"Here's a list of thirty privileges this app needs to run. Do you approve?"

Given you just downloaded it, why wouldn't you?

After all, every other app requires a huge set of privileges to run, too.

Do you see the problem? :)

I find it perfectly effective: If you deny an app a permission, it doesn't get any information for that permission.

> some apps (like the Hue app) just crash if you deny them anything

That sounds like the app is badly implemented, really.

> Why didn't Android add the option to provide blank data to apps?

Because it's a completely new API and it shouldn't have to, apps should check the return code to see if the permission was denied or not.

Are you talking about denying permissions to apps that don't support the new-style permissions natively, perhaps?

Yeah, it really is badly implemented, but the blame for that lies in part with Android for making it so easy to write apps that break. It would have been perfectly easy to write the code so that it returned "GPS signal lost" for location, "no contacts" for contacts, "SD card is empty" for storage, "no phone call in progress" for phone, etc. In fact, modders of Android have been doing that kind of thing for years. It's truly astonishing that Google got this so wrong when there are so many better examples.

Because it's a completely new API and it shouldn't have to, apps should check the return code to see if the permission was denied or not.

Sometimes an app should believe the permission was granted when it actually wasn't, because of the aforementioned bad (or even malicious) apps. Maybe you have to use a particular app in order to control the lights in your house, or your car, or to chat with someone who refuses to use anything that doesn't have a permission list a mile long. Privacy controls are useless if the true control is still in the hands of the app.

Are you talking about denying permissions to apps that don't support the new-style permissions natively, perhaps?

No, I'm not, but clearly old-style permissions could have been reimplemented as forwarding calls to a new-style API that returned blank data if the user chose blank data for that app's permission, just as privacy mods for rooted phones have already done.

Ghe second solution is aimed at apps designed for older Android versions, if the user denies access, the app gets empty data back (e.g. Empty contact lists, no GPS satellite etc).

An app designed for Android 6 should handle negative feedback (disable functions, show a warning/explanation or something else), it shouldn't break. If you don't want to handle this, design for Android <6 and let the system take care of it. But it should be a difference between permission not granted and no data available, apps should handle these issues differently. If I were to deny my navigation app access to my location, it should ask me to revoke this decision and not warn me about not finding GPS satellites (which would make me run around with my phone hold up in the air hoping to get a GPS fix).

That kind of notification should be done by the permission system itself, perhaps as an icon in the status bar.

> No, I'm not, but clearly old-style permissions could have been reimplemented as forwarding calls to a new-style API that returned blank data if the user chose blank data for that app's permission, just as privacy mods for rooted phones have already done.

Not only is this clearly possible, and a good idea, but it is also pretty much exactly how Android implements it. If you don't use the new API, you'll just get blank data.

I've never used the app you're talking about, but it sounds buggy to me.

There's some extra functionality for users who have rooted their phone.