I kinda sorta see google’s side.
There are just too many shady operators out there who will swear blind they’re completely honest, and maybe they are, but they also employed a third party to write code or maybe just imported a 3rd party lib (i am in no way saying this is the case)
As to, why don’t they look at the code? bugger that being standard practise, i’m not handing over my code to google or apple.
Even if they did, how to check final the uploaded binary?
I’m not doubting the article, but the mobile app world is flooded with shady operators at all levels, and i don’t really buy the real paranoid arguments here
So why not just remove the Contacts API entirely then? If it exists, "shady operators" can misuse it. Oh and, camera apps made by "shady operators" could be sending your pictures to questionable places so why not remove the Camera API as well? And we can't forget that "shady operators" could be snooping through your files so let's remove the filesystem API too.
Actually now that I think about it, any app could be malware, so let's just deal with the root of the problems and remove support for installing third party apps entirely. Everyone should just use apps made by google and nothing else, that way you know there aren't any spooky shady operators hiding under your bed.
They won't let you call anything but their crappy camera app by intent already, for supposed privacy reasons. As you intimate, what is the point of allowing mobile apps, if they can't access any of the features of the device? Because that is where they are heading, fast. A few crappy google apps that require 24/7 spying to work, and then they "protect you" from everyone else. Sounds like an old school mafia street racket.
That sounds like iOS? Only Apple apps have access to all the system level capabilities and you can't replace any of the system apps, not even the browser.
It would be fair if one were to conclude that I don't like iOS. But my comment made a few different points, including about google's app quality, not only forcing default apps but also disallowing user choice where it should exist in a pervasive, hard to see way (for the end user), and invasive tracking.
Frankly, over the last week I have been looking into whether there is a relatively straightforward way to write an app for a mobile linux, because I am at the point I am willing to get rid of several common apps, such as banking apps, to get off this nauseating hamster wheel.
There is Anbox, which just uses the same kernel for Linux and Android. But it is incomplete and not very active. Basically, we don't even need a hypervisor, but apparently it's still not easy.
They already removed filesystem API for quite some time now, you're only allowed to read inside the application directory, anywhere else on the device requires SAF.
>To limit broad access to shared storage, the Google Play store has updated its policy to evaluate apps that target Android 11 (API level 30) or higher and request "All files access" through the MANAGE_EXTERNAL_STORAGE permission. This policy takes effect in May 2021.
They could just make the contacts API use an inbuilt contact picker than just supplies to the app the contact the user selects each time they make a call.
I assume they want google apps to have access to the whole phonebook without looking too suss though.
> I assume they want google apps to have access to the whole phonebook without looking too suss though.
This is why I hope Google and Apple both get forced to give up control of either the OS or the app marketplaces. No company should own both the platform and have a privileged place on that platform like they do today.
MS didn't even have this level of control on Windows and they still got an antitrust lawsuit...
This is a horrible user experience, ends up like iOS where there are great apple apps, and everything else is second class. The great thing of android is that you can choose a different dialer or different sms app, and it can be as good as the preinstalled one
Not to mention, given their cookie policy, they claim that they are "very privacy conscious" is dubious at best (no button to directly reject all non-necessary cookies, navigation to a different page to configure cookie preferences, claiming that analytics cookies are required).
I'm going to go ahead and say that probably they are misrepresenting what is happening.
To give the benefit of the doubt, knowing nothing else about this company:
This is clearly a South African based company. GDPR and cookie may be important compliance but it's not top of the totem pole - the local South African equivalent law (POPI) is more about data processing than cookies. Plenty of sites have not updated their cookie UX for the newer regulations.
I've even noticed some sites serve different forms of cookie consent depending on where you're accessing from. I only started seeing the ability to reject cookies entirely when I travelled to EU recently - before it was always hidden in dark pattern UX.
GDPR is also nothing about cookies. It is about collecting tracking and marketing data about someone without their permission.
If you do any tracking and you don't use cookies, you still need permission and if you use cookies but you aren't using them for data mining then you do not need to ask for permission.
> the local South African equivalent law (POPI) is more about data processing than cookies. Plenty of sites have not updated their cookie UX for the newer regulations.
The GDPR is exactly the same. Even the ePrivacy Directive (the so-called "cookie law") actually covers more than just cookies - any method of storage in a user's terminal (whether browser local storage, or an app's own database) is also in scope.
I agree, it's not necessarily only login credentials, but could be a shopping cart. However, no shopping cart is needed until the user adds an item to it. Watching the shopping window doesn't need a cookie.
The typical practice seems to be to set a session-cookie unconditionally, to be able to store user-related data within that session, even if the user has not provided any such information.
No it’s not, why would you claim it was? The domain TLD is South African (.co.za), the phone number listed is in Cape Town, and it’s a South African registered company.
> Voys Telecom SA (Pty) Ltd
A company with limited liability duly incorporated in terms of the Companies Act of South Africa, 71 of 2008, with registration number: 2013/114285/07, hereinafter referred to as “the Service Provider”;
Ah, got it. Yup, the Dutch office is the original one, there are a bunch of others around the world.
As far as I can tell though each different country office operates largely independently, almost as a franchise. So it might still be that the South African branch, with a registered local entity and no EU-based customers is more focused on POPI than the GDPR.
We're an international telco, with two separate local entities & local teams, that are governed by different laws. The voys.nl website most certainly has the cookie consent screen.
At the same time, why not just release at least one phone that is developer friendly? People can handle it. All these issues are present on computers that are able to run unsigned code, have sensitive personal info stored on them, etc. Yet the sky is not falling with all this going on with everyone's computer on earth, like how people fear the sky will fall if we opened up the mobile phone.
>Yet the sky is not falling with all this going on with everyone's computer on earth, like how people fear the sky will fall if we opened up the mobile phone.
This is because everything was moved to the web and users were beaten over the head with a hammer to never install anything on their computers. The sky was falling and subsequently the desktop software platform hardly exists today.
This is funny, but in practice there would be maybe one or two of these bars. Many didn’t work together. These toolbars didn’t stop people from being able to work, eat, or pay their bills. I know. I lived through this era.
>why not just release at least one phone that is developer friendly?
Google and Apple want to control their users, they don't want to give you an open phone. Instead have a look at Librem 5 and Pinephone, which run GNU/Linux.
In a way, but not for your reasons, they want to create mass market devices that if you give one to your grandma, little nephew can twist their arm for the root password to install this totally harmless fun app
It's easy to install unsigned apps on Android, but not being on the Play Store severely limits your reach, since many people only check there for apps instead of searching on the open web.
They keep making them but they keep failing, because people want phones that work without needing a computer science degree to understand what is safe and what isn’t.
And myself being an apple guy with a dev account, i can install pretty much what i want
The initial barrier of getting grandma on an iphone is over and the need to dumb down devices to the lowest iq to gain marketshare should be over. It is time to raise the collect iq and at least offer a way to drop the training wheels
This line of reasoning can be used to reject and remove access to literally any app or API. Why offer a contacts API if you're not allowed to use it? Who is trustworthy enough to have this privilege?
They should just remove all third party API's to access any user data. Then we can be certain of privacy, with only non-shady actors like Google, Samsung, Facebook, etc. accessing saved contacts.
> Even if they did, how to check final the uploaded binary?
By requiring and verifying a reproducible build. It would be awesome if open source apps on an app store has a badge indicating which commit of which git tree they came from and only allowed updates that similarly come from public trees.
Even failing that, favoring reproducible builds would add a considerable degree of traceability to the entire distribution process.
You're right, Google have long been incompetent at managing user generated anything. They should probably stop building things that depend on it, because they're so bad at it.
Google's stance seems to be "even if you don't upload contacts, you need to say you upload contacts because we can't prove you don't". They are equating your technical ability to do something with you doing it. How is that in any way reasonable? I own a knife, does that mean I stab people? Should I have to say "I stab people" when I enter a kitchen so people know they might be in danger because there's nothing technically preventing me from going on a murder rampage?
They could change the code after 8 months to exfiltrate your address book, easily. Most businesses pivot for whatever reasons, a giant database of users contacts would be precisely what one would want in order to mitigate unforeseen problems with the business model.
As for your kitchen example, you don't need to say anything. Walk into any room with a weapon and people will know they might be in danger. If I'm in that kitchen, and you walk towards me, I'll move out of arm's reach.
Basically it's the same problem: Assurances are worthless. Rationalization provides seemingly excellent reasons for any course of action. So, the onus is on you to show that no harm will be done. It certainly is not the responsibility of some 3rd party to establish this, that is a coercive worldview.
The thing is, there's no way to prove you won't do something in the future if you have the ability to do it. All you can do is promise that you won't, preferably in a legally binding way (such as a privacy policy) and stake your reputation on it. That's the basis of society. Just because someone doesn't believe you doesn't give them the right to force you into a false confession.
The app developer says "all your contacts stay on your phone, we only use the internet for calls". Google says "this app is able to access both your contacts and the internet any time for any purpose". Both of those statements can coexist and be presented to the user for evaluation. The app being required to pretend like it's uploading your data is just lying to the user.
As to, why don’t they look at the code? bugger that being standard practise, i’m not handing over my code to google or apple.
Even if they did, how to check final the uploaded binary?
I’m not doubting the article, but the mobile app world is flooded with shady operators at all levels, and i don’t really buy the real paranoid arguments here