Skip to main content

Android OS Redesigned

Imagine the following scenario - you are looking for an application (app) on the Google Store, but the application that you found does 3 or 4 other things that you are not really interested in.   Perhaps it is a photo editor that also syncs with Dropbox, has an online gallery, etc.  All you want is local photo editing.  Today, there is nothing you can do unless the app uses Android 6.0 run-time permissions, but if you had more fine-grained permission control, you could deny or just limit access to those extraneous permissions like web access.

I previously wrote about a solution to many of the problems associated with the Android operating system.  For the rest of this article, I will pretend that the Android community has adopted these design ideas.

A trustworthy OS would give the user full control over each app's ability to run in the background, upload and download data over various connections (mobile, public network, private "home" network), etc.  Before installation, the user would be prompted (as usual) but for each permission there would be a drop-down list of choices - allow full access, prompt every time, deny access, limited access, custom access, or simulated access.

Let us examine the permission "access your contacts".  If the app only needs to confirm your identity, give it "limited access - just me", or a custom list of your work and home contact entries.  If this app had a social media aspect, you could still use it with confidence knowing that they would not be stealing your entire contact list and sending it to their servers.

If this was well implemented, it would not eliminate rogue apps, but would allow the user to de-fang the app by both preventing access, and preventing communication, and even if they tunneled some information out, it could be simulated data.

What does this mean to users? No more ring-tone apps that steal every file, call history, and contacts.  
The next obvious step would be for some trusted authority to provide a list of recommended permissions to grant an app.

This would require Ad-ware apps to redesign themselves to use an official "Advertisement" channel so they could still remain profitable.  Google would be responsible for shutting down abuses like using the advertisement channel to steal data.

Comments

Popular posts from this blog

How does Rails scaffolding select HTML input tags?

Recently, a reader saw my fix for SQL Server booleans, and asked me a followup question: why does Rails display a yes/no selection instead of a checkbox? The short answer is look in {RUBY_HOME} /lib/ruby/gems/1.8 /gems/actionpack-1.10.2 /lib/action_view/helpers, but your path may vary depending on whether you are using gem, "edge rails", etc. Anyway, look in the file "active_record_helper.rb" for a method called "all_input_tags", and notice that it calls "default_input_block" if you don't supply an input_block. Now notice that "default_input_block" creates a label and calls "input(record, column.name)" which in turn calls "InstanceTag#to_tag" which finally looks at the datatype and maps boolean to a select tag. Perhaps a wiser Rails explorer can provide us with the rationale for this, but I guess we could add a MixIn for InstanceTag that redefines the to_tag() method, or just do a dirty and unmaintainable hack l...

Castle ActiveRecord with DetachedCriteria

My current development environment is Visual Studio Express C# Edition (read that as free ), Castle ActiveRecord's latest svn trunk(usually within a few days), and NHibernate svn trunk. As of NHibernate version 1.2.0, there is a very cool new class out there ... DetachedCriteria. This class lets you set all of your Castle relational attributes like BelongsTo, HasMany, etc. as lazy fetch, and over-ride this for searches, reports, or anytime you know ahead of time that you will be touching the related classes by calling detachedCriteria.SetFetchMode(..., FetchEnum.Eager). As a good netizen, I have tried to contribute to NHibernate and Castle ActiveRecord even if only in the smallest of ways . Oh yeah, I tried mapping to a SQL VIEW, and it worked GREAT! I received a comment after my last post, indicating that there is a better way, and I am sure of it, but the view guaranteed that I only have one database request for my dataset. NHibernate was wanting to re-fetch my missing as...

Destiny 2 - The Corrupted Nightfall

 == Overview == This Dreaming City Nightfall is already considered one of the most irritating strikes, in part because of bugs that sometimes prevent players from proceeding to the next encounter.  Notable bugged areas are the transition from the Elevator to the Knights Steps, and after the passage, the temple sometimes doesn't reveal a way to the shadow realm where you will take your leap. Important Note: After a "de-buff" from Particle Deconstruction, shoot the boss in the head!  It is quite effective, and can melt her with some coordination. Champions: Unstoppable and Overload Shields: Arc, Solar and Void (many shields!) Don't place your well in the open where boss can snipe the sword!  She will break your super. Pass the "Relic" (Orb) twice to maximize damage. == Loadouts == General: * Add Taken spec to every weapon Titans: * Bottom Tree Solar + Path of the Burning Steps or Phoenix Cradle * Sentinal Shield + Ursa, Aeon Gauntlets Warlocks: * Stasis + Blea...