Sujet : Re: Android keyboard: your choice.
De : andrew (at) *nospam* spam.net (Andrew)
Groupes : comp.mobile.androidDate : 19. Jun 2024, 19:45:59
Autres entêtes
Organisation : BWH Usenet Archive (https://usenet.blueworldhosting.com)
Message-ID : <v4v916$2919$1@nnrp.usenet.blueworldhosting.com>
References : 1 2 3 4
User-Agent : PiaoHong.Usenet.Client.Free:1.65
Arno Welzel wrote on Wed, 19 Jun 2024 08:21:33 +0200 :
Heliboard:
... respectful of privacy.
Any reason why it would need the READ_CONTACTS permission ?
The important thing is, that the app can not send data anywhere as it
has no internet access.
I *love* this erudite discussion as it's about the nuance of privacy!
Hence it's great that HeliBoard has no Internet access, for the obvious
privacy reasons, particularly when I'm using the microphone input, which is
why I don't use the Google Speech-To-Text (AFAIK) but the internal STT.
Android13Galaxy: Settings > General Management > Preferred engine
<
https://i.postimg.cc/3rqCRb1p/heliboard06.jpg>
Notice I do not set it to the Google STT engine (for fear it uses the net).
One question I have is whether that Samsung STT engine uses the Internet?
Does it?
"READ_PROFILE allows you to access the device user's personally-identifying
data."
You mean READ_CONTACTS?
I typically use the OpenBoard keyboard so I'm wondering what the difference
is between the OpenBoard FOSS keyboard and the Helium HeliBoard keyboard.
<
https://play.google.com/store/apps/details?id=com.softwarevalencia.openboard.inputmethod.latin>
Although there are, confusingly so, two different openboard keyboards:
<
https://github.com/dslul/openboard>
<
https://f-droid.org/packages/org.dslul.openboard.inputmethod.latin/>
<
https://play.google.com/store/apps/details?id=org.dslul.openboard.inputmethod.latin>
(I checked & that last one doesn't seem to be on Google Play anymore)
( https://developer.android.com/identity/providers/contacts-provider )
That doesn't really sound privacy-friendly ...
This permission does NOT have to be granted at all. In the app settings
of Android it is listed but disabled.
Also the app does NOT have internet access - therefore it will not send
any data anywhere, even if it would read contact information.
To Arno Welzel's point, by default, I don't have the permission granted to
HeliBoard (not that I have contacts in the default sqlite database either).
<
https://i.postimg.cc/rpJQj8vx/heliboard04.jpg>
Of course, what matters is how the STT is done as that "might" use the net.
<
https://i.postimg.cc/59HnPBxx/keyboard01.jpg>
<
https://i.postimg.cc/k5p16ccB/keyboard02.jpg>
This may be a dumb question because I do NOT know how STT works!
Do we know if Helium's HeliBoard's STT engine does NOT use the Internet?
And finally - it is open source! If you believe the app does bad things,
review the code or ask someone you trust to do so:
<https://github.com/Helium314/HeliBoard>
Using Muntashirakon App Manager, I took a quick look at the permission
DIFFERENCE between these FOSS keyboard apps: HeliBoard & OpenBoard.
<
https://i.postimg.cc/nLXWPwH1/heliboard07.jpg>
HeliBoard:
1. android.permission.READ_CONTACTS
2. android.permission.READ_USER_DICTIONARY
3. android.permission.RECEIVE_BOOT_COMPLETED
4. android.permission.VIBRATE
5. android.permission.WRITE_USER_DICTIONARY
6. helium314.keyboard.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION
OpenBoard:
1. android.permission.POST_NOTIFICATIONS
2. android.permission.READ_USER_DICTIONARY
3. android.permission.RECEIVE_BOOT_COMPLETED
4. android.permission.VIBRATE
5. android.permission.WRITE_USER_DICTIONARY
Does anyone have a logical explanation of why this difference?
The German "Kuketz IT-Securioty" blog also recommends this keyboard for
privacy reasons:
<https://www.kuketz-blog.de/heliboard-android-tastatur-empfehlung/>
Given I love that both are FOSS and both are said to be privacy aware,
what would be interesting is a comparison of these two FOSS keyboards:
a. OpenBoard
b. HeliBoard