Not sure if this is the correct place to post, but I just wanna kinda rant a bit.
I’m not the only one that hates this, right?
An app can just do a “This App Does Not Allow Screenshots”? Like… wtf?
Like, its my phone, and some app can just decide to disable a fuction of my phone. It’s my phone and if I wanna take a screenshot, I’m taking a screenshot. I don’t care about whatever “security” the app developer wants.
Imagine if every online shopping app whether fast food or amazon, just used this to block you from taking a screenshot so you can’t save the records in case of a dispute.
Which android developer thought it was a good idea to let an app disable a function on your phone. Even iPhone doesn’t have this stupid concept.
Sorry for the rant.
Anyone wanna share your stories?
(P.S. I have a cheap secondary phone to take photos of the screen. “This App Does Not Allow Screenshots” my ass lmao, I’m taking the screenshot whether the app wants it or not.
The point of many of android’s “protection” features isn’t to protect the user from apps, but to protect apps from the user. I hate it.
In this case, I think it’s protecting apps from other apps. No secret screen recording going on while you’re looking at bank statements, etc. I find that annoying, too, but I’m less annoyed by the reasoning in this case.
Now if Google could explain why toggling wifi through Tasker requires root, I would LOVE to hear the reasoning…
Or changing or just adding a system font.
Or setting a charge capacity limit.
Or adding separate quick access tikes for wifi and cellular.
The first two don’t bug me but dam, give me my 6 buttons back!! I hate these fat notification tray icons. And yes, fuck Google for making it take MORE clicks to toggle wifi/cellular than before.
In this case, I think it’s protecting apps from other apps. No secret screen recording going on while you’re looking at bank statements, etc.
I think with all the engineers at Google developing Android they could come up with a solution of how to discern whether the act of screenshot was triggered solely by the user, or an app on the phone. They are the ones in power of all the APIs that allow other apps to capture the screen content in the first place. Maybe I am simplifying it too much, but this seems as a bad excuse to me.
Maybe it would be too hard of a solution since there’s so many ways third party apps could capture screen content (including for example the Android accessibility service which also allows apps to read content of the screen and even simulate screen touches and gestures which many automation apps make use of) that blocking the screenshot alltogether is by far the most feasible solution.
There is already a solution:
Third-party apps, unless a user specifically go to settings and find that option, don’t have the permission known as “Draw Over Top” that’s required to do screen recordings/screenshots.
So by default, a user is already safe from a malicious app trying to steal info. (That is, unless they just be an idiot and give the app “Draw Over Top” permission)
They changed it the other day where airplane mode doesn’t require root. That one’s nice for me.
Never mind that shortcuts on iOS has been able to do that simple task from its inception.
Third-party apps, unless a user specifically go to settings and find that option, don’t have the permission known as “Draw Over Top” that’s required to do screen recordings/screenshots.
Now if Google could explain why toggling wifi through Tasker requires root, I would LOVE to hear the reasoning…
tbf all hardware-functions require root permission by default.
Linux does the same thing. If you want to access /dev/sda, it requires root.
I could guess one of the ways it could interfere with security is that it would probably also allow the app to disable WiFi. If the app does that, it could incur costs as now data is being transmitted over mobile connectivity. Also, it would maybe allow the app to find your mobile-IP address, which could be used to geotrack you. But i don’t know, i’m just talking out of my ass here.
Ok but why is my browser doing this in incognito mode? Incognito mode isn’t a banking app. It’s me not wanting my browser to save my Facebook login info or history.
The target use case for incognito mode is to prevent the device from saving your activity during the browsing session through things like cookies and history. To that end, incognito also blocks it to prevent other apps from saving your activity through screen recordings or screenshots.
“Protections” are fine, as long as there’s an override for it.
User doesn’t like potential malware from “sideloading”? Then don’t enable “Install from Unknown Sources”.
Same thing with everything else, there should be an override switch.
Being able to block screenshots is “supposed” to protect users from having malware take screenshots of banking apps and other such information.
If app developers were good, this could have been a good feature.
But I agree with OP. It still should be the user’s choice.
I fuckin hate that Playstation 4 and 5 do this for taking screenshots from movies. I just want to get a good screen grab for meme purposes! Do you think I’m going to screen shot every goddamn frame of a movie, one at a time, paste those back together as a video, then somehow rip the audio too, and then share this necromantically-assembled abomination with all my pirate buddies? Fuck you!
Now that is really stupid, especially given how easy it is to just fire up the movie on your PC and take a screenshot from there.
I was able to use snipping tool to take screenshots when I had Netflix, but I also used it through my browser.
I work for a company that builds an app /sdk that handles credit cards / payments. It’s one of the (many) requirements for getting an industry standard certification (like PCIDSS / MPOC). The app Must block screenshots, and Must disable the camera while using it…
What on earth are those in charge of certification standards thinking they’ll achieve with requirements like this?
It’s probably to stop third party apps from screenshoting the banking app.
Why is this only a problem on mobile? Why doesn’t desktop have similar requirements?
The same functionality that you use to take screenshots can be hijacked by bad actors to get access to your stuff. It’s especially bad if they can see your MFA apps or other sensitive info.
Not saying the functionality is always used for the best of intentions, but there are many situations where I see it as necessary.
Accidentally screenshotting your bank acct and routing number is the only one I can really think of.
Or your “time clock earth sounds” app from the not so well policed appstore takes silent background screenshots, grayscales them and sends them to their host for OCR.
I agree this permission is annoying. But I differ in I feel it should be system controlled and can be invoked by apps that identify specific fields to be blocked, instead ofnjusy disabling it outright.
Probably a nod to the written style of RFC definitions, which have the word entirely in capital letters, as in… the implementation MUST do such and such, and SHOULD do this other thing. In this case, the relevant security standard(s)
That’s nothing. My workplace disabled copy/paste on everyone’s work iPhones completely. Not in their own apps but system wide. Apparently that’s something ios allows them to do. Doesn’t affect me much because I use the phone as a glorified dual auth token but some people have it as their primary phone.
work iPhones
some people have it as their primary phone.
Bruh, I have no idea how people can put up with their employer being able control their device. Like… the employer can freak out about some perceived “security breach” and decide to wipe everyone’s phone and you lose all your data like photos. Also, their employer can see if they are shit talking about the employer or mangement people, and it’s a terrible idea if they want to unionize.
They are okay with it because it isn’t their phone. It’s a free phone that comes with the job.
“Free”
hmm I rather not… like its not just “privacy” you’d have to worry about, there can be potentially a rogue employee of the company just stealing all your bank info and possibly steal your identity. Might be a “free” phone, but there’s just much more risks than just getting a cheap android phone. People don’t think this though and only think about the “free”. Dealing with identity theft is not fun. If only people understand the risks… 🤦♂️
As an IT guy that manages MDMs, no we cannot see communications on the device
As another guy that does, yeah we can push ediscovery apps to the phone and pull all kinds of data
I like that it’s possible, but I think it should be treated like a permission with a user accessible toggle in settings for each app.
I would like to see the same thing for clipboard read access. In the same way app has to prompt you for location permission it would have to prompt you to read the clipboard and you would actually have the option to allow it all the time which is handy for some apps like clipboard manager, or don’t allow it alltogether which is handy for some random apps you don’t trust.
It’s a really good feature imo and I’d love to see it be more common. This is how iOS does it:
It could be nice, but also annoying in some cases. I would at least want to have an option to allow all the time.
Oh yea, something needs to be done about the clipboard. It’s unsettling to know that a random app can just get your clipboard. Sometimes bitwarden doesn’t detect a password field for some reason so I have to copy it to the clipboard 😖 don’t feel safe…
