nRF Master Control panel not working with android marshmallow

Hi,

In my opinion it's not a bug. Beacons can be used to determine user's location, so both the location permission and enabling location service should be required if an app wants to scan for BLE devices. I'd rather said that before it was a 'bug' or a hole in security. An app still may connect and use bonded devices without location permission nor the service which is also correct.

The next version of nRF MCP will show a message in case the permission is not granted or location service is disabled.

Hi,

In my opinion it's not a bug. Beacons can be used to determine user's location, so both the location permission and enabling location service should be required if an app wants to scan for BLE devices. I'd rather said that before it was a 'bug' or a hole in security. An app still may connect and use bonded devices without location permission nor the service which is also correct.

The next version of nRF MCP will show a message in case the permission is not granted or location service is disabled.

Hi Aleksander,

I understand the intention but if this should be "security fix" then something is wrong (I mean worse then it is already) with Android dev team. Just because I need to do scanning for few minutes I now expose my location to all apps which are eagerly waiting for it and I've seen end users who need to use BLE without bonding during whole day (yes, bonding doesn't scale so having all security on application layer - especially considering how pathetic default security of BT Smart is - is not the option but way to go) and by forcing them to enable location they drained the battery in few hours (because they enabled "precise" location with GPS by mistake) or just degraded battery life time significantly (because suddenly dozens of apps start to use location for tracking of whatever).

...and it might make a sense if you could restrict particular app from accessing the locations in "Location" menu of the "System" (even it would be inconvenient and many uneducated users would never find it/do it so effectively it would just open the door to unwanted tracking by apps claiming that user permitted it in the settings) but if you go there you can only disable the app as such! Why Google Service and Contacts should now anything about my location??? Why IKEA app should know where I'm? And dozen of others just in my phone (all of them being from top developers with 100,000+ downloads)? Ridiculous.

Cheers Jan

On Marshmallow you can deny the Location permission to all apps that you don't want to know your location (actually only those made for 6.0+).

Eventually, quite soon, I guess, all apps will be made for the new permission model. Also, we expect there will be a lot of beacons in the cities, which could be easily used for location tracking. If they were not included in the location permission/service an app could do exactly what you are talking about without your knowledge (if Bluetooth is enabled).

Yes, I've heard that this should work but have you tried to deny Location e.g. to apps which already come with Android 6.0 from Google (so they should be correctly coded or what the hell)? If you find out how to prevent apps like "Phone" or "Contacts" from accessing the location please let me know.