Sunday, August 26, 2012

[android-developers] Re: Jelly Bean, READ_LOGS and 'Application Lockers'

For what it's worth, there were a few interesting APIs that could accomplish this effect much better.

IActivityWatcher (no longer exists in Jelly Bean), available 1.5 - 4.0 and never required a permission
IProcessObserver (now guarded by the SET_ACTIVITY_WATCHER permission in Jelly Bean), available 3.0 - 4.0 and never required a permission
IActivityController (always required SET_ACTIVITY_WATCHER permission which is only available to system apps)

The last is perfect because you can return a boolean and the OS will allow/ deny an app from opening. Unlike "App Lockers" which simply kill the app AFTER they open, this stops it before then.

Unfortunately, as of Android 4.1 Jelly Bean NONE of these are available for use with third-party applications (unless of course on rooted devices and installed in /system/app). The removal of these was more upsetting to me because at the end of the day they provide NO security benefit. If I REALLY want to know when the top app changes I will just poll every 100ms. These simply made it more efficient for me, no need to poll!

I'm curious why those APIs are now enforced with a permission? I suppose there is the argument of "no good use," but honestly is there a "bad use?" If the platform doesn't provide these features in the same version it was removed, users lose out.

Oh well, what's done is done I'm just curious for some rationale. I guess Android is showing signs of maturation and going the way of iOS: becoming less hacker-friendly and a beautiful but closed garden. It was only a matter of time.

Tom

On Thursday, July 26, 2012 3:41:56 PM UTC-4, Bryan Ashby wrote:
Now that READ_LOGS permission is not available to applications in Jelly Bean (API 16), what are developers of "Application Locker" type apps to do? These are populate applications among parents who would like to prevent their kids from accessing various apps (generally password protected) but the implementation of such applications has required a "hack" of reading logcat to determine when/what Activity has been launched or brought into focus.

Surely Google is not saying "You cannot have these apps"? Is an official API (perhaps in the Device Admin realm) planned? Is there a work around besides polling the top level activity (not really reasonable).

Google please advise!

--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

No comments:

Post a Comment