On Fri, Oct 1, 2010 at 2:39 PM, Chris Palmer <[email protected]> wrote:
> On Fri, Oct 1, 2010 at 6:05 AM, Disconnect <[email protected]> > wrote: > > > The only difference between this and the > > microsoft attempt is that android doesn't pop it up as often, and doesn't > > allow you to say no. (That, personally, is still where I think it is > > Microsoft Windows Vista/7 UAC Prompt: > > * tells you the name of the app that will run > * the app will run as Administrator (total power) > * pops up all the time; usually but not always when it makes sense/is > expected > > I'm thinking of the older versions (and the antique 3rd party ones, blackice and the other one who's name escapes me). In any case, more useful popups such as "This app is trying to start a server" and "This app is attempting to contact the internet: host, port." Android Install-time Permission Declaration Prompt: > > * tells you the name of the app and all the powers it wants > * the app will run as a distinct non-root UID and have no special > powers other than those declared > * pops up once, so you only have to make the decision once > > "All the powers" including misleading things like "PHONE_STATE" and unnecessary things like "vibrate".. Runs as a distinct ID, great, but that goes out the window with sd support and shared UIDs. (There was a discussion earlier about how a developer could issue several innocuous apps that shared uid - without notifying the user - and use those combined permissions to do evil.) I think those are pretty significant differences. > > From a usability perspective, one of the key things wrong with > so-called "dialog" boxes is that they interrupt the user's workflow. > If the task is to send an email, a "dialog" box asking you about HTML > vs. plaintext formatting is an interruption: The user thought they > clicked "Send", but instead they got asked about data formats. UAC is > not completely in this bad place, but it kind of is. > > I think Android's permission screen is a bit better: It's asking users > a material question about the task at hand, and it only occurs during > that task. "Here is some relevant information about the app you want > to install. Still cool?" > Except the workflow is identical to what you objected to - "I clicked install and instead got asked about permissions."... We've kinda gotten away from the original point; I started a new thread about this. Suffice it to say that I agree to a point - a user that doesn't want them should never see interrupting popups. "Accept and remember" should be the default, the complexities of temporary perms, etc should be hidden away behind 'advanced' buttons, etc. > lacking. There is no way for a user - power user or grandmother - to say > > "this app should not be able to wake up in the middle of the night and > get > > my gps location".) > > Settings > Location & security > Use GPS satellites > Settings > Location & security > Use wireless networks > > Except you missed the "this app" part. Maybe I want locale to know I'm home and act accordingly, but I don't want JoesSpyGameWallpaper to send my phone # and exact gps address to the FBI. Or simply "This app shouldn't wake up in the middle of the night." "This app shouldn't wake up when I'm not using it and send my phone number somewhere." "This app shouldn't rummage through my sd card while I sleep." .. > Uncheck those before you go to sleep. > > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]<android-security-discuss%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
