| No, it's a problem in the model. User testing has shown, over and over again, that users do not read pop-up boxes. Why would anyone expect security warnings would be any different than error messages? MS dialed down granularity from Vista to 7 and the UAC is still a joke. What's needed is something different. I don't know what that thing is, but pop-up boxes are not it. My pet theory atm is "services". When an app installs, it can register as knowing what to do with certain data. Say, GPS coordinates or contacts. If a user wants their wallpaper to have access to that data, they'll open their GPS, or contacts app and explicitly allow the behavior. That way, an app only has access to those data sources if the user explicitly sets out to grant it to them. If it's a conscious multi-step process, it should be pretty hard for people to accidentally grant a wallpaper access to all their personal data. And given the competitiveness of mobile app stores, I doubt any app would survive that sits functionless and nagging until the user explicitly grants it a half-dozen permissions. So they'd quickly end up asking for less, or at least delivering as much as they can with as little as they're given. I know "services" hardly goes all the way. But my point remains that no level of granularity will make the pop-up approach 'work'. |