On 8/3/2012 10:16 AM, Nathan wrote:
I simply don't trust apps that require permissions for which I can
>> not see the purpose. > > This belief of yours *is* enshrined in the apprivacy app. Trouble is, > you think that any permissions for which *you* do not see the purpose > should be considered dangerous to all users of your app. You also > think that any permission that any one user doesn't see the reason > for should be flagged as dangerous for all users of your app.
This is a key point, and is the one that plays out over and over with users and the READ_PHONE_STATE or LOG permissions.
Those 1-star reviews stem not from a reasoned analysis based on experience writing the type of app in question, but are instead based on a bunch of half-informed assumptions by users and developers of "apps that criticize other apps," as Nathan says. It's not that the permissions are necessarily there for nefarious reasons, it's a simple lack of experience, knowledge, or imagination on the part of the users or the "privacy" app writers. Sorry, but it's true.
So developers of other apps who are required by the nature of the apps to ask for those permissions are going to be hostile to anyone who publishes an app that calls theirs "dangerous."
A hostile app can take the permission to listen to the acceleration sensor and use that to steal their passwords [1], after all. Are you going to therefore mark all games that use the acceleration sensor as dangerous, just because they MIGHT do that?
A camera app that NEEDS the camera to to anything will need camera permission. Will you mark it as hostile because it can also turn the camera on an spy on you?
An app that allows you to play a game with your friends will work best for users if it has access to your contact list. Will you therefore mark it as dangerous, even if it has a privacy policy of never contacting anyone without your consent?
Even better, an EMAIL program will require access to your contact lists. Is that therefore necessarily dangerous?
And anything that's ad supported needs READ_PHONE_STATE. At present there's no way around it that I'm aware of. Freemium games are THE top earners on phones now. Developers are expected to turn aside from that business model and turn off the permission so that it won't bother the 1% of users who care?
With your (OP's, not Nathan's) app, so many other apps would be marked as dangerous that people will either never install anything (meaning they get very little from their Android device other than what Google ships -- and you even say that you won't install Google apps have more permissions?! Who do you think writes all the OTHER software on the phone?) or they'll start to ignore your app's recommendations. It's a lose-lose situation. I'd say you'd be best off finding another niche.
Tim [1] http://www.cse.psu.edu/~szhu/papers/taplogger.pdf -- You received this message because you are subscribed to the Google Groups "Android Discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-discuss?hl=en.
