Conversation

This Tweet was deleted by the Tweet author. Learn more
This Tweet was deleted by the Tweet author. Learn more
This Tweet was deleted by the Tweet author. Learn more
This Tweet was deleted by the Tweet author. Learn more
This Tweet was deleted by the Tweet author. Learn more
Daniel Micay
@DanielMicay
Replying to
@saleemrash1d
and
@spudowiar
It's problematic because unlike the dangerous permissions, bypasses weren't treated as bugs. For example, it's possible for apps to make HTTP GET requests by opening a URL in a browser via standard intents. Those intents would all need to require INTERNET or consent for each use.
This Tweet was deleted by the Tweet author. Learn more
Daniel Micay
@DanielMicay
Replying to
@saleemrash1d
and
@spudowiar
I don't think people would tolerate that for very basic use cases like opening links in a browser. Apps with internet access would be able to bypass this anyway since they can communicate with each other via the network. It's difficult to force apps to protect themselves.
1
1
Daniel Micay
@DanielMicay
Replying to
@DanielMicay
and
@spudowiar
Isolating shared storage for each app doesn't add that much inconvenience, since there's no prompt for the common case of apps simply loading/saving data in their own directory and the standard file chooser interface still works for saving/loading arbitrary data like before.
1
Daniel Micay
@DanielMicay
Replying to
@DanielMicay
and
@spudowiar
The built-in file manager would also still allow access, including moving/copying it around. On the other hand, trying to lock down all communication between apps with user consent required for *each* usage is a whole different story. Lots of basic functionality would be painful.
1