It looks like the most recent build addresses some issues about READ_PHONE_STATE permissions on Android, but the comments were fairly minimal. Can someone comment on the change, specifically how do we support it? Is READ_PHONE_STATE turned off by default now so those of us doing tablet-only apps don’t have to do anything?
[import]uid: 44812 topic_id: 16687 reply_id: 316687[/import]
Hello Brian,
The READ_PHONE_STATE permission is still set in the AndroidManifest.xml file, but we’ve set it up to be “not required”. It is implemented as follows…
<uses-permission android:name="android.permission.READ_PHONE_STATE" android:required="false"></uses-permission> This will prevent the app from being filtered out of the market place when browsing from a tablet device. This also “should” allow it to pass the Amazon market place app submission process when the app is flagged as tablet only… which we’re awaiting confirmation on.
[import]uid: 32256 topic_id: 16687 reply_id: 62426[/import]
SO, Why this is necessary? I had some people complaining about this kind of permission. Why can we simply adjust this in build.settings ?
[import]uid: 9133 topic_id: 16687 reply_id: 62568[/import]
Corona needs the READ_PHONE_STATE permission in order to read the device’s unique ID. This is the ID that is returned by system.getInfo(“deviceID”). This is also the ID that is used by launchpad analytics. Some of Corona’s 3rd party dependencies need this permission as well in order to uniquely identify the device. [import]uid: 32256 topic_id: 16687 reply_id: 62603[/import]
Hi Josh. Thanks for your anwser.
I dont expect to change this, after all, Im just one in thousands in this community, but I think if this kind of permission, if its NOT necessary (or required), so, could be optional (some way to turn off, for example).
I dont really care about this thing in iOS systems. But in Android World, people are complaining about this. This kind of thing **IS** important in Android World.
My App in Market is not exactly a success but fill the objectives. I never receive emails as I received in the last 5 days from different people (in the world) asking about this thing. For me, was a surprise.
Regards,
Drago [import]uid: 9133 topic_id: 16687 reply_id: 62638[/import]
Sorry - but this isn’t true. The READ_PHONE_STATE is defaulted to TRUE. There is no way to turn it off, and I’m quite certain it is scaring off potential customers.
From the Google Play Store:
Phone calls
read phone state and identity
Allows the app to access the phone features of the device. An app with this permission can determine the phone number and serial number of this phone, whether a call is active, the number that call is connected to and the like.
THIS IS NUTS!!! My game has no need for this access whatsoever. Any fix for this? (will post this again on the UI Forum just to be sure it gets looked at)
Regards,
Jerry Palmroos
Charlotte
Also - I’ve been looking for resolution on this issue all morning, and I managed to find this post with an external Google search. (It was nowhere to be found by searching within the Corona site.) [import]uid: 151653 topic_id: 16687 reply_id: 121244[/import]
bsdrago - the “explanation” we got from Corona why they can’t let us remove these permissions is, in short: if you remove those permissions, certain things in Corona will break when you use them and we don’t trust you (developers) to be careful enough not to use these things when those permissions are removed.
I don’t buy this explanation. I think Corona wants to gather aggregate data from the apps out there and that overrides the fact that Corona Android apps get angry 1-star ratings over this and Corona is getting a “spyware” reputation in the community. [import]uid: 160496 topic_id: 16687 reply_id: 121269[/import]
Jerry, the [lua]READ_PHONE_STATE[/lua] requirement is defaulted to false. That is why you can install your app on tablets, such as the Kindle Fire. If it was set to true, then your app would require the Android device to be a phone and not be allowed to install on tablets. So, that setting is definitely working. However, whether it be true or false, the app store will always list that permission. There’s no getting rid of it at the moment. It’s currently a requirement that cannot be easily removed.
Mike, I’m sorry you feel that way. We’re not collecting data from your app without your permission or anything malicious like that. Removing the default permissions is on our to-do list, but please realize that we have a very long to-do list. That’s why we haven’t addressed this yet. This is simply an issue of time and resources. We receive a lot of demands from our customers everyday and it’s a lot to keep up with. All we can do is prioritize and address them a bit at a time. Not looking for sympathy. Just telling you the reality of the situation. [import]uid: 32256 topic_id: 16687 reply_id: 121373[/import]
Joshua, I *know* you’re not (that is, if I say launchpad=false, no info is collected). But people out there are paranoid, and those people are potential users of my apps. [import]uid: 160496 topic_id: 16687 reply_id: 121382[/import]
I know what you mean by the paranoid users out there. I’ve seen negative comments on apps calling OpenFeint spyware simply for their READ_PHONE_STATE usage. It’s a very vocal minority who unfairly spread FUD (fear-uncertainty-doubt) about an app being spyware when it’s not, causing bad PR for the app and its developers. So, we definitely understand the unfairness of the situation which is why removing this permission (and the other default ones) is on our to-do list. The unfortunate truth is that a lot of 3rd party libraries, like OpenFeint, require this permission… and that is what we have to work-around on our end to prevent a Corona app from crashing. We’ll get to it. [import]uid: 32256 topic_id: 16687 reply_id: 121388[/import]
Joshua, just rehashing our conversation from the other thread, as a preliminary measure, you could just make a *preliminary* fix that would allow those of us who want to, to remove those permissions completely. TRUST us not to use the features that require those permissions and would crash without them. [import]uid: 160496 topic_id: 16687 reply_id: 121409[/import]
Joshua - about the “we’ll get to it” - is it a matter of weeks or months? I need to release the app I have to Android markets, and if it’s weeks, I will wait. If it’s months, I’d have to release now and take my lumps and 1-star reviews…
Or, alternatively, maybe you could tell me what exactly changed in the latest builds that doesn’t allow the apktool to work with Corona APKs anymore? [import]uid: 160496 topic_id: 16687 reply_id: 121787[/import]
I would like to know the answer to this too. I know this came up nearly a year ago when I first started to put apps up on the Android Market. I create children’s apps and most parents do not want to see permissions that appear to be collecting information on their children in kids apps. My apps do not use 3rd party software and have launch pad turned off. I’m not sure why I couldn’t have the option to remove this permission in this case.
@mike470 - there used to be some postings in the forums on how to remove these states, but it is a lot of work. [import]uid: 79834 topic_id: 16687 reply_id: 121795[/import]
@scottadelman - yes, I am quite aware of those postings, but the apktool stopped working with latest (after 840) builds. You go through exactly the same process as before, decompile, recompile, sign, zipalign - and the result fails to run (where the .840 does run). Unfortunately, since I use newTextField, I need the later builds’ fix for it, otherwise I’d switch back to 840.
If you can still use 840, leave me your email and I will walk you through the apktool process to remove those permissions. [import]uid: 160496 topic_id: 16687 reply_id: 121801[/import]
That would be awesome. I am actually still using 704 so hopefully that is not a problem. My email is orionsmason at gmail.com [import]uid: 79834 topic_id: 16687 reply_id: 121802[/import]
Sorry - but this isn’t true. The READ_PHONE_STATE is defaulted to TRUE. There is no way to turn it off, and I’m quite certain it is scaring off potential customers.
From the Google Play Store:
Phone calls
read phone state and identity
Allows the app to access the phone features of the device. An app with this permission can determine the phone number and serial number of this phone, whether a call is active, the number that call is connected to and the like.
THIS IS NUTS!!! My game has no need for this access whatsoever. Any fix for this? (will post this again on the UI Forum just to be sure it gets looked at)
Regards,
Jerry Palmroos
Charlotte
Also - I’ve been looking for resolution on this issue all morning, and I managed to find this post with an external Google search. (It was nowhere to be found by searching within the Corona site.) [import]uid: 151653 topic_id: 16687 reply_id: 121244[/import]
bsdrago - the “explanation” we got from Corona why they can’t let us remove these permissions is, in short: if you remove those permissions, certain things in Corona will break when you use them and we don’t trust you (developers) to be careful enough not to use these things when those permissions are removed.
I don’t buy this explanation. I think Corona wants to gather aggregate data from the apps out there and that overrides the fact that Corona Android apps get angry 1-star ratings over this and Corona is getting a “spyware” reputation in the community. [import]uid: 160496 topic_id: 16687 reply_id: 121269[/import]
Removing these permissions has not been scheduled yet. So, I can’t commit to a date. We have to meet our current commitments first, as you can see on our roadmap here…
http://www.coronalabs.com/resources/roadmap
This change is definitely not going to happen within the next month. There is a huge demand for local/push-notifications on Android, so that has to be next on our to-do list. [import]uid: 32256 topic_id: 16687 reply_id: 121893[/import]
Jerry, the [lua]READ_PHONE_STATE[/lua] requirement is defaulted to false. That is why you can install your app on tablets, such as the Kindle Fire. If it was set to true, then your app would require the Android device to be a phone and not be allowed to install on tablets. So, that setting is definitely working. However, whether it be true or false, the app store will always list that permission. There’s no getting rid of it at the moment. It’s currently a requirement that cannot be easily removed.
Mike, I’m sorry you feel that way. We’re not collecting data from your app without your permission or anything malicious like that. Removing the default permissions is on our to-do list, but please realize that we have a very long to-do list. That’s why we haven’t addressed this yet. This is simply an issue of time and resources. We receive a lot of demands from our customers everyday and it’s a lot to keep up with. All we can do is prioritize and address them a bit at a time. Not looking for sympathy. Just telling you the reality of the situation. [import]uid: 32256 topic_id: 16687 reply_id: 121373[/import]
Joshua, I *know* you’re not (that is, if I say launchpad=false, no info is collected). But people out there are paranoid, and those people are potential users of my apps. [import]uid: 160496 topic_id: 16687 reply_id: 121382[/import]