On Sat, 18 Jun 2011 14:06:02 -0400 Charles Clancy wrote: > Also, as on the Internet, it's up to the individual apps to protect > themselves, rather than the infrastructure providing systemic > safeguards.
And this worked really well for facebook and the ability to judge wehther you trust a website is no good either. Browsers are now struggling to implement policies to combat this but it's a drop in the ocean. SElinux has it's own criticisms but I guess a lot of work has been done already. Symbian had finer restrictions users could use upon apps. The signing never worked because app designers didn't need to bother. They won't do anything like asking for certain permissions if they can just ask for all and have them given. You would get an app asking for all permissions that hardly needed any. Android should go further than Symbian and allow user enforcement even if it's optional and the most fine grained options are not normally seen by default. There should even be a coarse "do not allow java apps to run" option. -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
