For example our Auditor app uses the Camera permission to do QR code scanning from the view finder. It originally did QR code scanning *without* requiring the Camera permission. It does now because we need control over it to offer a good user interface.
I don't think ux for integrating legacy apps is that hard. When installing give user simple control (2-3 choices) for "do you want it to integrate with other apps?"
-
-
For most apps the answer is just "no, not at all" and then you run it in a complete sandbox that looks like a fresh Android install with just one app.
-
Having isolated profiles/workspaces can work well for that, which is something Android has today and just doesn't make convenient enough for it to be widely used for more than multi-user and work profiles.
-
People can just install the app in the profile where they want to run it, and as long as profiles are easy enough to use it should work well. Too inconvenient right now for most people / use cases.
-
Apps can't communicate / share data across profiles unless they do it via the network, etc. It could be reinforced with a VM instead of just being on top of the same Linux kernel with SELinux (MLS is used as an extra layer for multi-user) + seccomp-bpf.
-
The OS we eventually end up with should be something like Qubes with UI tailored for mobile, and largely-virtualized Android just as a guest.
-
Yeah, that's what we want in the long-term, but we'll still need to do substantial hardening for the Linux kernel, Android and the app layer since the security of the guests / apps matters too.
-
It'd be really neat to have something like Microsoft's Linux and cancelled Android app layer on top of a nice microkernel. Could run multiple instances of it, avoiding needing the whole Linux kernel running in each VM.
-
That's something vaguely like what I'll be doing once somebody wants to fund it..
- 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.