
Android 11 is taking away the camera picker, forcing use of the built-in camera - lladnar
https://www.androidpolice.com/2020/08/18/android-11-camera-apps-chooser/?scrolla=5eb6d68b7fedc32c19ef33b4
======
frogblast
I’m not following the privacy issue: The UI shown in the screenshot requires
explicit opt-in to which app is launched, so the user has consented to that
app receiving the image that is taken?

I’m also not immediately seeing a non-privacy reason to make this change
either...

~~~
rgoulter
"Some users were tricked into setting a malicious camera app as the default
and then using it to capture things that should have remained private"

A Google search for "malicious camera apps" leads to this from January
[https://cybernews.com/security/popular-camera-apps-steal-
dat...](https://cybernews.com/security/popular-camera-apps-steal-data-infect-
malware/")

Copy-paste of its summary of the top 30 "beauty camera" apps:

> More than half (16) of these apps are based in Hong Kong or China

> One app doesn’t ask for permission to use your camera, but turns the camera
> on anyways – without any permission

> Three seemingly separate developers seem to be run by the same group, and
> may be connected to apps previously found to contain a widely-dispersed
> Trojan

> The top-ranked app developer Meitu, with more than 300 million installs, had
> apps identified as malware, violating Google’s ad policies, or secretly
> collecting data

> One app developer was found to install malware through its software

> One app was accused of sending users pornographic content, redirecting them
> to phishing sites, or collecting their pictures

> These apps are requesting up to 7 dangerous permissions, 5 on average, most
> of which are unnecessary for the app to function

> Unnecessary permissions include recording audio, using GPS, and seeing
> users’ phone statuses

> While only a few permissions are required for the app function, one app
> includes a whopping 40 total permissions

~~~
surcap
Surveillance capitalism

------
anigbrowl
This sucks. I have a bespoke app that throws ugly HUD data on top of what I'm
photographing but that saves me a ton of time by not having to switch to other
apps to check. Now that's not gonna work any more? One more reason to move to
a Linux phone I guess.

~~~
verdverm
If I'm reading this right, this looks more like it's for intents, so that
other apps have to specify exactly which external camera app to use. If they
don't do that, then the built-in app is selected. You camera app should still
function, though may require an update?

~~~
anigbrowl
I hope that's correct. I don't mind setting it up, I just don't want to have
to manually import pictures from it. Thanks for pointing it out.

------
nobrains
So how does this stop malicious apps from using the same workaround that
Google proposes, as mentioned in the article:

"The documentation advises explicitly checking for installed camera apps by
their package names — meaning developers would have to pick preferred apps up
front — and sending users to those apps directly. Of course, there are other
ways to get options without identifying all package names, like getting a list
of all apps and then manually searching for intent filters, but this seems
like an over-complication."

~~~
stefs
the decision now lies with the developer, not with the user. therefore, a
malicious camera app developer would have to convince the developers of all
targeted apps to support their app instead of the default camera app, which
pretty much doesn't work.

------
curt15
If OEMs replace the stock camera app, does this mean that users will be stuck
with the OEM version?

------
curt15
Can't one apply their "argument" to other intents, for instance to prevent
user choice of browser?

------
quotemstr
If you want to constrain the actions of corporations, you need to pass laws
banning their abuses. Whining will do no good whatsoever. Makers of popular
platforms ought to be required as a matter of law to keep those platforms
open, because it's in the general interest of the public that infrastructure
be a platform and not a product.

~~~
valuearb
Platform providers shouldn’t be allowed to try to limit malware?

~~~
quotemstr
Can you define "malware"? I am categorically and maximally against viewpoint-
based censorship. If an otherwise well-behaving app can be "malware" because
it espouses a particular viewpoint, I oppose allowing platforms to ban
"malware". If you can define "malware" without reference to viewpoint, sure,
censor away.

For example, banning Gab is egregious and unacceptable under my framework.

