When the new Android M operating system was announced at Google I/O, there was a clear focus on security within the operating system. This comes as no surprise as Google has been publicly criticized, especially by Apple, for its lack of security and everywhere Eric Schmidt went to speak, he was constantly asked about and defending Android’s security. Lollipop addressed many of the problems, but Android M takes it a step further, and one of these steps is certainly addressing the control over app permissions, or more specifically, the permissions the apps seek to have and the information they are given. This is becoming more of a problem recently, as applications want to know more about us, as well as apps with hidden agendas that can hack into personal information.
Android M will allow users to pick and choose, on a per app basis, of what information each app has permission to access. Up until now, the users either had to accept all of the permissions or not install the app. In Android 4.3, Jelly Bean, Google started to allow the user to deny apps certain services, but access was hidden within Android and only accessible through third party tools. Google’s Hiroshi Lockheimer, head of Android and Chrome OS development explained to our source that “Applications on Android, starting in 2008, were not built with the notion that certain functionality could be turned off behind their backs – that was just never the assumption for developers because that was not how the APIs were designed.”
Lockheimer said, “There are a lot of players involved, from Google to developers and consumers – getting it all into alignment took a while to get right.” However, he said the time to make changes is during a major upgrade where they can “create new application programming interfaces (API) to handle it.” Even though developers do not have to use the new run-time permissions system unless the want to use the new Android M developer tools, but Google is confident that there are enough incentives in using Android M that they will jump on board.
These new permissions also apply to all Google apps, so users could now block Google from knowing their location or blocking their access to personal information. Lockheimer says, “The way Android works is that there is no advantage we can give to Google’s applications, everyone operates on a level playing field. Android is an operating system, which Google is a third-party developer too – the Gmail app, for instance, is an app, and as such is subject to the exact same rules.” One of the problems with requesting permissions is that the user does not always understand what they are being asked, so they just say yes to everything, so they are switching to a contextual style of question, making it easy to make a decision. Lockmeimer said that Google has also redesigned the way they screen their apps, making it more secure for the users. All of these are positive steps in making the Android OS safer and more secure.