Fast Company today reported on a popular flashlight application which attracted the attention of the Federal Trade Commission for deceptively sending identifying information including GPS derived location even before the users had agreed to the EULA. Obviously a keen user would notice such privileges when downloading the application from the Play Store, but this doesn’t excuse the behavior of an application that was ostensibly just a flashlight.
Certainly it is a worrying trend that we have seen with many apps – including ones from companies big enough to know better – requesting permissions that simply are not required by any stretch of the imagination for the application to function. The official Android Facebook app springs to mind as a particularly impressive display of overuse of privileges.
So what recourse does a user have against this intrusive behavior? Obviously they could elect to simply not install the application but surely the permissions system in Android is robust enough to tolerate some fine tuning. Indeed it was – with Android 4.3 and its AppOps feature, which although hidden allowed users the freedom to fine tune exactly what permissions the app could make use of. It did have some serious shortcomings – for example, the permissions were only available once an app had attempted to make use of them, but nonetheless it was a dramatic step forward in the right direction. I was saddened to see this feature disappear without any explanation in 4.4 and wondered if complaints from developers potentially endangering their revenue stream had anything to do with its removal. So this leaves users of 4.4 with little option other than rooting their device, using a custom ROM and/or making use of third party solutions like XPrivacy. This is bad form, Google. Permissions – particularly privacy invasive ones like access to your location information, unique identifiers that could potentially link you with the device and direct access to the device’s cameras and microphone should be made available for toggling in a simple user interface. Until Google has done this at a minimum they cannot claim to be serious about protecting their user’s privacy.
UPDATE: as per this LifeHacker post it appears that some of the permission managers are again working in 4.4 thanks to some tweaking. It appears that the old means of invoking it by intent is gone, but I am nonetheless elated to have regained some control back. That said – Brian Party correctly noted that the LH article is attempting to sell a permission manager that in itself is a privacy threat to your phone. The open source AppOps by Sylvain Garland (market link) appears to be the least evil of the bunch, requesting no additional permissions. As an aside I am planning somewhat of an exposé (including some disassesmbly) of some of the cellular baseband firmwares as I believe the baseband is likely the biggest threat we have to our privacy. If you have anything to contribute don’t hesitate to contact me. You can retrieve my PGP key from the key page and find my email address within the key metadata.