On Sun, Aug 26, 2012 at 5:10 PM, Tom <[email protected]> wrote: > The removal of these was more upsetting to me > because at the end of the day they provide NO security benefit. If I REALLY > want to know when the top app changes I will just poll every 100ms. These > simply made it more efficient for me, no need to poll!
You presume that the polling option will be maintained in future releases in its current incarnation. I would not make that assumption. > I'm curious why those APIs are now enforced with a permission? You mean, besides the security and privacy reasons? For example, I've been personally reporting apps that use crap like this to prevent themselves from being uninstalled. The ability for any app to find out about the foreground, come to the foreground itself, then kill the background process, has always been seriously scary, even though knowledge of what is in the foreground has legit uses. > I suppose there is the argument of "no good use," but honestly is there a > "bad use?" See above. > If the platform doesn't provide these features in the same version it was > removed, users lose out. Some users lose out, from lost (or less-efficient) functionality. Some users gain, from lost (or weakened) malware. Google, in their estimation, and given plans for upcoming releases, presumably believes that what they have done is a net gain. You, of course, are welcome to disagree. > Oh well, what's done is done I'm just curious for some rationale. I guess > Android is showing signs of maturation and going the way of iOS: becoming > less hacker-friendly and a beautiful but closed garden. It was only a matter > of time. You are welcome to contribute changes via the AOSP for a more controlled means of providing this sort of app-locker capability, such as via an extension to the device admin APIs. Of course, I wish that this contribution process would be substantially easier (and more likely to succeed) than it is. You are welcome to add app-locker capabilities to your favorite ROM mod, if the AOSP option is not working. You are welcome to make a complete fork of Android, if you so choose. You are also welcome to brainstorm other ways where app lockers can exist while the same techniques cannot be used for nefarious purposes. Personally, I think that's impossible -- the device admin approach at least makes it a whole lot less likely that a user will accidentally run into problems. But I have certainly been wrong before. Google's decision to make the Play Store be non-curated (i.e., no up-front manual inspection of apps, a la the iOS App Store and the Amazon AppStore for Android) means that Google is going to have to continue to tighten the screws to help prevent malware from doing the "mal" part. Yes, these changes will result in some fallout with some legit apps. And, one hopes that if they do remove the polling option that they turn around and expose something else that enables the legit apps while helping slow down the malware (e.g., making this information available via device admin APIs). -- Mark Murphy (a Commons Guy) http://commonsware.com | http://github.com/commonsguy http://commonsware.com/blog | http://twitter.com/commonsguy Android Training in NYC: http://marakana.com/training/android/ -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
