[hyperion_]

Using the developer preview now there is no difference when installing new apps, so do developers all have to make manual changes in their apps for it to work, or will Google flip a switch at some point?

Currently you can change app permissions once an app is installed, but they gain all the permissions they ask for when installed.

If each app has to be updated by the developer for the changes to take place, it might take a while for this to have any large effect on the ecosystem.

[on_and_off]

The app needs to target M in order to access to these granular permission. An app targeting a lower API level will work in legacy mode where it gets its permissions at install time, like before. I guess it makes sense in order to give enough time to the devs to update their apps to this new system. As long as the checking/warning becomes more aggressive in N, I am fine with that choice.

[magicalist]

According to the session after the keynote, you'll still be able to at least go back and revoke permissions individually for apps targeting older API levels.

[biafra]

And they will most likely crash if you do, because they are not expecting a SecurityException. I prefer the CyanogenMod way to just give out empty data, if a permission is not given by the user.

[kllrnohj]

What you're calling the "CyanogenMod" way is actually what Google built, it's called AppOps. All CM did was expose it. The actual capability of permission revoking and handing out dummy data instead was all done by Google as part of AppOps and I assume that M is using that same system because it'd be silly not to.

[ufmace]

I just tried it on the AVD image. It gives you a warning when you revoke a permission for an app built on the older API.

[on_and_off]

yeah, but that way you can only remove the permission after the installation.

Facebook for example is known to siphon your contact list as soon as the app is installed, so even if you remove the permissions from the fb app, it is already too late.