Without going into too much detail, looking for a developer who can confirm some questions about exactly what the removal of third party sources (the unknown sources box in settings>applications) can and can't affect.
Specifically -- can the removal of this portion of the Android code affect the ability to receive an OTA update.
Anyone with a clue what I might be digging at, and want's to discuss in private, holler. I completely understand and will gladly give my contact info, figured I would come ask the best and brightest.
There is really nothing more to explain. With that disabled you can only install applications from the Market, which eliminates community shared programs.
Related
http://review.cyanogenmod.com/#change,5677
This is an interesting patch to the CM7 repository frameworks base. If you scroll down and expand the comments you can follow the guys arguments on justifying such feature. Basically from what I understand this would allow you to spoof personal data to apps which may or may not request it. From contacts to SD card contents as well as phone IMEI (International Mobile Equipment Identity) number.
It's not a committed change but I wanted to see what the community thinks of having such feature. Personally I see all the reasons why this would open up a can of warms. What do you think?
I think in some other implementation this could be really helpful to the paranoid (like myself). However, I also think that those that are against it have VERY valid points. The community needs MORE widespread acceptance, not less, and something like this could cause major problems with Google, Carriers, Developers....
Sent from a bird cage, with a swing!
Correct me if I am wrong, but the intention is to spoof necessary data that an app might request that it doesn't actually need and to help prevent app force closes that straight up permission blocking causes. Like pandora requiring to read contact data.
Setting aside the other ramifications for a second... This is actually a good idea. It gives us power to not have to accept (for example) Pandora being greedy bastards.
Now the other ramifications are indeed severe. But for example, Swype. Why the hell can't I just buy it on the market?
I think arguing over it is a moot point. This cat is already out of the bag. We can't stuff it back in. This functionality is coming. Maybe not on Cyanogen, but it will be here for the masses soon. The greedy bastards that are trying to milk the system had just better deal with it.
Wow this thread could not have popped up at a worse time , what with all the NexusSense 0.3 users having trouble with their IMEI's.
But having read through all the comments on the change, i see why the CM team do not want to implement it, obviously this kind of change would piss off devs and carriers and of course google.
Yes it is a good idea for us users, but for CM's image and survivability , id say not having it is a sacrifice we need to make
First of all:
Wrong section.
Second: They won't add it anyway.
Some developers cried about it and everything.
dario3040 said:
First of all:
Wrong section.
Second: They won't add it anyway.
Some developers cried about it and everything.
Click to expand...
Click to collapse
I figured this is about a development of Android ROM and posted in "Android Development" section. Forgive me if there was a better place to post it in.
This is also not marked as abandoned (as of this post) and still up for debate in the open section of Cyanogenmod Gerrit section.
For devices without an IMEI because they don't have a cellular radio, such as the Nook Color, some amount of this is valid and regarded as highly valuable. While I don't condone being able to haphazardly change or spoof your IMEI, I do believe that for devices that don't have an IMEI that some measure should be taken to create a device specific IMEI that will persist between different ROMs and ROM installations. Unfortunately with no IMEI support for devices like the Nook Color, there is no persistent ID that can be used. As developers continue to use the IMEI as a "device stable" ID, we need to come up with a way to support devices that don't have such an ID, and perhaps generate a non-colliding IMEI from a has of their login information, or some other identifying metric that will persist between different installations. The TAC could be created to identify the device type, and then the serial number could be generated based upon some information provided by the user.
In short, outright spoofing is probably a bad idea, but something needs to be done for devices that don't supply these sorts of IDs.
So, I have the feeling this isn't the place to post this, but seeing as how I was unable to find a section for the Focus S (yet there is one for the HTC Titan, which isn't even out yet) I figured I might as well post somewhere.
I've interlop unlocked and loaded a few different .xap's onto my device and have found that most either will not work (they close shortly after loading up) or they allow you to navigate around, but not edit anything. Advanced Config, Registry Editor, Samsung Tools, etc. will not allow for any kind of registry changes. Is there anyone who can point me to the right place for solving this issue?
Give me, oh, another hour. Reverse engineering the Focus S DLLs now. Already have registry, provxml, quite possibly filesystem, and a few other things (including the interface for call blocking, which doens't seem to exist in the older phones - sorry people with first-gen phones).
The new SecProxyClient.dll is super-useful. The new FCRouterProxy.dll looks to be amazing too, with lots of new APIs, but they obfuscated the function signatures, so it's going to take me a while to figure them out.
Of course, I don't have Focus S or Focus Flash, so I'm going to need some testers to make sure I've reassembled these APIs correctly. Any takers? I make no guarantee that these functions will work correctly, and if they don't it could mess up something, but I'll try hard to avoid that.
EDIT: Of course, the apps will need to be modified to use the new APIs and DLLs. It's not like I can publish my results and eisting apps will magically just work. I'll include the source of course, though, so it should be easy to build on my work. If schaps were willing to distribute the source for his own apps, I could fix them myself, but no such luck. That's what you get for closed-source, I guess.
I'm right here to test what you need.
I am more than willing to test. Just post it here or shoot me an email: [email protected]
I'm western time, so ill be up for a while
Yeah, I'm not.
Ill leave the testing for you, hope you guys have **** worked out by the morning.
i'm also willing to test as well, but please don't break my phone
All right folks, have at it. I'd like a few testers from each device, if possible, but mostly I just want good reports. PLEASE read the first post carefully - yes, I know it's long, but it will save both of us time.
http://forum.xda-developers.com/showthread.php?t=1348914
Moved to WP7 Q&A
You are correct there is no focus s forum. There are some posts relating to that phone there, but they are different so i will not move it there. As it is a question it has been moved to WP7 Q&A. Hopefully if and when a focus s forum is created you can request the thread is moved again.
Take it easy
O_G
You know, I'm beginning to wonder of the reason that the call blocking app is struggling so much is just because there's a problem with this DLL that it is (and I am) trying to use. Sigh...
Speaking of which, if anybody can get me the XAP for the Call Blocking app, or for any other Samsung Gen2 app, that could be very helpful.
Here you go
I'm hoping to get some help with a collaborative list of applications for the latest android. The list will be comprised of the application filename, where it comes from(ie: CyanogenMod, OTA, GApps, AOSP, etc), what it's purpose is(brief description), and whether or not it is safe to remove(possibly also a column for what applications are dependent on it, if necessary.)
I know there have been other attempts at this, however I cannot find an up-to-date version.
I have started, but honestly don't know what a lot of the applications do. This will be something that I will edit over the next few days when I have the time and patience, and hopefully others will join in as well.
Here's the link if anyone feels like chipping in. Feel free to reformat it to look prettier, or prepare it with BB code for later use in a forum post.
Any help is greatly appreciated, and I hope that once this is done, it will help some people out.
I'll also include - in the final post - a prewritten script (for use in recovery) which can remove all of the apps that are "safe to remove" (so that people can edit it to their liking)
Does a comprehensive and plain english list exist anywhere that tells who is who and why they have a security certificate installed on my android phone?
I've asked this before and never found an answer. I find it odd that it isn't questioned and recently when installing FoxFi, it was made more poignant when many became up in arms about the FoxFi cert and the notification that some unknown entity could be monitioring activity. FoxFi is pretty clear about why that cert is there and I can't say that for the factory installed ~200 certs.
Also, is there a comprehensive list anywhere that tells what factory installed and system apps do? Many have very obscure names and even names which are quite misleading upon actually discovering what they really do. I'm sure I can't be the only one that would like to know exactly which apps are safe to freeze, disable or uninstall and upon doing so, what functionality will be lost or what other apps will no longer work, if any.
I think Google needs to step things up in these two areas so people can actually know. The work in the area of app permissions is a step in that direction, but, still a long way from full and forthright disclosure aimed at educating all android device owners.
Thanks for any direction you can provide.
Hmmmmm.... its merely about the desire to know why every android I've owned for coming on ten years now has security certs installed belonging to the DOD, Japanese Government, Experia, Equifax and many more that I have no idea who they are unless I want to research each and everyone of them. Even doing so in most cases still doesn't reveal why those entities have a cert on my phone and what it actually means. I wonder what happens if they are removed and why they are there in the first place.
As far as the many pre-installed apps that I can't imagine many people having a clue as to why they are installed or what they actually do, well, that kinda speaks for itself as well.
Nobody else wonders or does everyone else but me already know?
However, in the mean time, I'll refine my quest to changing permissions and any insightful threads on that for dummies would be appreciated.
Thanks
Hi
Thanks for writing to us at XDA Assist. Unfortunately I can't find anything relating to your question on XDA, it's probably best to ask here:
Android Q&A, Help & Troubleshooting
No response in two days, thread closed.
So I am going to post this here, because the development section is ferboten to people trying to offer useful suggestions. Geez, I hope this is the right section.
Let me set it up. ANDROID IS BASED ON THE LINUX KERNEL. Everything, and I mean everything after that fact becomes android and bloat. Given this as the basis of all things android, I have a simple set of guidelines that should be used to create a solid, reliable, bullet proof operating system for devices able to use the android operating system.
#1. Create the kernel boot section of the basic platform that supports the very basic hardware features, including touch screen, radios, power/charging/battery management, wifi, bluetooth, nearfield, audio, microphone, s-pen,etc. Basics only. Root access is standard and can be turnd on/off just like developwer functions. No special tricks or addon hoops to jump through.
#2 At this point STOP. Every single process or service to be run on the device from this point forward should be able to be individually selectable - or not. Yes, I understand that individual services or apps may have dependancies to other processes and that thouse need to be functional in order for a particular app to work. That is why, each additional service or app must list the dependencies and in the selection process, the installion will be required to verify you have the proper services installed and functioning, if not to list them and allow you to make the decision to proceed. Viola, we have NO MORE BLOAT WARE.
#3 Make selecting additional services/apps selection process a menu driven, tag selectable process. Make the unselection process smart to verify and identify the other apps dependant on the item you are killing/removing.
#4 Allow a built in snapshot option to capture the entire system as you have customized it for yourself and allow it to be backed up to external memory with the ability to bring it back, AT WILL. With no big hassles.
Those 4 items are a good start. By themselves alone, it would put all of us in the drivers seat of controlling and living with our devices.
I am aware that such a system is not for everyone. It does require some basic technical understanding of the process. But for the vast majority of users, I am certain, that an a la carte system is far superior to the bloated monstrosities being forced down our devices.
I would appreciate any refinements to my suggestions.
The silence is deafening. It has been days. Kind of says something, don't you think?
I am so very happy (not) that these boards a compartmentalized to the point where you can't get through.
Pretty much a waste of my valuable time, especially considering the fact that if my suggestions where applied, people would be clamoring for an installation with those features. I guess there is not much true "developer" in xdadevelopers anymore.
Funny guys, with the pay to remove ads spam here. Really? Why? For what.
I leave here disappointed. Not angry. Just sad.
I'm not a developer so I have nothing valuable to contribute to your suggestions in your original post but I can offer an observation regarding your perception of the level of contribution to your thread and that is the fact that is particular area of the forums probably isn't the ideal spot to have a discussion such as this. You figured that out already so sure you can call me Capt. Obvious if you wish but I'm just pointing out that yes the forums are compartmentalized (as you've stated) in such a way that development for each device is separated out. This development is centered around AOSP based ROMs or "stock" ROMs (using manufacturer released source) so if you're looking to have higher level discussions about what AOSP should look like then deep down at this device specific level probably isn't where you want to be. So there's that . . . then there's the fact that for this particular device you can basically hear a pin drop in the sub-forums as it is since nothing much is going on by way of development.
Where specifically such a discussion would see more input I'm not sure, perhaps the main general discussion section?
Thank you for your sobering reply. I get frustrated. Already had my post bounced out of "wrong" forum while trying to speak directly to "developers" (i wanted air quotes because the term does not accuratly describe its target) So I tried this. The note pro 12.0 is still the best hardware giving the ipad a run for its money. The problem its monkeyshines kiddie software running it, or not running, or barely running it. ANDROID, indian word for crappy wannabe software, developed by clueless kids.
Again, thanks for the gentle nudge. I appreciate someone willing to conduct a conversation
Are you looking for an Ubuntu or SUSE type of setup?
I think what you are looking for is similar to apt-get type of installs, I could be wrong of course. This might be helpful for many "users". I think one of the barriers is that there are slight differences between the models of tablets, and creating the logic to put in for the sub-dependencies might prove problematic. You might get more answers to this possibility by asking one of the developers directly and sharing with them. Not a developer myself.