cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
search icon

Original topic:

How Android File Management should be....

(Topic created on: 04-04-2022 06:57 PM)
1371 Views
- Close original thread and solution
TheMystic
Expert Level 1
Options

‎04-04-2022 06:57 PM (Last edited ‎06-07-2022 11:57 AM ) in 

Tech Talk

File Management or Storage Access on Android is a severely flawed design, even after the recent implemention of SAF (Storage Access Framework) with Android 11.

 

Scoped storage introduced in Android 11 is good, but Restricted Storage would be an even better option.

 

On Android, at the moment, apps that have access to internal storage for their own files, also have access to every other file in the system. This is definitely a privacy risk, and also a security concern. With the introduction of Scoped Storage, some of that is being addressed. Yet, there is still huge scope for misuse if apps have malicious intent.

 

Ideally, all apps must only have access to their own files - those created by the app and those downloaded by the user using that app. For access to any other file, every app must go through the built-in file manager to prevent misuse. What that means is no app has permanent access to files that are not created by them, and can only access external files each time with explicit user consent and interaction. This would completely address the privacy concerns with regards to user files.

 

This is how the Files app in iOS is designed and is an extremely well thought out one. Let me illustrate with an example:

 

We all know how Facebook is notorious when it comes to privacy. Let's assume you have a Facebook account and the Facebook app is installed on your phone. If you want to share a picture on Facebook, you have to grant the app access to your internal storage. On Android, this effectively grants Facebook access to every file on your storage. Given its reputation, it won't be surprising if Facebook app scans all your pictures/ videos for its AI/ ML, or even uploads them without your knowledge.

 

On iOS, the permission screen looks like this:

 

 

1460076-d75a724279e6981b88d6b86e69037b19.jpg

 

 

You have the choice of either granting permanent access (Option 1), or limit the access to just the file you want (Option 2).

 

On Android, it is essentially Option 1 alone. You have to grant access to the entire file system for you to be able to upload your pics to Facebook.

 

On iOS, you have the choice of uploading just the pic you want, without giving the app access to any other file in your internal storage. This is a huge privacy boon.

 

In this case, Facebook app has to make a request to the built in file manager (which obviously has access to every file in the system), and you browse your media library using the built-in file manager (with which the built-in Photos app is integrated) to grant access. Facebook app sees nothing else, and you are still able to upload the file you want!

 

Same holds true for every app. An app should only have permanent access to its own files, and not any other file. For access to any other file, the app has to go through the built-in file manager route and access only the file that the user wants it to see.

 

That said, it would be great to have the ability to configure the privacy setting for each folder on internal storage. We can either set it to "Restricted" or "Unrestricted".

 

Folders which are assigned the "Unrestricted" parameter setting, their contents are accessible to all apps (like it is now).

 

Folders which are assigned the "Restricted" parameter setting, their contents can only be accessed via the built-in file manager route as explained in the example above. This should be the default setting for every folder in the system.

 

Hope Google and Android OEMs can design something like this keeping in mind the privacy needs of its users, and the abusive intents of large corporations and malicious actors.

18 Comments
VedantKalore
Options

‎04-04-2022 07:40 PM in 

Tech Talk
Play store requires $25 one time payment
Apple App store is
$99/mo for personal developers
$199/mo for enterprise
AlenSony소니알렌
Expert Level 5
Options

‎04-04-2022 07:34 PM in 

Tech Talk
Your data won't get to the wrong hands -SamsungKnox
TheMystic
Expert Level 1
Options

‎04-04-2022 07:39 PM in 

Tech Talk
Using the example from OP, can you tell me how Knox will prevent Facebook from seeing (and scanning for their AI/ ML) my photos and videos other than the ones I choose to upload?
VedantKalore
Options

‎04-04-2022 07:41 PM in 

Tech Talk
Facebook is actually telling you a piece of (can't use word) on name of privacy 🙄
AlenSony소니알렌
Expert Level 5
Options

‎04-04-2022 07:44 PM in 

Tech Talk
Knox only allow media files to acess it won't allow apps like fb to access other documents, and when you select to share pictures at that time only at that second fb get file system access after yoi done selecting then sending after that process knox will cut off the file access for
Fb
TheMystic
Expert Level 1
Options

‎04-04-2022 07:53 PM in 

Tech Talk
I haven't read anything in support of what you are saying. Can you link some articles on this subject?

As far as I know, Knox is a hardware (and software) based SECURITY tool. It doesn't take care of the privacy issue raised in the OP.

Would be happy if you prove me wrong.
GalaxyTechie
Expert Level 1
Options

‎04-04-2022 07:12 PM in 

Tech Talk
Android 13 improves file management of photos after reading this documentation I think: https://developer.android.com/about/versions/13/features/photopicker
0 Likes
TheMystic
Expert Level 1
Options

‎04-04-2022 07:17 PM in 

Tech Talk
That's good to know. They must just extend that concept to keep every application completely sandboxed and allow nothing without explicit user interaction.
GalaxyTechie
Expert Level 1
Options

‎04-04-2022 07:19 PM in 

Tech Talk
Fingers crossed