Only one day after praising the “awesome” new privacy tools included in Android 4.3 Jellybean, the Electronic Frontier Federation (EFF) watchdog has issued a full retraction. It turns out one of those awesome features was included by accident.
The setting, called “App ops” allowed users to easily control the privacy-threatening permissions that apps often try to obtain from users who download and install them.
“Want to install Shazam without having it track your location?” the EFF wrote. “Easy. Want to install SideCar without letting it read your address book? Done.”
The EFF praised the App ops function as being “a huge advance in Android privacy”, as well as being “overdue.”
However, users excited to use the new functionality of their phone were soon disappointed, as it turns out Google removed the section from its update to Android 4.4.2, released earlier this week.
The company has claimed that the release was accidental, that the function was only experimental, and that it had the potential to “break” some of the apps whose permissions it reduced.
However, the EFF has written sceptically about these excuses, claiming that “Many instances of apps ‘breaking’ when they are denied the ability to collect data like a location or an address book or an IMEI number can easily be fixed.”
This could be achieved by giving the app “a fake location, an empty address book, or an IMEI number of all zeroes.”
The ability to control app permissions is increasingly important, since it has been shown that a significant proportion of Google Play apps are in fact copycat “thief-ware”. Even among legitimate apps, software developers are prone to abusing the permissions given to them by phone users – such as the flashlight app that shared geolocation data with advertisers.
The watchdog has called the repeal of the App Ops setting “a Stygian hole in the Android security model,” one through which “a billion people’s data is being sucked through.”
If that damning judgement isn’t to spur Google into reintroducing the function, perhaps another fact will: that the ability to control app permissions has been available on iOS for years.Leave a comment on this article