If you have root you can still enable it with market apps.[0][1]<p>However something like this needs to be integrated tightly like iOS and apps need to be aware they may not receive requested permissions. I still use App Ops in Kit Kat and it silently breaks apps all the time. Apps expect to be able request information (e.g. contact details) and crash or stall when they can't.<p>In that respect, LBE Privacy Guard[2] was a much better alternative up to ICS. It was a privacy firewall that would pop up notifications when protected permissions were being used for the first time. Instead of blocking apps when denied, Privacy Guard would feed it blank data instead. This lead to a better UX and stopped blocked apps crashing.<p>There needs to be an open source version of LBE Privacy Guard since the current one hasn't been updated over a year and is closed source from a Chinese company.<p>[0]: <a href="https://play.google.com/store/apps/details?id=com.colortiger.appopsinstaller&hl=en" rel="nofollow">https://play.google.com/store/apps/details?id=com.colortiger...</a><p>[1]: <a href="https://play.google.com/store/apps/details?id=biz.bokhorst.xprivacy.installer&hl=en" rel="nofollow">https://play.google.com/store/apps/details?id=biz.bokhorst.x...</a><p>[2]: DO NOT INSTALL, FORCES REBOOT LOOP<p><a href="https://play.google.com/store/apps/details?id=com.lbe.security.lite" rel="nofollow">https://play.google.com/store/apps/details?id=com.lbe.securi...</a>
I'm probably going to turn in to that old guy with tin foil who can't play any games because nobody supports his choice of platform, but I really miss when computers were devices you could buy and then put your choice of OS on. Phones are pretty much just little ARM computers, why the hell don't I just install Ubuntu, Firefox OS, Android, WinPhone, Symbian, whatever? I could format a microSD card to boot from and go from there.<p>And while I'm complaining, phones (devices for communication, remember?) need proper keyboards.<p>OK. I'll crawl back into my cave now.
They still need to split the permissions more. READ_PHONE_STATE is nasty.<p>Apps ask for the permission because they (for instance) need to pause playback on a video because you have an incoming call. But it covers all the phone details (numbers, IMEI etc) <i>and</i> who the call is coming from and a hell of a lot of other stuff.<p>Who the hell thought that was a good idea?
This is one area where iOS stands head and shoulders above Android. I used to run Cyanogenmod and I remember deciding to not upgrade the Facebook app because doing so would have required giving it a slew of permissions, including the ability to "directly call phone numbers".<p>By contrast, in iOS, I can choose which apps have access to my location, contacts, etc.<p>I know that Apple's track record when it comes to privacy isn't exactly spotless but Google would be well advised to follow their lead in allowing users granular control over 3rd-party apps' permissions.
There is another point here, one I think even more important and more disconcerting.<p>Google released an entire feature of their Android OS BY ACCIDENT. W...T...F?! How do you release a feature "by accident?" By having awful quality control? How does that make me feel about the rest of their Android OS now?<p>Either this, or they're lying through their teeth in an effort to cover up. In either case, it's evil.
Whatever, fuck Google.<p>If you are interest in doing this with Android, the autopatcher[0] does this for you on a whole series of ROMs on all versions of Android from 2.x-4.x, and has been doing so successfully for a while. There is a pretty active user community on XDA for the PDroid patchset as well.[1]<p>[0] <a href="https://github.com/mateor/auto-patcher" rel="nofollow">https://github.com/mateor/auto-patcher</a><p>[1] <a href="http://forum.xda-developers.com/showthread.php?t=1357056" rel="nofollow">http://forum.xda-developers.com/showthread.php?t=1357056</a>
> When asked for comment, Google told us that the feature had only ever been released by accident — that it was experimental, and that it could break some of the apps policed by it.<p>Oh, it would definitely break some apps. Considering it would introduce new uncertainty. It's still an amazing feature.
This is a major issue Google needs to deal with in Android IMO. I'm surprised that this feature ever existed in Android because of how coupled permissions are with applications. Since applications request all permissions on install I imagine most developers don't have much conditional code for their failure, unlike iOS where you have to because there's a possibility a user may deny access to a single specific thing, like location data. I'd really prefer to see Android go more towards that. When you look at the permissions an application like Facebook requests on install it's just insane.
The original intention (as explained by Dianne Hackborn among others) is that if the user sees the app requesting too many capabilities... the user should simply choose not to install the app. Having the user needing to understand all the different capabilities is too much. Having a bunch of pop-ups (<i>cough</i> Vista) is also bad UI design.<p>The current set of capabilities is too technical for end users to really understand. This all need to be collapsed into a few broad areas like "tracks your location" that have clear, clickable explanations.<p>For the privacy paranoid, having a configurable way to just inject false data would be great. Have a single fake IMEI number, for example. Then for apps, the API call doesn't fail, it just returns the fake number.
This is a pretty disturbing trend. Just recently I ran into problems with a TV station's app on iOS that refused to play video without Location Services Enabled. I don't mind a general region being disclosed, but the house-level accuracy of the location data definitely creeps me out. I don't think the general public realizes location can be equivalent to a person's id.
I think it's a great feature. There have definitely been some apps where I would have liked to use them but they've had permissions requirements that I did not believe the app's core functionality needed.
It seems really dumb of Google not to just go with the flow here and let the AppOps feature exist. Whack a giant disclaimer on it that it will break stuff, disable Play Store comments and ratings, let the users use it, and collect the giant PR dividend for looking like you care about privacy. They can do all that and lose virtually nothing because such a tiny percentage of people will ever use this feature that it will make no difference to them at all.<p>On the other hand they can go the other way and take a giant PR hit for virtually no benefit. Out of some sense of stubbornness or beligerance Google often seems to desire to shoot itself in the foot like this.
I hope it wasn't just an "accident" and Google really was working on a way to make it work for both developers and users, and perhaps it was there much like the ART runtime is in there, even though it's not ready for primetime.<p>I think Google can make it work, but they need to be committed to it. Surely there's a way for the apps to gracefully transition to not needing certain permissions. Google just needs to introduce the proper rules for developers to make this work.
There is a way of bringing it back, however the phone has to be rooted. See here: <a href="http://www.xda-developers.com/android/xposed-module-brings-back-app-ops-to-android-4-4-2-and-gives-your-control-of-your-application-permissions/" rel="nofollow">http://www.xda-developers.com/android/xposed-module-brings-b...</a>
I'm surprised this feature wasn't in place from day 1. It probably involves almost no implementation overhead on the OS side of things.<p>Apps, on the other hand, would have an extra error case to deal with, but they should be dealing with other error cases anyways.
Users of Android should realize that they are the product. If Google gives too much privacy control, advertisers won't pay as much for ads, and Google's core business is ads.<p>Given a fight between privacy and ad dollars for Google, privacy will lose almost every time (within reason; Google doesn't want to kill the golden goose (i.e., you)).
I have to admit, the EFF has just lost a chunk of support from me over this. Google never released this feature - you needed to install some 3rd party app to expose the settings, this alone is enough for anyone of any intelligence to know they are doing something not intended for the general public.<p>Seriously EFF, get your act together please. I do want to support you, but not like this.
I didn't use App Ops. Did it allow a general policy to be set? I can see you can set permission per app from the screen shot.<p>I'm not sure I buy Google's excuse. Any app worth it's salt should be able to cope with not having the permission set. I'm guessing this was impacting their own core apps.
I'm really disappointed, seems like my next phone won't carry Android!
App opps worked great for me and help alleviate some worries about tracking. I could also see which apps actually used their claimed Android features. Many of them claim to use location yet never access it.
All these abusive permissions are an excellent opportunity for GNU-licensed software (free, no ads, <i>only</i> strict minimum of required permissions -- all honestly explained) to thrive on Android.
I hope this feature will get added again in a future version.<p>It was not an official feature in KitKat and somewhat breaks the current API, where developers didn't have to check for permissions at runtime.<p>Android 5.0 maybe?
This is very disappointing. I had hoped the release of App Ops as a hidden feature indicated that permissions would be user-revocable in a future release.<p>It isn't a burden to handle security exceptions.
I'm surprised at the EFF. this post seems intended to save face for them rather than anything else.<p>They had a post recently lauding App Ops although it was never officially released, announced nor documented. And it certainly was not accessible to the average user.<p>Also it was obviously not compatible with most apps, as they didn’t fail too gracefully.
Again: App Ops Was Never Meant For End Users, Used For Internal Testing And Debugging Only<p><a href="http://www.androidpolice.com/2013/12/11/googler-app-ops-was-never-meant-for-end-users-used-for-internal-testing-and-debugging-only/" rel="nofollow">http://www.androidpolice.com/2013/12/11/googler-app-ops-was-...</a><p>I do hope Google is working on something similar on an OS level for future releases, but this hack job by the EFF is disappointing and unnecessary.
I don't understand this from the EFF first they post a piece lauding an unofficial, deeply buried unannounced functionality, then they condemn Google for removing something that they have never officially released or supported in the first place.<p>It’s their mistake for jumping the gun and discussing something that wasn't officially, the followup is just to save face, but that is really an unfair attack.