I heard the Android team is very sensitive about how the security model/permissions are presented to the user. I think one very important part is that the user should not constantly be bothered with permission requests by apps. The result would be that users get tired, much like they got tired with the Vista UAC, and just always grant everything and stop worrying about permissions.
I don't think changing pre-install granting to ad-hoc granting would be an option, and that's what this would lead to, as apps *will* ask users for more permissions in one way or an other. It would make users annoyed, lead to "dialog blindness" and make them security agnostic. The pre-install granting bothers the user at a very specific point, with an "official" UI and only once per app. If a permission is optional for the operation of a certain application, then one could maybe split it into smaller components. Christoph 2009/2/10 Sam Hiatt <[email protected]>: > > Cedric and Craig - I'm right with you on this. I think your proposed > solution would make a big difference. I've been wondering about this > issue ever since a program I was trying out for the first time > surprised me and uploaded my GPS location to a public map without > asking me. > > I tried to initiate a discussion about this a while back but got > frustrated when my comments were not well received and it seemed none > of the platform developers were willing to discuss a solution. > > If there is ongoing work to implement something like this then I'd > like to know about it. If there are key issues impeding such a > necessary solution, then I'd like to know about it as well so we can > help fix them. If people don't agree it's a good idea, we should talk > about it in order to come up with an ideal solution. > > The lack of such control makes it difficult for me to trust many of > the apps in the market. That's bad for Android. > > So let's hear some discussion. > > Sam > > > > On Feb 10, 12:53 am, Cédric Berger <[email protected]> wrote: >> On Tue, Feb 10, 2009 at 06:32, plusminus <[email protected]> wrote: >> >> > If you have 5 permissions and the user can toggle each of them you >> > might have to handle 2^5 cases in your code =/ (worst case) >> >> Not necessarily. First, of course this is a worst case, often you can >> deal with each permission individually. >> >> But anyway I also wish I could deny some permissions to a program even >> if this program does not handle this well. >> >> - by denying a permission it requests, when installing, I know I can >> break normal functionning >> - it covers the case a permission is asked but not used (because >> programmer did not care enough...), or used in parts of the program I >> never use. >> - at worst the program will crash. Ideally at least correct warning >> should occur when trying to access resource under denied permission. >> - denying internet access to an application should (ideally) not be >> worse that allowing it but not having internet connectivity. > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
