undefined | Better HN

0 pointsaargh_aargh5y ago0 comments

As an Android user, not developer, I wanted to ask how are permissions on Android these days.

Is "internet access" permission just granted for any app by default without asking the user?

There were initiatives (probably 3rd party) for more granular permissions, but I haven't noticed this becoming common. I vaguely remember that Android started asking for some individual permissions not upon installation, but only when they were first used by the app, e.g. camera access. Why is this not the case for internet access?

In a nutshell, how did permission granting in stock Android develop from say Android 3.x times?

I understand that some keyboards want to provide suggestions using a dictionary they download online. Also, I used to use SwiftKey once which wanted to read all my mail to produce better suggestions. Is there even a good way to balance the benefits (features) and risks (uploading a key log if the app is sold/abandoned and taken over by an attacker)?

0 comments

8 comments · 3 top-level

est315y ago· 5 in thread

> Is "internet access" permission just granted for any app by default without asking the user?

IIRC it was changed because people complained that a lot of apps required that permission despite the functionality not needing it. E.g. calculator app or whatever. Turns out that you need this permission if you want to display ads. So Google just sided with the advertisers and removed the permission from the display. Generally, I believe that Google likes internet connected things because they as a company have better tools to capture online revenue streams vs offline ones.

darkwater5y ago

Even if I hate ads and I think one should be able to ban them forever on their devices, Android could just add an "Internet access" permission that only counts for Internet access required outside the Ads API, so they would keep their ads and users could be a bit safer on the "this app is snooping my data" side.

wongarsu5y ago

That would only work if they open up the Ads API to work with any ad network. Otherwise it would basically kill any competition in the Android Ad space, which would probably lead to EU and US regulators coming down hard on Google.

1 more reply

aargh_aarghOP5y ago

I agree that it would be nice to separate the privileges if it were possible.

I suspect that allowing internet access even in the form of ads opens the possibility for data exfiltration in principle. But I'm not familiar with the Android case at all.

1 more reply

kelchqvjpnfasjl5y ago

> outside the Ads API

Presumably these Ad APIs would be for access to Google Ads. That would seem like an anti-trust issue.

UncleMeat5y ago

Could you imagine the complaining for treating different ad libraries differently?

netizen-97485y ago

A good solution to this is using iptables to control what has access to which networks, rather than relying on the OS. AFWall+ is a nice front end for iptables and requires root. Netguard is another option that doesn't require root, but I'm not sure how that one works.

fy205y ago

Certain permissions (internet is one example) are granted when the app is installed, other permissions (e.g. access to photos) require the user to give access through a dialog prompt (and from Android 10(?) the user will be asked again every so often, rather than just once).

All permissions an app can use are listed in the manifest file, and are displayed on Google Play.

j / k navigate · click thread line to collapse

0 comments

8 comments · 3 top-level

est315y ago· 5 in thread

> Is "internet access" permission just granted for any app by default without asking the user?

darkwater5y ago

wongarsu5y ago

1 more reply

aargh_aarghOP5y ago

I agree that it would be nice to separate the privileges if it were possible.

I suspect that allowing internet access even in the form of ads opens the possibility for data exfiltration in principle. But I'm not familiar with the Android case at all.

1 more reply

kelchqvjpnfasjl5y ago

> outside the Ads API

Presumably these Ad APIs would be for access to Google Ads. That would seem like an anti-trust issue.

UncleMeat5y ago

Could you imagine the complaining for treating different ad libraries differently?

netizen-97485y ago

fy205y ago

All permissions an app can use are listed in the manifest file, and are displayed on Google Play.

j / k navigate · click thread line to collapse