My OperaYou need to be logged in to post in the forums. If you do not have an account, please sign up first.
Permissions
Some of you have asked why Opera Mobile need many different permissions. This post will explain which ones we need and why.Android permissions
* Your location
- Coarse (network-based) location
- Fine (GPS) location
* Phone calls
- Read phone state and identity
* System tools
- Change network connectivity
- Change Wi-Fi state
* Network communication
- View network state
- View Wi-Fi state
All of these are used for one single feature: Geolocation. See the W3C specification for details. You can test it yourself at html5demos.com/geo.
As described in the specification, your location will only be shared with web sites that you specifically authorize. And previously given permissions can be cleared in the privacy settings.
The reason all those network and phone permissions are needed is because your location can be determined by three different methods: (1) GPS, (2) nearby WiFi APN and (3) Cell ID. Each method has pros and cons regarding speed and accuracy.
Opera Mobile uses Google's location database to map WiFi APNs and Cell ID to a location coordinate. You are required to accept Google's T&C and privacy policy the first time you use the feature (or you can choose to decline).
The implementation in Opera Mobile is very similar to the default Android browser.
* Read Browser's history and bookmarks
- Needed to enable import of bookmarks from the default browser
* Your personal information
- Read sensitive log data
Used to read crash logs, which are sent to Opera Software for further analysis. This is essential information for us to fix crashes that we can not easily reproduce. No personal information is included. More information at the bottom of this post.
* Storage
- Modify/delete USB storage contents modify/delete SD card contents
Needed to store data on SD card.
* Network communication
- Full Internet access
Needed for Internet access.
* System tools
- Prevent device from sleeping
Used to prevent screen from turning off when showing streaming video.
* Camera
- Required to be able to access the camera device.
Used by the HTML5 getUserMediaAPI for capturing camera input. Each time a
domain tries to access the device's camera, Opera Mobile will ask the user for
permission to activate the camera. When the camera is used, an overlay icon will
be visible on the page. Camera access for a domain can be revoked at any time.
* NFC (Near Field Communication)
- Allows applications to perform I/O operations over NFC
Used for sharing URLs of active tab between devices. If another device is put
very close (back-to-back), the system will ask if the URL of the active tab
should be shared.
Connections to Opera Software servers
Opera Mobile connects to Opera's servers for three things, none of which includes any personal data:
1) Retrieve updated Browser JavaScript
Used to improve site compatibility. See http://www.opera.com/docs/browserjs/ for details.
2) Install and update Root certificate store
Used to install Root certificates included in the online Opera Rootstore database as well as perform weekly checks for updates. See http://my.opera.com/rootstore/blog/ for details.
3) Sending crash logs
If Opera Mobile crashes, a crash log with detailed debugging information of approximately 1Kb in size is saved on your device. Opera Mobile will send that information to Opera Software so that we can analyze and hopefully fix the problem. A browser is a very complex application and - as the Android platform has become more and more fragmented - we are finding it very challenging to reproduce all the errors you report. This feature will help us build a more stable browser.
Some additional data about the device and state of the browser is included with the crash dump, for example device model, Android version and the status of different settings in Opera Mobile. The URL of the last loaded site is included, but we strip the URL of everything after a "?", which removes all personal information (if any). Your browsing history is not included.
Updated 11.10.2011
Except you don't NEED to know where I am. I don't need to tell any site that. And I certainly don't need to give you permission find my phone number, or unique numbers - that's for tracking people - presumably for advertising purposes.
As for "fragmented" give us a break, its no "fragmented" than XP vs Vista vs Windows 7.
Make 2 versions of Opera (normal opera, not the mini version) the one you have, and one who doesn't require the location crap.
As for "fragmented" give us a break, its no "fragmented" than XP vs Vista vs Windows 7.
Make 2 versions of Opera (normal opera, not the mini version) the one you have, and one who doesn't require the location crap.
Originally posted by VisionFixer:
Except you don't NEED to know where I am. I don't need to tell any site that.
Upon opening a website which wants to know your location you will be asked if you want to share it or not. But for Opera Mobile to be able to see where you are in case you answer yes, we need the permission. If you answer no, then the permission won't be used.
And I certainly don't need to give you permission find my phone number, or unique numbers - that's for tracking people - presumably for advertising purposes.
The names of the permissions do not reflect exactly what they do. If we remove the permission "Phone calls" then GPS stops working.
Of course we don't add colect data for advertisement.
As for "fragmented" give us a break, its no "fragmented" than XP vs Vista vs Windows 7.
Have you ever written software for Android?
7. May 2011, 10:54:11 (edited)
I've seen lots of users (most not nearly as technical as those that might reach this forum) complain and give opera bad ratings due to not understanding what the permissions are for or saying "x browser has less permissions than opera, why does opera need these??". Perhaps posting a link to this topic in the market under opera mobile would help or explaining in more detail there why they're needed.
Yeah, go try making a piece of software work in a completely rewritten os (Android 1.x to 2.x to 3.x) and subversions, along with tons of variations of linux kernels, hardware, roms (both OEM and community, since I know opera supports at least cyanogenmod with fixes) and then try commenting again on fragmentation being a nonissue. Comparing an open source OS like android to windows is just silly when it comes to fragmentation. The only thing windows might be less fragmented than is OSX/iOS since Jobs keeps an even firmer grip on that than Microsoft does to Windows. Even PC hardware tech is standardized (even more so for Apple) so developers more or less know what to face. That's not the case on android. Short of every device having an ARM based cpu, pretty much anything goes as long as there's drivers written and it changes monthly, not yearly or longer like on PC.
Take a look around forums like XDAdevelopers and even the comments on the market. People have problems all the time trying to get even simple applications to work on every single device, especially "legacy" ones that could be only a year or two old (which is really old in terms of advancement on handhelds). It's the reason many apps have never been ported from 1.x to 2 without a complete rewrite and why flash was held back from honeycomb (android 3.0).
There's a reason aside from Opera and Firefox (took firefox a couple of years and it's about as useable as firefox 1.0 was on the pc) that all the other browsers on Android use webkit (built into android) as a base. They don't want to deal with the compatibility/dependency mess and would rather use what google gives them already as the stock browser uses it. Sure opera borrows from its already made libraries it had for other linux and/or portable devices with the compiled libraries it includes, but that's probably heavily abstracted/reusable code developed well over a decade, not something rushed and thrown together. However, it still needs some concrete code made just for android and that's why even the browser team with the most mobile experience of any out there still has issues at times with getting things to work.
If you want to compare how the state of android develop is right now, try comparing it to something like PC development in the 80s and 90s, where everyone was in on it and technology was outdated almost right after you bought it. Aside from that, have you ever tried the android os emulator for testing? It's a slow piece of java crap that makes the actual phone look way faster and I have a custom built Intel core i7 PC, lol.
As for "fragmented" give us a break, its no "fragmented" than XP vs Vista vs Windows 7.
Yeah, go try making a piece of software work in a completely rewritten os (Android 1.x to 2.x to 3.x) and subversions, along with tons of variations of linux kernels, hardware, roms (both OEM and community, since I know opera supports at least cyanogenmod with fixes) and then try commenting again on fragmentation being a nonissue. Comparing an open source OS like android to windows is just silly when it comes to fragmentation. The only thing windows might be less fragmented than is OSX/iOS since Jobs keeps an even firmer grip on that than Microsoft does to Windows. Even PC hardware tech is standardized (even more so for Apple) so developers more or less know what to face. That's not the case on android. Short of every device having an ARM based cpu, pretty much anything goes as long as there's drivers written and it changes monthly, not yearly or longer like on PC.
Take a look around forums like XDAdevelopers and even the comments on the market. People have problems all the time trying to get even simple applications to work on every single device, especially "legacy" ones that could be only a year or two old (which is really old in terms of advancement on handhelds). It's the reason many apps have never been ported from 1.x to 2 without a complete rewrite and why flash was held back from honeycomb (android 3.0).
There's a reason aside from Opera and Firefox (took firefox a couple of years and it's about as useable as firefox 1.0 was on the pc) that all the other browsers on Android use webkit (built into android) as a base. They don't want to deal with the compatibility/dependency mess and would rather use what google gives them already as the stock browser uses it. Sure opera borrows from its already made libraries it had for other linux and/or portable devices with the compiled libraries it includes, but that's probably heavily abstracted/reusable code developed well over a decade, not something rushed and thrown together. However, it still needs some concrete code made just for android and that's why even the browser team with the most mobile experience of any out there still has issues at times with getting things to work.
If you want to compare how the state of android develop is right now, try comparing it to something like PC development in the 80s and 90s, where everyone was in on it and technology was outdated almost right after you bought it. Aside from that, have you ever tried the android os emulator for testing? It's a slow piece of java crap that makes the actual phone look way faster and I have a custom built Intel core i7 PC, lol.
Update 11.10.2011
With the release of version 11.5 on October 11, 2011 we added one additional permission:
- Read Browser's history and bookmarks
Needed to enable import of bookmarks from the default browser.
The full post above will be updated by tomorrow, just need one of the MyOpera admins to come online and unlock the post for editing.
With the release of version 11.5 on October 11, 2011 we added one additional permission:
- Read Browser's history and bookmarks
Needed to enable import of bookmarks from the default browser.
The full post above will be updated by tomorrow, just need one of the MyOpera admins to come online and unlock the post for editing.
Originally posted by dagolav:
The full post above will be updated by tomorrow, just need one of the MyOpera admins to come online and unlock the post for editing.
Fixed!
Kjære dagbok..
Yes I do notice that Opera Mobile needs lots of permissions when being installed. What I have found so far also is that when accessing certain sites you have to refresh Opera Mobile in order to display the correct URLs. Any ideas why?
Is there any chance of a 'slim' or 'privacy-based' version to be released? I imagine it would be trivial to simply remove geolocation, import, and logs. That could cut down the permissions significantly. Allowing only internet access and SD write access would still have a completely functional browser with none of the excess permissions that every app seems to demand.
The folks making Android say they will not allow users to selectively grant/deny permissions, because it encourages the developers to not ask for excess permissions in the first place. So this is to let you know that some users don't want/need all these extra features and are not willing.
Please consider my request, thank you for your time.
The folks making Android say they will not allow users to selectively grant/deny permissions, because it encourages the developers to not ask for excess permissions in the first place. So this is to let you know that some users don't want/need all these extra features and are not willing.
Please consider my request, thank you for your time.
Originally posted by dfrdfr:
...
The folks making Android say they will not allow users to selectively grant/deny permissions, because it encourages the developers to not ask for excess permissions in the first place. So this is to let you know that some users don't want/need all these extra features and are not willing.
...
This is FYI. If you are inclined to use a custom ROM, CM7 allows you to block specific permissions while leaving others alone. Perhaps other ROMs include this feature to.
Originally posted by fcarvalho:
The names of the permissions do not reflect exactly what they do. If we remove the permission "Phone calls" then GPS stops working.
Of course we don't add colect data for advertisement.
You don't, but some sites do it. I already got "addressed" SMS-spam exactly after visiting (just visiting, nothing more) some specific sites using Opera Mobile. And I know for a fact, that permission "Phone calls" means not only access to GPS, by also access to read my telephone number.
Can I erase the corresponding XML-tag from AndroidManifest.xml in Opera Mobile *.apk file? Would the application correctly work after that? (I don't need the browser to have access to GPS).
A lot of "apps of websites" are there on mobile market to gather your location and even your phone number without you being prompted at all.
It is absurd that people question the intents of browser (any third party one) while they politely ask per site. Actually browsers are the "good guys", you wouldn't believe the amazing amount of personal data those "apps of sites" get.
It is absurd that people question the intents of browser (any third party one) while they politely ask per site. Actually browsers are the "good guys", you wouldn't believe the amazing amount of personal data those "apps of sites" get.
opera moble for android need the permission that can reading sensitive log data , ' but opera mini no,it's a not good news.... i hope cut the permission.
I signed up exclusively to tell you this: thanks for the detailed breakdown. Now fully informed, I'd like to say that Opera or any other app will never have a place on my device as long as it insists on access to everything in sight. I understand why you ask for it, but as far as I'm concerned all you actually need access to is network. End of story. Some apps understand that- see QR droid private. You're of course free to live in denial and keep ignoring all the people who do read this but simply turn away never taking the time to let you know they do care. Have a nice life, don't expect to see me around again...
Forums » Opera for mobiles/devices » Opera Mobile for Android