Android shows the permissions each app is requesting before you install, and even lets you know if they change their permissions between updates. While what Path did is crappy, they didn't subvert the Android permissions system.

The thing that burnt the poster is that while a social app asking for access to their contacts might not rise a brow, the user has no way to know what they are going to do with that data without looking at the reviews or around the internet for complaints/testimonials.

"Android shows the permissions each app is requesting before you install"

Yes and no. Google often hides the most offensive permission requests under that "see more" arrow. And the permission requests (and accompanying explanations) are too vague and ambiguous. For example: Does "request access to network" mean they're able to sniff all my incoming/outgoing data, granting the app access to everything?

That, and the page is designed so most people will click the "Accept & Download" button without even reading the top-level permission requests.

It's got the title and button at the top, taking up a large chunk of space (1/3rd on my Nexus 4), and then a vague list of - to most users - technical-sounding "stuff".

My guess is a large majority of users never look past the button.

Congrats __chismc. Shortly after this post it appears they moved the "Install" link under the permission requests.

But Android also doesn't allow you to deny specific permissions. It's all or nothing at time of install - if it ever gets location, it always gets location. This is one of the reasons I like iOS.

This doesn't sound very difficult to verify.

Go to play.google.com. Search for path. First result in the app store. Click on Permissions.

"This application has access to the following:

... blah blah blah ...

This permission allows the app to use the camera at any time without your confirmation.

... blah blah blah ...

read your contacts Allows the app to read data about your contacts stored on your tablet

... blah blah blah ...

read call log Allows the app to read your tablet's call log, including data about incoming and outgoing calls.

... blah blah blah ...

Now users have been trained to click "yes" to all requests without even reading them, so I you can get into philosophical arguments about if the "really" have permissions. Just like most users randomly click thru "click thru licences".

Read data about contacts doesn't sound unreasonable for an app like Path though. Facebook uses that permission to sync contacts if you want, and I don't see any problem with that. Unfortunately, reading data means they can store it, off device, independently of the install state. That's a difficult problem to solve, but I don't think users should be expected to expect this as a result of that permission.

Exactly. WhatsApp wants permission to practically everything possible, because it offers various features on top of these permissions. Yet it never spammed anyone so far from what I can tell.

They might not spam users, but they don't let you delete contacts. So in short: once they grab your contact list, it's theirs.

Can you actually prevent an app from using one or more of those permissions? Like can I give it permission to my camera but not to the call log?

There is no official support for this AFAIK. Some 3rd party ROMs like Cyanogenmod have this functionality built in, though, and if you root your phone there are apps like "Permissions Denied" that you can run to do this.

I'd assume the reason Google is somewhat hesitant to offer this officially is that many apps don't deal well with this -- some do degrade gracefully, while others end up throwing task-ending exceptions because the app code just never planned for not being able to do some task which requires permissions declared in the manifest.

There is a simple solution for managing permissions for poorly built apps: serve them empty or fake data.

Every app already has to consider the case of GPS being unavailable indoors, the contact list only having one person (yourself) in it, or the camera picture being black in darkness.

Yes, that is a very good idea.

I'm sure some apps will fail anyway because they just never expected a contact list of 0 entries, but the list should be much smaller in that situation (mostly limited to those who do virtually no QA).

Sounds like a huge time investment and you risk bricking your phone? Doesn't seem worth it.

I have always wondered why Google doesn't add this feature. Creeping up the ladder of permissions is a problem in Android, and the user's choice is all or nothing. This can become a bad choice: Add a permission, or lose access to the data an app is keeping for you.

It would be easy enough for developers to catch security exceptions that Google would find little or no developer fall-off due to a requirement like this.

No. Only on some custom Android builds.

yes, android requires user permission to access any data on your phone.

It tells you the permissions requested by an app before you install it. For Path, see the "permissions" tab on this Play Store page https://play.google.com/store/apps/details?id=com.path&h...

Yes, you have to put this line in your app's manifest:

  <uses-permission android:name="android.permission.READ_CONTACTS"/>

and the installer will prompt the user for that permission when they install the app.

When you install an Android app it lists the permissions you grant the app by continuing with the install. Contact access is one of these permissions.