On Wed, 13 Jul 2011 06:55:30 -0700 (PDT) Michael Schneider wrote: > I have a suggestions regarding the permissions for applications to > make. Right now if you download an application from the Market, it > tells you, which permissions the application needs. For sure, this is > meant to address security issues. However, most end users don't really > know how to deal with them and just ignore this list. So here's my > suggestion on how to make it easier for the end users. Group the > permissions in those that don't really pose a security risk (e.g. turn > GPS on), those that might or might not pose a risk (e.g. access the > contacts) and those that pose a risk if you can't trust the > application (e.g. sending information). Then use green, yellow and red > icons for the permissions in those groups and display them to the end > user. E.g. a green filled circle with a black GPS symbol on it, a > yellow circle with a person symbol representing a contact, or a red > circle with an envelope on it. This will be very easy to understand > for each user and will significantly increase the awareness (e.g. why > does my facebook app need to access my SMSs?). > I hope I posted this in the right forum. If not, please feel free to > move it accordingly. Thanks!
Anything which makes it more likely for every user to think about security sounds good to me as long as it doesn't reduce the options to secure the device by a more vigilent user. A hugely important thing is that a user can override what the application thinks it needs. For example GPS data may overlooked but be very important to keep private, e.g. police, undercover or not. Or a user may wish to only use a subset of an application. This would trump Symbians features. -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
