Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

There's totally a middle ground between 'full access and no access'. Apps can show UIImagePickerControllers and CNContactPickerViewControllers whenever they want, without any permissions. They then get the photo[s]/contact info the user picks.

Which is exactly what most apps actually need.

WhatsApp has no good reason to look at any image you aren't explicitly choosing to share right now. The only user-facing WhatsApp feature that requires Photo library access is the scrolling list of recent photos on top of the in-app camera.

WhatsApp has a better case for asking to continually scan your contacts to show you people with accounts. But instead of just falling back to asking for a phone number when you don't give permission, it could show the contact picker, and check the accounts you pick.

Unfortunately, in both cases, WhatsApp takes the all-or-nothing approach - it asks for the blanket permission, and has no fall-back if it is denied.



> There's totally a middle ground between 'full access and no access'. Apps can show UIImagePickerControllers and CNContactPickerViewControllers whenever they want, without any permissions. They then get the photo[s]/contact info the user picks.

If they don't use this control you can also inject whatever photos you want into most apps using the share sheet. It does mean you have to exit the app and go to photos, but as you point out, it's the app maker's fault for not supporting the extremely privacy friendly `UIImagePickerController`.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: