Android's problem

Tags: software, apps.
By lucb1e on 2013-02-19 21:40:59 +0100

So I've got an Android phone now. A "smartphone" I should probably say: to call this Galaxy Note 2 a "phone" is practically an insult, considering it's got an accelerometer, gyroscope, GPS and even an on-board weather station. Okay, it's only a barometer, but you can replace the S-Pen with a thermometer and probably measure wind speeds with the microphone.

Top of the market quad-core smartphone, great. I don't need 4 cores, but they'll probably turn out useful next time I'm going to do... video editing on my phone, or something. It turns out that my screen classifies as "High Definition Widescreen", so who knows video editing may become mainstream on it.

I'm a software guy - let's talk software. I've been playing with Linux for over a year now, and I must say that I'm totally sold. It's not always as easy as Windows, but the closeness to the system is addictive. You're in control. And as Android is based on the Linux kernel, I had expected a somewhat similar experience.

Not that I can complain all that much really, there are really many good things that I couldn't even imagine on my previous Symbian phone. (That really is a "phone".) To give you a simple example, I can setup an open mobile hotspot in the train called "internet" and watch people trying to login to Facebook as we go. Great success!

Or another fun example was connecting my laptop to a pc, without wireless access point or cable available. I setup a wireless hotspot on Android (WPA2 this time), connected my laptop, then connected my phone over USB to the desktop pc, enabled USB tethering, disabled mobile data, and... it didn't work. The networks of the USB tethering and the wireless hotspot tethering are separated. Solution? A couple iptables rules to make Android route the packets. Awesome!

Google and the manufacturers really do have a love-hate relationship with openness though. The above examples are totally awesome and entirely in the hacker spirit, but the flip side is the proprietary part of the OS: the apps.

There is such an incredible lot of shit delivered to you, that you might pay to have it all uninstalled. Yes, I would. After rebooting my phone, there is a list longer than the screen itself (that's higher than my desktop's Full HD screen!) of apps that are running. Why? I have no damn clue. Google Maps for example, what is it doing? Checking for updates? No, the Play Store does that. Tracking my location? Perhaps.

Where do you turn it off? On any unix system, you have a nice overview of settings in your /etc folder. But wait... we've bought this device, but does that mean that we own it? Of course, the hacker would say! No way, Samsung says! If you do with your hardware what you want, you can't get warranty anymore.

Uh, guys. If you can show me that I broke a device myself, it's not under warranty in any case. You don't need to deny me administrator or root permissions for that, like you are doing on every phone and smartphone. If you want to protect me for my own good, make it a checkbox just like installing apps outside the app store is. For effect, color it red.

Okay, warranty of a €700 device (or something) voided after 8 days. That's probably a new personal record. Back to the /etc folder, which is what we were headed for. Terminal app installed (no virtual terminals by default on this weird flavor of "Linux"), we navigate to the folder... and they hid all settings. It's not there. Instead there are apps that can manage your startup programs for you, but I don't trust apps.

You got that right, the software developer hates software. I am not entirely sure why I distrust apps, but it probably has something to do with the fact that the platform is so immature and everyone is trying their hands on apps making right now. I have no trouble installing Windows applications that look in any way legit, though they are granted root permissions without even asking for it. But now that we have this neat permissions scheme... why don't we use it?!

It nicely shows me that the app I'm downloading (which app? Any app) needs full network access, read my sdcard, see my phone status, view my location, and access to stuff that costs me money. I'm just talking mainstream apps, nothing fancy that actually needs anything. At least not besides internet to download its payload of ads for me to click away and scroll past... So I am now presented with a choice: do I really want the app with its features in exchange for, in the worst case, my life? If it turns out to steal passwords, the worst case scenario is identity theft. Or in the best case, only my privacy being violated.

Why can't we turn these features off one by one and per-app, just like in the latest Google Chrome? (Chrome can enable/disable images, javascript and more per website.)
Example: I want to grant Google Maps GPS and Internet, but not paid services. Maps could then just block any services that I'd need to pay for, it's simple as that.

Then there is the problem of almost every app needing to read my sdcard. Why does it need access to all of it, just to store a single file on there? Can't Android provide an API by which I can select the desired destination folder in-app, to which it then is given read and/or write permissions? Like an ACL list, but intuitively and without even noticing you're modifying ACLs! It also seems so easy to build...

The idea that you can see what permissions the app requires is a really great idea. Absolutely, no doubt about it. But the next logical step in evolution is giving the user control of which permissions to grant.

Here's the fun part: Such a permission manager exists in Android, we're just not given permission to use it. We, as users, cannot grant or deny Maps the permission to use GPS. The app itself requires it, and we then click install or cancel. When you try to use the "pm" command, it tells you this:
SecurityException: Neither user [you] nor current process has android.permission.GRANT_REVOKE_PERMISSIONS.

I haven't figured out a way to grant permission granting to yourself yet. The obvious solution would be "su" for root permissions, but no that's locked down too. The pm command seems to be bound to your useraccount, so the root user won't appear to have a Maps app installed, thus you can't grant or revoke its permissions. I've yet to find a workaround for this, and I'm sure that with root permissions you can find one, but they're doing a lot to lock this down and prevent us from messing around with apps and their permissions.
Perhaps I could make an app which requires root and then calls the pm command... but I don't know yet.

Android is also kind enough to choose what apps are running for you. Automatic memory management is mostly quite nice I guess, but I want to be in control. I'm left to the mercy of Android's robotic senses now. Low on battery? Android kills background applications. High on battery? Android randomly starts apps because it doesn't use 50% of your RAM memory yet... Stop it! And also stop running every app at boot time, both on Windows and mobile devices!

Contrarily to what they may think, I do not need all my apps to run in the background and check for updates every fifteen minutes. Give a monthly digest of apps to update when I'm connected to wifi (defaulting to 3g is an expensive joke for most!). If you would also include real changelogs with a list of improvements that you've made (which almost nobody does), then I would be friggin' looking forward to patch tuesday and all of your updates!

Lots of things to improve. The hardware is where we want it to be I think. Batteries can always be better and megapixels always increased, but as long as you ever need to charge, you might as well make it a routine. Any decent phone doesn't run out of juice on a single day, and photo quality is great too, so that's what I mean by that the hardware part is finished for now. It's probably software's turn to improve and polish now.

Overall, I'm very happy with my smartphone and with Android. I know people with iPhones, and I'm really glad I didn't go for one. Overly expensive, ugly after looking at it for three weeks, small, and locked down in every possible way. On Android I can connect an usb hub and connect my desktop keyboard, mouse, sdcard reader, wireless bluetooth mouse adapter, and everything else I've tried. In fact, its hardware detection is up to 60 times faster than Windows' (I timed it)!
Now we only need to improve this problem called apps...
lucb1e.com
Another post tagged 'apps': What'sUpp with your malware policy?

Look for more posts tagged apps or software.

Previous post - Next post