Google Backtracks on App Permission Management; Here's a Solution
Google gave, then Google took it away.
Beginning with Android 4.3, there was a hidden app permissions management functionality built in to the operating system. This would allow you to approve or deny, permission by permission, app by app. For example, you could deny that shady flashlight app access to your location and personal contacts. All it required was the installation of App Ops, an app that revealed the hidden functionality.
We were excited. The Electronic Frontier Foundation was excited. Google apparently wasn't, as they removed the feature from Android 4.4.2, telling the EFF that the feature was experimental, could break apps policed by it, and that the release was accidental.
It's too late Google: we want our privacy back.
Pervasive Permissions
What's the big deal with app permissions? We discussed the issue back in April, but here is the short version: a lot of apps, especially free apps, collect information about your location, contacts, and more in order to sell that data to advertising companies.
For example, that flashlight app we mentioned? It was, regardless of whether you accepted the app's request to share your information, snatching and sharing the information, specifically your phone's unique identifier and location. The company just settled a dispute over their deceptive practices with the FTC.
Google's Explanation
Accidental release. Broken apps. Yadda yadda.
It's all probably true. Certain apps need certain functionality, and denying permissions to an app can "break" it by not allowing it to do its intended job. Google Voice? It needs access to your SMS and phone dialer. That's why it exists. Disabling access in App Ops would break the app.
Tech savvy users understand all that. Novices don't. Then again, are novices really going to be installing privacy apps and analyzing permissions one-by-one?
Another Explanation
Perhaps the impetus to disable the feature came from app developers? Not only do they suffer, in reputation, feedback, and customer satisfaction, when users accidently break their apps with permission denials and then rage at the developer, but the apps depend on sweeping up your data to make money.
Why do you think that flashlight app is free?
A Possible Fix
You could skip the Android 4.4.2 update, but as the EFF notes, the update brings multiple security fixes. If privacy is your primary concern, we'd recommend a different solution: CyanogenMod.
CyanogenMod is a branch-off of Android that began as a way to push Android updates to phones that were no longer supported by manufacturers. Now, it's much more. The hobby-turned-company takes the latest Android code, strips out certain bloatware, adds extra privacy settings, encrypted text messaging, and other goodies, and gives it all to you -- for free.
The caveat: it's not Google or manufacturer official, so installation will almost certainly void your warranty. If you flash CyanogenMod on your phone or tablet, do so at your own risk.
Fortunately, my devices are all out of warranty. And CyanogenMod has released a simple installer that flashes the alternative operating system on your phone, without any complicated hacks or command line jibberish. Challenge accepted.
Ever try CyanogenMod? Tell us about it on Facebook at FindLaw for Legal Professionals.
Related Resources:
- The Latest in DUI Apps and Gadgets to Keep You (Sort of) Safe (FindLaw's Technologist Blog)
- Google's Going to Cache Images from Email: This is a Terrible Idea (FindLaw's Technologist Blog)
- 5 #FiveWordTechHorrors That Will Kill Your Firm's Productivity (FindLaw's Technologist Blog)