Feeds

back to article New in Android 4.3: At last we get a grip on privacy-invading crApps

The latest version of Google's Android, 4.3, has a panel controlling access permissions on an app-by-app basis - but only for those users ready to experiment with untested functionality. The App Ops control was found by Android Police and initially required a hack to bring it to life. Now there's an app in the Google Play store …

COMMENTS

This topic is closed for new posts.

Page:

Silver badge

Google Switch

Is there also a BIG button which can be used to stop the phone/addressbook/browser/etc from phoning home to Google with user stats.

4
8
Holmes

Re: Google Switch

"Is there also a BIG button which can be used to stop the phone/addressbook/browser/etc from phoning home to Google with user stats."

Yes. You turn of syncing for the Google account.

7
1
g e
Silver badge
Holmes

Re: Google Switch

Until you install Facebook, presumably, which will try and grab anything it has half a chance of getting.

4
0
Silver badge
Thumb Down

Re: Google Switch

@Bakunin

Are you "absolutely" sure about what you are saying or are you new to the game?

Will your solution really stop "Wifi" location being sent to Google, directly or indirectly through third part apps.

Will it also stop GPS location information being sent to google.

If I were to find a wireshark equivalant, you are saying that, I could be assured that by turning of "syncing for the Google account." no traffic would any longer be sent to google.

C'mon wake up man, there is far more to google/android than your contact list and porn browsing habits.

1
9

Re: Google Switch

"If I were to find a wireshark equivalant, you are saying that, I could be assured that by turning of "syncing for the Google account." no traffic would any longer be sent to google."

From Android itself? Only the most paranoid would think otherwise.

Of course you'd also have to ensure you don't install/use any Google apps, or any 3rd party apps that utilise Google services, or visit any of their sites to keep them totally ignorant of your existance.

1
0
Anonymous Coward

Re: Google Switch

Well khaptain, why don't you try it. Set up a brand new device, when asked about sharing location, synching, setting up a google account, using the omnibox etc choose the no (or privacy setting).

Set up wireshark to sniff the data and then if there is an personal data going to Google you have a lovely big lawsuit that will make you rich.

Easy, and well worth it!

2
0
Pint

@Khaptain Re: Google Switch

"Are you "absolutely" sure about what you are saying or are you new to the game?"

I wish I was, because if I were to do it all again I'd choose a different game.

"Will your solution really stop "Wifi" location being sent to Google, directly or ...."

[snip]

No it wont. But you already knew the answer to that question before you asked it. I was referring to the points raised in the original question.

I'll give you the benefit of the doubt that you aren't "new to the game" either. So you should be fully aware that if you're getting a phone from Google/Apple/Microsoft/Rim then that sort of data is leaking. It's also leaking if you have a Sat Nav that's capable of making a network connection or a Satellite/Cable box or using a web service/store or a connected games console. Or as we've seen over recent weeks pretty much anything with a network connection will get you swept into a mass surveillance dragnet.

But there are options. You can choose to use them or not depending on the cost to your data. If you choose to use them then be aware of what you need to leak and what you can avoid. If you choose not to use them then congratulation to you, that's your call.

It's Friday, let's have a beer and agree to differ like gentlemen.

3
0
Big Brother

Re: Google Switch

Turning off syncing to the Google account won't stop Google calling home through Google Play Services amongst others.

This hypocritical privacy against everyone but Google really is something that end users should not be dismissing lightly.

4
2
Anonymous Coward

Re: Google Switch

It's Linux based so more holes you can drive a malware bus through will undoubtedly be found....

0
6
Silver badge
Megaphone

Re: Google Switch

Lame trolling aside. Straight from the Microsoft whore ZDNet itself.

"The Trustwave report says the number of critical vulnerabilities, as determined by the Common Vulnerability Scoring System (CVSS) assessment of factors like potential impact and exploitability, identified in the Linux kernel was lower than in Windows last year [2012], with nine in Linux compared to 34 in Windows. The overall seriousness of vulnerabilities was also lower in Linux than Windows, with Linux having an average CVSS score of 7.68 for its vulnerabilities, compared to 8.41 for Microsoft."

9
0
h3
Bronze badge

Re: Google Switch

That is comparing the latest Linux kernel with all versions of Windows.

Should be comparing 2012 server core with a decent version of Linux. (RHEL6 or whatever).

0
2
Silver badge

Re: Google Switch

Why? Unlike Windows pretty much the same Linux kernel code runs from embedded to mainframe and HPC clusters (plus or minus various bits but core the same). Linux still runs on a lot more platforms and in more roles so its fair to compare the two.

2
0
Silver badge
Facepalm

Re: Google Switch

If you don't want Google to know anything about you then don't sign into the phone with your Google account. That part of the setup is optional.

1
0
Thumb Up

Excellent

I believe this feature has been available in a few root-only apps and in Cyanogenmod for a little while, it's nice to see it get into mainline android.

There are a variety of apps that are useful that want way too many permissions. Skype is a major offender in this area. Being able to deny it some of what it wants is a good thing.

15
0

agree about sky pee

bloody thing lobbed all my mostly old or net only contacts in to my address book. hence with this fresh CyanogenMod install I haven't put on either facetard or sky pee.

0
0
Bronze badge

Re: Excellent

Yes, it's called XPrivacy.

0
0
Anonymous Coward

I can just see all of the down-rates in the Google Play store from people who deny access to something and then the app doesn't work.

1
3
FAIL

...and that's a problem because... ...?

Maybe it would encourage better programming techniques - learn how to fail gracefully.

It would also serve as a notice of an application that requires far too many permissions to do the job that it said it was going to do, but is instead doing other "stuff" that wasn't menioned in the puff-piece trying to attract users.

13
0

And this is different to Permissions Denied how?

0
2
Silver badge
Unhappy

...does it run on unrooted phones?

0
0

Permissions Denied is still better for root users as the "App ops" settings at present require the app to try and access the setting before you can disable it (not much good for an app trying to steal your contact sayt etc. !)

1
0

close, but...

Would love to see a fake-feature too. ie, some apps request access to my call log? Sure.. here, have a fake one.

App wants to read my SMSs? Here, have some test ones. My location is absolutely required or the apps crashes? I'm in Times Square, honest.

That way, compatibility remains, and privacy is enjoyed.

55
0
Silver badge

Re: close, but...

Yes, been waiting on that for some time. Denying permissions breaks far too many apps and the blockers I've tried (both add on and built into firmware) have been unreliable in any case.

1
0
Silver badge

Re: close, but...

100% agreed. Needs to always be user defined, though, or software developers will set routines to query and fall over if fed known bogus data.

3
0
Silver badge
Thumb Up

Re: close, but...

100% agreed. Needs to always be user defined, though, or software developers will set routines to query and fall over if fed known bogus data.

0
0
Go

Re: close, but...

This is how the Cyanogenmod granular control works. It supplies dummy data to the apps.

4
0
h3
Bronze badge

Re: close, but...

There was a patch for Cyanogen mod that did exactly that but they wouldn't add it. (That is something I certainly want).

0
0

Huh

And I was told that Android has had permission control for applications for a while. Was I lied to by so many independent people? That would probably make them fandroids.

Permission control is a must have for me if I'm to give the device any sensitive data...

2
2
Bronze badge

Re: Huh

Permission control for applications has been there since year dot. This is just a more granular method.

At the moment (unless using 3rd party tools on a rooted device) it's basically a case of granting access to everything the app asks for, or not installing it if you don't like the permissions it asks for.

The new process allows you to say yes to all, and then go in and turn off access to specific items.

For example, why does the Facebook app need to be able to make phone calls, or be listed as a System Tool which gives it a lot of potential control over your phone. The point being of course it doesn't, not unless you use those features that rely on these permissions, So if you don't use those features, you should be able to switch of access to those areas.

9
0
Thumb Up

Re: Huh

Thank you for the clarification, I appreciate it. (I didn't want to dig through the ton of ballast to get the information I wanted, heh).

I was under the impression that what you say ("say yes to all, and then go in and turn off access to specific items") was there by default on every stock device without having to root it or anything.

1
0
Anonymous Coward

Re: Huh

For example, why does the Facebook app need to be able to make phone calls

They doubtless want facebook to be the centre of your life and thus you will have all your contact details stored in facebook so that when you want to call someone then they don't want you to exit the FB app and go to the dailer but instead go to the contents section of the FB app, find the name and select the "call this person now" option .... so, the FB app needs to initiate the call.

3
0
Bronze badge

Re: Huh @ AC 13:12

That would make sense (almost) if ithere was a direct way to access your friends list with the Facebook app, or it was made more central to it.

Currently the 'Friends' button in the Facebook app doesn't actually list your friends! Instead it takes to the 'Find Friends' page (same on the web site).

I don't know about anyone else, but this just seems to be brain dead. Surely one of the main purposes of facebook is to keep in touch with existing friends, and to a much lesser degree, to find new friends on FB.

Therefore why would an option rarely used in comparison, 'Find Friends' , have a main shortcut button in the front page of the app, and the main 'Friends' list, that is used far more often, is almost hidden away under the 'Apps' list!

3
0
Bronze badge

Re: Huh

Fb probably is making the phone silently phone home, or they are probably embedding a special packet in their call TO a phone, and when either or either cannot shake hands, they send the user an online prompt about updating his or her contact info and phone. Probably it helps them correlate phones to users and helps them either fudge on reported data and work on heis... Umm, acquiring new, fresh users.

0
0
Silver badge

Re: Huh

At the moment, when you install an app, it will list the permissions the app requires and ask if you are happy to give it to them. So, for example if a unit converter app asks for permissions to access your location and address book, and to make phone calls, you might conclude that it doesn't need those things to convert centimeters to inches and decide not to install the app.

Alternatively, you might conclude for example that it needs internet access to convert dollars to euros, but it doesn't need the other permissions it is asking for. At the moment, you can't approve internet access and block the other permissions, it is either all or nothing.

0
0
Silver badge

" .. users always click "yes" when asked a question .."

Not me. I've considered several apps that asked for ridiculously uneccessary permissions, then clicked the Cancel/No button. e.g an on-sceeen clock display that wants to access contacts list, send SMS and access the internet.

15
0
g e
Silver badge

I've been asking Google for something like this for ages.

Glad they finally listened to me, all those emails beginning 'Do you know who I am?' must have finally paid off.

Irony/Sarcasm icons required.

4
0
Bronze badge
WTF?

Why an app, why not on install?

Rather than using a separate app, wouldn't it be better if the current permissions list on install (or updating if permissions change), just had a tick box next to each option?

i.e. Install app, it lists x number of permissions as it does now, but each has a tick box, selected by default. Just untick the ones you don't like and continue with the install.

To change settings afterwards, use the app manger. It already lists the permissions, just add a tick box by each one. Tick on/off as needed.

6
0

Re: Why an app, why not on install?

It probably will be on install when it finally becomes an official feature. My guess is that there'll be a set of required permissions that you have to accept to install and then a number of optional permissions that the app would like but that you can optionally deny (both at install time and later).

1
0

Does it block adverts

You know like Ad Blocker is supposed to (but falls over constantly)?

1
0
Bronze badge

Re: Does it block adverts

I doubt you'll be able to specifically block Ads themselves with this, although you ought to be able to stop Network access, which would stop the Ads.

But of course that might also break the App itself, depending on if it needs Network access for it's main functions. i.e. something like Rain Alarm needs Network access to be able to download the rain maps, which of course automatically means it can download it's Ads.

Also authors would probably be able to add code to detect if you've disabled Network access* , and so could disable or otherwise cripple the app in someway.

* Direct, for example 'ping' an Internet address and see if it responds, or indirect, i.e. have my Ad banners downloaded okay since the app launched?

1
0
Silver badge

Re: Does it block adverts

"Also authors would probably be able to add code to detect if you've disabled Network access* , andso could disable or otherwise cripple the app in someway."

I'd suspect there would be an API call to check for granted privs, although a wise app would still ccheck 'manually' if the priv appears granted, as a rooted phone could lie!

1
0

Re: Does it block adverts

The app would be told that there are no network connections, exactly as if the device were in aeroplane mode.

1
0

I spy with my beady eye permission control beginning with 'ICO'

You know, it springs to mind that some app developers and their data controllers (i.e. think UK only for a limited scope) are absolutely ripe for a good education/hiding from the ICO*

*It seems that the ICO believe quite a few developers/data controllers are unaware of their current legal obligations. As a result the ICO are currently preparing formal documentation on this matter. Hopefully 'gimme all ya got' data collection and retention policies for mobile apps won't be around for too much longer (in the UK at least).

1
0
Bronze badge

Finall

Finally! As I've mentioned in few threads before , the app permissions has been one of the really annoying things in Android.

lansalot' s comment about a faked response would be rather nice addition as I can imagine many apps may well crash horribly if their expected permissions aren't available.

Just have to wait and see if any of my older devices will be offered 4.3 update.

0
0
Silver badge

Re: Finall

Cyanogen, or a bundled app that's used with it, has the capability to provide faked responses to apps that do not behave well when they cannot get their desired access.

Worked very nicely from what I hear and the limited time I played with it.

0
0

This is the biggest news for the 4.3 release and a pity it has been glossed over in most of the coverage.

If I had have known that this was coming I wouldn't have needed to purchase Permissions Denied last week!

0
0

I correct myself: Permissions Denied is still better as the "App ops" settings require the app to try and access the setting before you can disable it (not much good for an app trying to steal your contact sayt etc. !)

0
0

Some good news. Will be trying this out when my Nexus 7 is updated and will be a deciding factor in which phone I get next... no 4.3, no sale.

I'm one of the few that actually reads the permissions. The last update for Real Racing 3 wanted user account permissions.. for a racing game? Needless to say it remains un-updated. When Facebook Home reared it's ill-fated head, the main FB app added a ridiculous number of permissions, and was promptly uninstalled completely, and I use the web page instead. The FB app has always been intrusive though, I had it on my old rooted phone, and had a permission blocker installed. Even after unticking the options to sync contacts and access location, the blocker showed repeated attempts by the app to access both functions, even when it wasn't being used and was sitting in the background.

Any app that crashes as a result of no access to location or network isn't worth keeping, as both those can be legitimately unavailable, either due to Airplane mode being on or no GPS chip in cheap tablets etc.

2
0
Bronze badge

Will there be a way to report to the FBI all usa-crossing apps

Will there be a way to report to the FBI all usa-crossing apps tha try to steal, access, or link to denied content?

Hell, if companies can report unauthorized access attempts, then so should users be able to. Clog up the FBI and force it to deal with these companies. If the FBI and Homeland Security lbosmcan be appropriated and made to look appropriate when DVDs start the feature film or other content, the users should be able to send warnings to dvelopers who atrempt unauthorized crawling, trawling, and hauling of user content.

This means nailing in the ass the likes of skype, facebook, kakao, and hundreds of thousands of others that wantonly steal data without clearly asking for case-by-cases access and permission. An off the cuff analogy I can think of would be the random legit door-to-door insurance sales rep stating to some unwittin home occupant "By even LISTENING to me, not just allowing me into your abode, you grant me worldwite, perpetual, non-revocable permission to ransack your home or mind for any data I can find, use it as I see fit-- to perform it, to share it with my tributary partners, tomredevelop it, to use it against you in any conceivable way throughout the universe, and even to SUE YOU if you try to compete with my employer or EVEN me with YOUR OWN content."

Well, at least that is what it seems is coming down the pike, if not already happening.

3
0

Samsung make something similar available in their own app store but oddly while I can install it on my Note II it doesn't show up for my Note 10.1

0
1

Page:

This topic is closed for new posts.