Tag: permissions

Needed changes are not going to come from Apple & Google

Android 16 vs. iOS 26: Why Apple's redesign falls flat

Its been all over the news recently.

Apple’s stunning ‘Liquid Glass’ design could change everything and Andorid’s material 3 design change.

These user interface changes I have lots of thoughts about them from a design and UI point of view (most which has been said elsewhere). However my biggest thought is the underlying problems of our smartphones and our tired notions. (especially since finishing the book The Anxious Generation by Jonathan Haidt and the The Chaos Machine by Max Fisher.

cubicgarden

After all the hype and attention, I did fiid the book reasonable. There are parts I did question and frown at but generally it’s not as ground breaking as the press made out.

(comment on The Anxious Generation)

June 11, 2025, 3:58 pm

It strikes me, these are the horrible phase of a pig with a touch of lipstick.

The whole way we use smartphones is broken, I’m not that excited about glassy or blobby elements but it feels like were not getting to the root of the issue. Abuse of user/owner data, lack of user/owner agency and the mass surveillance of millions of people through their smartphones can’t got on as its has…

I’d love to see a new paradigm in the same way both companies have tried to tackle the huge rise in smartphone thief’s. Its not like we don’t have the technology to provide advanced protections for user data but rather each one (Apple & Google) benefit from access to the data. I know people will say yes Google but Apple protects user data access? Likely they do but then become the gatekeeper to your data means they can also offer it to trusted parties?

However this isn’t about that question, I’m questioning why so much work has gone into the UI and not into how to make reconsidering the problems of how we use them?

What are Android App permissions, and how do devs implement them?
Although old, this still feels clunky and could be done much better with better integration with the operating system

Using the scoped storage as a example. This limits an application to a certain space on the file system. iOS and now Android support this, but its a little clunky and almost encourages the owner of the phone to just accept all (This old tread highlights the problem).

Android recently put more emphasis on modes (basically profiles, which have been tried over and over again). It wouldn’t be difficult to tie modes to permissions too? The difference could be the user interface? I don’t have solid answers but I think about when (rarely) my Pixel goes into power saving mode when the battery is less than 20%. There is a visual UI clue but also it restricts the background data use too. I have heard about people turning on extreme power saving mode always for many reasons.

Some of you might say so what? This isn’t permissions and data but ultimately its the combination which is important. Its almost like their aim is just shift more new phones, regardless of the result… Of course! Some of you may say hey Ian, what would you change and how? My answer is simply I could rethink a bunch of things and I’m sure some of their teams already have but as usual its so low on the list as it doesn’t sell phones. Or even maybe they are waiting for regulation to force them to make the change?

How to Disable Gemini in Gmail and Other Google Workspace Apps - Make Tech Easier

I reflect on the AI/Gemini changes in Android and Google services, maybe I would like to use it for a limited scope of things and accept the results won’t be as great. But my only option is accept or decline. In 2025 this is bad and needs changing, heck I love for designers to take up the challenge of making this all seamlessly work with the ability to negotiate and change the scope at any time.

Really need to see Human Data Interaction replace Human Computer Interaction now because its become unacceptable in my eyes. Worst still it limits whats possible and leads to a outcome which doesn’t empower the owner/users.

The realm of third-party trackers on Android

Luman android root cert

I was excited to learn about Lumen Privacy Monitor, as I’ve always wondered about the apps I have installed even when I have restricted the permissions wanted from the installed app.

New research co-authored by Mozilla Fellow Rishab Nithyanand explores just this: The opaque realm of third-party trackers and what they know about us. The research is titled “Apps, Trackers, Privacy, and Regulators: A Global Study of the Mobile Tracking Ecosystem,” and is authored by researchers at Stony Brook University, Data & Society, IMDEA Networks, ICSI, Princeton University, Corelight, and the University of Massachusetts Amherst.

“This is the start of a long project to uncover all the hidden data collection and data dissemination practices on the internet,” Nithyanand explains.

“There’s a huge lack of transparency around how mobile applications behave,” adds Narseo Vallina-Rodriguez, a co-author and researcher at ICSI. “People install software, but don’t know what that software is doing.”

The paper’s introduction lays out a troubling scenario: “Third-party services inherit the set of application permissions requested by the host app, allowing them access to a wealth of valuable user data, often beyond what they need to provide the expected service.”

To study this scenario, the researchers used Lumen Privacy Monitor, an Android app they built themselves over a two-year period.

So I installed it just to see what was going on with my Android devices. But there is a problem… Best summed up in this comment from Wcat.

Not open source? TLS interception? Before you install this stop and think about TLS interception. “Those who would trade privacy for security deserve neither.”

Luman asks for permissions to install its own root certificate, and this deeply worries me. TLS inception isn’t a trivial thing to be honest, I know its needed but it had me questioning how I really want to monitor the apps? Also if I remove the app, will the certificate be removed too/how would I know?

Right now, I’m keeping an eye on the app but haven’t installed the root cert yet.

Graceful degradation of apps via permissions under android 6.0

Android 6.0 Marshmallow has a very nice feature, something I have been wanting to see more across all services and applications. Granular permissions, which can be applied and revoked by the user at anytime.

It was obvious that iOS had it right as far as transparent, granular app permissions were concerned, and Android Marshmallow admits as much, because it now has a very similar system. Permissions are asked for as and when they’re needed, rather than all at once during installation.

That gives you a better idea of what’s going on and also let’s you, for example, give Facebook access to your camera but not your contacts. If you want to check which apps have what permissions (and edit them), go to Settings: tap Apps then the cog icon, then choose App permissions.

Android 6.0 permission system
Why does BBC iPlayer Radio need access to my phone?

Since android 6.0 marshmallow, i’ve wanted to try out the app permission tweaker. I’m interested to see what happens when I block certain apps from key permissions. Will they explode will they gracefully handle it and still operate without it?
For example could I run facebook app and deny access to the internet, or local storage? OK that might be a little too far but what about facebook without access to the mic and camera? Surely that would work right?

So I tried it with the Amazon kindle app, which I always thought had too many permissions anyway. I mean why does the kindle app need access to my contacts and my telephone?!

Android 6.0 permission system

Haven turned them off, I thought I’d better see if the app still actually worked?

Android 6.0 permission system

It did! So I started revoking permissions from apps which I felt didn’t need the permissions. For example Fitbit, which I refused to upgrade in the past due to the permissions.

Android 6.0 permission system

Why does Fitbit need so many permissions anyway!

Android 6.0 permission system

Andorid warms me the app may break as its not written for Android 6.0. But it still works as I want it to., so this has to be a case of them over reaching with the data they want to consume?
Say hello to your new permissions Fitbit, and it works fine when syncing data from the Fitbit.

Android 6.0 permission system

Fitbit better get use to the sandbox I put it in, and they are not the only one!

Android 6.0 permission system
Android 6.0 permission system

This for me is a key part of the VRM infrastructure as Adriana said

If you cannot reject them, if you cannot actually say well, I’m fine with that but not with that, what’s the point?

Great to see it working as expected, graceful degradation of applications based on permissions. I might be able to install Facebook again.

Update

I installed Facebook messenger again with the permissions I felt comfortable with.

Then decided actually I want to break FB messenger as its meant to be written for Android 6.0, so denied it access to my location too.

Installing Facebook messenger under Android 6.0

I can say everything  works, and I haven’t seen any problems so far with my permissions. I did notice you can start to mess with the data usage too, which maybe a way to restrict network usage.?

What is Fitbit trying to do?

new fitbit permissions

For a while now, I have been declining the fitbit upgrade on my Android devices. I kept tweeting fitbit to ask why on earth my digital pedometer needs access to my SMS, Camera and Location?

I can imagine, Location is passable but SMS and Camera? Really? I voted with my feet and kept the upgrade on hiatus till I heard a reason why.

Finally I got a message from Fitbit support…

So basically fitbit is trying to break its way into the wearable market with phone and messages notifications?

I think I’ll hold off on upgrading even longer now. I’m sure you can turn it off but I’m just not interested, especially since I have the pebble smartwatch which already does this and so much more.