[charcircuit]

>The permission model of Android is worthless, if you actually want to use it as your desktop replacement. I.e. if you want to own it rather then rent it (and be told by the manufacturer / reseller what you may or may not do).

You make no sense. The permission model is what makes these operating systems so secure. It's not worthless as it significantly hurts the capabilities of malware. If your definition of owning a device is that you should be able to install an app that can steal all of your login information to every other app you have then you are alone with that definition. People don't want to have to care about security when installing random apps.

[LoganDark]

> If your definition of owning a device is that you should be able to install an app that can steal all of your login information to every other app you have then you are alone with that definition.

(not GP) This is false, I should be able to install an app that can steal all of my login information to every other app I have. I want the freedom to do stupid things with my device but also the freedom to avoid doing stupid things with my device. It's why you're informed of such permissions and allowed to accept them rather than just being prevented from installing any app that wants them.

Note that I love sandboxing and safe/isolated APIs, it's just that, more often than not, OSes literally can't include any escape hatches or else, no matter how complex they are, normal people will get tricked into activating them.

[crabbone]

Oh, but there are plenty of things on Android that you simply cannot do. They aren't expressed as permissions at all. And there's a lot of things that you can do, but that will void your warranty, or will make the process so painful and complicated that you will regret even thinking about it.

They created a permission system with a powerless users in mind. Their model user is the one who doesn't want to own the device, it's the useful idiot who rents the device and swipes on ads. This user needs to be showed ads by "partners" and because it's too financially taxing to approve "partners" individually, there's a system with some heuristics in place that makes sure that the diligent ads consumer doesn't rebel or doesn't get side-tracked by "partners" breaching provider's trust.

I describe their model user as "idiot" because it's an idiom in the language. I don't mean the user is generally stupid, rather that the user is not knowledgeable and not wanting to gain any knowledge in a very convenient (for the provider) way. Someone who may be duped into doing things against their own best interest.

But, yes, if you don't want to match that profile, you will be offended by that kind of attitude from the provider.

---

And, more on the reasons why Android's permission system sucks: it's, again, built at the wrong level. This is very often the case with software: it's usually much easier to build things at higher level, but that also gives worse results. It built this way to make the development on the part of the provider cheaper. It covers the needs of their model user, the one which potentially generates the most profits for them. They have never meant or wanted to make a system that's most useful for any potential users. It just needs to be barely useful to turn profits.

[charcircuit]

I think you are failing to understand 2 things.

1. Users will be tricked into giving permissions to apps. There isn't a reason why apps should be able to while in the background before you've even opened them be constantly listening to your mic and then uploading the audio and your location 24/7. That's simply something that Google has chosen to not be something apps should be able to do. And that's okay. It keeps 100% of the users secured against these malicious app.

2. The users are not the only stakeholders. The app developers are too. It's Google's job to make a platform that takes in the needs of both the app developers and the users to create the platform that gives users the most value possible. This is where things like DRM come in. One could say that you are taking power away from the user my creating secure layers that can't be recorded or screenshoted, but on the other hand you are giving content owners more assurance that your platform is safe for them to distribute their content on. This is a compromise between the needs of the user and the needs of the app developer. It's about giving the users the most value possible instead of the most control possible. This is the main reason why Android is the most popular consumer oriented Linux distro. Desktop Linux distros prioritize giving users control over security and user value and it turns out that is not the way to get mass market appeal os it remains niche.

[LoganDark]

> Oh, but there are plenty of things on Android that you simply cannot do. They aren't expressed as permissions at all.

Yeah, see what I said about escape hatches above.

> But, yes, if you don't want to match that profile, you will be offended by that kind of attitude from the provider.

> It covers the needs of their model user, the one which potentially generates the most profits for them. They have never meant or wanted to make a system that's most useful for any potential users. It just needs to be barely useful to turn profits.

Agreed~

[crabbone]

You know what operating system is the most secure? The one that's turned off...

Yeah, maybe you can spin Android as being more secure (than what?) But it's also useless. It's like with the rifle, if it's always in "safe" it's very secure... but useless as a rifle as you cannot fire it.

[hulitu]

> The permission model is what makes these operating systems so secure

My definition of security is that programs have access on a need to know basis. Especially to my files. On Android is all or nothing.

[charcircuit]

That's not true. Android apps start by only having access to an app specific directory. In order for it to gain access a file or directory outside of that it needs to be selected by the user explicitly. There are also directories like the download directory which apps can't read from. For more information look up "Scoped Storage"