So do they still run but are limited like when ios gives the false location data? or can facebook apps just refuse to operate until they are given the required permissions? E.g. the way android apps just demand permisions for everything making the security benefit of permissions largely pointless.
> the way android apps just demand permisions for everything making the security benefit of permissions largely pointless.
That hasn't been the case for a pretty long time. Now the permissions are quite granular and you can accept and refuse specific one at any time. It's actually quite tiresome to go through 4-5 permissions popup on some apps, but it makes sense so it's okay.
The apps is informed of that decision, so yeah it can decide to not works without it. I suggest you to not use an app that require stuff that you don't want to allow.
>> the way android apps just demand permisions for everything making the security benefit of permissions largely pointless.
> That hasn't been the case for a pretty long time. Now the permissions are quite granular and you can accept and refuse specific one at any time.
This is technically a correct answer, but I've seen the bad habit of asking for many permissions (and sometimes refusing to work without) being more common on Android. An example is a bank's app that will refuse to launch (or I mean, provide any meaningful information/experience) unless location permission is given (this is when giving the permission means an "always allow") and unless it's connected to a cellular data network (not WiFi). On iOS, the app is better behaved and will work with some useful functionality when certain permissions are denied.
This could be due to an overly aggressive anti-fraud library/service like ThreatMetrix (I don't know if they do these things, they're just the only example I know).
Though it's bizarre to me what permissions require a pop-up and which don't. You think all you've granted is, say, looking at files, then you check the actual granular list and there's a dozen different ones including internet access.
Making full network access a mandatory always-on permission was a huge security mistake IMO. Every app can port scan your network, and probably some do as part of fingerprinting (some websites do at least, and I assume apps are more brazen).
Programmatically? Certainly. As a matter of App Store policy? Facebook shouldn’t count on it, even if that were allowed by the rules as written today (which I don’t think it is, but Apple has pretty much covered all of their bases as far as arbitrarily changing policy on the fly goes).
