This is what the iOS contact permission prompt should be
=> More informations about this toot | More toots from dale_price@mastodon.online
and what the requestees see:
=> More informations about this toot | More toots from dale_price@mastodon.online
For those tempted to argue about the impracticality of implementing my tongue-in-cheek mockup:
Imagine, instead of the silly alert message, a simple toggle in privacy settings “allow others who have me in their contacts to share my information with apps”
If it’s switched on, it flips a bit on a server that the other person’s OS can check, just like how it checks if you’ve set up iMessage etc.
The point wasn’t the UI, it’s that other people’s info shouldn’t be yours to give out to apps
=> More informations about this toot | More toots from dale_price@mastodon.online
There might even be another solution here that doesn’t require any UI at all: by default, let apps access only the contacts where:
Would prevent apps from spamming invites to people who don’t have the app, or getting the info of people who never consented to the app having it. Legitimate communication apps wouldn’t need to ask for contacts anymore.
=> More informations about this toot | More toots from dale_price@mastodon.online
@dale_price Exactly, get even with the “We and our 1465 partners value your privacy”. This one is from vice.com.
=> More informations about this toot | More toots from mrtnsnp@mastodon.social
@dale_price You left out the “Delete my name and all my details from John’s contacts.”
=> More informations about this toot | More toots from bigiain@aus.social
@bigiain @dale_price don't hate the player, hate the game. If both major mobile OS find it OK to allow the apps to access this data, and to have apps in their stores, which don't work without this permission, what poor Johny is supposed to do?
Sure, not in the case of Fleshlight+ProHD, but there are some "legitimate" apps, which don't work without all the permissions.
It baffles me, that I'm supposed to share all of my contacts with WhatSus if I have to message one single weirdo who uses it.
=> More informations about this toot | More toots from kauzerei@social.tchncs.de
@kauzerei @bigiain @dale_price You can avoid letting WhatsApp access contacts but UX is awful. To open a chat you need to paste the person's phone number into a WhatsApp chat invite link then open the link and let it open the app.
=> More informations about this toot | More toots from dalias@hachyderm.io
@dale_price There are programs on Android that kinda do this by misusing the work apps profile feature. This is where I throw social media and fast food apps. There are no contacts in the work mode address book, and when I hit the freeze button they all get chloroform naps.
=> More informations about this toot | More toots from MontgomeryGator@fouroclockfarms.club
@MontgomeryGator Waitwaitwait... That's AWESOME why didn't I hear about this yet? What App is that?
=> More informations about this toot | More toots from tobtobxx@fosstodon.org
@tobtobxx Shelter by PeterCxy of F-Droid. There's another called Insular by proletarius101 that's the same idea also on F-Droid. While I got you there, NeoStore is my preferred F-Droid client over the official one, it works a bit faster and looks a bit nicer.
=> More informations about this toot | More toots from MontgomeryGator@fouroclockfarms.club
@MontgomeryGator Thanks! Does Neo Store have unattended background updates? (ie. Without the "update APK" popup?) Because that's the reason I'm using F-Droid Basic.
EDIT: Without root.
=> More informations about this toot | More toots from tobtobxx@fosstodon.org
@tobtobxx I don't think so, that being said I'm not entirely sure. I know having both applications doesn't cause conflicts, they both can manage the same apps jointly.
=> More informations about this toot | More toots from MontgomeryGator@fouroclockfarms.club
@tobtobxx @MontgomeryGator Yes, Neo Store supports unattended background updates
=> More informations about this toot | More toots from crlup@layer8.space
@dale_price
If you can't remotely revoke the contact info from the dipshit, what good does it really do?
=> More informations about this toot | More toots from elithebearded@fed.qaz.red
@dale_price bullshit
imagine controlling 500 people sharing habits in real life
=> More informations about this toot | More toots from fredbrooker@witter.cz
@fredbrooker @dale_price You don't get to share my personal data with 3rd parties.
=> More informations about this toot | More toots from jernej__s@infosec.exchange
@jernej__s @dale_price
I even don't want your personal data 😂
=> More informations about this toot | More toots from fredbrooker@witter.cz
@fredbrooker @dale_price
So, you'd rather have your contacts sharing your data without your consent?
I do not. And I'd permanently block folks if they did share my details without making sure I'd consent to that.
=> More informations about this toot | More toots from h3artbl33d@exquisite.social
@dale_price this is how EVERY contact permission prompt should look like, not only the iOS one.
And there should be an option to share fake data with the app for it to stop asking for this permission.
=> More informations about this toot | More toots from farshidhakimy@chaos.social
@farshidhakimy @dale_price
GrapheneOS has contact scopes which is a working implementation of this. It allows to select which contacts you want to share (if any) and offers that to the application. If you seleted none, then it'll be just an empty address book.
=> More informations about this toot | More toots from h3artbl33d@exquisite.social
@dale_price This is the way!
=> More informations about this toot | More toots from kataclyst@spore.social
@dale_price life doesn't work that way
=> More informations about this toot | More toots from fredbrooker@witter.cz
@fredbrooker @dale_price But it absolutely should.
=> More informations about this toot | More toots from jernej__s@infosec.exchange
@jernej__s @dale_price
imagine controlling 500 people sharing habits! 😂 😎 ☠️ NOOOOOOO
=> More informations about this toot | More toots from fredbrooker@witter.cz
@dale_price
THIS.
So much.
=> More informations about this toot | More toots from sebsauvage@framapiaf.org
@sebsauvage @dale_price
Even better ... Don't use iOS 😉
=> More informations about this toot | More toots from Gergovie@piaille.fr
@Gergovie
I don't.
But we have the exact same problem Android.
@dale_price
=> More informations about this toot | More toots from sebsauvage@framapiaf.org
@Gergovie You definitely missed the point.
@sebsauvage @dale_price
=> More informations about this toot | More toots from Eldeberen@social.middleearth.fr
@dale_price I ... love the idea.
=> More informations about this toot | More toots from MichalBryxi@veganism.social
@dale_price is this what "zero trust" means?
=> More informations about this toot | More toots from frigginglorious@freeradical.zone
@dale_price nice except dont share should be selected by default ;)
=> More informations about this toot | More toots from goatwildernesscollective@librem.one
@dale_price +9001%
And it should demand that in writing by notarized letter and to be compliant not just with #GDPR, not push anythibg to #iCloud (which falls ubder #CloudAct aht thus *can'r comply) and preemtively sort out #minors (as they can't consent as per #BDSG, nor can their parents on their behalf!)...
=> More informations about this toot | More toots from kkarhan@infosec.space
@dale_price
This mockup is fantastic and something we really need.
=> More informations about this toot | More toots from h3artbl33d@exquisite.social
@dale_price there should be one more button, labeled "why the heck a flashlight needs my contacts info???"
=> More informations about this toot | More toots from sabrinaweb71@sociale.network
@dale_price
Brings back memories about me arguing with a family member who was ok sharing my contact info with ... Clubhouse
=> More informations about this toot | More toots from me@t.joeldebruijn.nl
@dale_price This could never work and makes no sense. Let’s say you get my email address from my website. You create a contact card for me with my name and email. You think I should get an alert when you want to share my email address and name? And that at that point I should be allowed to delete my info from you contacts, and block you from re-adding me?
Should I also be able to know when you mention me in a note in the Notes app?
=> More informations about this toot | More toots from gruber@mastodon.social
@dale_price And that's why I ask everyone who asks for my number: ‘And how many apps have access to your phone book, and how many of those apps send that data home to themselves’ ?
=> More informations about this toot | More toots from miklo@fosstodon.org
@dale_price
Thank you for gaming this out. This sort of thing is all too rare.
I think this is very nicely done. Thanks.
=> More informations about this toot | More toots from tomjennings@tldr.nettime.org This content has been proxied by September (3851b).Proxy Information
text/gemini
