Evernote, and Why You Need to Think About Permissions
I use Evernote a reasonable amount. I’m not a huge user, but I have several hundred notes on their service entered through their Web interface. I back up those notes using the Windows desktop, fired up once in a while on an XP VirtualBox that I use for tech that’s just gotta gotta gotta be Windows.
I would seem to be the poster child for an Android Evernote user. After all, I travel a fair bit, and scanning receipts and storing them would be rather useful. Plus, I’d have access to all those notes I have on their service.
However, I have not installed the Evernote Android app, for one simple reason: permissions.
The Evernote app requests a fair number of permissions. Some
make sense, such as the INTERNET
permission (kinda important
for a Web service). Some are a bit dubious, such as needing
both coarse and fine location data.
Beyond those, they ask for the READ_CONTACTS
permission, and
that’s where I draw the line. Any application with both
INTERNET
and READ_CONTACTS
can slurp up all my contact data
and send it to points unknown.
The thing is, I feel rather confident that there’s nothing the
Evernote app can do with READ_CONTACTS
that I actually want
them doing. There are ways to share notes on Android without
needing that permission, such as an ordinary
ACTION_SEND
request.
So, rather than me being a poster child for an Evernote Android user, the Evernote app is a poster child in its own right.
First, it’s a poster child for permission creep. Evernote either needs to limit their permissions or justify a lot better why they have the permission in the first place. I really have no idea why Evernote needs to read my contacts or know where I am. Not only does their app description on the Market lack any justification, their Web page says even less…and there’s no 325-character limit on teh Intarweb. Evernote needs to sell me on the rationale for those extra permissions, if they expect me to agree to them.
Second, it’s a poster child for the crying need in Android for
optional permissions. I really wouldn’t mind that Evernote is asking
for those permissions, if I had the ability to say “no”. Some
permissions, like INTERNET
, Evernote would make mandatory, since
their app would be pointless without them. But for fringe features,
allowing developers to flag permissions as android:required="false"
and allowing users to toggle those permissions would be rather
beneficial, IMHO. Developers would check to see if they have
the rights to do something before enabling the menu choice or
button or whatever to go do it, no different than they should
be checking for the existence of third-party apps before
firing off activity requests to launch them, or using Criteria
to
see what location provider to use rather than assuming GPS. Even
if the permissions are granted by default on install, and only
“power users” turn the optional ones off, it’s a net benefit, at
least to those particular users.
In light of Russian Android trojans and the like, we need to make sure that users understand and appreciate the ramifications of permissions that apps request. That isn’t helped by developers who ask for permissions and don’t justify them. Be judicious in your choice of permissions to request, use techniques at your disposal (e.g., optional APK plugins) to minimize the core set of permissions your app needs, and keep tabs on issues like this one to see when optional permissions might appear in Android.