Oh wow, can this be used to just create a separate profile for every app? That way I can run Uber or Line without giving them every permission to everything? This is the biggest reason I do not install apps. Every "famous" app requests so many permissions it's just stupid.
And not to mention the weirdness of some of them, like "WiFi Device Information". What's that mean? Access to my WiFi AP names? No thanks. Or just local multicast? Who knows.
Then I opened the .apk. It asked me for what has to be every permission available on Android. Why would Amazon need access to me Contacts? It even asked specifically for permission to my microphone! What?
There's also an issue with "leaky abstractions" on android, where some useful features require extremely invasive permissions.
That said, if you want to create a separate profile for Uber or Line, you can already do so on Android 5.0 and above: https://support.google.com/nexus/answer/2865483?hl=en&ref_to...
I think Facebook Messenger, Line, and the like will still have access to all permissions even if you switch to a different user and install the apps there...
That being said, guest mode is really nice on my nexus 5 so my curious friends on iPhone can log in to their google account on my phone as a guest and test drive android.
For example 2048 game has a lot of permission but being a game I don't allow a single one and it still works flawlessly. I would love to see something like this in android as well. But for now users are at the mercy of app developers.
App Ops: https://play.google.com/store/apps/details?id=droidmate.appo...
Also, if your phone isn't rooted, is it really yours?
And, rooting doesn't help the majority of users. Whereas protection from spying would. But Google, perhaps accidentally, seems intent on making permissions less visible and has no problem with devs requesting every permission. And since so many major apps do this, users have no effective recourse.
MS and Apple got this one so much more right.
Almost every app requests too many permissions. Almost every app starts a background process to receive notifications. which are very bad.
Notifications are globally handled by the OS over a single dedicated optimized connection. And then dispatched to the individual applications.
Comes a security concern or conflict, someone's probably going to want access to the whole thing.
If you want me to do "your work" on a phone -- particularly as an employee as opposed to as an independent contractor utilizing their own resources as defined in the contract -- then give me a phone. A hassle, but on the other hand some protection, in exchange for a few additional ounces (phone weight) of prevention, as it were.
Just like I don't want to use my own computer to host their work/data. Nope. When the relationship ends, I turn in their equipment and there is no question as to whether all relevant data has been expunged. They have the entire device.
Just like you give me a work computer to do work related tasks on, the same should go for mobile devices.
My employer used to be rather liberal but recently started clamping down on security. They wanted us communicating in the company chat on our phones so we installed the chat app. But now with the security clamp down they want to set security requirements on anything that accesses potentially sensitive information, meaning they want to dictate the security policy used on our personal devices. I told them to go stuff it, if its a choice between no work stuff on my phone and letting them set the policy on my devices, I'll go without access to work stuff. I'm not going to play that game with you, yes I'm willing to be That Guy that takes a stand on this.
The real irony is that my security policy at home is more strict than the one at work, but they conflict somewhat and I'm not willing to reduce my home security to accommodate them.
I'm issued a mobile phone by my employer. Today I don't have any option to "carve out" a niche for my personal activity on my phone. AFAIK they can know anything and everything. Google Play for Work sounds like it would help out here.
Of course, I've worked in security in other companies where employees had their work email and data on their personal devices, and in the event of a security incident we were not allowed to touch their personal devices even though there was work data on it. So it goes both ways.
Does your advice apply when you're only using, say Exchange, as your only entry point (e.g. on iOS devices?) - in this case, all discovery can be done server-side.
I find it hard pressed to think this issue hasn't been covered more rigorously.
Better to be able to hand the device over and say, "Have at it."
Also, if there is some breach of security and a question about whether you facilitated it, through activity or through negligence, better to be able to say/demonstrate to the other party: "It's the organization's device, and the organization's / the organization's IT department's responsibility to maintain it."
Yes, if it's not part of a routine process.
"Google Play for Work allows businesses to securely deploy and manage apps across all users running Android for Work, simplifying the process of distributing apps to employees and ensuring that IT approves every deployed app"
Leaving aside exactly how it's done, the end goal is the same: If I am Example Inc's CTO, I can now have my staff develop Example Inc Android apps that are neither sold on Play store nor side-loaded.
Apple requires running your own App Store server, I'm fairly certain Google will probably make it more cloud centric.
Glad they're finally stepping up on this front.
What Google does is different: the company IT can decide which apps are allowed and they can automate installation, e.g. company xy wants to install Salesforce, Trello, and 5 other apps on company devices in addition to the OS apps.
It could have been called "Google Package Manager for Work."
Even the icon is a stylized version of the mark found on the appropriate button.
A smiling furry with a turtle neck representing a project named latex.
I like my phone, it works for me, but the sheer disconnectedness of it all is really jarring. Things show up in random places, or not at all, (especially media), and there is no "data connectivity" from anywhere to anywhere else, the same text message appears in my GVoice app, my Gmail app, and as a text message in Messaging.
How do you even begin to make a coherent business tool out of that?
The "official" way to deal with this is to go to the Google Voice site and turn of emailing yourself every text. Then install the Hangouts app and enable SMS through Hangouts. Then disable notifications in the Google Voice and Messaging apps.
Result: On phone Hangouts handles texts + voicemail + Google chat, and on desktop GMail (or the Hangouts extension for Chrome) handles them.
At least, that's my understanding of what Google's intended best practice is.
GV integration is not the most seamless perfect experience ever (for example, incoming IP calls go straight to voicemail when I'm on corporate WiFi) but I'm fairly pleased with it.
I can imagine the average business manager type reading that line and thinking "Wha?!"
Right, on a device with a closed source baseband. On a platform where the vendor has shown to install new apps without getting active consent from the user (Google Play Games, Hangouts, Google Now, Play Kiosk) to name a few.
They switched to it because some apps for android "lied" to our exchange server and said that mail was encrypted locally while it was not, passwords would not even be necessary (I think that was solved in Android >4). The Vodafone app caused many people to just stop syncing work related accounts: Not worth the trouble.
A proper window tiler would be even better.
Also the interface needs slim UI controls and slim window decorations, basically a "pro mode" theme-switcher for larger screens and mouse/keyboard users.
I don't understand why organizations still want implement an IT paradigm which has done nothing but fail at its primary goal but has held back innovation and made workers miserable.
Personally, i'd rather have the option for google to not read some of my mail.
Seems that Google is full on the "Extinguish" phase with Android.
edit: amazing that I'm being downvoted for stating facts yet nobody replies to me.
It's a platform feature, so it's open source, but there's always a delay between the announcement and the time the code hits the public repositories. It'll be there before too much longer.
It does not work that way. "Many eyes make all bugs shallow" failed to replicate. (I understand this fate is even more common for anecdata than it is for formal studies.)
edit: amazing that I'm being downvoted for stating facts yet nobody replies to me.
My guess would be that you were being downvoted for spreading FUD and/or trolling.
Google even stopped open-sourcing new versions of Google Authenticator, which you'd think would be a prime candidate for a full-blown open source project. (And hell, it's a crappy app; there are better GAuth-workalikes available.)
Just a step more into their "Extinguish" phase.
If it does, then it will be possible for a third party to read the stored data.
http://www.computerworld.com/article/2859480/apple-ibm-partn...
edit: replaced paywalled wsj link
Seriously why hasn't someone made a smart phone that "transforms" into a larger screen form factor when connected to a monitor? I could see Android phones doing this. I could never imagine iOS doing it-- Apple would never cannibalize Mac like that, and iOS is too jailed for anything "real."
Of course apps would have to support it. But those that didn't could pop up in little windows in "desktop mode." That would be fine.
Google should dump ChromeOS -- which I never understood -- and do this instead.
https://www.youtube.com/watch?v=bB-icTl2J-c
Also, ChromeOS is a functional replacement for Windows + Office: ChromeOS + Google Docs. It comes on hardware (ChromeBooks or ChromeBoxes) which are very cheap but capable, because ChromeOS is very lightweight. These devices are on par, cost wise, with a Windows Terminal - and require even less IT dept. effort to maintain.
https://support.google.com/chromecast/answer/6059461?hl=en
It also appears that Synergy allows you to control an Android phone using your PC mouse and keyboard (requires rooting).
http://synergyandroid.sourceforge.net/ (looks like it's in early development)
So, with a Chromecast and Synergy, it may be possible to use a spare screen and your existing keyboard/mouse setup, keeping all your personal email and browsing off your work machine. And you'd only have to plug in USB for power.
It has been done repeatedly. Motorola and Ubuntu come to mind. Both were failures.
I don't want my phone to turn into a desktop. Desktops are all about muscle, massive storage, gigabit connections, etc. Phones are about saving battery life.
Technology has improved significantly in the 3 - 4 years since Motorola made theirs, and Ubuntu's failed as a crowdsourcing campaign. Nothing has been proven.
Maybe in another 5 years, it'll only be a mobile CPU because the power consumption is ramped so far down. Then you could plug in a big cable and get enough power to run full speed, plus your gigabit connection, massive drives, multiple monitors, mouse, keyboard, etc. Heat might be a tougher one to solve though.
Or maybe we'll stick to syncing the data over the cloud instead and keeping the two platforms separate.
I have an Android device with a 12" screen. Android isn't just on phones.
ChromeOS is doing fine in the laptop/netbook form factor. Trying to unify the touch and pointing-device worlds is what made Microsoft late to the party.
