I think the F-Droid app 1.7.1 has to many pemissions that not everyone using the app needs, so I wonder if you could create a similar F-Droid app with more privacy and less permissions?
You might call it: “F-Droid Extra Privacy” (for example).
The permissions of F-Droid I want you to delete are:
change network connectivity.
Why? This can be done manually.
connect and disconnect from Wi-Fi.
Why? Same answer.
pair with Bluetooth devices.
Why? The app needs internet connection but bluetooth is unnessecary.
access Bluetooth settings. Why?
Same answer.
modify system settings.
Why? This claimed security feature should not be needed for careful users who doesn’t install apps with to many permissions.
control Near Field Communication.
Why? Seriously NFC can easaly be used for data-theft and I don’t see any good reason why “F-Droid” should be able to activate NFC.
I hope you could fix something like this when there is time. You might use the code of “F-Droid version 1.7.1” and just delete the permissions i mentioned, if it’s possible?
I wonder if you can release a more privacy friendly “F-Droid” app, that is similar to the “F-Droid version 1.7.1” but with less permissions. You might call it “F-Droid with Extra Privacy” (for example).
The permissions I want it to be without, that I belive are unnessecary for it to function as a good store app is:
change network connectivity.
Why? People can change that manually.
connect and disconnect from Wi-Fi.
Why? Same answer, as above.
pair with Bluetooth devices.
I don’t think connecting with bluetooth is nessecary.
access Bluetooth settings.
Why? Same answer as above.
modify system settings.
Why i don’t want any app to handle my system settings. I want to handle them myself.
control Near Field Communication.
Why? NFC is not needed and activating NFC creates a possibility of wireless data-theft. So this permission is probably the most stupid of all.
Please consider creating a such lighter version of F-Droid Store with less permissions. It would be appriciated.
These permissions are used for some of F-Droid’s features, namely “Nearby” app swapping, something that the F-Droid developers seem to consider important since I’ve seen a number of commits related to it.
A permission can’t be “stupid” if it is necessary to allow a desired feature. Also, an app having a permission doesn’t mean it uses it until the user invokes a feature that needs it. Being sure that the permission isn’t misused is a problem, but if anything, the open-source nature of F-Droid (and the apps it hosts) mitigates this problem, as someone can review the source code and make sure this is not happening.
All in all, if you don’t use these features and as such you’re willing to get rid of them and the permissions required for them, nobody is stopping you from creating a fork of F-Droid, and hosting it on the F-Droid repo (which already hosts a couple of alternative F-Droid clients).
Also if you really care about these permissions changing an app isn’t the only way to control them. Take other ways, e.g. XPrivacy* through Xposed or detailed permissions use report as in LOS
What about a F-Droid app that is the same but just without the Nearby features? Would it take much work to create something like that? (Maybe you could call it “F-Droid Lite”)
The permissions an app requests has not so much to do with the actual privacy. Zero permission apps can get lots of private info, and even network access. What is more important is what the app does. In that case, there is no more private app store than F-Droid. There are public, third party audits to bolster that case.
Someone could release an “F-Droid Basic” without too much work.
