Privacy features in Touch (cyanogenmod)?
Matthew Paul Thomas
mpt at canonical.com
Mon Jun 24 12:35:26 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Daniel Hollocher wrote on 22/06/13 16:31:
> ...
>
>> This is poor design. Of all the time you spend with an app, the
>> moment you're about to install it is the moment when you know
>> the least about it. So it's the moment when you're least able to
>> make informed decisions about granting those privileges.
> ...
>
>> On Ubuntu, an app will request a privilege during runtime.
>
> What I see you saying is that by the time I've just begun to use
> the app, I will have a better sense of what the app does, and
> therefor know what privileges to grant.
Not necessarily "just begun". For example, you might have been playing
a game for minutes or hours before you encounter the "Tweet this high
score" button.
> But that isn't the case for me. Once I've started the app, I'm
> still trying to figure out what it does (even a simple game). So I
> would just allow all privileges given that I don't know how to make
> a better decision and I at least want to make sure that the app
> works. I think in general, once I have decided to start installing
> an app, I've also decided that I trust the app.
I'm not interested in encouraging people to decide that they trust an
app before they've even figured out what it does. Criminy.
> So, here is an alternative: before installation. Have the needed
> permissions displayed on the installation page, along side the
> ratings and forum discussions and app description. That way, if
> there is some permission that doesn't make sense, I can go straight
> to the comments section to see any discussion about it. (and make
> permissions something I can search against, that way I can filter
> away unwanted permission takers).
That isn't an alternative; it's the Android model I described in the
first place.
> ...
>
> PS - I think there is a wider issue of incorrectly assuming that
> giving users finer grained control over privacy will grant greater
> privacy. For some users, it has the opposite affect: it
> overwhelms them with difficult questions, leading to "yes to all"
> types of behavior.
I agree. Prompting before install would effectively require a "Yes to
all" response, which would in turn encourage app developers to request
privileges they don't need.
- --
mpt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iEYEARECAAYFAlHIPQ4ACgkQ6PUxNfU6ecqdtwCgo4O8vNwu2xkA9XCrQqKGoz6v
qgEAnjBe1Bpbyuftu6iIxVV9Ch2DAaLb
=URZQ
-----END PGP SIGNATURE-----
More information about the Ubuntu-devel-discuss
mailing list