Unfortunately, we won't be seeing it baked into CyanogenMod. CyanogenMod used to have a feature to disable specific permissions back in the CM7 days. As I understand it, Google insinuated that CyanogenMod would likely be banned from the Android Market if that feature continued; it wasn't ported to CM9. That's why I imagine this new incognito feature isn't configurable and can only be turned fully on or fully off.
Still, this is a step in the right direction. There's a lot of room to stand up to Google about data privacy right now, and I'm glad to see a big player doing it.
"I can answer the second part, regarding CM inclusion of such a function. And the answer is a resounding "no". Originally, the functionality for CM mirrored that of PDroid, including 'spoofing' the data calls. It was decided that our footprint in the Android ecosystem was too large to ship such functionality out of the box. A million active users of our own, plus the many derivatives that use our source, would essentially cause a million+ polluted data and statistics for app developers.
Not only was this deemed unacceptable, we received feedback from 'the powers that be' that should such functionality be issued directly, CM could very well be cutoff from all Android Market applications, which again, would ripple to most Custom ROMs.
So, we chose to neuter the functionality."
Mind enlightening me a bit? Thanks!
There's also a utility mentioned on that page that provides a GUI for Windows that will automatically download patches and run the auto-patcher.
It's definitely not easy yet, but it's not too difficult to get through if you're used to this sort of thing.
But I suspect that Kondik might aspire to get privacy features like this into AOSP. Something like an all-or-nothing incognito mode has precedent in places like Chrome and Firefox, so I feel like something like this would have a reasonable chance of making it in. A fine-grained permissions system likely wouldn't.
However, I personally would like a little more fine-grained control. I might trust a location-centric app with my GPS (or at least recognize that the app is useless without it), but not want to give it access to my contacts.
Note that CM7 did have a fine-grained permissions system. It wasn't as extensive as OpenPDroid, but you could flat-out reject individual permissions given to apps on CM7. Unfortunately it often caused crashes, as the apps weren't built to be denied so harshly. The fake-/no-data approach of incognito (also one of the options that OpenPDroid offers) probably won't cause any compat headaches.
> Frankly I think that level of privacy control has little appeal to the mainstream.
One might argue that the whole idea of privacy is of little appeal to the mainstream.
> The fake-/no-data approach of incognito (also one of the options that OpenPDroid offers) probably won't cause any compat headaches.
Those that unlock their bootloader, root their device/flash third party firmware are not mainstream users though. However, many of them do share the same sort of apathy to privacy as mainstream users from my observations. Although there are some reputable third party ROM projects for Android, it's quite amazing how so many are willing to blindly flash nearly anything posted on a forum with little regard to what it might do to their device.
Regarding OpenPDroid, anyone can submit any sort of additions to Cyanogenmod that they wish and are then reviewed on their gerrit. First step to getting something like OpenPDroid in Cyanogen is for someone to integrate it without messing up the source tree and submitting it for review. They might deny it still, but one won't know until trying.
He expanded on his reasons in a Google+ post:
I'd love to see a privacy focused fork of CyanogenMod personally. Time to person-up† and do it myself perhaps :)
† Is there a non-gendered equivalent to man-up?
Yes, it's "man-up". "Man" is, like it or not, a reference to the species there.
Does anybody know what the logic behind this is? I assume "incognito" modes in browsers don't expose something similar. Is the idea that if this is provided, then application programmers will be less inclined to attempt to subvert the system?
It'd be cool if they forced apps to run in a temporary directory like how incognito mode saves cookies in the browser. Apps would appear as if you wiped their data. CyanogenMod's implementation seems like something you'd leave on, though, and constantly losing your data would be no fun (no server to backup all changes you make, unlike the web).
I know that the average user isn't going to flash a new rom, but that's exactly the feel that I get from CyanogenMod: a polished additional experience over AOSP, that even the average user could use and enjoy.
Other custom rom, like AOKP, already include a more featureful permission manager. It gives all the control you'll ever need, but it's not as easy to use and it might cause some applications to crash. And the "advanced" user can always flash OpenPDroid over CyanogenMod, thanks to the auto-patcher it only takes few minutes.
Keep also in mind that this is designed pretty much for Facebook, the most hated application on Android.
However, Android Permissions are "all or nothing" when you install an app. Combined with apps being able to potentially access much more than other platforms based on the permissions an app requires (as well as any app can read your sdcard without permission prior to Android 4.1 [though it's still disabled by default on 4.1 so apps not accounting for that permission don't crash]) and the need of some people to install certain apps, they must choose what is more important--potentially giving into whatever permissions this app wants or doing without.
I don't personally use it because I don't want Facebook on my rooted Android device (though I'm like that for most apps), but I have seen those reoccurring complaints over the last few years.