
Android Q will kill clipboard manager apps in the name of privacy - ccnafr
https://www.androidpolice.com/2019/03/14/android-q-will-kill-clipboard-manager-apps-in-the-name-of-privacy/
======
Someone1234
Does anyone else notice this cycle? Write articles about a privacy problem,
putting pressure on Google to resolve it, then once they do as was asked, then
complain about the edge cases broken by that very privacy improvement.

It feels like playing both sides of an issue to generate twice the traffic.

~~~
NeedMoreTea
It seems like Google deliberately misses the point in all privacy related
changes. It's not in their interest to do it properly after all. It seems like
the standard pattern for Android. Privacy, well the sorry state of, is why I
switched to Apple 2 years ago.

There's some pressure to resolve privacy issues so Google changes (breaks)
something minor. Something that in no way impacts the top 10 of privacy and
tracking issues, so they can carry on selling ads and using data unaffected.

~~~
ignoramous
> It seems like Google deliberately misses the point in all privacy related
> changes

Harsh considering the fact that Google has been dedicating resources to
privacy and took important steps to that affect with Android O [0] and Android
P [1] and now with Android Q.

They hosted a invite-only-industry-experts conference to understand the
implications of wide-spread security and privacy issues with Android [2][3].

[0] [https://android-developers.googleblog.com/2017/12/double-
stu...](https://android-developers.googleblog.com/2017/12/double-stuffed-
security-in-android-oreo.html)

[1] [https://android-developers.googleblog.com/2018/12/android-
pi...](https://android-developers.googleblog.com/2018/12/android-pie-la-mode-
security-privacy.html)

[2] [https://www.blog.google/technology/safety-
security/project-s...](https://www.blog.google/technology/safety-
security/project-strobe)

[3] [https://security.googleblog.com/2018/12/aspire-to-keep-
prote...](https://security.googleblog.com/2018/12/aspire-to-keep-protecting-
billions-of.html)

~~~
deogeo
Privacy against everyone except Google: [https://www.cnet.com/news/new-study-
finds-google-android-is-...](https://www.cnet.com/news/new-study-finds-google-
android-is-sharing-even-more-data-than-we-thought/)

You would think with all those privacy resources, Google would be able to stop
itself from spying. Perhaps a few more conferences will help?

~~~
skybrian
Considering that the accuracy of the study it describes is disputed, that
doesn't seem like a good link to back up your point?

~~~
deogeo
1.) Disputed by Google as 'misleading'.

2.) Try this link then:
[https://apnews.com/828aefab64d4411bac257a07c1af0ecb](https://apnews.com/828aefab64d4411bac257a07c1af0ecb)
(note that these studies don't cover the UI dark patterns encouraging you to
give up your privacy 'willingly')

3.) Are we really going to pretend Google's spying is such a fringe idea that
it needs a citation to be believed, and not their main business model?

~~~
skybrian
The problem with this sort of argument is that I struggle to understand how
people are actually harmed. It seems like people assume that Google is harming
people, somehow, but it's not spelled out.

(It seems like collecting information, alone, shouldn't count as harm? It
needs to be used for some bad purpose or disclosed to harm anyone.)

~~~
deogeo
So now the goal has moved from proving Google is spying, to showing how that
spying is harmful? But okay, lets go with it.

First of all, the information is disclosed immediately - to Google. Then it's
just a matter of how much _more_ disclosed is gets.

Surveillance has been shown to chill expression
([https://www.cjfe.org/how_mass_surveillance_harms_societies_a...](https://www.cjfe.org/how_mass_surveillance_harms_societies_and_individuals_and_what_you_can_do_about_it),
[https://www.eff.org/deeplinks/2016/05/when-surveillance-
chil...](https://www.eff.org/deeplinks/2016/05/when-surveillance-chills-
speech-new-studies-show-our-rights-free-association)), and even just metadata
can be used to easily find whistleblowers
([https://www.abc.net.au/triplej/programs/hack/how-team-of-
pre...](https://www.abc.net.au/triplej/programs/hack/how-team-of-pre-teens-
found-whisteblower-using-metadata/8113668)).

Will Google now or in the future offer services to help "secure corporate IP"
by finding whistleblowers? Is it wise to assume they won't? Keep in mind all
the information they gather _now_ will be kept for when they want to misuse it
_later_. What if they get served with a warrant for that information? Such as
by a government agency that's helping to quash unions
([https://www.bbc.com/news/uk-43507728](https://www.bbc.com/news/uk-43507728))?
How certain are you that there's no company that, now or in the future, will
offer services to employers to help identify employees with corporate-
unfriendly political beliefs?

Then there is the simple fact that information is power, and used to amass
even more power, such as when Facebook used data gathered by Onavo to decide
which apps to acquire ([https://www.fool.com/investing/2018/12/05/facebooks-
onavo-sp...](https://www.fool.com/investing/2018/12/05/facebooks-onavo-spying-
app-shaped-monumental-decis.aspx)). So spying directly helps corporate giants
maintain their monopolies.

And all of that harm is _without_ an authoritarian government in place. What
about countries that aren't so lucky as to have a mostly freedom-respecting
government? How sure are you your own country won't join them in the next ~50
years?

Surveillance is a leash and collar around your neck - just because it's long
enough _now_ , doesn't mean you should wait to get it off.

~~~
skybrian
None of these links are about anything Google did. I understand how many of
the things Facebook have done have harmed people, and how governments can harm
people, but these things seem not to apply to Google?

I'm not into guilt by association.

~~~
deogeo
> these things seem not to apply to Google?

So first show that Google spies, then show that spying is harmful, then show
that Google's spying has done specific harms? You sure have high standards.

Now could you explain how the _risks_ and _dangers_ of surveillance don't
apply to the surveillance done by Google? Are they somehow immune to
government warrants? Are you privy to all of their business decisions, to know
that they never abused their vast access to data to enrich themselves at the
expense of others? Should we keep handing over all our data to them, and just
hope that they'll stay benevolent indefinitely?

It looks to me like you don't _want_ to understand.

~~~
skybrian
Of course I can't prove that Google hasn't done anything wrong. I don't
believe that. Google is criticized all the time for various things they did.
Sometimes they change what they do in response to criticism.

They also have a lot of power that could be abused. I like to make a
distinction between potential and actual harm, though. Almost everything you
do in civilization involves trusting other people to do things for you.
Including keeping secrets. Sometimes that trust is broken, but a trustless
society isn't possible.

------
jeroenhd
I've never even thought about clipboard managers for Android. While I can see
the lack of such tools might limit some users' productivity, I think the
overal result of a change is still a positive one.

I'd much rather see background clipboard access as a separate permission
classified as "dangerous", but I doubt most people won't just click allow till
the prompts stop happening. Maybe things would improve if aside from a
permission, a notification would appear each time an app is accessing/has
recently accessed the clipboard, with the option to mute notification sounds
about specific apps. That way, background clipboard access is discouraged yet
still available.

~~~
scarface74
It’s even simpler. By default, for instance, third party keyboards don’t have
network access and you have to explicitly go through settings to give it
access and then you get a big scary warning.

------
jaflo
I think there should be an option to allow background access to the clipboard.
I use a translation app that listens for a copy and pops up a translation on
top of what I'm currently doing. I would prefer not to have to switch apps
every time to do this.

------
Ultramanoid
This is throwing the baby with the bathtub, completely ridiculous.

They could remove internet permission from all applications except Google's
own Chrome, with that reasoning.

Instead of removing clipboard permissions from all applications, make it a
clear option so that the user can give it when needed or only to a specific
application, for instance the essential clipboard manager -- that Android
incomprehensibly doesn't have and never has, as part of its core. So far only
third-party applications have provided this needed feature.

Bundling clipboard with Google's keyboard ( or others like Swiftkey ) that
come loaded with unnecessary permissions ( like internet -- I personally never
use a keyboard with that permission ! ) and analytics packages is certainly
not improving privacy at all.

~~~
jeswin
I'd bet that less than 0.1% of users use a custom clipboard. Android's primary
focus should be to make the OS secure for the nontechnical majority. These are
people who don't understand permissions, and will click on app installer
popups. IMHO this is a welcome move.

An alternative would have been to deny all network access to clipboard apps -
thereby ensuring that they are not able to steal any data.

~~~
Ultramanoid
According to numbers of downloads of clipboard managers, it's probably much
higher than that. But the reasoning doesn't stand. Like I said, they could
remove all phony Chrome clones with massive analytics and calls home, of which
there are dozens, with read and write storage permissions, internet
permission, etc, the list goes on and on. And say only Chrome is allowed, or
vetted browsers from known vendors, like Mozilla or Microsoft, they certainly
should, but they don't do it.

Yet they pick on an essential feature for anyone using copy and paste hundreds
of times a day.

There is much more danger in rogue browsers, by far, than in a clipboard
manager.

The solution is absolutely obvious. It isn't what they decided. It is just the
first beta, but we'll see.

It'd be ridiculous to need to have a text file always open in another
application with constantly used bits of text, code, or info, and switch back
and forth as needed multiplying a simple workflow by who knows how much in
operations and time.

~~~
Klathmon
I'm sorry, but I think even saying 0.1% of users use a clipboard manager is
way overestimating it.

The top clipboard manager apps have like 500k installs. Android had 2.7
billion users in 2017. If we assume that the Android install base hasn't grown
and that the total base of clipboard managers is 10x larger, we still only get
to 0.18% of users...

~~~
Ultramanoid
Clipper [1] alone has over a million installations. Others as you say have
500k, it all amounts to millions of users of clipboard managers _specifically
labelled as such_. Add other applications which couldn't work without a
clipboard monitoring feature ( KDE Connect has been mentioned already,
translation applications, text and code editors, the list goes on... ) and you
jump to tens of millions if not hundreds of millions.

[1]
[https://play.google.com/store/apps/details?id=org.rojekti.cl...](https://play.google.com/store/apps/details?id=org.rojekti.clipper)

------
sschueller
This will break all those apps that let you download/repost Instagram posts.

I guess I will be abandoning the one I wrote.

------
anoncake
Google must be trying to make people root their phones.

~~~
praneshp
You'd think so. In reality, only a vocal and miniscule minority cares about
such things. The sweet discounts and price cuts sells their phones really well
to the majority

------
dplgk
So don't fix actual privacy issues users complain about (i.e. Their whole
business model), fix the supposed ones for tools that users enjoy and opt into
so that you can feign caring about privacy.

