User: Password:
Subscribe / Log in / New account

Phones and permissions

Phones and permissions

Posted Jun 5, 2011 13:46 UTC (Sun) by lab (subscriber, #51153)
In reply to: Phones and permissions by nlucas
Parent article: Phones and permissions

> And why not just return an hash of the IMEI + one application ID?
> It will still allow each application to track it's users, has it has access to an unique user ID, but that hash can't be cross-referenced with other applications hashes, which I believe will safeguard most users privacy concerns

A scheme of this nature is indeed what Google recommends in its guidelines, since mostly you actually don't _need_ the IMEI, but rather just a unique identifier, and so you can avoid asking for that permission needlessly. Specifically, the recommended scheme is to simply generate a GUID, and for that you don't need the IMEI at all.

(Log in to post comments)

Phones and permissions

Posted Jun 5, 2011 15:49 UTC (Sun) by nlucas (subscriber, #33793) [Link]

The problem with the GUID is that it will be different if the application is re-installed, which will limit it's usefulness. This makes the lazy in us just return the next available unique thing, which is probably the IMEI, or the IMSI.

By hashing the IMEI (and other IDs) with an application ID (maybe some ID of the application on the "market"), the application can be sure it is on the same user phone, but each application will get a different ID.

Is there an unique application ID on the "application market"? One that doesn't change if a new version of the same program is released?

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds