In contrast to other platform’s app stores, the Google Play Store has always been very open. There is no approval process, and applications only get removed if they are actually found to violate the store’s terms. While beneficial in some ways, this has also led to quite a few complaints about overly curious apps that steal users’ data. In fact, many legitimate applications on Android require access to a lot of personal information just to run, and although the Play Store tells users what information an application will be able to access during the installation process, most users simply ignore the message.
Generally, this is because there isn’t much you can really do about permission and information hungry applications, other than not use them. If you are dead set on using an app, its requested permissions usually don’t make a difference. The CyanogenMod custom ROM is working on a solution for this by allowing users to selectively remove permissions from an application and still theoretically use the app, but the process usually doesn’t work very well with the app in question. However, a Bulgarian software developer named Plamen Kosseff has come up with a more elegant, if a little bit sneaky, solution.
Instead of blocking application’s access to private information, the developer’s version of Android actually feeds the application spoofed information, allowing you to use the app normally and maintain your privacy. You can grant apps all the permission you want, but when they try to access your data they will be fed fake information. For example, an app trying to access your bookmarks will instead get the default bookmark list, while one that tries to access your contacts will find that you don’t appear to have any. Researchers at North Carolina State University are working on a similar concept with more control, where you can choose real or fake data on a per-app basis.
Unfortunately, you won’t be able to get this feature just by installing an application, and so are not easily available to the general public. Kosseff’s tweak is available for download, but would need to be built into a ROM in order for users to take advantage of it. Interestingly, Kosseff actually approached CyanogenMod in hopes of adding his feature to their popular Android ROM, but the team declined his offer over worries that CyanogenMod would be blocked by application vendors as a result.
Even though it won’t be coming to CyanogenMod anytime soon, I hope that Kosseff’s tweak starts to become more available to casual users. Control of your information is of growing importance, especially because of everything your smartphone knows about you, but many users still install applications that request unnecessary permissions. A modification like Kosseff’s is the best of both worlds, and allows users to use apps that they want while keeping privacy intact.[Technology Review]