Conversation

This Tweet was deleted by the Tweet author. Learn more
This Tweet was deleted by the Tweet author. Learn more
This Tweet was deleted by the Tweet author. Learn more
This Tweet was deleted by the Tweet author. Learn more
This Tweet was deleted by the Tweet author. Learn more
Daniel Micay
@DanielMicay
Replying to
@saleemrash1d
and
@spudowiar
It's problematic because unlike the dangerous permissions, bypasses weren't treated as bugs. For example, it's possible for apps to make HTTP GET requests by opening a URL in a browser via standard intents. Those intents would all need to require INTERNET or consent for each use.
This Tweet was deleted by the Tweet author. Learn more
Daniel Micay
@DanielMicay
Replying to
@saleemrash1d
and
@spudowiar
I don't think people would tolerate that for very basic use cases like opening links in a browser. Apps with internet access would be able to bypass this anyway since they can communicate with each other via the network. It's difficult to force apps to protect themselves.
1
1
Daniel Micay
@DanielMicay
Replying to
@DanielMicay
and
@spudowiar
Isolating shared storage for each app doesn't add that much inconvenience, since there's no prompt for the common case of apps simply loading/saving data in their own directory and the standard file chooser interface still works for saving/loading arbitrary data like before.
1
Daniel Micay
@DanielMicay
Replying to
@DanielMicay
and
@spudowiar
Unless you make a lot of special cases, it's also going to encourage doing things in less private / secure ways in many cases. I don't think you'd want opening a link in a browser or opening the camera app to take a picture to be less convenient than bundling the functionality.