Google yanks vital Android privacy feature


#1

[Permalink]


#2

I’m guessing apps (devs) were finding ways around it, thus making the feature a bit of a lie?

Ooooh! Or perhaps now that Google is a defense department contractor… yes yes!?


#3

Choose privacy or security, huh? That’s almost poetic. Someone should say that in a better way so it can go on bumper stickers. Oh, and it’d help if they were one of the Founding Fathers.


#4

I wouldn’t have believed that the feature would work 100%, and I would assume that Google could quietly revoke your choices without notifying you at any point.


#5

ANSWER HERE.

XPrivacy can prevent applications from leaking privacy sensitive data. XPrivacy can restrict the categories of data an application can access. This is done by feeding an application with no or fake data. There are several data categories which can be restricted, for example contacts or location. For example, if you restrict access to contacts for an application, this will result in sending an empty contact list to the application. Similarly, restricting an application’s access to your location will result in a set location being sent to the application.


#6

“A moment ago, it looked as though Google cared about this massive privacy problem. Now we have our doubts.”

Laughable. Although I confess it’s rather cute the EFF is still holding a torch for Google’s ‘Don’t be evil’ credo.


#7

Letting everyone else forget that old motto as easily as Google did is kinda letting them win.

It may seem a silly torch to still hold, but it’s a torch that helps shine a little more light on Google’s hypocrisy so people who are on the fence about Privacy vs. Security can start leaning more towards the Privacy side of things.


#8

You have to work harder to find apps, but you’d be surprised how much you can do with a Google-free, unregistered Android phone.

Curiously, one of the apps that’s available to download for sideloading is a useful home-screen toggle that lets you shut off data communication except when YOU want the phone to have a conversation. Granted, that’s way clunkier than the level of control that our angelic G-friends just whisked away from us, but it does help.

And don’t forget that every app tells you exactly what it’s going to demand before you give it the go-ahead to install. That Cancel button is there for a reason. Why anyone would install overreaching apps is beyond me, especially when there’s a FOSS alternative.

To use your example, yes, there ARE FOSS flashlight apps. Yes, they’re available outside Google Play’s happy little garden.

Android is still FOSS, even as Google tries to kettle it. But the Big Gs are up against a pretty determined hacker (good guy flavor) community. The more they try to clamp it down, the harder the community will work to free it.

Cyanogen’s growing success makes it clear that Google has miscalculated here. Let’s hope that the newly-corporatized Cyanogen won’t become another Google. But if they do, another fork will appear to replace them.

By the way, the irony of my posting this comment under a Google username isn’t lost on me. It’s intriguing to watch BB advocate for privacy on one hand while, on the other, requiring their readers to give some up in order to post comments.


#9

I actually use CyanogenMod, which has this stuff with their new Privacy Guard features, so that’s fun. However as a developer I would just like to point out that Google’s official response to the EFF is at least plausible, that this feature is currently in testing by Google and accidentally went wild before official release. In which case their course of action in pulling it makes a lot of sense, you don’t want a not-fully-tested feature out there with potentially phone breaking bugs. I think the fact that this feature exists at all says a lot.

Now, on the other hand, if they don’t make an official release within a reasonable amount of time, then that might be cause for concern.


#10

What I am not quite getting is why Google isn’t more interested in privacy features. I would have thought that because of their own privileged position they would be more willing to lock down apps written by mere mortals. On a typical Android phone their apps control much of the most sensitive information outright and their apps tend to be very online-centric. They would probably survive better controls unscathed.


#11

A moment ago, it looked as though Google cared…

Caring is an emotion. Corporations do not have emotions. QED.


#12

What we need is a ‘Troll the NSA’ app that plays back false location data for collection, such as journeys between MI6 headquarters on the south bank, to Dartmoor prison, to a random lock-up garage in Lewisham, to Chequers, to Buckingham Palace, to the Grand Lodge of the Freemasons in Great Queens Street, to Heathrow airport, to the BBC, to GCHQ in Cheltenham, to Sellafield and then Porton Down. Add that to the Warrant Canary as useful BoingBoing / EFF apps to be written…


#13

It was pulled almost immediately. We mentioned it in the comments of the original article as EFF posted it at the same time as Cory’s original article - not sure why it took this long to update the story.


#14

Almost immediately being relative with phone OS release schedules. It was added in 4.3, removed in 4.4.2. Wikipedia gives the release dates for those as July 24 2013 and December 9 2013.


#15

Edit: Actually I was confused.

It wasn’t pulled immediately after release, but EFF found out immediately that it had been pulled after they first reported it.

I wish Cory would read the comments more frequently though, purely for the sake of corrections/clarifications (which are unfortunately quite common with his posts). Not that I don’t blame him for avoiding comments.


#16

Here’s hoping that the code is still hanging around in the 4.3 source. It’d be pretty great if CyanogenMod and the like could continue to implement and improve it even as Google have yanked it.


#17

Real shame. I’ve been hoping that my S3 would finally upgrade to A4.3 so that I could stop it from nagging me about Dropbox.
Actually a few more upgrade options such as ‘No, I do not want this or any future update’ and indeed ‘I have no interest in Hangouts Replaces Chat and would like you to uninstall it. No, I want you to uninstall it, not just roll back some updates I never wanted or asked for’.


#18

I think the problem here is that this “feature” was never meant to be a functioning feature for the end user. At least not yet (thus the improvements suggested in the article). While I feel this would be a great feature and hope to see it released officially in the future, and while I respect the work the EFF does, it seems as if they are now pushing for Google to re-prioritize a feature that, before they got a taste of it, they didn’t seem to be clamoring for…

Seeing as how selectively turning off permissions could potentially cause issues with software suddenly not working, I would think it would only be fair for Google to refine the functionality and release it to developers first to avoid any potential issues with apps.


#19

I don’t know if I’d agree with that - when I read the disappointed article it made the point that Apple had introduced this functionally a while ago, and that it was a shame that Google hadn’t caught up. So it does seem that it’s something they’ve been keeping an eye on.


#20

FTFY .