[sitkack]

And android and google is negligent for not allowing users to limit apps ability to use these apis.

An app can request it, I'd like to say NO in a way that doesn't break the app. It asks for camera, fine it gets the same stock photo. It asks for location, it gets the Galapagos. It asks for microphone, it gets "Never Gonna Give You Up". Installing an app shouldn't be a binary (hah) choice.

[SyneRyder]

But you can do that on Android now. On Android 7.0 (might even work on 6.0), go into Settings -> Apps, tap on an App and then tap on Permissions. You can then enable or disable individual permissions for that app (eg enable camera but disable microphone)

Android apps now request permission at the time they need to use a feature, not on first install. They've basically adopted the same permissions model as Apple.

[biafra]

This is not what he described. Removing any of these permissions must be handled by the app. The app shouldn't even know I removed a permission. It should just get empty or fake data.

[TomMarius]

No, the app has no control over it. It displays a system dialog once it tries to use something.

[sitkack]

This is a denial of service attack against the user, at most should be an innocuous overlay that alerts the user when an application using a privacy reducing api when that user has it disallowed.

[TomMarius]

I don't follow you. How can you alert the user that an app has requested something the user has declined when the user haven't made a decision yet?

[sitkack]

The app should never know the user declined usage of an API. When any app uses a privacy reducing API, the user should be able to know when that occurs. Microphone, location, etc, should be a small overlay like maybe the battery indicator icon where they can know when the app would have violated their privacy.

[freeone3000]

XPrivacy does.