App Ops or App Oops!?

Was it a mistake to include it in the first place, or to remove it after it was "accidentally released"? In this article (http://www.theverge.com/2013/12/13/5207892/eff-criticizes-google-for-android-app-ops-removal) the Electronic Frontier Foundation (EFF) criticizes Google for the removal of a hidden permissions management tool from the latest builds of Android. App Ops was first introduced in the Android 4.3 releases and continued into the Android 4.4 release. But now in 4.4.2 App Ops has disappeared.

Wait, what is App Ops? You know when you are about to download an app from the Google Play store and you are prompted to accept a variety of permissions that the app is requesting like, access to your network, your contacts, your phone calls? App Ops is (was) a tool that let you review and change the app permissions after the app had been installed on your device.

The reality is that most apps do not need all the permissions they ask for.  This is the biggest Android security issue today and is exactly what the EFF says – apps that are in Google Play are compromising your personal data and your privacy. This may be counter to the scare tactics of the AV vendors, but viruses are not a big issue on Android for the typical user (e.g. those who do not side-load nefarious apps from dodgy websites).

There have been a number of attempts at restricting permissions, including extensions to SE Android promoted by the NSA. App Ops allows a device owner to rethink their decision to allow access and "un-approve" certain permissions without having to delete the entire app. But like earlier solutions, App Ops could break some apps by removing permissions that the app needed, or because the app did not gracefully handle the lack of permissions. And this is Google's argument for removing App Ops. (Similar to why SE Android is running mostly in permissive mode, but that is another topic.)

So, do you read the permissions, or do you simply say "ok" and start downloading your app? Unfortunately, most users click “ok”. And most do not even read what permissions are requested.  And most do not understand the potential implications of granting such permissions.

And this where we differ with the EFF. We do not need a solution for a small group of power users and privacy geeks (like us at Graphite Software). If most users ignore the permissions in the first place, then what makes you think they can/will navigate App Ops?

Our product, Secure Spaces, allows you to put apps into “Spaces” or different buckets, or different rooms – whatever physical analogy works best for you. Each Space is isolated from the other. The user can broadly control the permissions on the Space, rather than per app. If your contacts are not in the Space with Angry Birds, then the game can’t access your contacts. Simple. We need simple.