Let’s assume for a second, that the content of this article is correct: Google’s backward step on Android app privacy. Then it shows â€“ once more â€“ that Google is a very innovative company with a very limited view on user’s privacy and security. When you look at the new security user experience in the Play Store, I guess their intention was right: Simplifying the user experience. I am the very first person supporting this. But by simplifying you should probably not introduce new fundamental flaws. It seems that Google simplified the access model for apps in the store. They introduced groups of rights and you grant access to a group. Now an app seems to be able â€“ once you approved it to a group â€“ to gradually expand their rights without your explicit consent. Read this:
How about this idea. You start by creating some stupid novelty app. Something like the embarrassingly stupid Yo, which does nothing more than send the word “Yo” to other people with the app installed. Somehow Yo has already scored $1.2 million in investment. You ride the viral wave, then wait for people to get bored and forget about it. But the app is still there, running some background communication process. It gradually ups its permissions in successive automatic updates. Six months later, you’ve got an.
Is this where we want to go with our security? I guess not. I would propose: Back to the drawing board.
- Play Store Permissions Change Opens Door to Rogue Apps (xda-developers.com)