Re: [android-developers] Reducing Permissions
On Mon, Aug 30, 2010 at 1:37 PM, Brad Gies rbg...@gmail.com wrote: I've been following the Is there a way to request permissions from a user as you need them? thread with a lot of interest, but even if someone is convinced to make the Android permissions system better, it doesn't do anything for right now. So, I thought I'd start a thread for coming up with alternative ways to reduce the permissions your app needs. My app absolutely needs internet access (it's useless without it), and it uses Google Maps extensively (it's the main activity), so I have the following : uses-permission android:name=android.permission.ACCESS_NETWORK_STATE/uses-permission uses-permission android:name=android.permission.ACCESS_COARSE_LOCATION/uses-permission uses-permission android:name=android.permission.ACCESS_FINE_LOCATION/uses-permission uses-permission android:name=android.permission.INTERNET/uses-permission I want to be able to know if I have a network connection, hence the ACCESS_NETWORK_STATE. I also try to use GPS hence the ACCESS_FINE_LOCATION, and if GPS is not available I try to find the user's location using something else hence ACCESS_COARSE_LOCATION and of couse the INTERNET permission. I also use the My Location' feature of Google Maps. So... the question is : Is there a robust way to use Google Maps, and be able to send requests to my server without all those permissions (in a user friendly way) ? If you use maps with locations extensively, then internet and location permissions are *fundamental* to your app and I would argue that it would be entirely wrong for these to not be presented to the user when it is installed. Why are you thinking these should not be presented? From what you say, it sounds like this is what your app does. It doesn't seem to me that you should need a permission just to find out if there is a network connection. To be honestly, I am not that familiar with the networking parts of the system, so I don't know for sure how to address this... though from glancing at the API, it seems like the ConnectivityManager.CONNECTIVITY_ACTION broadcast is a sticky broadcast so you can retrieve the last broadcast state without any permission? Also this permission is a normal permission, not dangerous, so it won't be shown to the user unless they explicitly want to see it. I'm also experimenting with C2DM, so I have the following: permission android:name=com.bgies.hottonight.permission.C2D_MESSAGE android:protectionLevel=signature / uses-permission android:name=com.bgies.hottonight.permission.C2D_MESSAGE / uses-permission android:name=com.google.android.c2dm.permission.RECEIVE / uses-permission android:name=android.permission.READ_SYNC_SETTINGS/uses-permission If I want to use C2DM, it seems I am stuck with those... Anybody know signature-only permissions are never shown to the user, so they are not of concern here. (And also since you are declaring the permission, if it was shown to the user, you could have it say whatever you wanted... such as makes app work better than competitor X. Though actually, since the platform doesn't know about the perm until the app is installed, it just won't be displayed anyway.) The C2DM receiver permission... makes me unhappy. First because the permission text that gets displayed is utterly ridiculous. Second because I really question the value of this permission at all. At the very least, for the next release I hope to make this a normal permission so it isn't shown to the user unless they explicitly display it. I also really want to reword the text to make it less crazy. And as far as READ_SYNC_SETTINGS... why do you need that? I don't see it mentioned anywhere in the C2DM documentation. (Though this also is not an area I am super knowledgeable about.) Now... I also want to use the camera (optional) and vibrate (optional but most users will want it) so I have to add : uses-permission android:name=android.permission.CAMERA / uses-permission android:name=android.permission.VIBRATE / Here again, vibrate is a normal permission, so it will not be seen unless the user wants to dig into it. (And seriously, makes your phone vibrate. I think the vast majority of users, if they *do* explicitly go to see it, will have no trouble figuring out that they are okay with it.) As for the camera permission, the only option I can offer is if you just need them to take a picture then you can start the intent to have the camera app take a picture and return it to you. However if you need to drive the camera yourself, you'll need to take the permission. Total 10 lines of permissions in the manifest AND this is AFTER removing 4 other permissions that a small percentage of users would have found very handy, AND not adding a few other features because of the permissions bloat they would have added CALL_PHONE READ_CONTACTS GET_ACCOUNTS SEND_SMS So... given all of this, is there a way to reduce
Re: [android-developers] Reducing Permissions
On 1.09.2010 11:36, Dianne Hackborn wrote: On Mon, Aug 30, 2010 at 1:37 PM, Brad Gies rbg...@gmail.com mailto:rbg...@gmail.com wrote: Now... I also want to use the camera (optional) and vibrate (optional but most users will want it) so I have to add : uses-permission android:name=android.permission.CAMERA / uses-permission android:name=android.permission.VIBRATE / Here again, vibrate is a normal permission, so it will not be seen unless the user wants to dig into it. (And seriously, makes your phone vibrate. I think the vast majority of users, if they *do* explicitly go to see it, will have no trouble figuring out that they are okay with it.) What's the point of the VIBRATE permission anyway? I can't imagine a case where the user decides to not install some application because it has the VIBRATE permission - so why is there a requirement for apps to declare this permission? -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Reducing Permissions
Actually, you are correct. Many of the permissions don't show to the user. It's been awhile since I installed the app from the internet, but I do have it installed as a draft in the market, so I was using the market stats (silly me... ). This apk requests 13 permissions that users will be warned about android.permission.ACCESS_COARSE_LOCATION android.permission.ACCESS_FINE_LOCATION android.permission.INTERNET android.permission.CAMERA android.permission.READ_CONTACTS android.permission.VIBRATE android.permission.CALL_PHONE android.permission.VIBRATE android.permission.ACCESS_NETWORK_STATE com.bgies.hottonight.permission.C2D_MESSAGE com.google.android.c2dm.permission.RECEIVE android.permission.READ_SYNC_SETTINGS android.permission.GET_ACCOUNTS So... obviously, we should be asking the market to be updated to show what the user will actually be asked for... (I know... but I can dream). The permissions shown to the user are (the version I have compiled with a production key didn't have the C2DM stuff in it, so I'll have to recompile it and see what C2DM does show to the user). Network Communications Your Location Phone Calls (won't show anymore because I've removed it in the latest version) Services that cost you money (also shouldn't show anymore because I call the SMS with an intent now) Storage (I'm going to see if I can get rid of that today) Your personal information (that should also be dropped with the latest version, but it does remove a very handy feature) Hardware Controls That is not as bad as I was thinking because I will be able to get rid of 3 of those, but at the expense of either removing features, or making them less seamless. For instance, both the phone calls and SMS will now use an intent which means that it's an extra screen and button click for the user, which for me makes it look clunky (hopefully the average user won't notice too much). I still want an ask the user optional permission for the read contacts because even though my app will drop using them for now, it would be a very handy feature for them. Just so you know, my app is about connecting with friends, and being able to access their friends email addresses one time would save the users a lot of typing and setup later. But, it's just not worth it to have to declare it in my app as if I will be ALWAYS accessing them, and THAT does remove a very handy feature, that I would keep if I could just ask the user the one or two times they would actually use it. It's actually a HUGE issue for me because not keeping it means that many users may not find my app all that useful because they won't get it setup to find their friends easily, while keeping it means that many users will never install it. Damned if I do... Damned if I don't... and right now there is no good answer. Sincerely, Brad Gies --- Bistro Bot - Bistro Blurb http://bgies.com http://bistroblurb.com http://ihottonight.com http://forcethetruth.com --- Everything in moderation, including abstinence Never doubt that a small group of thoughtful, committed people can change the world. Indeed. It is the only thing that ever has - Margaret Mead -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Reducing Permissions
On Wed, Sep 1, 2010 at 10:18 AM, Brad Gies rbg...@gmail.com wrote: I still want an ask the user optional permission for the read contacts because even though my app will drop using them for now, it would be a very handy feature for them. Just so you know, my app is about connecting with friends, and being able to access their friends email addresses one time would save the users a lot of typing and setup later. But, it's just not worth it to have to declare it in my app as if I will be ALWAYS accessing them, and THAT does remove a very handy feature, that I would keep if I could just ask the user the one or two times they would actually use it. It's actually a HUGE issue for me because not keeping it means that many users may not find my app all that useful because they won't get it setup to find their friends easily, while keeping it means that many users will never install it. Damned if I do... Damned if I don't... and right now there is no good answer. What if you could launch a contact picker for the user to select an e-mail address that is returned to you? We need to build out the contacts interaction so that it has richer interactions to provide UI for other apps without them needing contacts permission themselves. (And to also use FLAG_GRANT_URI_*_PERMISSION to return permission to access a contact entry that is selected.) But even before that, someone could write their own app that provides something like this facility, without using FLAG_GRANT_URI_*_PERMISSION, to anyone who wants to use it. -- Dianne Hackborn Android framework engineer hack...@android.com Note: please don't send private questions to me, as I don't have time to provide private support, and so won't reply to such e-mails. All such questions should be posted on public forums, where I and others can see and answer them. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Reducing Permissions
Yes, a contact picker would be great, and would work for me ;), especially if it had the ability to return multiple selections. I would actually like that better than accessing them myself, if it was a standard part of the framework, because then users would be familiar with it, and I wouldn't have to support it.. or them using it ;). I'm fairly sure it would solve many other developers issues also. Sincerely, Brad Gies --- Bistro Bot - Bistro Blurb http://bgies.com http://bistroblurb.com http://ihottonight.com http://forcethetruth.com --- Everything in moderation, including abstinence Never doubt that a small group of thoughtful, committed people can change the world. Indeed. It is the only thing that ever has - Margaret Mead On 01/09/2010 2:06 PM, Dianne Hackborn wrote: On Wed, Sep 1, 2010 at 10:18 AM, Brad Gies rbg...@gmail.com mailto:rbg...@gmail.com wrote: I still want an ask the user optional permission for the read contacts because even though my app will drop using them for now, it would be a very handy feature for them. Just so you know, my app is about connecting with friends, and being able to access their friends email addresses one time would save the users a lot of typing and setup later. But, it's just not worth it to have to declare it in my app as if I will be ALWAYS accessing them, and THAT does remove a very handy feature, that I would keep if I could just ask the user the one or two times they would actually use it. It's actually a HUGE issue for me because not keeping it means that many users may not find my app all that useful because they won't get it setup to find their friends easily, while keeping it means that many users will never install it. Damned if I do... Damned if I don't... and right now there is no good answer. What if you could launch a contact picker for the user to select an e-mail address that is returned to you? We need to build out the contacts interaction so that it has richer interactions to provide UI for other apps without them needing contacts permission themselves. (And to also use FLAG_GRANT_URI_*_PERMISSION to return permission to access a contact entry that is selected.) But even before that, someone could write their own app that provides something like this facility, without using FLAG_GRANT_URI_*_PERMISSION, to anyone who wants to use it. -- Dianne Hackborn Android framework engineer hack...@android.com mailto:hack...@android.com Note: please don't send private questions to me, as I don't have time to provide private support, and so won't reply to such e-mails. All such questions should be posted on public forums, where I and others can see and answer them. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Reducing Permissions
You're not going to like this, but since no one else is chiming in ... =) On Mon, Aug 30, 2010 at 3:37 PM, Brad Gies rbg...@gmail.com wrote: So... the question is : Is there a robust way to use Google Maps, and be able to send requests to my server without all those permissions (in a user friendly way) ? Given the current system? Doesn't seem like it. So... given all of this, is there a way to reduce the permissions I need any more than I already have? Stop using the functions that require those permissions. AND why do I need a total of 8 permissions just to ask my server for the data they want, and try to keep them current using C2DM? Because that's the way it's currently set up. Surely those permissions could be reduced somehow. Surely, but it is what it is. The other problem is if you reduce the permissions to much, each permission ends up giving more access than the developer really needs (like the notorious INTERNET permission). More permissions lead to bloat, but gives finer grain control and is hopefully clearer to the user about the intent of each permission. - TreKing http://sites.google.com/site/rezmobileapps/treking - Chicago transit tracking app for Android-powered devices -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Reducing Permissions
I've been following the Is there a way to request permissions from a user as you need them? thread with a lot of interest, but even if someone is convinced to make the Android permissions system better, it doesn't do anything for right now. So, I thought I'd start a thread for coming up with alternative ways to reduce the permissions your app needs. My app absolutely needs internet access (it's useless without it), and it uses Google Maps extensively (it's the main activity), so I have the following : uses-permission android:name=android.permission.ACCESS_NETWORK_STATE/uses-permission uses-permission android:name=android.permission.ACCESS_COARSE_LOCATION/uses-permission uses-permission android:name=android.permission.ACCESS_FINE_LOCATION/uses-permission uses-permission android:name=android.permission.INTERNET/uses-permission I want to be able to know if I have a network connection, hence the ACCESS_NETWORK_STATE. I also try to use GPS hence the ACCESS_FINE_LOCATION, and if GPS is not available I try to find the user's location using something else hence ACCESS_COARSE_LOCATION and of couse the INTERNET permission. I also use the My Location' feature of Google Maps. So... the question is : Is there a robust way to use Google Maps, and be able to send requests to my server without all those permissions (in a user friendly way) ? I'm also experimenting with C2DM, so I have the following: permission android:name=com.bgies.hottonight.permission.C2D_MESSAGE android:protectionLevel=signature / uses-permission android:name=com.bgies.hottonight.permission.C2D_MESSAGE / uses-permission android:name=com.google.android.c2dm.permission.RECEIVE / uses-permission android:name=android.permission.READ_SYNC_SETTINGS/uses-permission If I want to use C2DM, it seems I am stuck with those... Anybody know Now... I also want to use the camera (optional) and vibrate (optional but most users will want it) so I have to add : uses-permission android:name=android.permission.CAMERA / uses-permission android:name=android.permission.VIBRATE / Total 10 lines of permissions in the manifest AND this is AFTER removing 4 other permissions that a small percentage of users would have found very handy, AND not adding a few other features because of the permissions bloat they would have added CALL_PHONE READ_CONTACTS GET_ACCOUNTS SEND_SMS So... given all of this, is there a way to reduce the permissions I need any more than I already have? AND why do I need a total of 8 permissions just to ask my server for the data they want, and try to keep them current using C2DM? Surely those permissions could be reduced somehow. Sincerely, Brad Gies --- Bistro Bot - Bistro Blurb http://bgies.com http://bistroblurb.com http://ihottonight.com http://forcethetruth.com --- Everything in moderation, including abstinence Never doubt that a small group of thoughtful, committed people can change the world. Indeed. It is the only thing that ever has - Margaret Mead -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en