One of the reasons behind this is location, where there are a class of apps which could conceivably rely on you not being able to lie about it. (The existing mock location facilities explicitly notify apps they are mock for this reason).
However, the use of this feature for it in practice is . . . non-existent.
Google also famously went crazy when Motorola almost used Skyhook as network location provider for the Droid, on the basis that such information feeding back into their systems might be inaccurate and thus pollute their data collection activities. (They use Android devices as modern proxies for the WiFi slurping the streetmap cars used to do). As such Google have absolutely no incentive to resolve this problem as they are reliant on you not lying to them about where you are.
What's fun is J2ME got this right. Apps couldn't just assume they had permission for certain tasks, and users would be asked when the app wanted to do something. If the user refused you'd get an exception, but you were expected to handle it gracefully. It really wasn't that big of a problem, except for the user experience of the prompts some manufacturers chose to implement being fairly horrible.
Android could shift to revocable "a la carte" permissions just easily, and could ease the transition by granting sets of permissions for old apps, but substituting, for example, an empty Contacts database for the real one if the user opts out of that permission.
Google couldn't even argue that getting fake data is harmful, as long as the data is forthrightly null or unavailable. Location apps have to deal with the lack of location data. Apps that access SMS have to deal with devices that don't get SMS messages.
I hope alternative Android distributions mature to the point that some OEMs will choose to provide more-private "remixes" of Android based on these distributions and on ecosystem partners like DDG.
>where there are a class of apps which could conceivably rely on you not being able to lie about it.
I don't think having 'mock' data is the right approach, but as you mentioned below, it's enough that the relevant API simply throw a security exception and let the app handle it gracefully.
>If the user refused you'd get an exception, but you were expected to handle it gracefully.
And that's absolutely the right approach.
>It really wasn't that big of a problem, except for the user experience of the prompts some manufacturers chose to implement being fairly horrible.
That should be handled by the OS, which would completely negate this issue.
Exceptions are not a solution - instead of the OS request "grant permission X to install the app" you get an app request "grant permission X to run the app".
This is the exact scenario that needs to be avoided - if the app developer wants something that I don't want to give, then you can't rely on cooperation from the app.
The whole point is that if a flaslight app wants to read my SMS, then I shouldn't have to choose between using that app and keeping my privacy; the OS is perfectly capable of keeping that app in an ignorant bliss thinking that it read my SMS and can turn on the light.
I got so frustrated with flashlight apps asking for Internet access to show ads and getting stuck when there is no Internet (typically the same time when I need a flashlight) that I wrote one and made it completely permission free:
I'll also note the TeslaLED app as another good one - it requires camera permissions to control the LED, plus screen drawing and sleep control - I suspect around the minimum that would be needed for a flashlight app.
This is what I've always used. LampA doesn't work on my Galaxy Nexus. I was hoping it would start up quicker because my biggest peeve with Tesla is that it takes time not only to open the app but there is a hundreds of ms delay in turning on the LED. I assume the complexities causing this are also what prevent LampA from working.
hey, this looks great, but it's not actually working on either on either of my nexus 5s, is that a known issue? There's no crash or anything, the flashlight just doesn't actually turn on.
because using system flashlight app is too edgy, huh? Why you need extra app for thing you have just build in Android ? Check your widgets for "Assistive light". Problem solved.
I'm in the "let them fake it" camp, but at the same time I think the exception throwing version could work, with a single tweak borrowed from iOS: Let the app ask for the permission once, and only once. That way repeatedly bugging the user for the permission won't work as a strategy.
The original article gives flashlight apps as an example - all of the top 10 flashlight apps had such features; so "downrating the app and moving on" wouldn't be productive at least the first 10 times.
However, the use of this feature for it in practice is . . . non-existent.
Google also famously went crazy when Motorola almost used Skyhook as network location provider for the Droid, on the basis that such information feeding back into their systems might be inaccurate and thus pollute their data collection activities. (They use Android devices as modern proxies for the WiFi slurping the streetmap cars used to do). As such Google have absolutely no incentive to resolve this problem as they are reliant on you not lying to them about where you are.
What's fun is J2ME got this right. Apps couldn't just assume they had permission for certain tasks, and users would be asked when the app wanted to do something. If the user refused you'd get an exception, but you were expected to handle it gracefully. It really wasn't that big of a problem, except for the user experience of the prompts some manufacturers chose to implement being fairly horrible.