Google removes 'awesome' but unintended privacy controls in Android 4.4.2
Praise for what some thought was a a new privacy feature in Android called the App Ops has turned to criticism after Google cut off access to the feature on devices running its latest version of its mobile operating system.
The App Ops UI could be exposed by installing one of several third-party apps launcher apps, offering users granular control over which resources each app has access to. For example, it could revoke or grant an app the ability to read location data and contacts, send SMS or MMS, or post notifications — addressing the seemingly unnecessary permissions that apps demand before they can be installed.
The removal of access to App Ops was brought to attention by the Electronics Frontier Foundation (EFF) last week, which had earlier praised Google for the surprise feature, calling it "awesome".
"Today, we installed that update to our test device, and can confirm that the App Ops privacy feature that we were excited about yesterday is in fact now gone," EFF technology projects director Peter Eckersley wrote.
Despite its potential usefulness as a privacy control, according to Google Android engineer Dianne Hackborn, the App Ops UI was never meant to have been exposed to end users.
"The current UI is definitely not something that is appropriate for end users; it is mostly for platform engineers (a tool for examining, debugging, and testing the state of that part of the system), maybe some day for third party developers. In what form these features might be available in the regular UI I couldn't really speculate about," Hackborn wrote in answer to questions from developers on Google+.
As noted by Android Police, Google had already begun tackling the exposure of App Ops with the release of Android 4.4 by making it harder for users to find, so that it's now fully blocked isn't a surprise.
Even though it was never meant to be available to users, the EFF's Eckersley reckons those that value privacy should avoid updating to 4.4.2.
"If app privacy is especially important to you — if, for instance, you want to be able to install an app like Shazam or Skype or Brightest Flashlight without giving it permission to know your location — we would have to advise you not to accept the update to 4.4.2."
However, he notes, users on 4.4.1 would be missing out on a few security fixes available as part of the subsequenty Android release.
The developers behind one of the third-party launchers, App Ops 4.3 / 4.4 KitKat, claim to be working on a fix to make the launcher function again on 4.4.2 but for now, it only works on Android versions 4.3 and 4.4.