Thursday, March 5, 2015

Mozilla Should Build an Android Permissions Delegator

Earlier today, I had a thought:
Of course, this wasn't novel:

However, this doesn't have to be an idea only used for evil. What if there existed a trusted app that exposed all permissions available to other apps at runtime? Mozilla seems like a good candidate to make this. They're a trusted organization dedicated to privacy and openness and they have the technical expertise to pull it off. Let's pretend one exists called Mozilla Services.

For end users, this could greatly improve the Android experience. Let's use Facebook (which I don't have installed because it requests WAY too many permissions) as an example:


Instead of this crazy long permissions list, Facebook could request only the ability to connect to the internet. (This permission is so common that Google hides it from the default list.) Then, when Facebook wants to do something evil like listen to my microphone when I post an update, it could do so at runtime by sending an Intent to the Mozilla Services App. Mozilla Services could keep an internal list of permissions granted to various apps (which users could revoke at any time). If Facebook hasn't been approved to use the microphone, Mozilla Services could pop up a dialog asking me to allow Facebook to use the microphone. Mozilla Services could then use the microphone and delegate access to the bitstream to Facebook. If I later decide I don't trust Facebook with microphone access, I could open Mozilla Services and remove Facebook's permission.

Of course, Facebook will never adopt this scenario because it already has over 1 billion installs even with all the permissions it requires. However, some smaller app like Wonder Workshop's Path for Dash, which doesn't yet have 500 installs, might want to reduce friction for users, so it could use Mozilla Services to set up its Bluetooth connection.

Maybe you're way more influential than me and can convince Mozilla to build this. They're hiring Android/iOS engineers...