Suggestion: Android permisions
Comments
-
Hello,
Sorry for my reply. I am only an F-Secure user (their home solutions).
My suggestion is that if you don't give all the permisions needed in the android applications, it starts but with limited functions.
I think that good applications with such a design. In additions, good applications only asks really needed (required) permissions.
If your suggestion is based on F-Secure SAFE permissions and its requirement to allow "location / calls / files" - then if to deny such a prompt, an explanation should be available for user.
For example, there are such an explanation for each permission:
-- "calling" is based on fact that F-Secure SAFE need to get "device ID" for activation (licence?! subscription validation?!). Such an identification is only available for application if calling permission is allowed.
Or somewhat like that wording.
-- "files / media" is needed for scanning.
-- "location" is needed for Finder functionality.
I think that only permissions for "location" is something as optional in fact (if "Finder" functionality is not used). Since two other permissions are something like critical to be for proper functionality.
But even with such a permission - need to allow required services for "locating" and so under device.
Sorry for my reply. Just as a discussion between community users.
Thanks!
-
@Ukko wrote:Hello,
Sorry for my reply. I am only an F-Secure user (their home solutions).
My suggestion is that if you don't give all the permisions needed in the android applications, it starts but with limited functions.
I think that good applications with such a design. In additions, good applications only asks really needed (required) permissions.
If your suggestion is based on F-Secure SAFE permissions and its requirement to allow "location / calls / files" - then if to deny such a prompt, an explanation should be available for user.
For example, there are such an explanation for each permission:
-- "calling" is based on fact that F-Secure SAFE need to get "device ID" for activation (licence?! subscription validation?!). Such an identification is only available for application if calling permission is allowed.
Or somewhat like that wording.
-- "files / media" is needed for scanning.
-- "location" is needed for Finder functionality.
I think that only permissions for "location" is something as optional in fact (if "Finder" functionality is not used). Since two other permissions are something like critical to be for proper functionality.
But even with such a permission - need to allow required services for "locating" and so under device.
Sorry for my reply. Just as a discussion between community users.
Thanks!
I know the call permision is to get the phone id as it was said in the application, but i think that it shouldn't be needed the location permision unless the user wants to use it, but the application gives no other option. Just like you said
-
I know the call permision is to get the phone id as it was said in the application, but i think that it shouldn't be needed the location permision unless the user wants to use it, but the application gives no other option. Just like you said
Yes, actually it is a bit strange that the application does not start until "location permission" is allowed.
Probably such a permission is also about indirectly related requirement for normal operating of application. Otherwise, indeed good to ask such a permission only if Finder option is initiated to be used (as it is with the "device administrator" permission).
But, in general, security application is always about trust. So, need to install only trusted application (and if so - these permissions are not real trouble). Although it is good to limit unnecessary things.
Sorry for the discussion.