|
|
|
|
|
|
by lallysingh
3313 days ago
|
|
|
There's a tradeoff in usability. I do wish Google (or a phone vendor! add real value!) would let users choose fine-grained or coarse-grained security at the UI level, and let developers just use fine-grained permissions APIs. |
|
|
Bad security: App requests all your contacts and shows you a list of people you can invite to play Candy Crush. The user clicks one, but the app already has access to all of them.
Good security: App requests a contact and the OS shows you a list of people you can invite to play Candy Crush. The user clicks one and the OS gives that contact info to the app.
The user experience is quite similar, but the security design is far better.