WiFi, Mobile Data, Bluetooth, etc.), like an outer lid covering the multiple inner lids. An app cannot turn WiFi on while in Airplane Mode. Now I know some apps are capable of switching Airplane Mode on and off, but I have to recall whether or not they can only do it under root permissions, because I don't recall Airplane Mode being a listed app permission.
I thought apps couldn't access any data pipes unless you had them (the radios) turned on. Certainly I've never seen my *G or wifi indicators light up when they're turned off, though I know there are apps running that would use the net if they could. What gives? I presume they'd not be allowed to hide the activity... am I naiive?
I am not an Android developer and I am hereby claiming ignorance regarding the implemented mechanisms. I am an Android user, however, and the whole permission handling model has always seemed fundamentally broken to me.
From my - user's - prospective permissions should be system-wide, with configurable per app exceptions. If I do not want the device to access my location info or text behind my back or do something equally nasty, I should be able to configure the *system* accordingly. If an installed app tries to do something the system does not allow, an exception should be raised. The user should be given a choice of allowing or disallowing the app to do the dirty thing (per app, ideally also once or forever), or to pass the exception to the app which then can catch and handle it in some intelligent way, e.g., "Dear User, this free version of the app is ad-supported, therefore it needs full network access. Please enable the capability, or consider buying an ad-free version for only $4.99." Or, "Dear User, without access to location services the functionality of the application will be limited in the following aspects: ...".
The current model where the app declares what it needs, in a take it or leave it manner, and apparently is free to lie (my impression at the moment is that the only recourse to actually enforce a restriction is to cancel the install - or uninstall if you manage to catch the app red-handed) looks completely backwards to me.
It may or may not be intentional, usually I don't attribute to malice what can be adequately explained by stupidity. It is, IMHO, more plausible that it's just an utter FAIL on the part of Google's Product department rather than a pre-calculated evil-genius conspiracy of the do-no-evil company
A mobile phone OS that includes capability enforcement will get my serious attention, and I won't care if there are 500 million apps for it.
"The current model where the app declares what it needs, in a take it or leave it manner, and apparently is free to lie (my impression at the moment is that the only recourse to actually enforce a restriction is to cancel the install - or uninstall if you manage to catch the app red-handed) looks completely backwards to me."
The problem was that the model was demanded by the developers. Basically, it was either Google conceding to them or they would never have strayed from Apple's system, crippling Android in a vulnerable moment. And even now, they can't change it too radically for fear of devs walking away. And it's the devs that help make the real money for Google by making people use Android phones.
It is a nice feature, however it came to be included, but I can see how its functionality means it cannot be Foolproof and having dabbled in Customer Service myself I can understand what happens when you cannot Foolproof such features. So whatever else they were thinking there are valid reasons to pull the feature.
So hide it behind an Expert toggle. There's a develop options menu that's normally hidden, but if you know the access key (tap the Build in About Phone a bunch of times), you can get access to them. Similarly, keep expert options covered unless a specific setting is turned on (with appropriate warnings given like for External Apps permission).
But you do. Controlling the acts that give your privacy away is HARD...because SO MANY things give hints as to your identity. It's like the skill needed to do some actual work on your car like changing the oil or swapping wheels: many people don't care about it and let the experts do it, but if you want to do it yourself, it's considered wise to read the manual first lest you break something.
As it was a hidden option, inaccessible from the normal menus, and you had to download the AppOpps starter app in order to be able to use it, there was no reason to pull it. Only those of us who cared and understood enough to go find the app, install it and use it are affected by this. Ordinary users aren't and it;s those who would be the ones calling up complaining if they made a mess of things. I understand the implications, know how to go back and turn things back on again. Let me decide what apps can do to my data, not anyone else.
Because of this palaver, I saw a comment mentioning XPrivacy.
It's an Xposed module that basically does more than the Google one could. It's a bit more complex to get to grips with, granted, but it works.
Thanks for that - XPrivacy is exactly what I came into these comments looking for. Little bit of to-ing and fro-ing to get it installed, but seems to work well, and offers granular control over many areas one might wish to restrict.
The previous app mentioned (LBE Pivacy) hasn't been updated in over a year, and has crash reports for Jelly Bean devices (endless boot loop).
Yeah, I was using LBE Privacy for a long time but it was getting ridiculously bloated plus it's closed source Chinese so I had my doubts about it. Xprivacy doesn't have all the capabilities and is a bit trickier to use initially (I was getting a lot of apps crashing until I figured it out) but it's very light and works very well in conjuction with an adblocker and a firewall (to stop access for those apps that crash when Xprivacy turns off internet).
So many small things google have done in the last year or so have made me go from an enthusiastic user of them to actively trying to move away from their stuff. They might not have turned "evil" but they are starting to appear that way to me, and getting worse by the day. More and more I dislike them as a company. I've moved to firefox as I no longer have a great deal of trust in chrome, I host my own email as I no longer trust gmail. Now I just need an alternative to my google phone when its time to renew in a few months. amazingly a windows phone looks like the best choice for least evil comapny right now... I wish there were more choices.
Or you can root your device and sort the mess out yourself.
Running Android 4.3.1 (KatKiss 028 ROM) with Apps Advanced Permissons control, Adblocker to sort out those pesky ad-funded apps and Droidwall to sort any app that thinks it knows better than myself who gets to access the net from my tablet.
Biting the hand that feeds IT © 1998–2020