However, there is a flew in this framework. Let us take the case of location permission, which is pretty important to most people. Who wants their location delivered to other people without their knowledge? One might think that an application need to ask for a location permission (either ACCESS_COARSE_LOCATION or ACCESS_FINE_LOCATION) in order to do that, but that’s not true. If an application asks for permissions for the WiFi state (ACCESS_WIFI_STATE ) and has internet access, it can use the skyhook service (which is available for the Android) in order to retrieve the phone’s location. Skyhook provides very accurate location according to WiFi networks, in many urban areas in the U.S., Europe and Asia. It is very easy to see how can a user be misled by this situation.
The problem that lies at the heart of this flaw is the difference between two types of security. The engineers of the Android platform view security as access right to system resources. On the other hand, users have a different way of viewing security, which boils down to the question is something undesirable had happened. A simple solution to these types of flaws is by incorporating a feedback mechanism into the Android Market. Right now, users’ comments and rankings play an important role in finding applications. Adding some semantics and specific security-based feedback may be helpful.
--------------------------------------------------------
If you like this post please Bookmark it and comment bellow. To recieve new updates and other posts like this please subscribe via RSS or via Email.
Recent Articles:
Posts
0 comments:
Post a Comment