Some users would never even install apps that asked for too many static permissions on the Play page.
But now, if an app seems to meet their needs and they aren't sure, some of them will go ahead and install it just to try it out. How much can one run hurt after all? Due to unresolved questions or sunk cost dilemmas, they may even grant dynamic permissions. How much can one run hurt after all?
So this will manipulate a percentage of reluctant users into data-providing users by hiding a reason for their reluctance. I'm inclined to suspect it'll benefit Google's ad impressions business and that's the actual motivation, not "feature parity" with Apple.
> Some users would never even install apps that asked for too many static permissions on the Play page.
This, so much!
Like 90% of the apps on Play ask for an insanely excessive amount of permissions.
It was the #1 indicator for sorting out garbage apps.
Example: Some time ago I needed a kitchen timer app (stock one had some issue). The great majority of them wanted permissions like contacts, access to my files, GPS location, and on top of it internet to upload all of this probably. Even though a kitchen timer shouldn't require any private data at all!
Now think about this:
Even if you're asked by Android before it actually gets the permissions, why would you WANT to run code from someone who does such shady stuff as having a kitchen timer require access to private data? Won't those people probably take any opportunity they can get to do shady stuff with things for which Android doesn't require permissions yet? And even if they don't - isn't it likely that their app just doesn't work properly and has a lot of bugs because they don't care about the user at all?
And this isn't just such utility apps. It's basically ALL apps which are flooded with this garbage.
What Google did here to me personally is the last nail in Android's coffin. I cannot acquire software anymore like this.
Problem with free software is that very often good programs are orphaned by original authors (looking at andOTP), and that creates more forks with usually even shorter lifetime. It would be wonderful to have some sort of organization for essential applications that provide crucial applications, but only with very limited feature set and only required updates for new Android versions.
> Example: Some time ago I needed a kitchen timer app (stock one had some issue). The great majority of them wanted permissions like contacts, access to my files, GPS location, and on top of it internet to upload all of this probably. Even though a kitchen timer shouldn't require any private data at all!
That's completely legitimate. It needs those permissions to tell your guests when dinner is ready, where it is being served, and what is being served.
More seriously though, I bought a tablet many years back which shipped with a simple word game that had insane permissions. Among them was access to contacts. When I pointed that out to people they would claim it was required for multi-player support. When I pointed out that one could add the contacts manually, most of the people thought I was insane even though this was at a time when people usually added contacts to desktop applications manually. They didn't understand that some people viewed it as impolite to share contacts of others without their permission (never mind the privacy implications). They didn't understand that most people would only play the game in single-user mode because it was a single play game with a "multi-player" mode tacked on. The multi-player mode was literally tacked on to harvest marketing data.
I've never seen that in any menu or prompt. I don't think Android has this. Which is a shame bc i mostly use offline apps and would love to know if an app is all offline
Understandably, I don't think Google cares about the offline use of their OS. It doesn't align with their business interests
What they really need to do is to simulate data for permissions that are rejected.
For example, if I reject location permissions, then play back a random GPS trail in a randomly selected city on the planet, complete with simulated error and drift. If I reject Wi-Fi scanning, then show a constantly changing set of fake access points. If I reject camera, then play back some cartoons or deepfaked video as a camera device.
The app should never have to know its permission request was denied.
This would be a nice option to have, but it's only useful for a small number of tech affine people who know what they're doing. If the location doesn't agree with the IP address, the app would know it's not real. And if this is used with banks or payment services people are going to get their accounts disabled.
In general, I'm not sure spreading random fake news about yourself is such a great idea unless everybody does it. And everybody doesn't do it, because if everybody cared so much about these things the problem wouldn't exist in the first place.
If you do that, some users are going to land in a weird purgatory where they’ve denied camera permissions to their camera app or something, and be completely unsure of why the app is acting strangely or how to fix it
On a related note, I don't understand why apps are permitted to require you to enable certain permissions or refuse to run. What is the point of giving users control of their privacy if large popular apps are a able to essentially opt out of the optional part. I'm looking at you Kakao.
This case is clearly better on iOS. The AppStore guidelines require that your app functions regardless of whether the user consents to permissions. None of this bullshit “oh you denied this flashlight app contacts permission? Fuck you exit(0)”
The Google Photos app on iOS is still an egregious abuser of this, requiring access to all photos to run at all, rather than just selected photos or no photos at all. I’m still not sure why it would need that if I only intend on using it to access shared albums in the cloud, download photos, or view selected photos on my device, but it’s Google so I’m not terribly surprised.
Agreed for optional permissions, but not sure what you'd expect a browser to do that doesn't have internet access or a camera app that is not allowed to access the camera
Allow you to open the app still and go through the menus, maybe you just want to export your data? Maybe you want to check the T&C again (which should be available offline from the menu)? Perhaps you wanted to see the design/ergonomics of the app before allowing it? It could be a thousand reasons. Photo app can display "No camera permission granted, click here to setup" instead of the visor or something, and the browser can also inform the user of the situation with a static page.
It's like proper exception handling: Do not just close the app, fall back gracefully and allow the user to retry.
I'd expect the browser to behave the same way it does when the device is in airplane mode: display a message about being offline, while still letting me play with the UI, adjust settings, navigate to local files and cached pages, and so on.
For the browser, view local HTML pages via file:// URLs. For the camera, look at previously-taken photos through the built-in mini-gallery that most support.
In the example of Kakao, it lists the contacts permission as optional and the app will install and open without it. But it won't let you past a nag screen without it first verifying that you have given it access to your contacts.
Really anything involving personal data should be up to the user. Especially something like your contacts.
As much as I have a problem with Apple’s monopolistic control over the App Store, one benefit is that behaviour like this doesn’t make it past review.
I’d love to see a button on the contacts permission window to give the app a list of AI generated fake contacts. (And fake GPS coordinates, and so on).
Philosophically, your phone should be your user agent. It should act on your behalf, not on behalf of some tech companies.
Xiaomi's newer phones do have this functionality, albeit in a rudimentary form (only empty list is returned so the app can still detect it given how few people have empty contacts).
There should be a simple standard way to fake/limit all permissions.
For example, the app wants to access your contacts. Instead of "yes or no", you choose a subset of contacts that the app is allowed to see: could be all, could be none, could be a selected set (perhaps a special set of fake contacts). Whatever you choose, the app is told that these are all the contacts that exist on your phone.
If the app wants to access the camera, the options are: actual camera, always black pixels, a selected static picture, a selected picture that is shaking to add extra realism. Whatever you choose, the app is told that this is the actual camera.
If the app wants to access the disk, you could specify that a new directory should be created and the app would be told that this directory is the entire disk. Etc.
Some users would never even install apps that asked for too many static permissions on the Play page.
But now, if an app seems to meet their needs and they aren't sure, some of them will go ahead and install it just to try it out. How much can one run hurt after all? Due to unresolved questions or sunk cost dilemmas, they may even grant dynamic permissions. How much can one run hurt after all?
So this will manipulate a percentage of reluctant users into data-providing users by hiding a reason for their reluctance. I'm inclined to suspect it'll benefit Google's ad impressions business and that's the actual motivation, not "feature parity" with Apple.