“Read sensitive log data” permission

[Tim Weber]

Hi!

(As far as I know the developers read these groups as well, therefore I’m posting here. The post is addressed to them, but I’m interested in community feedback as well.)

I’d like to try out Sleep as Android, but then saw it’s requesting the “read sensitive log data” permission, which allows it to read other applications’ log files, which may contain private or sensitive information.

Now I’ve read the FAQ entry (actually, entries) saying that it’s just for debugging purposes and won’t be sent without explicit permission from the user. However, I prefer to be a bit paranoid about these things: Nothing actually prevents the app from sending private data without asking; I have to trust the developers that they simply keep their word (and don’t have any bugs in the software that might trigger the disclosure of private data unintentionally).

That permission kept me from buying the app, which is sad, because it definitely seems to be the best one around. Therefore, I have a suggestion to make:

You’re writing that you added this permission only recently to allow for better debugging. How about you remove the permission again (since most users will never send you debugging information anyway) and instead offer those users that explicitly have problems using the app a special version (either as .apk to download from somewhere or as a separate Play Store entry) that contains the debugging functionality and therefore requires the permission? That way the “normal” version can exist without requiring a pretty sensitive permission and you can still debug the software if required.

Regards

     Tim.

[Martin Stava]

Hi,

I understand your concerns and I'm also not happy about the situation.
The root of the problem is Android OS lack of ability for users to
opt-out from certain permissions that are not essential. You may be
surprised but we are actually getting tens of reports a day. Of
course, not all of them help directly to solve some problem, but if we
make it difficult to provide such reports, the number will become
really low. We can get quite useful reports even without this
permission, but these logs contain some additional information that
cannot be obtained any other way.. For that reason, we want to keep
the permission in the main application. We are still weighting
pros/cons of this permission, and we may remove it in some upcoming
version, but we are not decided to remove it yet.

Cheers,
Martin

[Tim Weber]

Hi Martin,

thanks for your reply. I’m surprised you’re getting tens of reports a day. In that case, I can fully understand that you’re shipping Sleep as Android with the “sensitive logs” permission by default.

However, how about another solution: Providing a version without the permission outside of the Play Store as a manually downloadable .apk. That way, paranoid people can still get it, while most other people use the normal version with enhanced debugging capabilities. So, simply the other way round, compared to my previous idea.

Yes, people would have to upgrade manually. I would be okay with that.

What do you think?

Cheers,

     Tim.

[Petr Nalevka]

Hello Tim,

we will consider this suggestion, but it is additional administration and maintenance for us. We already maintain deployments to several different markets with slight differences in the code and we would like to rather lower this fragmentation. 

I can guarantee you that we keep up to our user privacy policy as expressed here https://sites.google.com/site/urbandroidteam/privacy.

Thank you.

Best regards,

Petr

--
Best regards,

Petr

[Brad Forden]

I fully agree with Tim. Show your commitment to user privacy by providing customers a choose.

Brad