[REQUEST] App to interact with Appointment-Plus online scheduler - Android Apps and Games

Has anyone ever played with this site? I work for a souped-up answering service (answer FAQs, log into CRMs, schedule appts, etc.) and our clients frequently ask if there's an app for the main scheduling application we use.
How hard would it be to develop an app to integrate with this website? If I knew how to do it myself I would.
http://www.appointment-plus.com/

Appointment Plus has a view only/text only mobile version of the site:
appointment-plus.com/mobile
Scheduler to Go is obsolete at this point as we're all using (Android) smart phones with true web browsers.
However, full functionality can be accessed from the Android browser by logging into the administrative view, so there's really no need for an app.
appointment-plus.com/login.php
I have heard from Appointment Plus that an app is in development. However, I really don't understand the obsession with "Apps". It's a software tool, useful in some cases, integrating the features of mobile devices such as GPS/Location. For this type of software, the full site is completely usable simply from the Android browser, and the capability of an app would simply not exceed the function of logging into the site from the browser.
xda devs aren't letting me post the links, but the login page is found on appointmentplus.com - client login link
and the mobile version is schedulertogo.com
Hope that helps!

dangerrr said:
Appointment Plus has a view only/text only mobile version of the site:
appointment-plus.com/mobile
Scheduler to Go is obsolete at this point as we're all using (Android) smart phones with true web browsers.
However, full functionality can be accessed from the Android browser by logging into the administrative view, so there's really no need for an app.
appointment-plus.com/login.php
I have heard from Appointment Plus that an app is in development. However, I really don't understand the obsession with "Apps". It's a software tool, useful in some cases, integrating the features of mobile devices such as GPS/Location. For this type of software, the full site is completely usable simply from the Android browser, and the capability of an app would simply not exceed the function of logging into the site from the browser.
xda devs aren't letting me post the links, but the login page is found on appointmentplus.com - client login link
and the mobile version is schedulertogo.com
Hope that helps!
Click to expand...
Click to collapse
Thanks for your reply. I've been accessing the full site through the browser and I completely agree; schedulertogo is 100% obsolete.
The advantage to an app is that it can pull contact data, pop up notifications, and generally integrate with your phone instead of being a website you visit occasionally. Imagine if you only had access to google calendar through a web view. NOT the same, is it? On top of that, what if you don't have reception? With an app you can schedule your appointment and let it sync on it's own when you find signal. Through the website you need reception at that moment.
FWIW it's worth I'm no longer with that company and am now selling residential solar power systems. Big upgrade, imo.

Related

SkyFire web browser

It is new, still in private beta but it looks too good to be true:
http://www.skyfire.com/
For the first time ever, you can watch any web video, listen to any web music, stay connected on any social network and browse whatever you want. Anything you can browse from your PC, you can now browse from your mobile phone.
We’re talking about full-featured PC versions of your favorite web sites. Skyfire gives you speedy page loads, full audio, video, images, dynamic Flash content, advanced Ajax, Java and more – just like your PC.
If you live in US, you can sign up for the private beta:
http://www.skyfire.com/sign-up
gogol said:
It is new, still in private beta but it looks too good to be true:
http://www.skyfire.com/
For the first time ever, you can watch any web video, listen to any web music, stay connected on any social network and browse whatever you want. Anything you can browse from your PC, you can now browse from your mobile phone.
We’re talking about full-featured PC versions of your favorite web sites. Skyfire gives you speedy page loads, full audio, video, images, dynamic Flash content, advanced Ajax, Java and more – just like your PC.
If you live in US, you can sign up for the private beta:
http://www.skyfire.com/sign-up
Click to expand...
Click to collapse
Sounds too good to be true? Subscription based when full version or just charged to cell access and unavailable to WiFi??
they say it's free, atleast for the beta on there site...fingers crossed, looks awesome
Daaaamn..... I am living at Finland... any way to get that cab file for testing?
It looks quite nice...
We shall see, once they open the beta.
PeeHoo said:
Daaaamn..... I am living at Finland... any way to get that cab file for testing?
It looks quite nice...
Click to expand...
Click to collapse
Quoted from the website:
Sign Up Today
* If you have a Windows Mobile phone, sign up today and we will notify you when the Skyfire private beta starts.
* If you do not have a Windows Mobile phone or you live outside the United States, please sign up so we can promptly notify you when Skyfire is available for your type of mobile phone.
And if you try to sign up for the non-US notification - you can't as the US mobile number field is mandatory... unless your US mobile number (like mine) happens to be 1111 111 111
Sky
Looks great!! To bad MS didnt come out with it.
unwired4 said:
And if you try to sign up for the non-US notification - you can't as the US mobile number field is mandatory... unless your US mobile number (like mine) happens to be 1111 111 111
Click to expand...
Click to collapse
Why, Unwired, your number is very similar to mine!!
I have a feeling with them saying 'Mobile Phone' that this is going to be a Java based WAP app but we shall see.
I'll say one thing, if the browser is as slow as their website then its a loser to start with!!
( I just worry about sites promising something to you later that want loads of details, my SPAMer list sense (similar to Spider sense but not as refined) starts to burn...)
It says that the first application is for PocketPC/Smartphone with keyboards. They aslo blatantly show a Kaiser variant on the site (front camera version).
I promptly signed up for the beta, maybe this can be as good as Safari for the iPhone.
Anyway, I'll keep you posted if I get any response.
here it is in action
http://www.youtube.com/watch?v=4mWUoxiLZFc
looks super. also surprised at how superfast it was then the guy showed he was on a cellphone data connection (evdo). while the demo was going on I was assuming that he was on a fast wifi connection. Def. super duper cool!
Had to be pre-cached pages. But impressive none-the-less.
Yeah, I'm concerned about privacy. I still hear not to bank with Opera Mini, so I can't imagine how one could trust a company they've never heard of. Sounds too iffy. But, for all other browsing needs, this seems like the best match for mobile phones. What if there were a way to make your home PC cache the sites for you, so you would know/trust the origin of the cache?
nice but check this:
From their Privacy Policy:
"Once you have subscribed to and begin to use the Browser, we will collect information about your use of the Browser on your Device (“Browser Usage Information”). Browser Usage Information includes such information as which websites and programs you access or download on your Device, how long you visit such websites and use such programs, your activities (such as products purchased or advertisements viewed) on such websites, which specific areas of a website or webpage you use and for how long, websites you bookmark, search terms you use, referring/exit pages, browser and platform types, the geographic location in which your Device is being used and information you provide on third party websites. All of your Browser Usage Information is stored by Skyfire under an automatically generated, random identification number (“ID Number”) that will not be associated with or linked to your Personal Information. Please be aware, though, that your Browser Usage Information, when viewed in the aggregate, may reveal your identity even if it is not associated with or linked to your Personal Information."
In other words, when you use our browser, we track everything you do, and assign an "anonymous" ID number to that information. And oh, by the way, the "anonymous" ID number may be linked to your identity.
Click to expand...
Click to collapse
Do U really want this? Im pissed that sec.cams are on every corner. And after a time when they find out what are U looking for on inet (ie. pda4x, ppcwarez, torrentz....) u have police knocking on Ur doors(or email box full of add. and scam emails). Nice, but not safe.
Not recomended
phsnake said:
nice but check this:
Do U really want this? Im pissed that sec.cams are on every corner. And after a time when they find out what are U looking for on inet (ie. pda4x, ppcwarez, torrentz....) u have police knocking on Ur doors(or email box full of add. and scam emails). Nice, but not safe.
Not recomended
Click to expand...
Click to collapse
Told you my SPAMer sense was burning!!! Well spotted....
Totally agreed that we should all be scared. AT&T is also talking about full-time monitoring of all users on their network. Lovely for us Tilt (branded) users. Not only a serious privacy concern, but how slow will the network have to run to allow constant monitoring? I love my country, but I fear my government.
"Those who would give up essential Liberty, to purchase a little temporary safety, deserve neither liberty nor safety." - Franklin
While that privacy notice does concern me a bit, I'm not a business user, and I don't make purchases or give any sort of confidential information out via web on my phone.
so just to clairify... the beta has not been realsed yet? even though that video was realeased? and yeah the privacy stuff sucks but i dont do much viewing that i would care if any one saw so ill be ok with it. as long as it dosnt slow the network down to much
GUI seemed nice and snappy on the sprint.
I've signed up.
I used a spare hotmail address that I had knocking about.
My US number is 12345678900 and my name is John Smith, apparently.

Cloud based printing has come to Android!

http://googlemobile.blogspot.com/2011/01/cloud-printing-on-go.html
This has a lot of potential and i hope that it will eventually spread to browsers and apps beyond those made by Google. From what i understand the ability to use this feature is already available to Chrome Beta users, but will we see it integrated into the likes of Internet Explorer etc?
I suppose one possibility would be having the function built into the Google Toolbar so that people can use it no matter what Browser they use.
Cloud computing is beginning to get interesting, what with sync between my Android device and my online apps and now this. I wonder what else we'll see in future?

[CLOSED] [Q] phone creeper alternative for android

Hello.,
does anybody know if there is a program for the android similar to teh phone creeper for wm6.5
the phone creeper allow easthdropping on phones, phone calls phone locating and so many other features as posted here
http://forum.xda-developers.com/showthread.php?t=527423
so ......
does this mean, nobody knows or there is no such software?
Im wondering the same thing
Sent from my HTC Vision using XDA App
What does "easthdropping" mean?
By the way the MIUI Phone.apk is able to geo-localize the calls, even if it works in China only (AFAIK)
I'm the developer for the phone creeper and will be launching the android version very soon, however it will be very different. The problem with and hurdle for creating the same functionality on android devices is that (at least that i'm aware) there is no way to completely hide an SMS message from phones. You can instantly read it and delete it as with windows mobile, however there will still be an sms arrived alert in the status bar.
To get around this hurdle i've created a website with a database and webpage front end that will allow for all communications to happen with a combo of SQL and Android Cloud to Device Messaging (C2DM). This will allow for a small footprint quick silent communications. However this also means I need to support a website and database.
This basically adds a large level of complexity and creates various pluses and minuses for everybody. The program will still be free as it has always been, however some of the features and those who want to have viewing and controlling capabilities through the web will be charged a slim fee.
The program will still be completely functional and useful without paying a dime but hopefully enough people will want the extra goodies to pay for the web hosting.
As I said it's mostly complete now and hopefully I'll have a release published here shortly and allow for free web viewing trial also.
chetstriker said:
I'm the developer for the phone creeper and will be launching the android version very soon, however it will be very different. The problem with and hurdle for creating the same functionality on android devices is that (at least that i'm aware) there is no way to completely hide an SMS message from phones. You can instantly read it and delete it as with windows mobile, however there will still be an sms arrived alert in the status bar.
To get around this hurdle i've created a website with a database and webpage front end that will allow for all communications to happen with a combo of SQL and Android Cloud to Device Messaging (C2DM). This will allow for a small footprint quick silent communications. However this also means I need to support a website and database.
This basically adds a large level of complexity and creates various pluses and minuses for everybody. The program will still be free as it has always been, however some of the features and those who want to have viewing and controlling capabilities through the web will be charged a slim fee.
The program will still be completely functional and useful without paying a dime but hopefully enough people will want the extra goodies to pay for the web hosting.
As I said it's mostly complete now and hopefully I'll have a release published here shortly and allow for free web viewing trial also.
Click to expand...
Click to collapse
this is great news, let me know if you need testers
also can we have links to the site,
i'm a web designer and php programmer, i can give you feedback if you need
smartechno said:
this is great news, let me know if you need testers
also can we have links to the site,
i'm a web designer and php programmer, i can give you feedback if you need
Click to expand...
Click to collapse
That would be wonderful, I usually only create desktop and mobile applications. I don't have that great of an artistic eye and have rarely created any web sites. Currently I'm also using PHP for the website and will probably have to switch from godaddy hosting since they seem VERY slow at hosting any web pages containing scripts.
Maybe you can help me figure out why the logo seems to get cut off in IE6 (looks fine in other browsers.) it appears that displaying the bars are cutting it off since if I disable them it looks fine.
The link is xxxxxx Mod Edit: Link removed.
Whow, talking about privacy and espionage here
In general, Software like this is greatly coded, and requires alot of skill.
But on the other hand, if you use this App to watch / control somebody elses phone, is really awkward... I would be scared to know that a program like this exists and could be activated silently on my phone...
Just my 2 cents, but respect to the one who is able to program such a tool!
how about totalcare?
http://forum.xda-developers.com/showthread.php?t=835603
badai said:
how about totalcare?
http://forum.xda-developers.com/showthread.php?t=835603
Click to expand...
Click to collapse
totalcare is a nice project, but the main differences are:
OverVi3w can be controlled via a webpage or sms.
Overvi3w has many more features
Overvi3w is actually stealthy, unless something is different about totalcare since last time i'd seen it. The message may be instantly deleted, however when you look at the sms history it would still show that it arrived even if you couldn't open it. although you still could see the command and from who is sent.
Overvi3w allows the phone to be controlled from ANY other phone or from the web console. It still uses a password for protection during sms control and to use the web interface it requires the imei (gsm phones) or meid (cdma phones) for extra security.
Anyway, I should be accepting alpha users later this week.
wow it's already have a name. OverVi3w. can't wait. total care just doesn't work on both my phone (gingerbread and froyo).
your phone creeper really great. works even after flashing new rom.
you misspell register on your website.
badai said:
you misspell register on your website.
Click to expand...
Click to collapse
Thanks.. how embarrassing for me.
I've created a new thread on XDA for anyone interested in becoming an Alpha tester.
http://forum.xda-developers.com/showthread.php?p=14113648#post14113648
The predecessor to phone creeper on windows mobile 5 or 6 years ago
Hi you asked foraan phond creeper program for win mobile 3.5 look for phone creeper or espionage suite .cab and if that cant be found look up phone leash for android and if nothing there is appealing look up blooover.cab its a java thing and works well with winmobile and theres newer **** for other platforms.
chetstriker said:
I'm the developer for the phone creeper and will be launching the android version very soon, however it will be very different. The problem with and hurdle for creating the same functionality on android devices is that (at least that i'm aware) there is no way to completely hide an SMS message from phones. You can instantly read it and delete it as with windows mobile, however there will still be an sms arrived alert in the status bar.
To get around this hurdle i've created a website with a database and webpage front end that will allow for all communications to happen with a combo of SQL and Android Cloud to Device Messaging (C2DM). This will allow for a small footprint quick silent communications. However this also means I need to support a website and database.
This basically adds a large level of complexity and creates various pluses and minuses for everybody. The program will still be free as it has always been, however some of the features and those who want to have viewing and controlling capabilities through the web will be charged a slim fee.
The program will still be completely functional and useful without paying a dime but hopefully enough people will want the extra goodies to pay for the web hosting.
Click to expand...
Click to collapse
chetstriker said:
As I said it's mostly complete now and hopefully I'll have a release published here shortly and allow for free web viewing trial also.
Click to expand...
Click to collapse
i would be happy to donate and help out where do i go to donate and how long do you think until the program is ready.
where do i go to donate
MOD ACTION:
Thread closed since it violates Rule 16 just like the linked thread in the OP which has also been closed.
@cindyloulou
Do you realise that this is a 12 year old thread with the last post in 2014? And please do not create multiple posts within a short time, instead edit your previous post if you need to add some info.

ninesky browser - privacy worry

Hi everybody!
I recently started looking for a browser to replace the stock one and I think I installed every possible option there is without giving much thought to the consequences - app permissions and possible violation of my privacy and misuse of my data.
So I found what I thought was a really nice and well-functioning browser called Ninesky from the Android market.
Luckily for me I did not get to use it for long, before I detected a strange pattern - Ninesky would automatically start itself upon boot, connect to a server in China, upload some data and receive some back and then just sit there and wait idly.
The server that it connects to belongs to a company called aBitCool, which is, according to Bloomberg, an ISP in China.
So I kill it off and after a while it's back, doing the same thing. I also noticed a similar behavior for Dolphin HD, except that it would send data just once very quickly after boot-up and then close itself and stay quiet. That led me to Google it a little, which in turn led me to an existing thread about Dolphin HD on this forum.
So here are my noob questions that I hope somebody can answer, please:
1. Can somebody take a look at Ninesky browser and let us all know what kind of data it is transmitting about its users upon boot and maybe even later on during the actual use of the browser? The list of permissions that Ninesky asks for is huge and that makes me a little worried. Also, Ninesky runs a "safety check" of every URL visited. I wonder what that really is.
2. Say it would try to steal information from its users - would it be possible for the app to somehow get access to my stored usernames and passwords from other programs (such as Gmail or Skype) or are these encrypted? I presume that if I were stupid enough to let Ninesky's password manager "remember" my usernames and passwords for certain websites then that information would be easily accessible to them.
3. Can an app with such permissions also function as a keylogger?
4. I can understand why folks here would write some apps on their own and share them with the rest of us. I can understand why a developer or a company would write an app and make one version available for "free" or as an ad supported one and/or offer a premium version for $$$. At the end of the day developers need to eat and pay their bills just like the rest of us and companies are (for the most part) profit-seeking institutions (unless they are GE or MS that have money to burn). That said - why for the love of god would anybody, other than an enthusiast, develop a browser, for which they will not ask for any $$ or won't even display any ads in it? Where is the catch? Now, I know that Opera and Firefox get money from Google to use it as their default search engine, but would this really apply for a few random Chinese companies? Where is the catch?
Thank you.
I was a big supporter of Ninesky but I uninstalled today. It does seem to be constantly running and transmitting data, though what data is being transmitted I don't know. LBE also kept notifying me that it was trying to obtain my location information even when I wasn't using it. I uninstalled it through the Market and left a one star review.
Drunk texted from my MIUI Thunderbolt.
I'm writing a review of about 13 different Android browsers, and came across Ninesky. Has anyone heard anything more about the privacy concerns and what data it might be transmitting?
well....if it keeps requesting the location even while its closed, thats not a good sign...
Not good. This needs addressing.
I have changed my review on Market also until we get some answers.
Cheers to the OP.
I agree. I think my review should come out tomorrow, hopefully the developer reaches out. It really is a decent browser.
Sent from my Transformer Prime TF201 using xda premium
´I'll leave you here my tests made since Monday with last versions of each app:
==|Boat 4.0.1|==
#Just after starting#
- Ask for GPS location
- 211.151.139.246 (China Network Information Center)
#When going to any website#
- IP from that website
--------------------------------------------------------
==|Dolphin HD 8.6.1|==:silly:
#Just after starting#
- 184.73.86.141 (AMAZON.COM - amazonaws.com - US)
- 65.52.32.12 (Microsoft Corp - US)
- 107.20.57.0 (AMAZON.COM - amazonaws.com - US)
and one more on this IP range type...
- 205.251.242.197 (AMAZON.COM - amazonaws.com - US)
- 205.251.242.165 (AMAZON.COM - amazonaws.com - US)
- 72.21.195.98 (AMAZON.COM - amazonaws.com - US)
#When going to any website#
- IP from that website
--------------------------------------------------------
==|Firefox 14.0.1|==
#Just after starting#
- No Ping
#When going to any website#
- 80.67.92.43 (AKAMAI TECHNOLOGIES US) *
- 93.184.219.20 (EdgeCast Networks - US) *
- IP from that website
* note: not always, most of the times just go to IP website we asked
--------------------------------------------------------
==|Opera 12.0.4|==:victory:
#Just after starting#
- No Ping
#When going to any website#
- IP from that website
note: DON'T use Opera Turbo or EVERY single info WILL pass through their servers...
--------------------------------------------------------
It's pretty obvious to me who are the most privacy oriented here...
STAY WAY FROM OPERA MINI AND DOLPHIN MINI AND ALL MINI VERSIONS. They process all info on their server first for speed.
Anyone researched Xscope or could research this browser?
If you explain how, I could do it myself!!
Sent from my GT-I9000 using xda premium
But the OP got it wrong with money burning by GE & MS. There's no such thing, its all business. Just to let you know, in the browser wars - Firefox was Google's first step into browsing. Then came Chrome.
For all privacy concerns, LBE Privacy Guard is a good option. Though its Korean, if am not wrong.
Well, finally there's options out there. Nobody is forcing us to download, install & use their apps.
Sent from my MT11i using Tapatalk 2
bombayboy said:
But the OP got it wrong with money burning by GE & MS. There's no such thing, its all business. Just to let you know, in the browser wars - Firefox was Google's first step into browsing. Then came Chrome.
For all privacy concerns, LBE Privacy Guard is a good option. Though its Korean, if am not wrong.
Well, finally there's options out there. Nobody is forcing us to download, install & use their apps.
Sent from my MT11i using Tapatalk 2
Click to expand...
Click to collapse
Agree with everything BUT Firefox was never connected to Google like Chrome. Firefox's current existence is owed almost exclusively to its search partnership with Google wherein Mozilla Corp receives a portion of ad revenue from Google queries initiated from Firefox's search bar. This revenue amounts to tens of millions of dollars. But Mozilla and Google Relations Strained Due to Chrome.
Firefox its independent and don't collect your data like Chrome/Google do...
sushidog said:
Agree with everything BUT Firefox was never connected to Google like Chrome. Firefox's current existence is owed almost exclusively to its search partnership with Google wherein Mozilla Corp receives a portion of ad revenue from Google queries initiated from Firefox's search bar. This revenue amounts to tens of millions of dollars. But Mozilla and Google Relations Strained Due to Chrome.
Firefox its independent and don't collect your data like Chrome/Google do...
Click to expand...
Click to collapse
Connected with reference to Google promoting & supporting Firefox before they decided to go with Chrome.
I still use Firefox, Aurora & Chrome
Sent from my MT11i using Tapatalk 2
If you're not paying it, you are the product being sold.
Remember this when downloading free apps which are not open source.
DnaPolymerase said:
If you're not paying it, you are the product being sold.
Remember this when downloading free apps which are not open source.
Click to expand...
Click to collapse
Like facebook which sells our data
Sent from my MT11i using Tapatalk 2
Calamitous with Ninesky
Hi,
I stumbled upon XDA Developers forum today and I was so grateful to find this write-up; it was the only honest review I could find of Ninesky. So, thank you.
I want to share an experience our family went through a few weeks ago. Perhaps it will answer some of your questions and alert some users out there of what this browser could do. We have an unfortunate incident happen to our child: My little boy received an android tablet for a gift this October. He was so eager downloading all the apps and games he could find, and in about a month, it was completely personalized. We regularly monitored his downloads, the games he played, and the apps he utilized.
Much to our regret, we really did not give much thought to the browsers he had installed. He had more than three at one point and Ninesky was always in the background. Sadly, whenever he would search for apps, we later discovered Ninesky directly linked him to several stores that was not common to Google or Firefox. Some of them had Anime icons (mostly innocent looking), nicely titled games for their tiles. Some apps were legitimate and very cool games; however, some apps were direct links to hard-core porn websites and a whole universe of filth (not excluding child-porn). They attached themselves to the tablet like trojans and was quite aggressive in linking the user to overseas app stores (inappropriate). Every time a game would be uploaded from one of these stores, it gives auto-access to these atrocious websites and videos. Because Ninsky always functioned in incognito--one of it's touted features--we almost had no access to the history or cookies when this browser was used. Almost anyway ... it took us hours (and some hacking) to track and identify what was really going on, the seeming source of it was this "sophisticated" browser.
So the catch may be that this browser has no advertisements because it plays host to several groups funding the porn industry. That's my suspicion anyway, based on what we went through.
I cannot begin to say how grieved we are that our son was exposed to all this, especially that we discovered it so much later. We thought we paid attention. That being said, he's back to playing with his remote control car outside, where life is a bit less complex.
More power to your forum and thanks again.
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------
xenofont said:
Hi everybody!
I recently started looking for a browser to replace the stock one and I think I installed every possible option there is without giving much thought to the consequences - app permissions and possible violation of my privacy and misuse of my data.
So I found what I thought was a really nice and well-functioning browser called Ninesky from the Android market.
Luckily for me I did not get to use it for long, before I detected a strange pattern - Ninesky would automatically start itself upon boot, connect to a server in China, upload some data and receive some back and then just sit there and wait idly.
The server that it connects to belongs to a company called aBitCool, which is, according to Bloomberg, an ISP in China.
So I kill it off and after a while it's back, doing the same thing. I also noticed a similar behavior for Dolphin HD, except that it would send data just once very quickly after boot-up and then close itself and stay quiet. That led me to Google it a little, which in turn led me to an existing thread about Dolphin HD on this forum.
So here are my noob questions that I hope somebody can answer, please:
1. Can somebody take a look at Ninesky browser and let us all know what kind of data it is transmitting about its users upon boot and maybe even later on during the actual use of the browser? The list of permissions that Ninesky asks for is huge and that makes me a little worried. Also, Ninesky runs a "safety check" of every URL visited. I wonder what that really is.
2. Say it would try to steal information from its users - would it be possible for the app to somehow get access to my stored usernames and passwords from other programs (such as Gmail or Skype) or are these encrypted? I presume that if I were stupid enough to let Ninesky's password manager "remember" my usernames and passwords for certain websites then that information would be easily accessible to them.
3. Can an app with such permissions also function as a keylogger?
4. I can understand why folks here would write some apps on their own and share them with the rest of us. I can understand why a developer or a company would write an app and make one version available for "free" or as an ad supported one and/or offer a premium version for $$$. At the end of the day developers need to eat and pay their bills just like the rest of us and companies are (for the most part) profit-seeking institutions (unless they are GE or MS that have money to burn). That said - why for the love of god would anybody, other than an enthusiast, develop a browser, for which they will not ask for any $$ or won't even display any ads in it? Where is the catch? Now, I know that Opera and Firefox get money from Google to use it as their default search engine, but would this really apply for a few random Chinese companies? Where is the catch?
Thank you.
Click to expand...
Click to collapse

[SECURITY] Android Security for Conscious Mind

== THREAD PURPOSE ==
I'm opening this thread to share and learn ideas about privacy solutions, please respect the purpose and keep this thread clean. My main language isn't English so if you spot errors or omissions please PM to me so I can correct them. Thank you.
All trolling or demotivating posts, disbelieving about privacy concerns or defending Google honor will be reported for cleaning.
== PROBLEM, HYPOTHESIS, TESTS, CONCLUSION ==
For years I've been very annoyed about privacy abuse on Internet and since Snowden and Assange revelations my concerns raised. I'm sure my personal and professional life is common and boring but I want privacy with my things just like I don't want a guy next table in the coffee shop listening to my talking subjects.
My first decision was to deploy a personal server, in my home, with OwnCloud. All went fine for some months until I realized the pain it was maintaining the system working, from server attacks and system fails to energy bills nothing could justify such paranoia. The OwnCloud Android client was also very bad those days.
The second idea was hosting OwnCloud and mail services on a private host, but this didn't made any sense because data wasn't encrypted and every employee could easily see my thermonuclear projects and my banana pancakes secret recipes. It was also a paid solution for nothing.
Finally I thought "If you're using German services you should be fine, Germany privacy data laws are the toughest in the world (even better than Swiss in this matter)". I'm in Europe so using European services was a no brainier decision, preferably in Germany and owned by German companies. Yes, I know you can't trust anyone but even so I think it's a well balanced solution.
== SERVICES ==
These are my services right now, share yours and try to justify why they're equal or even better. This list will be changed as needed:
Mail - GMX (Germany)
- Generally I really don't like 1&1 services but GMX is really good and working only on European servers. I advise you to don't use their other service, mail.com, because this one use USA servers. Unfortunately all other free German providers have low storage space. If you're willing to pay for privacy try Dutch StartMail but it's beta at the moment.
Contacts & calendar - fruux (Germany)
- Amazing services, great philosophy. For privacy and decentralization purposes I've opt for don't have this services on my mail provider. Unfortunately their servers are on Amazon Ireland, but I believe fruux have implemented cryptographic code on their system.
Cloud - HiDrive (Germany)
- I NEVER upload sensitive information to the cloud, even encrypted (remember Heartbleed and AES backdoor theory?). I was using Wuala for years but gave up after have been acquired by LaCie (USA). Tresorit shouldn't be trusted either, they're using Microsoft Azure servers, each uploaded and shared link pass through USA. Mega is darkness, I don't like the smell of it.
Apps - F-Droid (UK/France)
- FOSS is the way you should go, F-Droid is the obvious choice. F-Droid client was forked from Aptoide's source code.
Aptoide (Portugal) it's good but not consensual. Recently they're processing Google with Antitrust Complaint in EU proving they're concerned. You can only trust Aptoide IF you choose to install apps from their main centralized store (the default one, be ware and don't trust any other user store). http://m.aptoide.com/about
If you can't find what you're looking for then you can use Blank Store or Opera Mobile Store. Never choose Amazon Appstore, apps installed from there have proprietary code inserted.
Search engines - DuckDuckGo (USA!)
- Technically DuckDuckGo is a meta-search engine. It's amazingly good and you have lots of options to choose (did you know you can directly search images from Google if you search !gi [image you're searching for]?).
Another great alternative is Startpage (Netherlands).
== ANDROID SYSTEM ==
My Android system:
- CyanogenMod + freecyngn + NOGAPPS + SuperSU
- TWRP recovery
- Hardening Android for Security and Privacy
== APPS ==
My essential apps are:
Apps client - F-Droid (FOSS)
- See services above.
Privacy and cleaning - AdAway and AFWall+ (both OSS)
- Obvious choices on each privacy concerned system. Block almost everything, trust no one.
Android browser - Boat (proprietary code)
- I just love the options, specs, interface and speed. I know this choice will be highly controversial for some because it's a Chinese made browser, but isn't a cloud browser (like the also Chinese Maxthon) and it's really easy to firewall it from calling home (something somehow difficult with Dolphin). The obvious FOSS choice for almost everyone would be Firefox but I really hate their Android app and I have some bad thoughts about their Google connections. The FOSS best shot would be Tint or Lightning, but they're rather limited and AOSP it's even worse. Chrome it's obviously excluded for privacy sake.
Boat devs also used to be active on Xda with many supporters. For security precautions block port range 192.241.158.0/24 and 211.151.0.0/24.
Email app - K-9 (FOSS)
- The oldest, most forked and trusted email client. Needs a deep design/interface Overhaulin' (hey, Chip Foose...)
Contacts and calendar sync - Fruux + Birthday Adapter (FOSS)
- See services above.
Password & confidential safe - KeePassDroid (FOSS)
- Believe me, I don't know a single password of my accounts and I have hundreds. The only really big and complex password I know is the one from KeePass.
Antivirus - NONE, JUST DON'T
- I will not discuss here about the needs or true benefits of these apps but I can assure your data is leaking each time you go online. All them claim about privacy but they're always collecting "unidentifiable data".
== I will post links for everything soon. Please include links in your posts when justified. Thanks. ==
== Android Alternative FOSS ==
This is a list of some well known apps and their open source alternatives. Incredibly some of them are even better than "official" or paid apps, some others are quite limited but evolving and much secure.
It's impossible to put everything here, only the best apps I've tried with success will be listed. Please keep posting your suggestions.
BitTorrent Sync > Syncthing
Chrome > Firefox
Dolphin > Tint Browser
Dropbox > OwnCloud, Seafile
Facebook > Tinfoil for Facebook
Gmail > k-9 Mail
Lux Auto Brightness > YAAB
Tasker > SwiP
Titanium Backup > oandbackup
Twitter > Twidere
Reserved, just in case.
Really great thread sancho_panzer. I never thought someone can be as paranoid as I am, but I found you.
I'd like to add a few services:
Posteo (Mail):
A german email provider that doesn't claim as much data aa most of them do. It just needs your mail, pw of course and you can add your mobile phone number if you like to (it will be saved hashed in their database). Posteo has great SSL connections and uses a the first (german) provider the new protocol DANE as well as DNSSEC. You can use their CalDav and CardDav server and choose to encrypt your address book and your calendar. The service costs 1€ per month (10 cents for additional aliases and 20ct for the next gig), that can be paid by post mail, PayPal or bank transfer. The last two way won't get linked to your account.
CalDav/CardDav
To manage my addressbook and calendar on multiple devices I use aCal from F-Droid.
For googling issues there is a browser add on for PCs that tunnels the Google searchs for you called disconnect.me
Greetz, and i appreciate your love to FOSS very much!
@traceless There are lots of people on Xda concerned about privacy on Android and the Internet. I really hope this thread could help them to take some measures about it and share alternatives.
Thank you for https://posteo.de/ suggestion. Could be a great service problem is I don't speak German. I really don't understand why the website don't have an English version. I'm also concerned with recent leaks news about *.de domains ( http://www.bbc.com/news/technology-25825784 ).
I've tried CalDav-sync and CardDav-sync and they're great little apps, but if you want a FOSS solution try DAVdroid and the very new Flock from F-Droid.
I really can't trust https://disconnect.me/ . ( http://www.darkreading.com/document.asp?doc_id=1251070& ) or Ghostery, both track you ( http://www.reddit.com/r/firefox/comments/1qkc2b/disconnect_vs_ghostery/ ). If you're using Firefox on PC or Android my advice is to install Adblock Edge (Adblock Plus is worse and heavy) + Self-Destructing Cookies (BetterPrivacy is also great) + NoScript. You should also consider CleanQuit.
@sancho_panzer
I knew, that Disconnect was founded by a former Google employee but didn't know he was linked to the NSA. Anyway my current FF configuration looks just as you recommended, but I additionally installed a plugin that's called FireGloves. This is especially useful if you want to make fingerprinting your browser harder. It disables or disguises trackable settings; if you'd like to every browsing session. How unique ones configuration is, can be seen here at Panopticlick.
I agree, that it's a pity some services aren't available in the most common languages. Posteo's webmailer can be changed to English, but the whole service is German. Btw you don't have to be worried about the de ccTLD, the 16m mail that were compromised earlier this year were most likely taken due a hack of a german online shop and as the most customers were germans, the majority of the mails end up with *.de. So it doesn't mean every german domain is compromised and mail provider are insecure.
As you don't speak german you could take a look at Secure-Mail, a mail service provided by the mainly german VPN Perfect Privacy. It hosts in NL and supposes to store no identifiable data and is also encrypted. I found no setting to change the language to english on Secure-mail, but I thought I've seen it once in english, maybe it canges only if your country is english-speaking.
Flock is really nice, but I stay with aCal, cause it comes with a calender other than the integrated one and I'm not dependent on the built-in one with the (also switchable) Googl sync.
Excellent thread, thank you for starting it.
Edit : I think HTTPS Everywhere by the EFF should be mentioned in a thread like this.
https://www.eff.org/https-everywhere
sancho_panzer said:
I'm sure my personal and professional life is common and boring but I want privacy with my things just like I don't want a guy next table in the coffee shop listening to my talking subjects.
Click to expand...
Click to collapse
It doesn't matter if you think you life is important enough to be watched or if it's just boring. The fact that you know you *could* be watched in every move you make, automatically changes your behaviour. It changes the way you think, it changes the way you speak and write. It influences the way you interact with others. Feeling watched makes you fear of what you do!
Opening a thread like this is a good thing to begin to overcome this fear. :good:
Good linux expert, my colleague, told me some finding, android wise.....
He has installed Android Firewall, and blocked every possible application and system modules, including kernel.
In apk log, found that all ip packets sent by android kernel are routed through some chinese ip address, regardless of theirs final destination.
After some research, turned out that this IP is used by NSA. Yes, all ip packets going out of our android phone are sniffed by NSA. Embedded in kernel.
My 2 cents here, and sorry if ot.
Cheers!
Sent from my GT-I9195 using Tapatalk
Nice thread, thanks! :good:
Some thoughts from my side:
I generally distrust every online service, especially if I don't pay for them. I think it is better to decentralise services and host them on self managed servers in families, groups of friends,... and thus basically only give data to trusted persons you know in real life.
Here are two good links that show alternatives to proprietary software/cloud services:
https://prism-break.org/en/
https://wiki.debian.org/FreedomBox/LeavingTheCloud
== SERVICES ==
Mail -
I think mails are generally difficult to self-host. So you need a good mail service. Posteo was mentioned here, another similar reliable german mail provider (with english translation) is mailbox.org. They even encrypt unencrypted incoming mails with your PGP-key before they store them.
Contacts & calendar -
Posteo and mail.org also include contact and calendar synchronisation via CalDav/CardDav. Even better: Host it by yourself.
Instant Messaging -
XMPP (Jabber) is an open decentralised protocol with lots of implementations for almost every platform. You can host it by yourself or use an existing server. There are also very good clients for Android like Conversations or Xabber
== ANDROID SYSTEM ==
Two additions:
Free Your Android! - campaign of the Free Software Foundation Europe
IMSI Catcher/Spy Detector
== APPS ==
sancho_panzer said:
Android browser - Boat (proprietary code)
Click to expand...
Click to collapse
Don't do this! Firefox for Android is also a good choice. And Orweb not to forget!
traceless said:
I use aCal from F-Droid
Click to expand...
Click to collapse
DAVdroid is also a very good FOSS CalDav/CardDav-provider that integrates with the contacts/calendar app of android. And it is under active development (in contrast to aCal)
I can only agree that using posteo.de is a must. Completely anonymous. I put cash in an envelop (didn't actually touch any of it myself ) and they opened my account no problem. Last time I checked their site alao had an English version. Feel free to pm me with translation issues. I speak both languages fluently. Also a thread like this without XPrivacy?
For those interested in tor along with afwall, I have posted instructions on getting them to work together in the afwall thread
I prefer the Android system to be: OMNI + NOGAPPS + SuperSU
Note that freecyngn & NOGAPPS author has switched to OMNI
Regarding OwnCloud: it's a great software, but you're right not to trust it when it runs on some server that is not under your control. That's why I run OwnCloud on a Raspberry Pi that is running at my home, behind my firewall. Syncing is made with CardDAV and CalDAV, and both apps use SSL. I think I can trust that one.
dvdram said:
Regarding OwnCloud: it's a great software, but you're right not to trust is when it runs on some server that is not under your control. That's why I run OwnCloud on a Raspberry Pi that is running at my home, behind my firewall. Syncing is made with CardDAV and CalDAV, and both apps use SSL. I think I can trust that one.
Click to expand...
Click to collapse
And what connection are you using? I thought about exactly the same solution, but it's nearly useless with ADSL.. (6 MBit/s down and just 60kbits upstream)
Thank you guys for your contribution on this thread.
Ultramanoid said:
I think HTTPS Everywhere by the EFF should be mentioned in a thread like this.
https://www.eff.org/https-everywhere
Click to expand...
Click to collapse
@Ultramanoid You're absolutely right I forgot to mention it, I use it with Firefox on my laptop and it's great.
dvdram said:
Opening a thread like this is a good thing to begin to overcome this fear. :good:
Click to expand...
Click to collapse
@dvdram I agree and don't understand why so much people just don't care to talk about it.
jukyO said:
Good linux expert, my colleague, told me some finding, android wise.....
He has installed Android Firewall, and blocked every possible application and system modules, including kernel.
In apk log, found that all ip packets sent by android kernel are routed through some chinese ip address, regardless of theirs final destination.
After some research, turned out that this IP is used by NSA. Yes, all ip packets going out of our android phone are sniffed by NSA. Embedded in kernel.
Click to expand...
Click to collapse
@jukyO Lookout, the real test here should be made on a clean system, just ROM and a Firewall. That's the only way you can say it's kernel coded. Some apps use kernel to send and receive packets, your alert could be related to one of these.
Another debatable subject should be SElinux. Many ROMs, like CyanogenMod, have it in enforcing mode by default. If you install another kernel, like Alucard, SElinux become permissive. Even if SElinux is considered OS we all should not forget that was developed and implemented by NSA (!).
bastei said:
Here are two good links that show alternatives to proprietary software/cloud services:
https://prism-break.org/en/
https://wiki.debian.org/FreedomBox/LeavingTheCloud
== SERVICES ==
Mail -
I think mails are generally difficult to self-host. So you need a good mail service. Posteo was mentioned here, another similar reliable german mail provider (with english translation) is mailbox.org. They even encrypt unencrypted incoming mails with your PGP-key before they store them.
Contacts & calendar -
Posteo and mail.org also include contact and calendar synchronisation via CalDav/CardDav. Even better: Host it by yourself.
Instant Messaging -
XMPP (Jabber) is an open decentralised protocol with lots of implementations for almost every platform. You can host it by yourself or use an existing server. There are also very good clients for Android like Conversations or Xabber
== ANDROID SYSTEM ==
Two additions:
Free Your Android! - campaign of the Free Software Foundation Europe
IMSI Catcher/Spy Detector
== APPS ==
Don't do this! Firefox for Android is also a good choice. And Orweb not to forget!
DAVdroid is also a very good FOSS CalDav/CardDav-provider that integrates with the contacts/calendar app of android. And it is under active development (in contrast to aCal)
Click to expand...
Click to collapse
@bastei Thanks for your useful input. I know Boat would be controversial talk but if you read my comments you'll see I'm aware about the dangers of such decision. Even so I'm convinced about the safety of it.
Firefox is my primary choice on my laptops since the earlier version 3. Even if I tried alternatives on some occasions I've always returned to Firefox security and true development power (I always use it to analyse code and test all websites I make), the only real alternative was Opera (the original one with Presto engine, not the crap they use these days).
Android Firefox is a completely different beast. It's heavy, buggy, need extras for simple tasks like automatic close and clean or user agent changing, but above all WHY THE HELL CAN'T WE MAKE FOLDERS and organise favorites at will? The only solution I found for favourites was to sync them with my PC, organise all there and sync them back. Did I mentioned the ridiculous times it FC? Maybe in the future, right now the only FOSS I could consider is Tint Browser.
an0n981 said:
Also a thread like this without XPrivacy?
For those interested in tor along with afwall, I have posted instructions on getting them to work together in the afwall thread
Click to expand...
Click to collapse
@an0n981 XPrivacy and Xposed could be all we need IF they were OSS. The other problem are the inevitable lags introduced by these layers.
I've tested several configurations on my phones and tablets over the time but ultimately my OP describes my options at this moment. This subject isn't closed and will never be, there aren't perfect security systems, and that's the purpose of this thread, I'm sure the OP will be changed on some occasions. Please keep suggesting alternatives and solutions, your contribution will be greatly appreciated.
aelmahmoudy said:
I prefer the Android system to be: OMNI + NOGAPPS + SuperSU
Note that freecyngn & NOGAPPS author has switched to OMNI
Click to expand...
Click to collapse
@aelmahmoudy OMNI is a valid CM alternative, developed and maintained by well know Xda developers. Unfortunately I don't really like the excessive cleanliness and limitations. The only way I could advise it would be complemented with Xposed+XPrivacy+GravityBox, besides NOGAPPS and SuperSU.
I can't talk for them but I believe @MaR-V-iN and many other ditched CM after the group became comercial oriented, the inclusion of analytical and proprietary code didn't helped either. CM it's still the base for lots of ROMs and I'm still convinced it's the best for me, provided that are VM snapshots and thoroughly cleaned and modded like mentioned on my OP.
sancho_panzer said:
...
@an0n981 XPrivacy and Xposed could be all we need IF they were OSS. The other problem are the inevitable lags introduced by these layers...
Click to expand...
Click to collapse
Both are 100% open source, just not distributed through F-Droid. You can compile them yourself, source is on GitHub. Security software will always add some lag.
an0n981 said:
Both are 100% open source, just not distributed through F-Droid. You can compile them yourself, source is on GitHub. Security software will always add some lag.
Click to expand...
Click to collapse
You're absolutely right, my mistake. Still when I used them my system felt somehow lagging.
:delete:
err on the side of kindness
traceless said:
And what connection are you using? I thought about exactly the same solution, but it's nearly useless with ADSL.. (6 MBit/s down and just 60kbits upstream)
Click to expand...
Click to collapse
I admit I have a bit more speed than you, but it depends on what you want to use OwnCloud for. I use it only for syncing calendars and contacts, and for that few bits of information even your speed is more than enough, although you should consider to do the first time syncing over WiFi. Later, when you add contacts and calendar entries, you won't notice much disadvantage.
Of course, if you want to sync pictures and movies, that speed will not be enough. But do you really need that? Is it not much more efficient to copy pictures and photos via USB cable, when you're at home? Do you really need to sync them while on the road?
That is what you need to ask yourself. Like I said: contacts and meetings are very small pieces of information, less than a text message. A 60k download (from your phone's point of view) is more than enough for that.
dvdram said:
I admit I have a bit more speed than you, but it depends on what you want to use OwnCloud for. I use it only for syncing calendars and contacts, and for that few bits of information even your speed is more than enough, although you should consider to do the first time syncing over WiFi. Later, when you add contacts and calendar entries, you won't notice much disadvantage.
Of course, if you want to sync pictures and movies, that speed will not be enough. But do you really need that? Is it not much more efficient to copy pictures and photos via USB cable, when you're at home? Do you really need to sync them while on the road?
That is what you need to ask yourself. Like I said: contacts and meetings are very small pieces of information, less than a text message. A 60k download (from your phone's point of view) is more than enough for that.
Click to expand...
Click to collapse
Thanks. Firstly I wanted to use it for an alternative to Dropbox but then I found out the Cal- and CardDAV support. And you're totally right with syncing after first initialisation. Maybe I get an RPi later and try this one and also the owncloud feed reader [emoji2]
Any idea how to use the FF sync of owncloud, since FF only supports upgrading old accs to the new mozilla ones but personally I'd prefer the old way.
Greetz

Categories

Resources