Let me try this from an end-user perspective. Obviously, the whole permission feature was designed by a developer and, IMO, it's not a very good system in a usuability sense.
As an end user, I only care one and ONLY one permission: INTERNET. I only look for that one permission and the rest is just noise and might as well not even be shown. Why? Because I know as long as the app has no way of getting my personal info off my phone, I am good, as far as I am concerned, the app can read all my passwords and credit card info it wants, if it cannot do much with it anyhow. That said, the way the Internet permission is implemented is poor and doesn't really tell you anything useful on which I can make my decision on. Currently, if I see "Internet" and need to scan the other permissions as to what else the app can do and send out to whomever. What I would like to see is the Internet permission broken up into: - Full unrestrictued internet access: This is fine for a replacement browser, but if anything else requests it, I probably wouldn't install that app. - Local network access only (for printing or network management apps.) - An spelt out protocol/domain list that the app declares it wants to have access to and nothing else be allowed. This should be the most appropriate for the majority of the apps. On Aug 28, 1:46 am, Dianne Hackborn <[email protected]> wrote: > Well, we disagree. > > > > > > On Fri, Aug 27, 2010 at 10:27 PM, Brad Gies <[email protected]> wrote: > > > I would argue the opposite :) > > > One of the handiest features of Windows Firewall is that you have the > > option of "Displaying a notification" when it blocks a program, and when the > > dialog shows up, you have the option of granting that program access, and > > then it never bothers you again. > > > I do agree that the way it was done in Vista was absolutely horrible... but > > a one time "Let this program do this" works VERY WELL, and I think it gets > > around all the problems you mentioned. > > > In my opinion, the lack of this is the single most obvious failing in > > Android. > > > Brad. > > > On 27/08/2010 5:36 PM, Dianne Hackborn wrote: > > >> I think there is enough evidence that asking permission at time of need > >> doesn't generally work -- see the MIDP experience, Windows Vista/7 > >> security, > >> etc. There is a fundamental problem that at the point you ask the > >> permission, the user is wanting to accomplish some task at hand, and all > >> you > >> are doing is bugging them. > > >> And it gets much worse when you consider applications being able to run in > >> the background. Do permission requests pop up on users from the > >> background? > >> Does a notification get posted that they respond (or not respond) to at > >> their leisure? > > >> If you have a wall of permissions, the first thing I would suggest is > >> looking at those and seeing if you can trim it down. In fact, doing things > >> that make it easier for apps to make use of lots of permissions are to me > >> counter-productive -- it is a good thing to make lots of permission use a > >> harder road. > > >> I just had a look through the apps installed on my phone, and the *vast* > >> majority of them only require a couple permissions. So someone who is > >> using > >> a large number of permissions is going to stand out from what user's > >> normally see, as well they should. > > >> From the platform side, we also need to avoid making it easy to have lots > >> of permissions. We need to be continuing to design the platform to reduce > >> the permissions that apps need. For example, the window flag to keep the > >> screen on avoids the need of the power manager permission for most > >> applications; we should beef up our intent interactions with the contacts > >> app so applications can work with the user to select and modify > >> applications > >> through that without using permissions; etc. > > >> Sincerely, > > > Brad Gies > > ----------------------------------------------------------------------- > > Bistro Bot - Bistro Blurb > >http://bgies.com > >http://bistroblurb.com > >http://ihottonight.com > >http://forcethetruth.com > > ----------------------------------------------------------------------- > > > Everything in moderation, including abstinence > > > Never doubt that a small group of thoughtful, committed people can > > change the world. Indeed. It is the only thing that ever has - Margaret > > Mead > > > -- > > You received this message because you are subscribed to the Google > > Groups "Android Developers" group. > > To post to this group, send email to [email protected] > > To unsubscribe from this group, send email to > > [email protected]<android-developers%2bunsubs[email protected]> > > For more options, visit this group at > >http://groups.google.com/group/android-developers?hl=en > > -- > Dianne Hackborn > Android framework engineer > [email protected] > > Note: please don't send private questions to me, as I don't have time to > provide private support, and so won't reply to such e-mails. All such > questions should be posted on public forums, where I and others can see and > answer them.- Hide quoted text - > > - Show quoted text - -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
