Closed gilescope closed 4 years ago
hithomasmorelli
commented
4 years ago Have tested this on an emulated Pixel XL with Android R. After clicking the top permission button ("While using the app"), the NHS COVID-19 app realises that it is the wrong permission setting and alerts the user, so no need to worry about users thinking it's fine without allowing in the background :)
Screen recording:
adarrel753
commented
4 years ago I'm not an Android app developer (I'm a database man) but this request (from the app) would surely lead the end-user to think the app is going to access their location, when it doesn't need to do that... can this permission request not be removed?
hithomasmorelli
commented
4 years ago can this permission request not be removed?
Unfortunately not. Android - for whatever reason - requires location permissions in order for the app to have access to Bluetooth LE. The following links have more information: https://developer.android.com/guide/topics/connectivity/bluetooth#Permissions https://stackoverflow.com/questions/33045581/location-needs-to-be-enabled-for-bluetooth-low-energy-scanning-on-android-6-0 https://issuetracker.google.com/issues/37065090
See also the app FAQ on the subject: https://faq.covid19.nhs.uk/article/KA-01037/en-us
adarrel753
commented
4 years ago Hmm, i wonder if a change / fix for this will be included in Google's next Android O/S update...
jamieadkins95
commented
4 years ago You require the location permission to deal with Bluetooth LE, because you could work out a user's location if you know the physical location of the BLE object they have interacted with.
Let's say I build an app for a coffee shop that uses BLE beacons. When a user with the app installed detects the BLE beacon, the app will send a push notification with the coffee menu.
Now whenever the user enters the coffee shop and triggers the beacon, the app now knows that the user is in the coffee shop, and I have acquired their location without ever asking for that permission.
The problem is that Android has no way of knowing if the BLE object is a static beacon that you could know the location of, or if it is a phone that is someone's pocket that doesn't have a fixed location. You could quite easily set up an Android phone that is always plugged in on the coffee shop counter as your 'beacon', and to Android it appears the same as the one moving around in someones pocket.
Therefore, Android requires you to ask for the location permission from the user when you are handling BLE.
edent
commented
4 years ago I'm pasting this message in every active GitHub issue, so you may receive duplicate notifications.
Today, I'm happy to announce that NHSX has released the full git commit history for the Isle of Wight Beta apps.
As discussed, we have redacted API keys, sensitive domain names, and some of the developers' personal details. I am still waiting on final approval to publish the server-side code.
I would like to personally thank the community for your comments, bug reports, and vulnerability disclosures. They all went into helping the development process.
The beta trial of this app has now ended and we've moved to the next phase of app development. It is our intention to publish the source code of future apps as the binaries are released to the public.
Once again, thank you for being part of this.
Terence Eden Head of Open Technology - NHSX
gilescope
When we are asked about allowing location tracking in the permissions dialog (when running android R) the most obvious options are:
Lots of people will think they're doing the right thing by clicking 'While using the app'. In fact, the user has to click a link 'Allow in setting' and then 'Allow all the time' in order to do the right thing.
To Reproduce Steps to reproduce the behaviour:
If you choose the top option you get:
Expected behaviour Before being presented with the 'Enable Permissions' button the user should be told that for the app to work they have to click the
Allow in settinglink and then click[ ] Allow all the time. (Ideally show a couple of photos of what these screens the user will be presented with will look like)Smartphone (please complete the following information):