Hi, On 8/07/2013 2:23 AM, Robin Humble wrote:
Steve Kondik (aka Cyanogen) has committed Privacy Guard to recent CyanogenMod nightlys.
Sounds good.
logs, etc.) or coarse data (eg. location) rather than to deny them outright, which can easy break apps and make them crash. the theory is that by doing this it should be plausible to have Privacy Guard on by default most of the time for most people and most apps.
I think it would be better to provide dummy data that might otherwise make sense for the app. Contact: nobody@example.net with rand first and last names, phone numbers set aside for the movies 8675309 .... (that's from a song, if I got it right). Location: GPS co-ords of Bermuda Triangle or other random places. So, the app gets data, but the data is useless to the app. It also needs to provide dummy access to any memory cards too -- or at the very least chroot type access to data areas so as to limit every app to only have the possibility to read/write it's own data.
in other CyanogenMod news (and again perhaps inspired by recent NSA and Edward Snowden events) Koush is working with Moxie Marlinspike (of RedPhone and TextSecure and (ex-?)whispersystems fame) to bring end-to-end encrypted sms to CyanogenMod as well as other platforms. again, with easy to use & integrated being key design elements.
It's got to be easy to use and easy to get others to use.
are out there to fake IMEI and everything else (or just write them yourself) and it's up to you to do the build for your phone. or simpler, just don't install the facebook app!
Too easy, don't install....
To be fair, it is a weakness in the Android permission model.
hmm. personally I think it's just a complex problem (mostly of user education) and no solution is perfect. does any other system handle this in a simpler and clearer and more manageable manner - selinux? unix groups? acls? I don't think so.
firefox os was pretty naive about app permissions last time I checked. no idea about apple, ububtu phone os, tizen, or 'doze phone.
Yes, tough situation. I do wish there was a secure, private and safe mobile option that we can really trust. iOS is not secure, read what is said here [1] [1] https://prism-break.org/ Cheers A.