Scoped storage docs say "apps targeting Android Q by default (as well as apps that opt into the change) are given a filtered view into external storage. Such apps can see only their app-specific directory and specific types of media, [...]"
Conversation
Coming from a focus on privacy and security, having scoped storage opt-in for apps that don't target android Q by default seems like a gaping hole in the spirit of scoped storage (unless I'm missing something of course).
2
1
1
It was mandatory, and that was changed due to widespread outrage over Scoped Storage due to a successful misinformation campaign against it. That's what I was talking about here:
twitter.com/DanielMicay/st
It's still going to be mandatory, but it has been delayed by a year to R.
Quote Tweet
Replying to @DanielMicay @Ishan_Ishana and 4 others
However, since the Scoped Storage model being mandatory has been delayed until the next major API level in Android R, apps can keep relying on the legacy storage model for an extra year and users will have a worse experience with those apps with the feature enabled universally.
2
1
Removing the coarse access control model via Scoped Storage is clearly the best approach and is what they want to do, but Google didn't care enough about privacy to fight a campaign against it that had successfully turned user communities and the media against it in advance.
2
1
So, it has been delayed by at least a year to Android R. It will become mandatory for the Android R API level, but it could take even longer for it to be enabled for apps targeting legacy API levels. The implementation works and it's a compatibility/usability vs. privacy choice.
1
1
From the perspective of someone that cares about privacy and security, the fine-grained Storage Access Framework model has been around since Android 4.4 and the coarse access control model was clearly a major issue. I wanted apps to use SAF for ages, and it's what I used myself.
1
1
2
Most developers don't care about privacy and security, especially when it comes to respecting user consent and giving them control over their information. If improving those takes any effort, they won't do it. Users will usually just authorize whatever is needed to run the app.
1
1
So, for example, Signal doesn't have this issue because it doesn't put media files in shared storage. It doesn't mean it isn't an OS issue though, because the OS shouldn't support a coarse access control model for shared data. It applies more broadly to things like contacts too.
1
1
Ugh don't even get me started on apps requesting access to contact lists -_- You just know it's headed back to Palentir
1
The sad part is that it's another case where Android already supports a fine-grained alternative. Apps have the ability to request that the user take a picture, without the Camera permission. Similarly, they can request that the user pick a contact, without Contacts permissions.
1
1
1
In many cases, Android has 2 approaches: fine-grained access based on explicit case-by-case user consent using intents and bulk data access via permissions. Apps nearly always choose to request permissions for bulk data access. Storage, contacts, camera, etc. are all similar.
It's entirely possible to apply the Scoped Storage approach to other permissions. For example, remove the Contacts permission and instead provide a per-app contacts list. Apps using the approach of case-by-case user content for contacts would still be able to use global contacts.
2
1
2
Contacts app could be extended with the ability to browse and work with the per-app lists. That's exactly what Scoped Storage is doing for shared storage. Once Scoped Storage is mandatory, the only difference between internal vs. direct external storage is the user having access.
1
1
Show replies