An entire class of apps could be rendered safe by disallowing network access, especially the ones that do work offline, but are keen to phone home.
I just don't think pushing the choice of permissions to the end user is a good idea, not by itself. UX teaches us that people are lazy and will go through the easiest path.
Whenever a version of an app wants to provide a network service, Windows first asks if this specific app can provide network services on this class of network (public connection or private connection). So it is not just builtin, but for a particular class of restriction even easy to use. Blocking consumption of resources is an advanced feature though.
I used to use a program called "firestarter" on Linux, which provided a way to block specific apps. Long time since I've done that though, since most of the untrusted apps on Linux are Chrome and the ones you run in Firefox.
FreeBSD ipfw can firewall by userid, and Android runs each app under a different user (and would probably run apps in jails on FreeBSD, jail IDs are also available for firewalling)
Edit: Disclaimer I have almost 0 knowledge of Android development.
I don't think the user of an app should be left to its own devices to ensure its own privacy by outmanoeuvring developers, and giving them tools to do it it's just not good enough.
The permission may still exist (it has been a long time since I last wrote an android app) but it is no longer user visible.
It is called "have full network access".
(Android DOES have a network permission, but at some point Google decided it should always be allowed)
Rather, when requesting the permission from the OS, the developer has to supply a list of approved scopes and domains, and anything outside of that gets automatically blocked.
No involvement from the user.
Not at all surprising, if you consider Google's motives; they both want to appear like they care about privacy and give you an illusion of control, but at the same time they are ultimately an ad company who profits from the lack thereof. A lot of the decisions they make about their products make a lot of sense from this perspective.
- apps can use other ad networks than Google, and blocking network access would bring them more profit (higher app cost / more push for in-app spend)
- they can create separate categories for ad traffic and general network traffic
- having ads as a system element and limiting network access would allow them to cut off other ad networks to some extent, bringing more profit (although that's opening the doors to more talks about monopoly)
1. Disallow bg internet access.
2. Disallow fg internet access over wifi.
3. Disallow fg internet access over mobile network.
I've been building an app that exposes privacy features like bouncing permissions when apps are in bg (remember AppOps?), firewalling apps by disallowing data usage, setting DNS over TLS to servers that blackhole ads and trackers, show log of network activity, kill bg processes and activities and so on. Hopefully, would be done in a month or so.
You could do all of the above, today, but mostly, manually, by navigating through nested menus and what-not.
Android 10 would make some parts of what I'm building obsolete, and that's a good thing.
The ones I've seen had a setting only for restricting background data usage.
You could see if NoRoot Firewall (requires VPN) or Glasswire (may or may not require VPN) help you disallow internet access per-app.
I have permissions sliders for Camera, Contacts, Location, Microphone, Phone, and Storage. None at all for internet access or any specific network.
The permissions you list don't appear to be part of Android (8 or otherwise) and are likely after-market extensions in your phone's ROM.
I also do this for data usage, e.g. Spotify and my podcatcher use Wi-fi while email etc use both data and WiFi.
Edit: in the same spirit I block all free apps that don't require network connectivity such as health/workout apps. I kill all ads, and keep my data within.
Edit2: android firewall is called "NoRoot Firewall"
And this is how I have learned that Google's Calc app apparently wants network access. No thanks!
It seems super simple to provide that basic level of control to the end user.
I also want shadow/fake address books and location information as a feature.
This kind of content is usually never worded like this for other products, can the moderators fix it?
Microsoft issues update warning to 10 gorillion PCs (some super minor problem in the last patch cycle)
10 bazillion Android phones have spyware (some malware app was removed from the play store)
Does this mean device fingerprinting will no longer be allowed?
A great change. I don't mind having to spend some time going over each time, making sure the right settings are in place for security and privacy.
The other changes for location and camera access by apps are good too. Just hope the update will include my old-ish device.
Android 10 is still being worked on, if it was ready it would have been released.
That's not accurate. Android 10 is still in beta, so many of these vulnerabilities (just like many other bugs you'll see in a beta) are likely new to Android 10, and will be fixed before the final release.
1. Google has added API to access resources without getting full unconditional access
2. They are enforcing use of correct APIs on their store
3. Most of the system is now updated from the store. This is significantly faster than any of their competitors
4. Most vendors are now providing timely security updates. Some even have an Enterprise program with 4-5 years of updates.
Applications do not need access to gallery; they can ask the gallery to let the user pick the pictures he wants to work with; the app does not need the access to camera, it can ask the default camera app to let the user make the photo and get the result. The app does not need access to telephony; it can ask dialer to dial a number on it's behalf. Etc, etc.
The developers didn't use these APIs because users were asking for iOS style integrations, where any apps does everything for itself, instead of using system components. So they got it.
To me it is another signal of the erasure of cultural flavour at the company; the pivot to a base, power-chasing, stifling corporatist death march toward nowhere of interest.