It is quite obvious that usually recommending the direction of traveling backward when talking about security and privacy is not the thing, but this move taken by Google encompasses both. As Forbes stated, this rewind will be the most welcoming one! It is not only welcoming in practical terms but also from the perspective of the users
Optics are regarded to be an important part of a user’s life, and Apple knows it better than that some of the recent decisions taken had a quite negative influence on the user’s perception pertaining to it as a privacy-driven company. Google has plenty of distance to cover to hit the place where Apple is even after the CSAM bump. Google, indeed, has given its more than 2 billion users around the world something to be happy about.
Google has now focused on the line between security and privacy
A strong intersection amid security and privacy has now been a center of attention at Google and is sharper and crisp than ever before. The company has moved to put its focus on both concepts when it comes to the permissions of the Android application. Saying precisely, the permissions that the user gives or denies to an application when it is first installed on your phone.
These are the changes over time that Google is addressing here.
When Android 11 was released last year, the company introduced an auto-reset feature for permissions. If the Android 11 detects that the app has not been used for more than a month, then it performs an automatic security rewind and continues to reset the permissions which were initially granted by the user to a default state of denial and revoking any third party access.
Now, the users will be wondering how Google can roll out such an update when billions of devices cannot convert into Android 11 in the first place.
The unraveling of this puzzle is hinted at in that developer blog quote: “powered by Google Play services.”
The update will be using the Google Play Services Framework which is installed on Android devices and it will ensure to fix its place so access to the play store can be put in place.
Sean Wright, the application security lead at Immersive Labs, told me that “at first glance, this seems to be a great idea from a privacy perspective; however, I have some concerns about its usability.” Wright worries that, as has been seen with privacy notices about cookies, users will typically blindly click through to remove these from blocking whatever it is they’re trying to view. “I believe we’ll see similar behavior when this feature is introduced,” he says, “after all, if a user approved those permissions in the first place, chances are they’ll approve them again, especially if they impact the usability of the application.”
What might be a better approach, Wright suggests, is for the user to be able to more easily determine permissions that are in use. “This would put real control back into their hands,” he insists, adding “functionality will always win over privacy, so we must find ways to marry the two and ensure users are given a genuine chance to control how and where their data is used.”