Like in title. Modern Android permission system is really annoying. It assumes I do not trust installed apps and I believe was made to promote loose installing of whatever crap like loyalty cards apps, while I only install a couple of trusted apps all from F-Droid. Such module would enable faster installation of the systems and less irritation when I have to give app a permission third time this month (Android now can decide for myself and revoke permission when it thinks it’s no longer needed…).

  • db2@lemmy.world
    link
    fedilink
    English
    arrow-up
    9
    ·
    9 months ago

    You don’t want Android then it sounds like. As for the permission revocation thing, just turn it off. 🙄

    • henfredemars@infosec.pub
      link
      fedilink
      English
      arrow-up
      3
      ·
      9 months ago

      I’m sure AOSP could be patched to disable checks, but I think Android has different goals than the user in this case.

    • smileyheadOP
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      9
      ·
      9 months ago

      Android is unfortunately the only stable option for mobile OS now.

      As for the permission revocation thing, just turn it off. 🙄 As far as I know there is still no global switch for that?

      • db2@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        9 months ago

        Weird, can’t get to it. I know I’ve seen a toggle to turn that behavior off though. Maybe next time it does it open the notification and it’ll be in there?

    • smileyheadOP
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      6
      ·
      9 months ago

      Can you give me any example scenario of the attack?

      • henfredemars@infosec.pub
        link
        fedilink
        English
        arrow-up
        3
        ·
        9 months ago

        A browser app is compromised via a JavaScript engine flaw and now has permission to install packages.

        • smileyheadOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          9 months ago

          This permissions I have on for my browser anyway, also I still need to click “install” on the popup here regardless of permission switch. And with my idea I was thinking about normal permissions, not special ones.

          • henfredemars@infosec.pub
            link
            fedilink
            English
            arrow-up
            2
            ·
            9 months ago

            This is easily bypassed by using the accessibility API which an all-permitted app can use to automatically handle dialogs.

            But yes, if you’re thinking some permissions are more special than others, it would depend on what permissions you are enforcing.

      • eatham 🇭🇲@aussie.zone
        link
        fedilink
        English
        arrow-up
        1
        ·
        9 months ago

        You accidentally download malware and instead of you denying permissions it shouldn’t have it has them automatically.

    • smileyheadOP
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      3
      ·
      9 months ago

      Is there a global switch? I only have the option for disabling this for every app separatly.