Android gives you the ability to deny your sensitive data to apps

Android privacy just got a lot better. The 4.3 version of Google's mobile operating system now has hooks that allow you to override the permissions requested by the apps you install. So if you download a flashlight app that wants to harvest your location and phone ID, you can install it, and then use an app like AppOps Launcher to tell Android to withhold the information.

Peter Ecklersley, a staff technologist at the Electronic Frontier Foundation, has written up a good explanation of how this works, and he attributes the decision to competitive pressure from Ios, which allows users to deny location data to apps, even if they "require" it during the installation process.

I think that's right, but not the whole story: Android has also always labored under competitive pressure from its free/open forks, like Cyanogenmod.

In the days when Android didn't allow tethering (as a sop to the mobile carriers, who are the gatekeepers to new phones for many people), Cyanogenmod signed up large numbers of users, simply by adding this functionality. Google added tethering to Android within a couple of versions. Some versions of Cyanogenmod have had the option tell your phone to lie to apps about its identity, location, and other sensitive information -- a way to get around the "all or nothing" installation process whereby your the apps you install non-negotiably demand your "permission" to plunder this information. I'm not surprised to see the same feature moving into the main branch of Android.

This dynamic is fascinating to me: Google has to balance all kinds of priorities in rolling out features and "anti-features" (no tethering, non-negotiable permissions) in Android, in order to please customers, carriers and developers. Free/open forks like Cyanogenmod really only need to please themselves and their users, and don't have to worry so much about these other pressures (though now that Cyanogenmod is a commercial operation, they'll probably need to start playing nice with carriers). But because Android competes with Cyanogenmod and the other open versions, Google can't afford to ignore the featureset that makes them better than the official version. It's a unique, and extremely beneficial outflow of the hybrid free/commercial Android ecosystem.

In the early days, that model was at an improvement on its major competitor, Apple's iOS, which didn't even have a permissions model. But after various privacy scandals, Apple started forcing apps to ask for permission to collect data: first location and then other categories, like address books and photos. So for the past two years, the iPhone's app privacy options have been miles ahead of Android's.

This changed with the release of Android 4.3, which added awesome new OS features to enhance privacy protection. You can unlock this functionality by installing a tool like App Ops Launcher. When you run it, you can easily control most of the privacy-threatening permissions your apps have tried to obtain. Want to install Shazam without having it track your location? Easy. Want to install SideCar without letting it read your address book? Done.2

Despite being overdue and not quite complete, App Ops Launcher is a huge advance in Android privacy. Its availability means Android 4.3+ a necessity for anyone who wants to use the OS while limiting how intrusive those apps can be. The Android team at Google deserves praise for giving users more control of the data that others can snatch from their pockets.

Awesome Privacy Tools in Android 4.3+

Notable Replies

  1. Wasn't this just sidelined in 4.4.2?

  2. Wade says:

    Was working great. Now perhaps Google has had a change of heart. 4.4.2 broke it on my nexus 4. Seems others are having trouble as well. Developers are aware of it and are working on a fix. Hope it goes well as this was a great thing. Not looking forward to rooting and installing another ROM like Cyanogen but the app permissions are getting ridiculous and if I can't get this kind of control I will likely return to iOS.

  3. teapot says:

    In the days when Android didn't allow tethering

    This was only carrier-specific phones. If you bought an unlocked device it could do tethering. My stock Samsung Galaxy S could do tethering in Australia (cause our carriers aren't complete freaking jerks).

    Blocking specific app permissions has been possible for a fair while now, but has always (AFAIK) required root. In any case you should root your phone if the path is easy because (I guarantee) at some point you'll want to use an app that requires root access. The app I've always heard recommended for blocking permissions is Permissions Denied

    I will likely return to iOS

    How would that change anything? Isn't root impossibly easy on the Nexus 4?

    Edit: Yes, Yes it is:

    Edit 2: The developer says on the Play Store description of App Ops that a working fix for 4.4.2 is coming but in the meantime (if you have root) you can run App Ops X that supposedly works fine.

  4. teapot says:

    Plus you don't need a ROM at all - just root access. It's not the OS that's stopping you it's the permissions to access system stuff that are restricted unless rooted.

  5. UPDATE: Google pulled it, right after everyone started praising it. Here's the EFF story:
    And, if you search for "App Ops" in the Google Play Store, you'll get results for unicorns.

Continue the discussion

22 more replies