The users are not going to wise up, they have been thoroughly trained to click the "make this work" button. The only difference between this and the microsoft attempt is that android doesn't pop it up as often, and doesn't allow you to say no. (That, personally, is still where I think it is lacking. There is no way for a user - power user or grandmother - to say "this app should not be able to wake up in the middle of the night and get my gps location".)
As an example of the 'make it work' list - launcherpro. ( http://www.androidzoom.com/android_applications/productivity/launcherpro_gxph_permissions.html) To break down the list, as a launcher it only needs: - android.permission.BIND_APPWIDGET - android.permission.CALL_PHONE - android.permission.EXPAND_STATUS_BAR - android.permission.GET_TASKS - android.permission.PERSISTENT_ACTIVITY - android.permission.SET_WALLPAPER - android.permission.SET_WALLPAPER_HINTS - android.permission.VIBRATE - android.permission.WRITE_EXTERNAL_STORAGE - android.permission.WRITE_SETTINGS - com.fede.launcher.permission.READ_SETTINGS - com.fede.launcher.permission.WRITE_SETTINGS The "make it work" button means that - instead of separate, isolated widgets - it also uses: - android.permission.GET_ACCOUNTS - android.permission.INTERNET - android.permission.READ_CALENDAR - android.permission.READ_CONTACTS - android.permission.READ_SMS - android.permission.RESTART_PACKAGES - android.permission.WRITE_CONTACTS - android.permission.WRITE_SMS - com.android.browser.permission.READ_HISTORY_BOOKMARKS - com.android.browser.permission.WRITE_HISTORY_BOOKMARKS - com.google.android.gm.permission.READ_GMAIL - com.google.android.googleapps.permission.GOOGLE_AUTH - com.google.android.providers.gmail.permission.READ_GMAIL Nobody finds this strange because the way android does things right now (including stock apps, including google apps) is to embed everything in your app directly, instead of calling out for external resources. (Consider apps that serve ads - suddenly an app that might be handling sensitive data needs fine gps and internet. So it could be doing literally anything with that data. I believe hackbod made that exact point a year or more ago, to the general apathy of developers.) In the list above, the vast majority of the extra permissions are needed solely for the grey launcher at the bottom of the first screenshot ( http://cdn-2.androidzoom.com/screenshots/58682-1.jpg) - it puts unread counts over the icons. That could easily be handled by a separate, scrollable widget that didn't need all the fun permissions. (Yes, I know the widget wouldn't work in most other launchers cuz of the scrolling. That would kinda be the point, actually :) ..) On Thu, Sep 30, 2010 at 6:30 PM, Chris Palmer <[email protected]> wrote: > On Thu, Sep 30, 2010 at 1:42 PM, Ryan Mattison <[email protected]> > wrote: > > > I'm just saying users are going to wise up at some point. > > In what way(s) do you think they are unwise now? > > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]<android-security-discuss%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
