Tell HN: Google does not list application permissions in the Play Store any more
They had implemented that already a while ago, then reverted the behaviour, and now implemented it once again.
It seems as if it was not "enabled" for everyone yet, however.
They hid the permissions with each version better and better and apparently decided now, users don't need them at all. While it is much less of a concern with runtime permissions that are optional.... yeah, I greatly dislike this too. In particular because not everything is a runtime permission. E.g. I like to know that [apk X] has no internet or file permissions at all - it rules out nearly all practical ways to leak your information. And google just keeps taking more and more steps to hide that information from me. My biggest pet peeve is optional runtime permissions that are not optional. I have a CO2 monitor that you read through an android app. It cost like $250. If you don't give it geolocation permission, it just says "this app needs geolocation permission" and shows you a button to go to your settings to enable it. Any time you disable geolocation, you get that message and button again. I have yet to find any geolocation functionality in the app. EDIT: Please see epukaza's comment below. There is a legitimate reason for this permission, which his comment explains. The app needs the geolocation permission to access the bluetooth radio and scan for devices. Any company can can technically do geolocation using nothing but nearby bluetooth MAC addresses if they have location information for any other phone/device in bluetooth range. With the proper permission set (neverForLocation), the OS shouldn't ask for geo-location permission. So the app seems malconfigured, or it's actually doing something with the Bluetooth beacons that it can't do otherwise. https://developer.android.com/guide/topics/connectivity/blue... That permission is pretty new, so the app might not have been updated for it. What you said sounds plausible and I believe it. Assuming you’re right, it’s really sad that multiple sibling posts assume that the app was doing something shady and selling the user’s data. It shows, in general, how little trust people have in apps on their own phones. Trust is earnt. I can reasonably have a default level of low trust for practically any app. This isn’t some blind anger stance. Its not blanket mistrust or some kind of ignorance. It is healthy scepticism. Totally reasonable in today's environment. Plenty of app developers have muddied the water enough that apps should have a lower level of trust given to them. Stealing data is a reasonable fear now. It is not reasonable to assert otherwise. It is therefore reasonable for a person to wonder why geolocation is requested but then be suspicious why it doesn't seem to need it. Regardless of the underlying technical reason. Those technical reasons are part of informed consent. If I don't have informed consent, do I really have consent? Its also not a sad state at all. Its healthy. Its part of the modern landscape that someone can be suspicious and rightly so. If not, you're setting people up for misfortune. Is there some reason you want people to blindly trust like this? That seems almost abusive to me. I don't know about others, but thanks to a combination of protocols, google and law-enforcement my trust on phones and anything connected to it is basically zero, despite being quite secure on a technical level. > Assuming you’re right, it’s really sad that multiple sibling posts assume that the app was doing something shady and selling the user’s data. It shows, in general, how little trust people have in apps on their own phones. This is almost all apps. Your default assumption should be that anything on the big app stores is being as malicious as they can get away with -- especially if it is a forced install leveraging some product you have already purchased that could easily be sent over a standard protocol. The Canon printer configuration app has the same sort of soft geo-permission lock. Sniff the network traffic right as you enable it, and you'll see your data happily find its way to their servers. _Maybe_ the app is fine, but in the cases I've checked big corporations abusing your privacy is the norm. Trust is earned not granted. You don't trust a random stranger walks by, why should anyone trust apps created by some random organizations? Especially given some calculator and similar apps came with a privacy statement, how much trust do you believe we should have in apps on our phones? It's sad that so many apps can't be trusted, leading to a lack of trust in apps in general. But that's not our problem. I could not agree more. Ah, that would make sense. It is indeed a bluetooth connection and it scans for any nearby devices. Thank you for clarifying that, I appreciate it, and I feel a lot better about the app! Can you tell if that's all it does? I don't know what all geolocation covers in Android terms, but it would certainly be a superset of just scanning for BlueTooth. I would be curious if it does any or all of: - Fetching GPS coordinates, which are typically to many decimal places.
- Making API requests to external servers that you don't own. A tool like MobSF (https://mobsf.github.io) might be very enlightening to understand what a given app does, or at least can do. I've tinkered a bit with an iOS app in it, but not Android so far. Also, proxying your device through Burp Suite or ZAP could also be interesting to see what traffic occurs, especially if the developers weren't picky about valid TLS certificates. > The app needs the geolocation permission to access the bluetooth radio and scan for devices. Sure, but why does the app need to be able to scan for any and all Bluetooth devices? There should be an entry in the manifest describing the kind(s) of devices the app wants to interact with, and only those devices should appear in the scan. Naturally the list would need to be reviewed to verify that the selected devices are related to the app, and presented to the user in the app store along with all other requested permissions. In this particular case the same company designed both the app and the device it's connecting to, so for all we know the device could have an embedded GPS receiver to provide the app with much more detailed location information than it could get from Bluetooth alone. It could also just relay its own Bluetooth scan results. However, the app at least couldn't easily get location data from Bluetooth scans when the device isn't in range. This permission structure has now been split up in latest versions of Android to avoid this kinds of confusion. The fact you couldn't find that reason yourself implies you could not have made an informed choice. You were effectively compelled. That isn’t permission consent. That was permission coercion. Being forced to consent isn't ethical. They obviously want to collect the "CO2 readings at location" data and sell it to the highest bidder. Why do they refuse to opt you out of being an unpaid drone generating $0.02 worth of data for them after you paid them $250? Because they can, since we don't have any laws forbidding it. A colleague of mine discovered his air monitoring device companion app was uploading to their website along with a map pin on his precise address. He wasn't too happy about that "This dirtbag cares about the quality of his air! Get him!" At the risk of getting off topic… For anyone now curious about CO₂ monitors, I’ve been running an imitation of this setup and have no complaints: https://github.com/larsp/co2monitor Adafruit’s SCD-30 is also nice and pairs well with a Pi Zero W. The geolocation information is not for you, it’s just sent along the rest of your information. > E.g. I like to know that [apk X] has no internet As far as I know (please correct if this is wrong), there's no such thing as an app with no Internet permissions. All apps can access the Internet without permission, and only additional uses of the Internet (e.g. seeing your WiFi AP name) require special permission. AFAIK the "Internet" permission many apps requested was actually for this more advanced usage - just to hit a REST endpoint or something required no permission at all. The internet permission is separate, and without it an app can't connect to the network: https://developer.android.com/reference/android/Manifest.per... It's so commonly requested though, that virtually every app does have it. (extremely) commonly requested, and granted implicitly for I-don't-know-how-long-but-it-is-a-long-time. But for quite a while you could still read the permissions list in the play store, and see if it used it. And adding the permission would still give you a warning on upgrade (outside the play store anyway). Both of those (I believe) are gone nowadays. It's obviously going to be requested by most, but its absence can be extremely relevant, e.g. https://play.google.com/store/apps/details?id=keepass2androi... > please correct if this is wrong It is wrong. Internet permission is made of INTERNET and ACCESS_NETWORK_STATE, which are "normal"-level permissions to be specified in the Manifest. Without them, no Internet. Correctly: there are plentiful applications that do not need it. Google play stopped showing the internet permission ages ago, but it exists. That seems OK since it still asks you as it needs them when running an app, and "prunes" permissions away from apps that you do not use often. Lots of apps only need specific permissions if you use specific parts of the app. And apps are much larger (one app does more things) than they were 5-10 years ago. Eg you can use some apps as a camera, but never as a photo editor, and get use out of it by only giving some specific permissions (camera), forever. You are right, but that doesn't seem like a good excuse to remove that information from the Play Store completely. It would be trivial for the Android APIs to require that all permissions requested programmatically are also present in the manifest. This would continue to give user's a picture of what the app could/would request. They could just change their play store listing from "Required permissions" to "Permissions this app can request". This is similar to the "nutrition label" approach that the Apple App Store has. IIRC it's already in the manifest. Yup, you must _both_ put the perms in your manifest, and then _also_ request them at runtime now (at least for many "sensitive" ones... not sure if there are exceptions for any others.) Google's docs are very clear that apps are meant to explain the need for perms, and the impact of denying them at runtime... I'd love to see the play store to also provide publishers a way to specify what the impact/loss of features is if you deny them at runtime. Trustworthy publishers would love this, and the non-trustworthy ones... ¯\_(ツ)_/¯ > That seems OK since it still asks you as it needs them when running an app, and "prunes" permissions away from apps that you do not use often. No no no no no, this is a total catastrophe. I can't understand how it got implemented at all. I just missed a birthday notification from my calendar app because Android "helpfully" removed the app's ability to create notifications! After all, I hadn't opened the calendar app in more than six months! Infuriatingly, I caught the original message telling me "hey, we just noticed that your calendar shouldn't be allowed to send you reminders" and I tried to restore the permission, but that doesn't seem to have worked. Whoever designed and implemented this "feature" shouldn't be trusted to put on pants. > and "prunes" permissions away from apps that you do not use often Certainly agreed: a system should never "take the initiative" and replace you in decisions. I am seeing cars that act along the lines of "Ah, you turned off the air conditioning, so I'll proactively open the windows": this clearly indicates that some manufacturers have embraced decadence and nihilism, they "have given up" and "want to watch the world burn" (unless they are simply underage savages). Yeah that feature is complete garbage. The intent is laudable (reducing permissions for unused apps) but the implementation of getting a notification every once in a while with a ton of permissions removed is awful. Combined with the fact that Google seems to be sending more notifications for all kinds of junk nowadays makes it even easier to fail to notice that. Fully agreed. What's worse, even if you painstakingly go through all your apps and disable this anti-feature—since there no global setting—it just gets turned back on the next time the app is updated. Putting aside the abysmal UX, automated systems should respect clearly-expressed user preferences. Android documentation says that if the permission is auto removed, you'll get a permission prompt next time a notification is sent. This clearly isn't OK. I want to choose between an app that asks for what it needs to work and an app that ask everything it can, before installing it. It's a dark pattern. The new data safety section lists things that look like permissions as well. Should permissions be clearly listed in the new data safety section? I think it would be more helpful that way. Don't you have more context to understand and grant the permission request at runtime? For example a banking app might want access to the camera for depositing checks, but until I'm actually depositing a check it might not be clear why it would want to use the camera. You can ask later, too. But be clear upfront, I want to compare choices. Not many choices in that case in which you install the app your banks has. I'd prefer to avoid even downloading apps if they ask for permissions that aren't necessary. To hide that just makes me never want to use the play story anymore. Why is this okay? I wouldn’t download, e.g.; a video game that would ask for my contacts or location. Why should I have to download and wait for the app to install before I know what permissions it’s asking for? Furthermore - what’s the possible purpose of removing this information when it was already there? Here's a reason: if you never download it, you can't give it a 1-star review. One of the permissions I'm really reluctant to grant is "run at startup". As far as I know, that's granted at install time, not prompted for, and there's no way to disallow it. Is there now going to be no way to know if I'm granting that or not? What's wrong with run at startup? My calculator doesn't need to run at startup. There's nothing useful it could do in that situation, the only possible reason is to download ads, track me, or just pointlessly waste battery. Ditto for a wide range of apps. Pretty much everything that isn't a messaging app. Exactly. Tracking me, wasting my resources, etc. What about standard permissions? The user is never prompted for them. What are standard permissions in this context? Network access, for example This change was when I stopped downloading from the Play store. Prior to that you could easily see that the compass or flashlight app you were going to install needed network access, something that set off alarm bells given the state of malware back then. It was a bit of a pointless permission because literally every app requested it. The android permissions system very quickly fatigued users in to accepting everything. The new model is much better. Allow the user to actually deny the important permissions but just accept that network access is what apps do now. > literally every app requested it No, not every application requested network access. And surely not a small number of users checked if a calculator or a sound recorder did, and, also checking the developers' justifications for including specific permissions, decided their (dis)trust. I agree this is a better set of defaults, but there should be a toggle in the settings someplace, even deep in the developer mode settings, that gives users control over more granular permissions and allows them to choose which permissions to auto-grant and/or auto-deny. Though I agree with you, why is this level of detail demanded of mobile apps but not of desktop apps? I would love to be able to sandbox desktop apps as well. Since when network access is standard? Access to filesystem is not, use of hardware components but for display and speaker is not, internet access is not... Maybe you are referring to the exploitation of "intents" to exchange with networking enabled applications? Network access requires no user approval. The only place you could find it before granting it to an app was via the permissions list in the play store. Ok, let us clarify the matter a little. An Android application requires "permissions" to do "anything past the basics"; permissions have to be declared in the "Manifest" file. There are (simplifying) two main types of permissions: "normal"¹ and "dangerous, runtime"²; the former only need to be specified by the programmer in the Manifest; the latter also need direct confirmation from the user at a requester prompt. This implies that "normal" permissions are granted by the user implicitly with the action of installing the application. Which means, that it is _quite important_ that the user sees the permissions list beforehand, before installation. -- ¹"Normal": BLUETOOTH, INTERNET, VIBRATE... ²"Dangerous": READ_CONTACTS, RECORD_AUDIO, SEND_SMS... Same with "run at startup" and some other important ones; there's no way to deny it once installed. This is why having a firewall installed is essential in every android phone. Afwall+ does the job. My phones are all rooted but if I'm not mistaken it works on non rooted phones as well. Nope, it requires root, as it should, really. Anything that can mess with networking at a low level needs root; there's no Android permission that I know of that lets you get down to iptables level. There do exist "noroot" Android firewalls; I am not sure how they work (I think by somehow becoming interfaces - like "noroot" packet sniffers), but very probably not through `iptables`. There are products on GitHub; I am looking at NetGuard (from, I think, Marcel Bokhorst aka M66B - the project has many forks). The .md says, «The only way to build a no-root firewall on Android is to use the Android VPN service». LineageOS. Or Murena, if you can't be bothered to install it yourself. And then use f-droid, or if it's not available there, Aurora store. As seen on computers, OS is too important to be left to companies - if you value your freedom of choice and privacy, that is. I am very much fed up and ready to get on board with you but one thing that holds me back is photo quality. Nowadays camera sensors are only half the story and most of the iphone-like photo quality is achieved in software. Have we reached a point where non-OEM apps can deliver something comparable to the market expectations from big manufacturers? I am ok with narrow combinations e.g. if you use app X on Hardware Y you have amazing photo results. Is there something along those lines that anyone can recommend? There's a whole GCam (Google Camera) modding community that manages to get image quality that's often better than what non-pixel OEM vendors offer. These ports usually work on LineageOS (and other ROMs) This site has a large collection of models and the config files generated for each device: https://www.celsoazevedo.com/files/android/google-camera/ I think they link to some Telegram channels too where people share the kinds of photography they get with the modifications. That is exactly the type of answer I was looking for, thank you. This brings up a slightly tangential question I have. Is other peoples photography like other peoples dreams? In that no one cares about it unless they're in it. >one thing that holds me back is photo quality But... why? I use open camera. It works. It takes pictures. Those pictures look alright, pretty damn good even. I certainly don't look at them and go "well blimey I just can't tell what this picture is meant to be". Whatsapp ends up destroying the quality when I send them to friends anyway. Like, maybe if you've got a huge instagram following and a patreon drawing in money based off that or something? I dunno, it's just one of those things I really can't wrap my head around, so long as I've got a picture I'm happy. The commenter explained why. (they mentioned the iPhone specifically; this may be the case moreso on there, I don’t follow Android) It’s because there is a metric shitton of software that goes into the camera app itself, and access to the camera’s hardware does absolutely nothing to enable these features. IIRC there’s actually some sort of crazy ML shit behind Apple’s native camera app; I would be very curious to see what a raw photo from the same sensor would look like in comparison. Having said that whatsoever validates the commenter’s point. > I would be very curious to see what a raw photo from the same sensor would look like in comparison Raw format photography (ProRAW specifically) has been officially supported on iPhones since around iOS 14.3 (which was released in late 2020), and plenty of people have reviewed that functionality already. As for how it would look specifically, it is difficult to give a straightforward answer, because RAW photos require a good amount of manual processing. And the final result of is going to look 100% subjective depending on the person and how they manully processed it. Just like how the same would be the case for RAW photos taken with a DSLR. Secure Camera by GrapheneOS[1] is what you're looking for. It's built on the latest CameraX API, which means it supports all the modern sensors. [1] https://play.google.com/store/apps/details?id=app.grapheneos... Or GrapheneOS with sandboxed Play Store. Enough people need to adopt them, for it to truly be effective. At which point they just become the new Google. Not really, if anything, they (Murena) become new Canonical. There's still Debian (LineageOS in this case) when they overplay their hand (like Ubuntu is doing with snap). Probably because all apps are now required to target the latest api, which means most permissions are done by user prompts, and not just by downloading the app. Given that modern apps are dozens or hundreds of megabytes, on a slow connection I'd really like to avoid having to download the app just to learn it requires permissions it doesn't need. I hate installing and uninstalling apps. And overly permissive apps are a good sign they're not my friend in the first place. The iPhone has worked like that (to various degrees) for a long time. But Apple still added their privacy label things to tell me if an app is going to try to track my location. I don’t want to download a clipboard helper of some kind and find out it’s going to ask for my GPS coordinates. I want to know ahead of time. Apple's Privacy Labels and Google's equivalent in the Play Store are unrelated to permissions. An app may have permission to do something (e.g. access your location), but if the app's usage of this feature does not involve your location being sent to the app's server and stored somewhere, it does not need to be disclosed in the privacy labels. Apple and Google cannot verify what happens with your data when it leaves the device - they rely on the honesty of developers to explain what happens. I believe Google is addressing that concern via the new Data Safety block. This is a better approach for the goal, because if there's one thing they learned from years of offering the permissions list, it's that users can't convert the concept of "app permissions" into a good mental model of "What data the app can collect on me." They just aren't on average savvy enough. So the Data Safety info answers the question users actually care about without added complexity of pretending the average user is a developer who groks what permissions mean. Privacy labels are something very different and Play Store has (or will soon have?) that as well. So now I have to install an App to discover it wants access to things I don't feel comfortable giving it access to, uninstall it, and then go into my profile and disassociate the app from my Account? That sounds so much easier than just listing the possible permissions it might ask for on the Store Page before I install it. I still miss the good old days of Android when apps didn't automatically receive the internet permission. Now get off my lawn. Afwall+ is your friend. No app should ever get internet access unless it's needed for it to work. I've been running netguard for this reason, yeah. Many have no need for internet access. As a bonus, the DNS-based adblocking works extremely well. Not perfect, but dramatically better than nothing at all. firefox supports ublock origin on android :) In latest Gboard update, in the what's new section on play store is "no information from the developer". Could this be because every privacy relevant permission, except internet access, now requires a manual approval dialog? Why list every permission when it's only used for specific feature X which is requested upon usage? Because a lot of these apps claim such and such permission is required and won't run until you grant the permission That sort of thing should be called out in (1-star) reviews. The Samsung Gear app is like that, for example. You need it if you want to tweak the settings for their Galaxy Buds headset (the ambient sound level, for example), but on first startup it prompts for what appear to be all the permissions needed for every kind of Samsung device, including things like smartwatches—calendar, contacts, notifications, the works. If you deny any permission the app refuses to start, even though none of that is necessary for the task at hand. My workaround was to install it and then immediately disable all Internet access (airplane mode), adjust the settings, and then purge the app from the phone before turning the network back on. Fortunately the settings are persistent even without a constant connection to the app. I think that should be sufficient to avoid any unwanted data leakage, but it's a lot of work for relatively minor benefit, and the process must be repeated any time the settings need to be adjusted. Aurora store does. Also F-Droid. I did not use play store over 3 years and I'm not miss anything. This is truly a sad state of affairs—I really hope this was just an oversite as a result of the new Data Safety section they have been rolled out as I frequently used this permission list to determine if I was going to install an app or not. Honest question, how many of us read permissions after scrolling through the description and then download ? It might make sense if you have metered bandwidth, not otherwise. I first try to find an ad-free app, install it and then see if it asks unnecessary permissions and go from there. Yes. I check permissions on every app before I install it. Or, at least I did until that was recently taken away. There are some permissions given to apps without a user prompt, e.g. start at boot. If there are five similar apps with similar functionality and ratings, I'll typically choose the one asking for the least permissions. And if I notice an app looking for excessive permissions (e.g. location) with no good reason why (e.g. a terminal app), that'll give me a clue that there's a ton of data being collected. Once upon a time, a giant percentage of a device's user base was tech-savvy early adopters. But with billions of devices having been sold, 99%+ of Android users have very little interest in details like permissions. But when these details are taken away... when I can't see permissions, when apps I use lose features because of new, restrictive Play Store policies, and when Android continues down this road of "privacy" without insight into exactly what my phone is doing... well, if I wanted this, I'd have chosen an Apple device. I always read the permissions and have decided not to install applications several times because of it. I'm very likely an outlier but I'm still curious about the reasoning behind this change. If I open up a basic text note app and I see basically every single permission listed, I get an idea of the mentality involved in the creation of the app. I specifically prioritize apps that ask for fewer permissions. I recall in several write-up about potentially harmful apps that, apart from the review, another helpful method is to check the permission and see if it's necessary for the main function of the app. Having the list of permissions before installing is helpful in determining whether it requires more permission than necessary to function. I always look at the permissions for apps I use. Something else I noticed was removed a while ago was info on underlying kernel version etc. One of the things I really liked about the Android custom ROMs (Cyanogen, etc.) was that they allowed you to revoke some app permissions, but still run the app. Google will never allow users to choose because it conflicts with their own business (user data collection and targeted marketing). Now they aren't even letting you know how much information the app collects until you download and install it. Most Android app permissions are granted at runtime as of Android 6 which was released in 2015. Unfortunately apps can refuse to run if you don't grant them the permissions they requested. A better system than simply allowing or denying the request would be to sandbox the app so that it appears to receive the permission but doesn't get access to any useful capabilities. Empty or synthetic calendar / contact list data, Internet access which is somehow never available, camera and microphone which only report darkness & silence, etc. Ideally the app would have no way to tell that it's been sandboxed. No need to worry, apps on the Play Store are protected by Play Protect™! /s Android should abandon the current permission mode Everything should be permitted by default, however, the user can choose to return blank, fake or real data. AKA XPrivacyLua I don't remember, was the information contained in the permission similar to the information provided as data safety? https://play.google.com/store/apps/datasafety?id=com.google.... "Similar" is subjective, but there were a lot of permissions that definitely aren't listed there. I think it's good news. I don't see why they should be more transparent on this: nobody cares, and the very rare users who actually care about these things would not trust that information anyway. After all that research presented at fancy conferences about this topic, why would they then erase what little trust they had built up by making this change? It’s like installing an app on your computer; your giving the app permissions to your computer… there’s so much Google can’t control that it’s dumb to blame them here… I’m not saying “every end user should be wary of their apps and test them all”, but basically… what’s the alternative? Build your own mobile os, and then side load and very every apk?! > there’s so much Google can’t control that it’s dumb to blame them here I think it's pretty clear that the Google Play Store is something that only Google can control. Someone just make an open source app store which solves this. Can't be trusted to these idiots / money-hungry project managers / behemoths * delete as appropriate * Sorry, maybe there is one but I've not investigated and it's .... rant time. And this is what some tech people here instead of PWAs. > They had implemented that already a while ago, then reverted the behaviour, and now implemented it once again. This is, among many other reasons, why I finally dropped Android after the better part of a decade. The constant A/B/C/D/E testing makes every single thing they put out feel like it's a constant state of beta testing. It's to the point where you don't even know what to expect when you do something as fundamental as opening the app store. You'll seemingly have some kind of server-side flag activated one day that gives you a totally new UI in an app you use every day, hiding things or removing features you rely on. Then maybe in another few days it'll be back to how it was. Not only do they not seem to value their users, they actively punish you for being one of their users, jostling you around between new UIs or even entire services that are always worse than the last. I heard a phrase a while back: “the subtle gaslighting of A/B testing” - that feeling that you’re pretty sure that button used to be over there, or the app used to have that function, but not entirely sure, because one day it’s just Different, no release or upgrade or reinstall, just - it’s not the same anymore - or, is it? This is super frustrating. I’ve described it like feeling like you have Alzheimer’s as everything changes all the time. My wife once handed me her newer-model android phone to fix something for her. I thought I was having a stroke because I couldn't find the settings icon anymore. > the subtle gaslighting of A/B testing It surely would be so... What could trigger that in an application? Some of us have never seen any such behaviour (fortunately for anybody responsible and huntable). Maybe said applications are web-based, mostly front-end? The native Revolut app (at least on iOS) had been doing this excessively for a while. I think they toned it down now. Ain’t just web. Plenty of well-defined feature flag frameworks for mobile, too. The lack of valuing their customers is what made me finally give up on Android. Android's biggest problem is the same as it was 5 years ago - the support doesn't last for long enough - and all they've done about it in that time is some half-hearted upstreaming of <1% of their kernel patches (project icebreaker) as yet-another skunkworks alternative to an existing project. The attitude seems to be that they assume Android will always have its market share and the users are captive. So just chug along in mediocrity and let the e-waste pile up. It's funny how smart yet dumb A/B testing is. On one hand you can intelligently gauge the effect of changes, on the other hand you can push stupid shit since you have that power. How about intelligently designing applications that you yourself want to use? Too hard. That would require designers to deeply understand system and software engineering, or systems and software engineers to understand design. Funny how that gap keeps on manifesting itself, even though both parties work on the same domain. > How about intelligently designing applications that you yourself want to use? The people who use the apps I make aren't always me. Many of them are very good at things that I know nothing about, but I usually know more about computers than they do. Sometimes the differences are even harder to account for, having different preferences, different ways of thinking, and participating in different cultures. All the A/B tests I have done point to one conclusion: assume users are illiterate and have an attention span of 5 seconds Keep it simple, stupid. There are facts about human behavior which can only be learned by actually testing them. People are complex in ways that you, whilst sitting at your keyboard, cannot figure out. All which can be learned through focus groups and internal feedback, no need to further confuse and frustrate your users. After you have the engine running, the marginal cost of an A/B is probably smaller than a focus group test. So if you really believe in focus groups for the results and you are also ambitious enough - probably this means go for A/B. Disclaimer: just thinking, not knowing the costs Definitely agree, though I think the point of this thread is we don’t know the “true cost” of A/B testing in terms of long-term lost user engagement. Have we done an A/B test for A/B testing where we test A/B testing… It’s very common to think something is a good idea based on focus groups and internal feedback and then learn it’s a bad idea from launching it (or running an AB test). > one day that gives you a totally new UI in an app you use every day, hiding things or removing features you rely on. Then maybe in another few days it'll be back to how it was. We are approaching the age of Schrodinger's Apps. The alternative is iOS, a more consistent UI/UX, but you lose out on projects like F-Droid, where you can bypass Google HQ nonsense. If you're running Google Play Services, you're not really bypassing Google HQ nonsense. Just don't use proprietary applications (or don't expect them to serve you). I switched to an iPhone and I'm using proprietary applications, but ones that don't randomly change their UI on a regular basis whenever some nameless product manager decides they want to use me to gather some new engagement metrics by rearranging UIs on my phone They do make arbitrary changes to the UI, though, and when that happens, you can be damn sure it's because some turtleneck somewhere decreed that the new way is the One True Way and there's no amount of user complaining that will fix it. No, they just entomb you into a comfy walled garden where it's only easy to do what Apple lets you do and where you hope some change made by some nameless product manager/CEO autocrat doesn't force you to buy more expensive hardware. Yeah, it's pretty great. Best walled garden on the market by a country mile. > Yeah, it's pretty great. Best walled garden on the market by a country mile. a lot of us avoid supporting such behavior from corporations because we view it as unethical or immoral and damaging to the sector in general -- regardless of how good the ux/ui may be. The nice thing about living in a world of free people is that is a choice a person can make. That’s funny. I mean I use iOS and sure the UI is nice… but if you are thinking there’s not needless silly UI changes… how many major versions have you been through? Some of the bad phone UX ideas started on iPhone. Like removing the physical button at the bottom in favor of annoying gestures and no touch ID. And iOS 7 removed all of the borders everywhere, it’s arguably more radical than Google Material, a UI design I also am not really that fond of. I guess if you mean there’s no A/B testing or it moves slower then probably. But, it definitely moves. That becomes apparent any time you load an app from the App Store that hasn’t been updated in a while and suddenly your phone looks and feels like it did 2 years ago across the whole UI. They've definitely changed the overall look, but a good amount of their apps are pretty much identical in how you use them from the original iPhone in 2007. Notes, Messages, Contacts, etc are all relatively unchanged, except for additional features. The biggest overhaul was probably the recent change to Safari where they brought the address bar to the bottom, which was a consideration based on how big phones have gotten, and allows you to reach things easier. And at the very least, these changes come from normal app updates either from the App Store or OS updates. And it's usually a pretty big deal when they change something, and gets a formal announcement months in advance where someone high up gets up in front of the world and pitches why the change is an improvement (not to say it always is). Whereas Google just randomly shunts out new UI updates on a regular basis and enables them for random people. Usually someone posting about their new UI on reddit is the first place you'll hear about the redesigns. At least with Safari address bar, I found a setting to move it back to the top. I appreciated when iOS Firefox added a setting to move it down to the bottom. As an old WinPhone user, I missed having that key navigation tool at the bottom. It really does make one-handed phone usage easier. > ones that don't randomly change their UI on a regular basis I'm genuinely curious what apps you're talking about here. Everyone does this nonsense. Everything changes all the time. Everything. I don't like it either, but to state that it somehow doesn't happen in the Apple ecosystem seems like a pretty big whopper. Here's a random example: I think it was like 2017, 2018 when Google launched messages for web. For starters, when it launched, it was located at messages.android.com I don't think it was much time later before they moved it to messages.google.com, which i think was in line with their SMS's apps like 5th rebranding, this time from Android Messages to Google Messages. Originally the app had an overall blue theme, and for individual contacts you could change the color of your conversation with them so each chat thread was themed. This even had the neat effect that it would sync with the web version. However, it only lasted like a week maybe before Google completely redesigned Messages to be all white themed, and killed the chat themes entirely so all message threads were now blue and white to look like the iPhone messages app. That wasn't a rare experience, and I haven't encountered anything like it since switching to an iPhone. Wow..imagine the churn amongst the teams working on this Isn't that equivalent to telling us not to install apps at all? Use free and open-source ones like the built-in AOSP apps or the ones on F-Droid. They have no incentive or resources to do A/B testing or make unnecessary UI changes. I guess the poster meant, "either use Open Source or code them yourself". Ugh. I really liked that "nutritional label" because the advance warning tells me upfront if the developer values my private data. I would prefer app stores be similar to health warnings on cigarette packets, because predatory data collection and billing practices are so entrenched. but on the other hand (and just a guess) but likely "conversion rates" were lower with the labels.... so off they go I see people in the comments trying to justify this change because the apps need to request for permissions, but WHY exactly would google want to get rid of this info? What benefit does it bring to the user, if any? If anything, it harms the user by preventing them from seeing what permissions apps will access in an easy to read format. Why did google even decide to do this in the first place? My best guess is it makes users more likely to let an application access permissions after they've gone ahead and installed it, generating more ad $$$ in the process. But is there any other reason? I know one long-running complaint about Android's permission system was that when you installed an app you were shown all of the permissions that are declared in the manifest, without any way for the developer to explain why they are used or when they would be applicable. Permissions like READ_PHONE_STATE make it sound like the app wants to access every phone call you make, when all it really wants to do is pause your music when you answer a phone call. The combination of runtime permissions for most things, and the de-emphasis of permissions in the Play Store has reduced this as a pain point. It's also easier to introduce optional features - using things like contacts, location, or Bluetooth if the user wants to give permission at runtime. I hope Tim Cook succeeds in convincing our government that privacy is important. If you have to rely on people like Tim Cook ( who is anything but a regular person and could literally afford to have a hand crafted phone and OS build for himself) to convince your government of something for your benefit, something is wrong. And btw, a huge amount of Apple's "privacy" schtick is pure marketing combined with gatekeeping. Oh no, we couldn't allow users to have the choice where to install an app from, or how to pay for it, because privacy and not because we like our tax. I don't have time to try to convince Congress about privacy. But Tim does - in fact he recently wrote a letter in hopes that it'll add some weight to the cause. Whats wrong with relying on people who have the means to get shit done if they're clearly capable and willing? The first issue is Apple's vision of privacy requires absolute trust in them and providing them with access to all your data so they can leverage whatever parts they decide is useful for their software. The second issue is Apple facilitated the modern form of having no privacy - apps with discrete access to all our private data, tracking us in real time, using APIs Apple designed, using an approval process Apple cheaped out on, and they have profited immensely from this state of affairs. The third issue is Apple is often at odds with consumers, there is an entire Wikipedia article about their litigation from when they fucked people who buy ebooks, tech workers they employed, parents who let their kids play iOS games, people who bought laptops with butterfly keyboards, developers they chose to compete with, they often do things contrary to our interests and rights. Privacy is marketing strategy they chose to differentiate themselves from their competitors who have business models that heavily rely on advertising and surveillance. It's a good thing for consumers that they are interested in it, but cynically, I don't think that interest is because they think its "important" on an ethical level. Great! Their interests and mine align. That is why I'm a customer. The iOS App Store doesn't list permissions requested by each app either. Yet most likely, privacy¹ will succeed in convincing our governments² that Tim Musk³ is iMportant™. ;-) ___ ¹ The topic, not the actual thing. ² Present & future. ³ Not a typo; an allegory.
yes, exactly > I would prefer app stores be similar to health warnings on cigarette packets, because predatory data collection and billing practices are so entrenched.
true, but that can be solved with a bit more metadata from the developer (usage description) right? > Permissions like READ_PHONE_STATE make it sound like the app wants to access every phone call you make, when all it really wants to do is pause your music when you answer a phone call.