Ask / Submit
23

Add rights management for native apps [duplicate]

asked 2014-01-06 01:43:20 +0300

huuhaa gravatar image

updated 2014-01-06 02:25:24 +0300

foss4ever gravatar image

I know the best situation is that pre-checkin apps works, and you can just install apps from official store without thinking. But as seen in comments of Flashlight app, it has caused little storm in the glass of water. App "calls home", and there is no information about it in the description or anywhere else, well now in comments but.. Anyway many people have uninstalled app, since you wouldn't think flaslight needs an internet connection.

So maybe some kind of rights management would be nice, or some kind of announcement that Jolla is checking apps, so user can trust that app wont send any more information that it says (and it must be said if it does so). That flashlight app was taken just as example here, since "it is the first one" which brings this up. But this of course will effect to all apps. User should be able to trust apps in store, and now the situation isn't fully that.

edit retag flag offensive reopen delete

The question has been closed for the following reason "duplicate question" by huuhaa
close date 2014-01-06 09:27:39.386657

Comments

Yes I'd say definitely a duplicate, please close it as such @huuhaa

That being said thanks for mentioning the "problem" with flashlight. It is really bad developer judgement not to inform about gathering statistics. There is some poetic judgement though in that it has gotten > 3500 downvotes because of it. Problematic though that the store only shows the upvotes on the overview.

Tanghus ( 2014-01-06 03:05:47 +0300 )edit
1

Such an app should be banned from the store. To increase user and quality control of Jolla store apps, it would teally be a good idea to have this API security/privacy practices in place, and makinf the store.accessible as a web-forum (as has been suggested here). This Together forum would be a fine place to browse, comment Store and app-spesific things..

foss4ever ( 2014-01-06 03:21:10 +0300 )edit

Sorry for dublicate. Tried to search first but.. Anyway, closing this now.

huuhaa ( 2014-01-06 09:27:22 +0300 )edit

1 Answer

Sort by » oldest newest most voted
11

answered 2014-01-06 04:51:31 +0300

Artem gravatar image

updated 2014-01-06 05:06:44 +0300

I created the Flashlight and it's good that it provoked discussion on right management (no, that was not the goal of the stats gathering, but a good side effect). IMHO, Flashlight is a very good example of how much more beneficial for the users Apple model would be compared to Android and to Jolla (I always wanted the Apple one - https://together.jolla.com/question/4182/permission-control-for-apps/ )

  1. Current Jolla way

    • User suddenly notices that app gathers stuff, uninstalls it and who knows what the app did
    • Everybody disappointed. (including info into About dialog wouldn't have helped)
  2. Android way

    • Yeah, OK-OK, every app asks for some permissions. Few weeks later: W00t?! Flashlight needs network connection?
    • Less disappointment than with Jolla way, user blames himself.
  3. Apple way

    • Installation, no question asked. Permission asked on first connection attempt. And app is better to explain first why it needs this or that permission. And that's exactly the point where user might read and understand the reasons.
    • User accepts or rejects, app works anyway, just has less good/bad features that needed the permission
    • User might feel bad about the Flashlight developer asking for network, but only gives what he is fine with and has a chance to see why.

P.S.

As for Flashlight itself if anyone would suddenly be interested about the actual reasons. I wanted and still want to know how much app is actually used. To motivate myself (it's cool to see that people actually use your app daily) and in the future to create some sort of leader board so that you could see if you are e.g. the top flashlighter of Finland.

And yes, since many people don't like it and there is no leaderboard just yet anyway, I am disabling the stats. Will still take a couple of harbour cycles to get no-stats version published as it doesn't allow for canceling the current QA cycle (i.e. about 3-10 calendar days).

P.P.S.

Having a trusted mediator would be a good solution? Or can nobody be trusted enough? https://together.jolla.com/question/10956/provide-some-basic-or-not-so-basic-app-usage-stats-for-the-developers/

edit flag offensive delete publish link more

Comments

In your post you claim two things about "Current Jolla way".. It's hard to understand what do you actually mean, - and even harder to agree with those points.

foss4ever ( 2014-01-06 05:01:21 +0300 )edit
1

I second having the Apple way. https://together.jolla.com/question/9670/api-security-model#10942

jusic ( 2014-01-06 05:07:30 +0300 )edit
1

I rephrased. Current Jolla way is basically no checking at all and then disappointment. IMHO people tend to be way more pissed off about being surprised than about the actual privacy. Sad possibly, but I think that's how it is.

Artem ( 2014-01-06 05:07:53 +0300 )edit
1

Agree that the current way.needs to be improved, that's why this question and the other about API security model exist in the first place. In this 'flaslight' case ppl were disappointed because of being surprised of data collection that hadn't been comminicated (and accepted by them) AND because of privacy been compromised. Again, this hints that the current model is too permissive on what the apps can do without users consent, and not strong enough to protect user privacy.

foss4ever ( 2014-01-06 05:24:24 +0300 )edit
1

@Artem I mentioned flashlight app only because it was the first app which brings this up, as I said. No intend to cause any harm for app/developer. Also wondered last night that this might end up to something good at the end too. Good side effect like you said.

huuhaa ( 2014-01-06 09:25:07 +0300 )edit

Question tools

Follow
2 followers

Stats

Asked: 2014-01-06 01:43:20 +0300

Seen: 990 times

Last updated: Jan 06 '14