>Most system APIs are backported through Google's libraries, and for many others the standard compat library has shims that avoid most version checks.

Just 6 months ago I took a small side project to port a web app to mobile and add some native functionality. I need to connect the user to a WiFi hotspot (industrial device controller) from code - the new APIs were absolutly not backwards compatible, the old APIs were just killed in Q, even worse the capabilites present in the old APIs (controlling WiFi networks) half wroked on older devices, depending on vendor (eg. not working on Samsung, working on a Pixel, etc.)

iOS didn't expose the level of controll straight up and I was able to explain to client that that's just not possible. We saw Android was all over the place in this regard, but because a competitor had a halfassed version that only worked on some devices the client insisted it was possible to implement this on Android. It took us a week to figure out that the whole thing is an unmanageable mess and demo to the client that the competitor is broken in so many scenarios and that we should just use the system UI like we do on the iOS.

>On iOS, these apps would probably not even be available.

See but I prefer this to Android "it's possible because we were wrong, now we leave it out there but you can't do it going forward". Why not just blacklist it in app store and prevent new apps from using it on review ? Also it's obvious they don't have any sort of certification testing for these APIs because they just straight out don't work on various vendors - they could easily mandate that to qualify for Google services on your device you need to implement system APIs and pass the test suite to solve these inconsistencies.

The problem with this entire mess is that there are things some trustworthy third party software needs to do, but are open to abuse by untrustworthy software using them for nefarious purposes.

In theory the answer to this is for the app reviewers to scrutinize any app using those capabilities to make sure it's not abusing them, but in practice the app approval process is actually kind of crap and doesn't do a good job of making those distinctions.

Your remaining alternatives are to prohibit that thing from happening whatsoever, which pisses people off, or to make it possible but a huge miserable ordeal, which pisses people off.

The solutions is so simple it leaves Google shaking in their boots.

Make the ability to use the network an app permission that can be denied.

Shady app records my call? Who cares? It can't send the data anywhere. (Assuming the permission is properly implemented.)

Google could make Android great. It has the resources and talent. Unfortunately, the organization is too dysfunctional to do it. The day Google starts focusing on its users will be a good day for humanity and for Google shareholders. I doubt it will ever happen.

Google is focusing on its users.

You are probably falling for the misdirection Google lay out for you. Its users are the advertisers, the licence buyers and data-consumers.

The person operating an android phone, getting navigatinal directions or performing a search is not their user. 'The product' as is being repeated.

Are you confusing 'users' with 'customers'?

The users are the employees using Google ad sense. The customers are the corporation's selling junk.

The rest of it is a marketing expense.

No they can’t. Just having people and resources is not a guarantee to be able to make things great. They should first start restoring “don’t be evil”

I don't understand why call recording isn't a built-in features to all of the phone apps. I know the standard explanation is that it isn't legal in all locales, but there are plenty of illegal things you can do with your phone.

Exactly. And call recording app is pretty much like any other voice recording app, so it's not like the manufacturer is liable. And it's surely not their fucking business what I do with my phone.

Anyway, I used to rely on the call recording quite heavily, and I was really pissed off, when I discovered that it doesn't work anymore, so all my recent calls are lost. This was really awkward, because knowing my calls are recorded I stopped writing down appointments or ask to repeat something I didn't hear well, because I can just replay.

Without all that stuff there's really not much point using phone at all. Except most messengers and services require you having a phone number, which is absolutely ridiculous.

Just for the record, because I use this with literally every call I make - voip.ms (and presumably other providers) allows call recording by default. Recordings can be emailed to presumably any address, listened to directly on their site, or downloaded directly.

Assuming you port your number there, I've found Acrobits Softphone [0] to work exceptionally well; if the price tag is an issue, Android has built-in SIP software in the vanilla Android Calls app. Highly recommend their service, doubly so as it means I only need a data plan - meaning I only pay $15/month for calls, text, and (3GB) data, which is no mean feat in Canada!

[0] https://play.google.com/store/apps/details?id=cz.acrobits.so...

To me it's worse than that, as service providers will record calls and use these recording only at their benefit.

In these situations where recording is agreed by both parties, getting restricted on the individual side is frustrating.

Basically it's the proverbial technical solution to a social problem.

I've always wondered if "this call may be recorded" messages could be legally interpreted as them giving you permission to record the call, since you-know, they told you it may be recorded.

Not a lawyer, but I would assume so.

I remember it as a matter of consent and most resources point to it being OK as long we both parties are aware.

e.g. http://www.dmlp.org/legal-guide/recording-phone-calls-and-co...

Online meeting software pretty elegantly addresses the need for recording and avoids many of the gotchas.

There's also the part where it simply wasn't possible on many older SoCs to record calls[1]. Back then, there were apps that recorded calls using undocumented APIs available only on Qualcomm SoCs, and no one else had any call recording. Combined with legal problems around call recording, I guess nobody cared.

[1] My first android phone would get physically disconnected from microphone input by the modem during a call

If the legal issue were a concern, all the app would have to do is announce that a recording is being made as soon as it’s turned on.

That might make it less useful for people in one-party states who want to record secretly, but it would be better than nothing.

It wouldn't even need to do that, it would just have to be off by default. Camera apps (including OEM ones - I know Samsung and Google both do this) frequently include the option to disable the shutter sound, with a message that disabling it may be illegal and you should check your local laws first.

I also think you can workaround this by setting to speaker, then use your voice note app.

Where do you get that number from?

I once got a call from a person threatening my life. I find it hard to justify not being able to record such a thing because of some strange hypothetical scenario about bad actors recording calls.

To be honest I can’t think of any scenario where recording your own calls would be bad. Can you give me a example?

Notification of the parties is key. You always have a good reason to record a phone call.

But, have you ever had a conversation on the phone that was difficult, not your best, or otherwise problematic? Have you ever said something that you would only say to one person?

The lower the barrier, the worse people’s behavior will manifest.

I am completely comfortable with having my phone announce to everyone that "your call may be recorded". In fact, add that to caller ID data or something: you dial me, you have to hit "I agree" before the call goes through. Would shut down a heck of a lot of behavior enabled by pseudoanonymous phone calls.

Sure, I also have conversations in person that weren’t my best or were otherwise problematic. Should we prevent all audio recording from phones, too?

Pretty much this^

Why should the fact that the conversation is held with a phone change things?

The arguments only holds if you forbid all recording.

Reductio ad absudum.

Call recording is only legal with single party consent in 2 states. Google voice allows recording incoming calls, but not outgoing.

1) Low demand 2) High impact of getting it wrong (untested legal consequences?) 3) lack of a good story. IE: why can't you track what was said in another method? Ie: paper note

> Call recording is only legal with single party consent in 2 states.

What? Federally call recording is legal with single party consent. 35 states and DC have single party consent.

> Call recording is only legal with single party consent in 2 states.

Call recording is legal even in 2 party consent states... with consent. Also often legal if it's to protect against a major criminal threat.

> IE: why can't you track what was said in another method? Ie: paper note

Try convicting your attacker with that.

Not exactly sure what you're referring to (what do "this" and "story" refer to?), but for example, for California, I think the relevant clause for the 'major threat' thing I mentioned is this:

(d) (1) Subdivision (a) does not apply to the disclosure or distribution of a confidential communication pursuant to any of the following:

A party to a confidential communication recording the communication for the purpose of obtaining evidence reasonably believed to relate to the commission by another party to the communication of a crime as specified in Section 633.5.

https://leginfo.legislature.ca.gov/faces/codes_displayText.x...

Your comments about backward compatibility is not at all true. Even today making a simple podcasting app and keeping a crash free rate of over 99% is very very hard. Even while using the latest AndroidX libraries. And all the shiny new data modelling patterns that they seem to release every year. There are fundamental bugs in the implementation of the Fragment which is one of the most basic components of the Android Framework.

> If an app has automatic call recording that works well, the manufacturer probably put an insecure OS on the phone, because then any app or game you download probably has that capability.

I think that's a simplistic way to think of it, and assumes that there are only "apps" with exactly one privilege level. There are a multitude of things the OS could do to give a good user experience AND stay secure from random apps recording you.

Off the top of my head, how about: Apps can record you, but only by registering a special chunk of code that will be run with a special "tempfile" privilege, where the app doesn't know where the file is stored to. Then, once the call is over, if the app tries to access that file again, with normal privileges, the OS puts up a confirmation screen that says "Good news! App <Dave's Cool Pachinko Parlor> has recorded your last call. Do you want to keep or delete that recording?"

The screen could/should also display a prominent recording indicator, with the name of the app, while recording.