When Google Android 4.3 hit the streets in July it brought some changes to location services, some user interface changes, support for OpenGL ES 3.0 graphics and more. But it also had a nifty feature hidden away in the code: the ability to revoke an app’s access to certain permissions.

Don’t want that puzzle game you downloaded to read your contact list? Just fire up App Ops and turn off the ability to read contacts.

Google didn’t include an easy way to access App Ops in Android 4.3, which led folks to suspect it was just a work in progress. But independent developers released simple apps that made it easy to access… until Android 4.4 KitKat launched in October.

App Ops Permission Manager

KitKat brought better support for cheap phones and tablets, a new phone dialer, system-wide support for printing, and more. But it also seemed to kill App Ops.

It turns out the feature’s still around… it’s just much harder (but not impossible) to access.

Googler Dianne Hackborn says there’s a simple reason why the company isn’t focusing on making App Ops easier to use — it wasn’t meant for users in the first place. It was designed for Google developers to use while testing and debugging software. It could eventually be made available for third party app developers as well, but it’s not currently aimed at end users.

So it’s not really surprising that Google decided to bury App Ops so that it would be harder for users to stumble upon… although that’s not sitting well with some folks.

For instance, the Electronic Frontier Foundation this week ran an editorial praising Google for taking user privacy seriously by including App Ops in Android 4.3… only to have it pointed out that the feature was removed in the next update. The group ran a follow-up urging Google to polish App Ops and release it as a consumer-oriented feature.

That could be tricky — since it effectively gives users a way to to change the behavior of apps they install in ways that the app developers may not have intended… it basically makes it easier for your to break the functionality of an app. But as anyone who’s been using computers for a while knows, user-error is a tradition with a long and proud history. Perhaps Google and app developers need only put a big warning sign letting you know that you’re responsible for anything that goes wrong if you start fiddling with App Ops.

Or perhaps Google could insist that developers provide a list of permissions that are useful, but not essential. That way you’d be able to disable at least some permissions on a per-app basis.

Honestly, there’s not much reason to expect Google to expend much effort “fixing” something that wasn’t really broken in the first place. But since the hidden feature was discovered and widely exploited, it’s pretty clear that there’s at least some demand for this sort of privacy-protecting feature.

On the other hand, there are other ways to protect your private information when using an Android device — you could run a custom ROM such as CyanogenMod, which offers a “Privacy Guard” feature, for instance. Folks using an Android phone or tablet with the Xposed Framework can also use a tool called XPrivacy.

But neither of those options are quite as user-friendly as downloading and installing an app from the Play Store or using a feature that’s built into the operating system.

via Android Police

Support Liliputing

Liliputing's primary sources of revenue are advertising and affiliate links (if you click the "Shop" button at the top of the page and buy something on Amazon, for example, we'll get a small commission).

But there are several ways you can support the site directly even if you're using an ad blocker* and hate online shopping.

Contribute to our Patreon campaign

or...

Contribute via PayPal

* If you are using an ad blocker like uBlock Origin and seeing a pop-up message at the bottom of the screen, we have a guide that may help you disable it.

9 replies on “App Ops saga: The Android privacy feature you weren’t meant to have”

  1. Well, this has been a basic feature in MIUI for ages now, and I’m using a Xiaomi Mi2 so there.

  2. Google give privacy control to users?!?!?! yeah, right. . . keep dreaming. Custom ROM if you want privacy control. Most apps have a laundry list of permissions and we all know they don’t need 1/10th of those permissions.

  3. Note that your “not impossible” link points out it’s only possible for rooted phones.

  4. They should make it available to users and integrate it into the UI. iOS has the ability to allow/deny some permissions and so does Windows 8.

Comments are closed.