mitmedialab / Consent-HackDay

MIT License
2 stars 3 forks source link

Minimize and manage App permissions on smartphones #4

Open aschrijver opened 6 years ago

aschrijver commented 6 years ago

This is an idea I have that is sideways related to the hackathon topic (I leave it to you if it is an appropriate entry :slightly_smiling_face: )

Background

There has been much commotion and discussion on the internet (e.g. on Hacker News) and in the media about apps that may (or may not be) abusing the smartphone permissions you gave them, to spy on you using e.g. the camera and microphone, or harvesting the data from your memory card. Especially the coarse-grained permissions on Android allow apps way to much power over your phone (more fine-grained permissions are in the works, I believe).

For example Facebook has filed and obtained a patent to take silent camera snapshots while you are browsing their feed to analyze your emotions and such.

I got the idea from this topic on The Center for Humane Technology community forum: "I made an App that pretends to be Facebook, but opens quality content" (which I didn't include in awesome-humane-tech yet, because its more a trick, has no proper install, and still a bit rough around the edges)

The idea

Create an app similar in operation to Privacy Badger that sets the permissions on other apps - according to predefined profiles - prior to starting them, and then remove them again afterwards.

Features:

Challenges

Note that the latter point could be tackled for people using browser-based versions of the app (such as FB,Twitter, LinkedIn, etc.) by developing this as a browser plugin (e.g. for Firefox) instead.

License

The license below only pertains to this idea, as described above, and any code you create as part of the hackathon can, of-course, be published under the license of your choice with no attribution requirement, though I encourage choosing a FOSS-compatible one.

If this idea is not used for the hackathon, but is viable, it may be followed up upon in a repo under engagingspaces, or under the umbrella of The Center for Humane Technology, also under a (to be determined) appropriate FOSS license. In that case - if you are interested to take this further - you can contact me on the CHT forum, where I am a community moderator.


Creative Commons License
The idea "Minimize and manage App permissions on smartphones" by Arnold Schrijver is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

dazzaji commented 6 years ago

This appears more head-on than sideways to me. I think Doc will be reaching out to you on this either directly or perhaps via comment to this thread.

dsearls commented 6 years ago

Thanks, Dazza. It's a great idea, especially since we should have had the ability to set profiles of permissions, across multiple apps, from the start.

Hmm: perhaps relevant... just saw this in Wired https://www.wired.com/story/app-permissions/

Main thing with this hackathon is to get something cool and viral happening before May 25, preferably at least in the spirit of what I wrote about here in Linux Journal: https://www.linuxjournal.com/content/help-us-cure-online-publishing-its-addiction-personal-data-0 . Also here too: https://www.linuxjournal.com/content/how-wizards-and-muggles-break-free-matrix .

But we don't have to confine this thing to the hackathon alone. So let's talk about it.

dazzaji commented 6 years ago

Thanks Doc. I've added you to the repo here so you can keep the event info updated (you can accept write permissions here: https://github.com/mitmedialab/Consent-HackDay/invitations).

aschrijver commented 6 years ago

Those are some really nice articles @dsearls !

The whole permissions things are really a thorn in my eyes for a long time, and the reason why I don't try out most apps, even though they are often very interesting.

(Even looking for alternative phones and/or OS'es, like Eelo and Librem 5, the latter one should be very interesting to you, as it is running Linux distro's :slightly_smiling_face: )

On a related note I would also like to point to another great project on the Humane Tech list, namely Exodify - recently created by a member of humanetech.com community (@FacettsOpen on GH, I think). It shows trackers inside apps by Exodus Privacy in the Play store, but may be further extended with some permission utility. Maybe a rating system - i.e. something that conveys 'Danger.. too many permissions given the apps purpose'. Just brainstorming..

aschrijver commented 6 years ago

I would like to add following background article which has subsequent follow-up links on the topic (like privacyassistant.org): https://www.wired.com/story/app-permissions/