[drdaeman]

Another keyboard that requires network connectivity, profile/contact data, call state, access to photos/recordings (eh?) and even wants to send SMS[1]. Do users really don't care and blindly ignore all security warnings?

Just wondering why keyboard makers don't provide "restricted" builds of their software, that intentionally lack some features, but still serve their purpose by providing an efficient method to type at a reasonable price.

___

[1] EDIT: Not sure, this could be localization error in a Play Store. Reportedly it says "read your text messages" in English, but for me what I see roughly translates to "send SMS and MMS".

[rayiner]

> Do users really don't care and blindly ignore all security warnings?

Whenever I install an app on my Nexus 5, I click through the "this app wants XYZ permissions" dialog without reading it. Not only do I not read it, I get a little angry each time because I can't do anything with the information and it's just in my way.

[Jacqued]

Yeah this popup really lacks a way to accept/refuse some permissions based on what seems logical for the app.

I would typically uncheck a lot of permissions on some apps, but since I can't do that I'll just click through if I really want it or cancel if I don't.

[jonalmeida]

BlackBerry 10 has a similar implementation but allows you to choose if you want to enable that feature. When using the app, if it needs a permission you didn't grant, I believe it will prompt you again giving you the option to ignore it (at least that's how I last remember it..)

[hahainternet]

> I get a little angry each time because I can't do anything with the information and it's just in my way.

I don't install apps that require permissions I'm not happy with. Don't be so callous with your own security.

[rayiner]

My phone is already sending everything to Google, so what do I care?

[danielweber]

Confidentiality, Integrity, Availability.

If you've taken the decision that none of these three is worth the hassle, that can be a fine decision.

[scott_karana]

You're disclaiming liability by agreeing.

[cwyers]

The SMS permission is so that it can read your SMS messages to use as training data for their word-completion prediction features.

As to why SwiftKey doesn't strip out most of the features that makes it better than the official keyboard and sell it to a small market of people who don't want the features that are the app's actual selling point... well, that's why, those are the features that differentiate them, without them they're not really that special.

[drdaeman]

> The SMS permission is so that it can read your SMS messages

Either it's a bug in a Play Store, or we're talking about different permissions. For me, it says (in Russian, no idea how to switch language) "Отправка SMS и MMS (может взиматься плата)" which translates to "Sending SMS and MMS (fees may apply)".

Unless Google broke something with their recent permission revamp, I assume it's SEND_SMS, not READ_SMS permission. And that's worrying - I fail to see why should I grant such permission to a keyboard. It's not SMS-sending app, I have a separate one for that.

[crazypyro]

Appears to be a localization error? Here's what it looks like in English.[1]

[1]http://i.imgur.com/li8jHu2.png

[drdaeman]

Interesting. No idea, but guess so.

Or maybe they have separate builds (doing A/B testing, having region-specific versions or something like that). But I guess localization error is a more probable version. Where do I report one?

[swiftkey]

Thanks for flagging this discrepancy, we're looking into it but it appears to be a translation error.

[swiftkey]

Hi drdaeman please can you send us a screenshot of where you're seeing the text you mention to reviews@swiftkey.net and briefly recap the issue? We'll get our Support Team to investigate for you. Thank you.

[drdaeman]

Sure. Sent an email.

I've also checked the installed APK, and it's certainly Google's l10n fault - the APK has READ_SMS declared, not SEND_SMS one.

[drdaeman]

As for features... I thought their primary selling point is being smart - their pattern recognition logic, that translates swipes to words and sentences. A good dictionary, a good language model and so on.

I really doubt the thing that differentiates them from other keyboards is that they learn from message history and sync that over the network.

[michaelmior]

I can't be sure, but from trying different keyboards, I found SwiftKey seems to be faster to adapt to my particular patterns of language usage. I assume this is because it has access to a reasonable amount of text written by me. In any case, I have found the prediction to be superior to other keyboards I've tried. (Although I haven't tried Fleksy yet. Looks quite promising.)

[6d0debc071]

> Do users really don't care and blindly ignore all security warnings?

Even if they care, when the choice is not to install any apps or to ignore the warnings....

[cik]

This is why you need to root your phone, for taking control of your permissions. I'm okay with running these things, but only once they're 'secured' within the ecosystem.

First off, Permissions Manager. Only let applications YOU designate, have access to permissions. Hint: nothing really needs to know where you are.

https://play.google.com/store/apps/details?id=mobi.infolife....

Secondly: Install a firewall. No-root firewalls are NOT a valid substitute, given that they need to be (re)activated every reboot. By default don't give things internet access, it's even logical, and user friendly.

https://play.google.com/store/apps/details?id=com.jtschohl.a...

Thirdly, learn about your data. It's your data, and should only be sent to hosts you're okay with.

https://play.google.com/store/apps/details?id=com.googlecode...

Finally, blacklist hosts based on #3. Even if an application needs to hit the outside world, there's no reason that it needs to contact all hosts.

https://play.google.com/store/apps/details?id=com.treb.hosts

This doesn't mean that you should have trust, or even faith in these measures. But it makes things significantly more tolerable. You still have a tracking device in your pocket - but at least you have more control over it.

[annnnd]

I'm also wondering why Google doesn't provide a way to limit app permissions and feed them dummy data. (they did for a while)

[drdaeman]

Swype had cried a river when CM tried to do so. Guess, data mining companies who're interesting in obtaining customer data have their ties with Google.

Oh, well, Google is one to begin with.