Privacy features in Touch (cyanogenmod)?
Matthew Paul Thomas
mpt at canonical.com
Tue Jul 2 19:19:23 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
J Fernyhough wrote on 24/06/13 13:28:
>
> On 24 June 2013 13:13, Marc Deslauriers wrote:
>>
>> On 13-06-24 08:07 AM, Matthew Paul Thomas wrote:
>>>
>>> J Fernyhough wrote on 22/06/13 16:06:
>>>
>>>> On 22 June 2013 15:12, Matthew Paul Thomas
>>>> <mpt at canonical.com>
>>>>>
>>>>> On Ubuntu, an app will request a privilege during runtime.
>>>>> For example, a game might have a "find my friends who
>>>>> already play this game" function, that accesses your
>>>>> contacts. The game would work just fine if you don't use
>>>>> this function. But if you do use it, Ubuntu would then --
>>>>> and only then -- ask you if you want to grant the app
>>>>> access to your contacts.
>>>> ...
>>>>
>>>> This is excellent! One quick feature request: a "remember
>>>> this choice" checkbox. ;)
>>>
>>> I don't understand. Why would Ubuntu forget the choice
>>> otherwise?
>>
>> Because granting a permission may depend on the context?
>>
>> For example, I may want to allow a photo application to use my
>> GPS to tag a picture when I'm in some public place, but not when
>> I take a picture when I'm at home.
A photo app that triggered an OS prompt to grant access to your
location, after every photo you took, would quickly become intolerable.
More viable would be a setting to use your location unless you are
within X distance of an editable list of locations.
And that setting would likely be more findable -- and would therefore
protect more people -- in the photo app itself, rather than in System
Settings. It would certainly be explained more clearly, because the
photo app would know what it is using the location data for, while the
OS would not. For example, you might want the app to record the
location of every photo for your own reference, but strip it out when
posting the photo online, whether that happened moments or weeks later.
This illustrates my general understanding of the purpose of the
permissions feature. It is primarily for protecting against
overzealous app developers. It is not workable for trying to control
an app's use of data once the app does have access. That can be done
more practically, and more understandably, inside the app itself.
>> Granting a permission shouldn't mean I grant it forever, unless
>> I decide it should be forever...having both "Just this once" and
>> "Always" buttons satisfies my use case.
>>
>> Marc.
I don't see how those two buttons would satisfy that use case. If you
didn't want to be prompted after every photo you took, each day you
would tap "Always" after taking your first photo away from home, and
then ... what? Have a separate app that detects when you're returning
home, and reminds you to go into System Settings for your nightly
revocation of location access to the photo app? Sooner or later you'd
forget.
> Exactly this.
>
> Though having buttons would result in four choices: Yes, No,
> Always, Never. Having buttons and a checkbox would be three: Yes,
> No, Remember. I think the SuperUser apps on Android might be a
> good example of how a single request might look? It could get a
> little more complicated if the app requests several permissions at
> once, though.
>
> ...
When requesting access to an online account, the dialog would already
contain up to four controls: a menu if you had multiple accounts of
the selected type, then buttons for "Allow", "Add Another...", and
"Don't Allow".
- --
mpt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iEYEARECAAYFAlHTJ7sACgkQ6PUxNfU6ecp4PQCfZJXimBom2bQnuv5bibyHhxKz
QKUAoIdlYLHHFMrFSnxwWfmkay+V68XR
=l9O4
-----END PGP SIGNATURE-----
More information about the Ubuntu-devel-discuss
mailing list