Task #4508

how to represent the trusted status of the receiving map app

Added by carriestiens almost 3 years ago. Updated almost 3 years ago.

Status:NewStart date:02/05/2015
Priority:NormalDue date:
Assignee:hans% Done:


Target version:-


I clicked on a link, then I got an Android intent asking me which app to use; I chose LocationPrivacy. Google maps opened. (see screenshot) Btw, I think google maps is the only map app I have. I should probably install a couple of other options to test it.

maptest.png (1.2 MB) carriestiens, 02/05/2015 04:28 pm


#1 Updated by hans almost 3 years ago

  • Subject changed from Did it work? to how to represent the trusted status of the receiving map app

Yup, that worked then. Since you only have Google Maps, it automatically chose it as the geo: location provider. geo: URIs are a generic way to represent a location. LocationProvider is doing its thing there because it converted a shared location URL into a form that any map app can understand.

But this highlights a key issue that I'm not sure how to represent yet in the interface. Should we pre-select map apps that are trusted and make it only work with those map apps? Should the user be required to set a specific map app as the designated trustworthy one? It is going to be a question of both how people will best understand it, as well as what will leak the least info.

#2 Updated by carriestiens almost 3 years ago

It makes sense to have the user set a specific map app that is designated as their trustworthy one. If this can be a one time thing that users do up front, it will eliminate the annoying Android intent interaction where it asks you EVERY time you want to see a location, which app to use. That's poor design on Android's behalf.

In testing, since Google maps was suggested to me, I assumed that it was protecting my privacy. There needs to be some kind of user education so that people can understand which apps actually protect you vs. which don't. Either that, or, only show privacy protecting applications as options (with the alternative to get one, of course, if they don't have one).

#3 Updated by hans almost 3 years ago

I've been thinking more and more that the best way to handle this is to put this functionality all into the trusted map app. For now, I think the only possibility is Osmand, since its the only free, open source map app with offline support that I could find. I've already added a lot of this functionality to Osmand, but adding the whole thing will require the Osmand devs accepting NetCipher/Orbot integration, which is still an open question of whether they are game.

#4 Updated by hans almost 3 years ago

Then there is the other question of places where OpenStreetMap has poor coverage, but other map apps have good coverage. Osmand uses OpenStreetMap data. LocationPrivacy would then be useful there to support the other "least worst" options. For example, privacy-wise, my guess is that Google Maps is better than Baidu Map or QQ Map. Google is pushing towards using HTTPS everywhere, while Baidu and QQ do not even offer HTTPS.

Also, quite a few map apps have partial offline support. We could do a quick audit of the network traffic to see what a given app does, then have those as "recommended least worst" options for when Osmand does not have data.

Another thing to consider in the user flow is that Osmand could reshare a give location to another map app. That also would require Osmand team buy-in. But then I could see the whole flow go through Osmand:

  1. all location links go to Osmand
  2. if the map is poor there, the user clicks an option on the menu
  3. the user chooses from a list of recommended least worst options
  4. the location is opened in that app

Also available in: Atom PDF