Firefox OS app permissions will give users more privacy than Android

Filed Under: Android, Apple, Featured, Firefox, Google, Mobile, Privacy

Firefox OSMozilla's mobile platform, Firefox OS, is behind Android in just about every way.

The year-old Firefox OS is not even in the same league in market penetration, and is available on just seven smartphones from five carriers and in 15 countries.

But in one important respect, privacy, Firefox OS is trying to move ahead of Google's Android by offering granular application permissions, giving users more control over what data apps can gather from their devices.

According to a blog post from Frederik Braun, a Mozilla security engineer, Firefox OS version 2.1 will give users the ability to revoke permissions on a granular level for any "Privileged" app downloaded from the Firefox Marketplace.

Similar to Apple's iOS, Firefox OS already prompts users for permission to access certain functions, such as geolocation, use of the camera or recording audio.

Permissions are different for every app, and are generated by the app developers in accordance with Mozilla's app manifest.

Firefox OS app permissions - geolocation promptBraun says app permissions to use geolocation and the camera or microphone are "meaningful" and "human understandable," making it easy for a typical user to make an informed choice.

In the example Braun gives, if a map app wants to know a user's location, Firefox OS shows a prompt screen asking if you want to "Share" or "Don't Share" your location with the app (see screenshot).

Users can save their choice so the app won't prompt them again.

Firefox OS version 2.1 (which is not slated for release until sometime after November 2014) will go one step further for more tech-savvy users and "paranoid privacy enthusiasts," Braun said.

For permissions with more technical or lengthy descriptions, what Braun calls "Verbose App Permissions," users can go into the developer settings and see all of the permissions an app has and set them individually to Allow, Prompt or Deny.

That's a rather verbose way of saying Firefox OS 2.1 will offer users more control and better choices for their privacy.

Android asks permission, but is it "human understandable"?

Firefox OS offers granular app permissionsIt's true that a typical user might not need granular control over every single permission – plenty of us simply don't bother with things like reading lengthy permissions or online privacy policies.

But whereas Mozilla is moving the direction of more control for app users, Google has moved in the opposite direction.

Although Android 4.3 allowed users granular control over permissions (with a hidden feature called App Ops), that feature was removed in Android 4.4.2.

Google offered the explanation that its up-front, all-or-nothing approach to permissions is simpler and "easier to understand."

But that hasn't turned out to be the case.

The recent fuss over the permissions sought by the Facebook Messenger app is a prime example of how Google's "simplified" permissions can be confusing and, in some cases, a little scary.

In the case of Facebook Messenger, many people struggled to understand why a messenger app would need permission up front to access the device's camera and microphone.

This spawned rumors that Facebook was looking to secretly record people's phone calls.

Of course, there's a good reason for a messenger app to access your microphone: that's the only way to use the app to make phone calls or video calls with audio.

But why grant that permission before you even run the app for the first time, just in case you ever do decide to make a video call later on?

For example, why not leave the camera off-limits by default until the app actually needs it, and then invite you to enable it, with the option to make that choice temporary or permanent?

Permissions, opting in, and why it matters

Opt in, image courtesy of ShutterstockIt's not just the tech-savvy or paranoid who should have control over how apps behave – all of us have a right to privacy.

But many apps are guilty of disguising, or poorly explaining, what they do with your information.

Last year, the US Federal Trade Commission slapped sanctions on the makers of a hugely popular free app called the Brightest Flashlight, which tracked users' location and sold that data to advertisers.

This app acted as if it was asking your permission to track you, by showing a [Refuse] button, but the app tracked your location regardless.

That might be an extreme example, but other apps that use geolocation permissions seem to abuse the privilege.

Foursquare, which came out with a new version of its app this month, tracks your background location whenever your phone is on – even if the app isn't running.

This kind of tracking, which uses nearby Wi-Fi signals, cell towers, and GPS to pinpoint your location, can be useful for the app's purpose of feeding you notifications of stuff nearby you might want to check out.

But by setting this location feature by default, Foursquare assumes users want to have their location tracked at all times, without asking for permission.

Firefox OS is a welcome attempt to adjust what's become more commonplace in our technology – the appearance of choice rather than real control for the user.

Image of traffic lights courtesy of Shutterstock.

, , , , , , , , , , ,

You might like

4 Responses to Firefox OS app permissions will give users more privacy than Android

  1. I feel like this is similar to App Ops which runs on cyanogenmod. (Just throwing it out there) But then again, it seems to be installed only on the one ROM. It would be nice if google had made something like it in their stock packages.

    • AP · 372 days ago

      This was mentioned in the article. Google added App Ops in Android 4.3 but removed it again in Android 4.4.2 because they thought it was too much for the user to handle.
      I doubt that very much. I honestly don't know why they removed it but I assume it was impacting their ability to track users and get ad revenue in some way.
      You can get it back if you root your phone, which is great for power users but useless for the general public who is more at risk.

  2. ngyikp · 372 days ago

    "why not leave the camera off-limits by default until the app actually needs it, and then invite you to enable it"

    Yep, that's exactly how permissions on iOS work, and Facebook Messenger's permission handling on iOS does indeed only ask for microphone/camera/location/photos access when you try to use them for the first time.

    Android permissions are a huge headache for developers to re-assure users that they aren't as bad as it seems. I still can't believe Google haven't thought through this yet.

  3. I have had at least one concrete use recently for granular permissions -- I had to recently remove my preferred weather app and install a different one. It used to unnecessarily use the GPS by default, but if you set it up right it'd only use coarse location (which doesn't suck power and is plenty accurate to get a weather forecast.) The most recent update started going just absolutely crazy with the GPS. I would have just revoked GPS rights for this app, but since I can't I had to remove the app entirely.

    To quote ngyikp (one post above me) "Android permissions are a huge headache for developers to re-assure users that they aren't as bad as it seems. I still can't believe Google haven't thought through this yet."
    Having develope a few Android apps I must agree 100%. While programming, it's easy enough to figure out what permissions the app needs. But some of these permissions are quite broad, so you end up with innocous functionality that from the permissions looks potentially sinister.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

John Zorabedian is a blogger, copywriter and editor at Sophos. He has a background in journalism, writing about technology, business, politics and culture. He lives and works in the Boston area.