OS X Mountain Lion Apps Now Ask Permission to Access Contacts

[charlituna]

Wirelessly posted (Mozilla/5.0 (iPhone; CPU iPhone OS 5_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B179 Safari/7534.48.3)

Looks like the Windows permission windows have now invaded OSX.

As perhaps it should. Apple tried to merely trust developers and was known that they couldn't. Sure it was just iOS developers but who is to say that some OSX folks were playing the same game and just hadn't been caught

Now they would be merely trusted. They will be forced to reveal no matter which side they are on and while some folks will be annoyed by the alerts they won't be able to sue Apple that they weren't warned

 

[charlituna]

Wirelessly posted (Mozilla/5.0 (iPhone; CPU iPhone OS 5_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B179 Safari/7534.48.3)

Here's a proposal...

When uploading an app to the store, developers must state how they will potentially make users feel their privacy is violated. Apple verified that privacy is only violated those ways. They also verify it makes sense for the app to need the data.

The user then goes into system preferences and has a single universal checkbox for each type of privacy. "Yes, let any app use my location. No, no app can access my address book."

A user of 100 apps shouldn't need to answer 100 privacy questions. If I approve of one app having my location for a legit reason (remember, Apple verifies reasons are legit,) then why wouldn't I approve of all apps having my location for legit reasons?

And if users disagree with how Apple defines a legit reason?

 

[charlituna]

Wirelessly posted (Mozilla/5.0 (iPhone; CPU iPhone OS 5_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B179 Safari/7534.48.3)

Looks like the Windows permission windows have now invaded OSX.

Well, at least in Windows you can disable them.

Who says you won't be able to do the same in OSX just like you can pick to use the whole signed apps thing

 

[brave5213]

i smell some windows thing allow or deny

http://www.youtube.com/watch?v=FxOIebkmrqs

 

[igazza]

Shouldn't it say "Allow" instead of "OK" ?

No, IOS push notifications pop up says "Not Allow" and "OK"

 

[Peace]

@Shrink I can't agree with you any more - being said, I think I'm digging the mountain lions iCloud safari tab syncing a little more than a tad bit more privacy.

Hopefully we'll see more improvements made to improve users privacy.

How are you digging it ? It doesn't work.

 

[knightlie]

Great idea. The app I'm working on has an explicit option allowing the user to allow or block access to Address Book. Once I port to Mountain Lion I won't need to do that.

----------

i smell some windows thing allow or deny

http://www.youtube.com/watch?v=FxOIebkmrqs

Clicking one button in return for increased privacy is a small price to pay. Windows users don't like UAC because a) it's overly intrusive (like most Windows features) with that ugly darkened screen and unwarranted sound effects, and b) they're not used to it. Max OS has been asking for permission to do things for years, it's not that big a deal. At least this doesn't ask for your password.

 

[mazz0]

Truthfully, you shouldn't be running without a firewall. It's never a good idea to disable the built in protections provided by the OS. It's possible that they'll save your ass when you least expect it.

Most people are probably behind a router with a firewall though, so it's probably not that important.

Am I the only one who has noticed the awful design of the dialog?

Agreed! The icon, the alignment, the capitalisation - that is one ugly dialogue! Always been an area that lets down the OS X UI, aesthetically...

Image

The scene depicted in that image isn't actually ironic.

 

[MH01]

Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_2 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8H7 Safari/6533.18.5)

Ahhh the more money you have the more aware you are of malware etc.... Seems you have more $$$$$ by that comment, though at the same time your comment suggest your not exactly a rocket scientist just someone who pays for thier porn ! Seriously this is a moronic comment!

 

[Zxxv]

Wirelessly posted (Mozilla/5.0 (iPhone; CPU iPhone OS 5_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B179 Safari/7534.48.3)

All this is is a user agreement/contract agreement.
We want to steal your contact info. Click yes or no.

Disclaimer - we worded it to fool the 99% of you

 

[SvP]

Great idea. The app I'm working on has an explicit option allowing the user to allow or block access to Address Book. Once I port to Mountain Lion I won't need to do that.

----------



Clicking one button in return for increased privacy is a small price to pay. Windows users don't like UAC because a) it's overly intrusive (like most Windows features) with that ugly darkened screen and unwarranted sound effects, and b) they're not used to it. Max OS has been asking for permission to do things for years, it's not that big a deal. At least this doesn't ask for your password.

And, you only need to do it ONCE

 

[azz0r]

Seems like a knee jerk reaction rather than a well thought out implementation.

 

[arkmannj]

I like the idea, but I think maybe it should be a bit more like this.

(I'm no professional photoshop guru, so please be forgiving)

 

[gnasher729]

Shouldn't it say "Allow" instead of "OK" ?

No.

If there was a menu "Allow access to address book", then the intended user action would be "Allow", and the buttons should be "Allow" and "Cancel". But that isn't the case here. The intended user action is something completely different, but the application needs access to the address book. Since the intended user action is not "Allow", the button must be just "Ok". And "Cancel" is not appropriate for the other button, because asking to perform an action and then cancelling has _no_ effect, while pressing "Don't Allow" disallows access permanently, so it has much more effect than just cancelling.

So the correct choice is "Don't Allow" and "Ok".

I like the idea, but I think maybe it should be a bit more like this.

(I'm no professional photoshop guru, so please be forgiving)

Image showing "Always Allow", "Deny", "Allow"

No, it shouldn't. It doesn't make any sense to give Adium access to my Address Book on a case-by-case basis, especially since I don't know what the access is used for, so there would be no reason to decide differently at different times. What conceivable reason would there be to give permission in one case and not in another case? So there should only be a button that gives permanent permission, and one that removes permission permanently.

While this is a sensible restriction, it is actually very hard to enforce at the operating system level. Once the app has the contact, how do I tell what it does with it? It can encode it in a different format, compress and encrypt the raw data at will. Anything I do as the OS vendor can be overcome in one way or another. Once the app can read the data, it's game over. So my best option is to make it possible to let the user decide if the app should get the data in the first place.

There is another possibility which would be quite a lot of work. Example: In my program, the user can choose an email address from the address book, and a message is sent to that user. My program therefore has access to that email address. The "workaround" would be that my program prepares an email-message, and Apple provides a function that lets the user add the email address from the address book and send the email, without my program ever knowing the email address. Or the OS encrypts email addresses from my address book before giving them to the application, and has a function to send an email to an encrypted email address.

 

[itickings]

I like the idea, but I think maybe it should be a bit more like this.

(I'm no professional photoshop guru, so please be forgiving)

Image

I really like the idea of visual connection between the address book and the software (Adium in this case).

Not too keen on having both "Allow" and "Always allow" however. I admit that my first thought was to have them both there, but I'm not sure it actually makes sense. If an application is allowed access once, it can dump everything and keep it for later use anyway if it is malicious. Just OK/Deny it once and then keep it that way until it is changed via preferences.

 

[arkmannj]

No, it shouldn't. It doesn't make any sense to give Adium access to my Address Book on a case-by-case basis, especially since I don't know what the access is used for, so there would be no reason to decide differently at different times. What conceivable reason would there be to give permission in one case and not in another case? So there should only be a button that gives permanent permission, and one that removes permission permanently.

No need to get your knickers in a knot.
I did say it should be "a bit more like this"
And there for I didn't say something like "It should absolutely be exactly like this!"

Better?

 

[gnasher729]

No need to get your knickers in a knot.

Look who's talking.

I did say it should be "a bit more like this"
And there for I didn't say something like "It should absolutely be exactly like this!"

Better?
Image

See the rest of my post why the words are "Don't Allow" and "Ok", not "Deny" and "Allow".

 

[arkmannj]

Look who's talking.



See the rest of my post why the words are "Don't Allow" and "Ok", not "Deny" and "Allow".

I wasn't getting worked up I was just clearly describing the difference in the language I used, as it obviously passed over you and got you a bit worked up over my quick mock up.

I personally do still prefer Allow and Deny. I think it is clearer (by describing the action the user is taking, for example I "allow" or "deny" someone access to my home, generally not "OK" them... at least that's how I tend to think of it.) but that is a matter of opinion I suppose and you are certainly welcome to yours as I am to mine. If you are unsatisfied with my quick mock up then you're welcome to take a few minutes and make your own for comparison. I'll even give you my photoshop file if you like.

Best regards,
~Ark

 

[shurcooL]

Man, this feels like backwards progress... That dialog box looks straight out of the 90s.

Seriously, instead of simplifying and streamlining the interface, privacy concerns end up complicating and making it more bulky.

**** should just work, not ask me if I will allow it to work. I don't want to be forced to make more decisions, my life is full of them already!

 

[arkmannj]

Man, this feels like backwards progress... That dialog box looks straight out of the 90s.

Seriously, instead of simplifying and streamlining the interface, privacy concerns end up complicating and making it more bulky.

**** should just work, not ask me if I will allow it to work. I don't want to be forced to make more decisions, my life is full of them already!

I completely agree, but unfortunately it's hard to tell what applications can be trusted to behave and what cannot, so I guess we're going through growing pains on how to handle it. until then, I'm okay with clicking a few buttons to help ensure my privacy (and the privacy of my friends & family when it comes to my contacts)

Perhaps another solution is to have the system default deny all applications from accessing extra resources (address book / contacts, emails, documents folder, caches, etc...) and make the user always go into the system preferences to explicitly grant/allow access to various parts of the system.. but this might be even more cumbersome than the occasional dialogue box... however, it would force both developers and users to think about how they are using those resources and if they are really necessary or not.)

 

[blackburn]

This + sandboxing is great. Why the hell any app (other than those who need explicit access to) can access all my files / contacts / emails without I knowing it? For example my browser should never have read access to any file unless I give explicit permission ie uploading a file.
Vista / 7 escalation prompts have nothing to do with this. It already exists in mac os x and even requires that you type your password.

 

[Casiotone]

Unless I'm mistaken, nothing would prevent a non-appstore app from reading the content of the address book directly without using Apple's APIs and thus going around this dialog box pretty easily.

So this protection would only be useful if you activate the more restrictive "Run Mac app store apps only" setting in Gatekeeper.

 

[arkmannj]

Unless I'm mistaken, nothing would prevent a non-appstore app from reading the content of the address book directly without using Apple's APIs and thus going around this dialog box pretty easily.

So this protection would only be useful if you activate the more restrictive "Run Mac app store apps only" setting in Gatekeeper.

Could Apple be encrypting the contacts database (or implement other security enhancements) in a way that forces access through the implementation of their API's within a the application?

Perhaps that's not the case in ML, but maybe Apple is moving that direction for later OS versions. I don't know, it was just something that popped into my head.

 

[jonnysods]

Old school.

 

[Renzatic]

**** should just work, not ask me if I will allow it to work. I don't want to be forced to make more decisions, my life is full of them already!

In a perfect world...