> I tried to initiate a discussion about this a while back but got > frustrated when my comments were not well received and it seemed none > of the platform developers were willing to discuss a solution.
Keep going :) It's not that they are unwilling, it's just that this type of security system is quite new, and nobody really knows what will work well. There's plenty of scope for reasonable people to disagree here. > If there is ongoing work to implement something like this then I'd > like to know about it. The main problem I see with optional enabling/disabling of permissions is that it'd be backwards-incompatible, that is, apps are designed on the assumption that if they ask for a permission at install time, they get it, and if you then throw an exception when they try to use that permission today apps will just crash. So apps would have to be marked as opting-in to this scheme, and the developer would have to choose which permissions could be selectively denied. This might still be worth doing. But we should recognize that this kind of fine grained control is sort of a power user feature, and isn't going to help a lot of people who will just click "install", get screwed and then be pissed off when people say, well gosh, why didn't you think to disable that permission you silly person! So if there are better solutions we should persue them first. For instance, providing an explanation for why a permission is required would solve a lot of problems here. Another one is to actually eliminate the need for some permissions entirely through smarter sandboxing. Is it really helpful to have a "allow internet access" permission for instance? What harm can this do? The main problem is that an app may burn through a ton of airtime quota without the user realizing it, so if that's the problem we want to solve, then this permission should really be more sophisticated - rephrased in terms of quota usage perhaps, with most apps usage falling below the line where a permission request is necessary. Then the majority of apps would not need to request internet access, except for some (like net radio streamers? video downloaders?) that would still need to prompt lest they get throttled. "Prevent phone from sleeping" could be rephrased as a quota permission in the same way. The nice thing about this approach is that it's backwards compatible and takes no real effort from developers. They can (in the majority case) just remove the permission request entirely from their manifest. The final problem is where apps have surprising behavior, like uploading your GPS location to a public website. In this case I think a better ratings/reviews system would be a better solution than trying to make the permissions system more complicated, given that people generally understand their own language better than convoluted security systems. In this case, rather than try and create a system that would stop an app uploading your position to the web (which is impossible anyway), just give that app a negative review and say why. The fact that the current markets review system isn't that great is just something that Google should fix :) --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
