On Aug 29, 9:11 pm, Dianne Hackborn <[email protected]> wrote: > This is a flaw in their design (and in the design of current ad servers as > well). By having you link their code into your app, you are required to > take responsibility for their permissions. Yet it is their code, you don't > have control over it, so why should you?
I agree in this case. But what about AdMob? Shouldn't Google do it better? However, there's another pitfall: What if AdMob/Bumb/whatever isn't installed? Some might say "no matter, I can do without", but others certainly don't want to do without the ad income, or some external "library" is vital to functionality... Btw, AdMob is a good example for optional permissions itself. The AdMob library makes usage of ACCESS_FINE_LOCATION optional for local ads. Now, as a separate .apk, this would be mandatory, and I for one wouldn't install it (like all those apps that require it). Every ad supported app would drain my battery (GPS), not to mention privacy concerns. I also agree with niko20. I've got a simple music player that requires "Identify call state..." to pause during a call and "internet" for ads. I regulary get queries as to why my app wants to send identified callers to some hideous server, and I don't know how many just don't install it without comment. While the "internet" permissin in my case could be removed if there'd be a separate AdMob app, there are other players that need it for other ends, like downloading covers, streaming, etc. Also, in my experience, there are three kinds of users: 1. Permissions are technical stuff they don't understand and care about, so they just ignore it. 2. Paranoids who wouldn't install a contact manager that requires reading of their contacts. 3. Those who actually try to make sense of the required permissions. But even they can't tell whether an app really needs those permissions or will misuse them. My music player actually *could* collect the phone numbers and send them to any server... So the current permission system would only "help" the first two kinds of users (type 1 aren't disturbed by them, type 2 can panic of "will read my contact data"), while sensible people often are just confused. Is Evernote "potentially evil" because it wants access to my contacts and internet, or isn't it? I can't check why it wants those permissions without installing and testing it. By then, the harm could be done. A solution like Mart Murphy proposed sure would help in some cases. It's like "if you allow me to do this, I can do that". But also a simple explanation option in the Market would help: Look, dear user, I need call state to pause during calls, and internet for ads. In the end, it's all about transparency why the app wants which permission. Of course, one could still misuse granted permissions, but there's not much that could be done about that, except for checking the code of every uploaded app... -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
