Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Here's how: Facebook requested those permissions on Android and scrapped them. Users (includes technical people like OP) just blindly click "Yes" on every pop up.

Even if you're super careful with your permission, Facebook can still construct a good profile of you via the people you're communicating with.



Android has not, until extremely recently, required apps to request permission for things at runtime. Android 5.1, which is what was in use here, I believe, did not. Installing Android apps for most of Android's lifetime required granting it all the permissions it asked for.


> Android has not, until extremely recently, required apps to request permission for things at runtime.

Or allowed permissions to be selectively denied. I think that was introduced in Android 6.


Yeah, I believe these two things are more or less part of the same major API change to how permissions are handled. Note that until like... this year, you could simply target older Android versions to prevent users denying your app's permissions.

It looks like Google's going to try to start forcing apps to comply with targeting requirements to get apps on the Play Store now. But this really is a "too little, too late" situation, IMHO. Billions of users, as Android team likes to brag about, are already compromised.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: