Being able to toggle off permissions even for legacy apps not supporting a runtime permission model is a feature that's present. However, it has awful usability. Users will toggle off permissions and forget about it. They won't realize why the apps aren't doing what they want.
Your analogies with dns blackholing, disabling root CAs, etc. are not valid. Nothing, EVER, needs to read your call logs or SMS messages.
-
-
That's a completely different topic than the permission model stuff and silently blocking stuff. The original topic has a simple answer: they decided to support alternate dialers and messaging apps, which has the drawback of letting users shoot themselves in the foot.
-
Alternative dialers & messaging apps have no reason to have access to each other's data.
-
Talking about SMS/MMS, not alternative forms of messaging. You can only have one at a time, and if people want to migrate they need a way to export and import their data. Supporting that means letting people get tricked into giving it to a sketchy app.
-
I understood that, and no it doesn't. Don't allow new app to initiate export process. Require initiation from old app or settings.
-
This is not rocket science. Allowing the potential attacker to initiate prompts leading to privileged action, rather than requiring user to initiate in existing trusted context, is always a security ux fail.
End of conversation
New conversation -
-
-
The kicker if it is that I had an app on my Palm Treo that read my call history and could act on recent calls (take notes, schedule follow-ups, quickly show me all my other calls with them, including correlating their other phone numbers linked via their contact record).
-
Natara’s software was awesome. DayNotez and Comet in particular.
End of conversation
New conversation -
-
-
The app was very handy, I’d love to have similar without manually documenting every call.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.