00:51
Unknown
Google giveth privacy in Android Jelly Bean, and Google taketh it away in Android KitKat. What's a privacy conscious user to do?
Earlier this week, the Electronic Frontier Foundation praised the App Ops Launcher included in Android 4.3 (Jelly Bean) as an "extremely important app privacy feature," but it turns out Google had removed this feature in the latest Android KitKat (4.4.2). Google told the EFF that App Ops Launcher was considered experimental and had been released "by accident."
"For the time being, users will need to choose between either privacy or security on the Android devices, but not both," wrote Peter Eckersley, a technology projects director for the EFF.
Granular Privacy Controls
App Ops Launcher allowed users to install apps while preventing the app from collecting specific types of sensitive data, such as the user's location or addressbook. Up until App Ops, Android's privacy permissions were set up in such a way that users could not install an app and still say "no" to certain permissions, such as reading the addressbook or collecting location data. For example, if users want to install an app like Brightest Flashlight without giving it permission to know your location, under Android without App Ops, they can't. It was either install and grant all permissions, or not install the app at all.
This is something Apple had already addressed in iOS.
The fact that Android users could not turn off specific app permissions was a "Stygian hole" in the Android security model, and the reason why App Ops was such a promising development, Eckersley said.
Google told EFF the tool could break some of the functionality in the apps instead of just policing its behavior. "We are suspicious of this explanation, and do not think that it in any way justifies removing the feature rather than improving it," Eckersley said.
The User Dilemma
With App Ops disappearing from the latest version of Android, privacy- and security-conscious users are faced with a quandary. If you are especially concerned about app privacy, then you want App Ops and should stick with Android 4.3. But not updating to Android 4.4.2 is a "catastrophic situation" because the latest version contains fixes to security and denial-of-service bugs, Eckersley warned.
For Google to prove that it is serious about user privacy, Google needs to "urgently re-enable the App Ops interface," and then extend it to fix some serious gaps, EFF said in the post. For example, Android users should be able to disable an app's ability to collect all trackable identifiers, including phone numbers and IMEIs, with a single switch. Users should also be able to disable the app's network access entirely.
"There are numerous ways to make App Ops work for developers. Pick one, and deploy it," Eckersley wrote.
via Technology - Google News http://news.google.com/news/url?sa=t&fd=R&usg=AFQjCNG6-Jo3WkGfW7lwF-LgWwTq5JXz8w&url=http://securitywatch.pcmag.com/mobile-security/318884-eff-you-can-have-privacy-or-security-on-android-not-both
Put the internet to work for you.
Posted in: Tablets 4 Kids
0 comments:
Post a Comment