| Google _could_ fix this by requiring SecurityException to be handled. 1. Enable the user to select "a la carte" permissions on a per-app basis. 2. The user selectively turn off permissions, e.g. I WANT my flashlight app to throw an unhandled exception when it tries to get my location. 3. Require exception handling for missing permissions in new versions. The burden for developers is low, especially in the cases of gratuitous permissions. There are some cases, like address book apps that require access to the Contacts provider where a permission could make an app's functionality a nullity, but I think the everyday user is OK with seeing a crash dialog if a crappy app with obnoxious permissions craps out. In the case of a high-value app like Facebook, Facebook would be motivated to explain permissions and provide exception handling that preserves as much functionality as possible. If app compatibility becomes an issue, "nerfed" results instead of thrown exceptions could be used to trick apps into accepting fake data. By combining options, notifications to the user, the use of SecurityException, and changes to exception handling requirements, Google could readily retrofit fine-grained user-controlled permissions to Android. |