Hi all,
Here is my dilemma, I want to run an app X (e.g. Paper Toss) but it requires capability Y (e.g. my location or phone identity) that compromises my privacy and is not really needed for the core functionality of the app.
It would be great to be able to wrap the app with security wrapper that will allow me to control what actually signals it has access to and what other it just gets fake data (similar to Google Latitude that allows you to set an arbitrary fake location).
Any thought? How feasible it is to implement?
I would think that this is doable, at least with the AOSP based ROMs such as CM.
I would appreciate such a privacy-enchancing feature.
I'd like to see such a feature too. A lot of apps seem to ask for permissions that have nothing to do with the core functionality of the app. See the Wall Street Journal article on smart phone privacy (can't post a link yet) for examples.
I think it would be a good idea to suggest this to CM to see if they would include it. Would you be able to develop this?
Don't know if it is related to this thread or not but Android Police reports about similar upcoming feature of cyanogen
http://www.androidpolice.com/2011/0...rmissions-cue-mass-force-closing-as-a-result/
cm7 nightly 82 allows control (deny/allow/revoke)permissions for individual apps......this if what you're looking for..
Its the new feature mentioned in the post above this one
Related
Hi pals
As many apps developers here on XDA what I develop and publish on Android market is device-specific.
(Free and Commercial)
Those apps
- require certain hardware features (like an Audio codec, Super AMOLED screen & driver), often related to additional Kernel features.
- can only support a limited set of devices but also Kernel versions.
And like everyone I'm really annoyed by 1-star comment.
"pure crap, doesn't work on my beloved phone"
Of course, it's not the majority, but its always increasing with the popularity.
It's annoying when its free apps, but when you decide to sell apps and try to give the best service, it becomes really bad.
And people disappointed is really not what you hope when you share your creation.
This is why I'll appreciate some backup from you by leaving a comment on this thread named
Missing filter by Build.DEVICE and ability to contact customers from comments
I propose the idea of filter by Build.DEVICE because it's useful for my app. You need additional filters too right ?
By custom ROM? By Kernel version? Explain you needs
− in this thread on official Market forum of course - writing your comment here is nice too.
We are all used to an unprecedented level of user support here on forums, by the hackers themselves or the community of users. This is really something special.
Its maybe a bit bold to say that, but I'm sure Android Market has a lot to learn from communities like ours in order to improve its consumer satisfaction... so lets show them how to
PS: sorry for inviting people to another page (Google's one) at the occasion.
This is, I guess the best way to be heard by them: by posting on their dedicated tool for requesting features (they'll read)
supercurio said:
I propose the idea of filter by Build.DEVICE because it's useful for my app. You need additional filters too right ?
By custom ROM? By Kernel version? Explain you needs
Click to expand...
Click to collapse
Filtering by ROM / kernel is way too specific, but by device is great. I support this proposal.
this would be an incredibly useful feature for developers on XDA. since many hobbyist developers put an app that only works on the device they're developing it for, it would make sense to be able to whitelist or blacklist certain phones so they can be restricted to certain phones.
for instance, I'm sure the developer of RealHDMI (the Droid X HDMI mirroring app) would have loved this feature when people with EVO's were trying to install and were (not shockingly) unable to use it and giving the developer negative feeback. for a community such as this, I can't help but see how this could be an amazing addition to the marketplace.
I don't think its realistic. Google may well come round to a warning message (after accepting permissions perhaps?) saying 'your device is not supported'. This would help in situations such as the Android 2.1 Galaxy S's inability to play ball with Skype, and various games that don't support or fully support some chipsets, as well as your own, very real, problem.
Filtering per device will only pave the way for more fragmentation jibes and claims by Apple/Microsoft that Google are inflating number of apps available. We have to remember Google's priorities: PR > OEMs > Developers > Consumers > Facebook. They *need* to stop any fragmentation claims and *need* to boost app numbers in line with App Store, all to prevent counter PR.
HazzBazz said:
I don't think its realistic. Google may well come round to a warning message (after accepting permissions perhaps?) saying 'your device is not supported'. This would help in situations such as the Android 2.1 Galaxy S's inability to play ball with Skype, and various games that don't support or fully support some chipsets, as well as your own, very real, problem.
Filtering per device will only pave the way for more fragmentation jibes and claims by Apple/Microsoft that Google are inflating number of apps available. We have to remember Google's priorities: PR > OEMs > Developers > Consumers > Facebook. They *need* to stop any fragmentation claims and *need* to boost app numbers in line with App Store, all to prevent counter PR.
Click to expand...
Click to collapse
Its not by ignoring facts and developer needs that you prevent fragmentation.
Pronounced "say candy", the goal of SecAndy is to come up with as secure and private of an OS as possible. So as not to reinvent the wheel, we'll base this initiative on our open source code of choice (Android or maybe other developers' choice).
I am not a developer myself but I can without a doubt, because of former professional experiences, organize a project and gather the right people together as a community in order to make sure that project sees the light of day after it has acquired a life of its own if needed, which I think we will agree is something that this kind of project requires because of the scrutiny it will quickly attract.
I am officially calling upon this post all interested developers that could help us fork Android or other open source OS.
Let's get a kickstarter funded and let the party begin. I will update you later today on the advancement of such.
This thread welcomes constructive ideas and developer participation, but here are beginning requirements we'll need to fulfill eventually to privatize and secure android :
- default browser allowing custom search engines such as https://ixquick.com or duckduckgo
- default system search pointing to those custom engines for online component
- control of gps at firmware level to allow full disability
- peer to peer file exchange (think BitTorrent sync) with 1024 to 2048 bit encryption
- implementation of secure sms and mms exchange (think textsecure)
- implementation of encrypted voice channels (think redphone or SIP with end-to-end encryption)
- root vpn for all online access
- systemwide warning of insecure solutions (example : wanting to use gmail or regular email)
- PGP transparent email solution
- Tor option for root vpn (subject to mitm attacks but more on that later)
- peerguardian type auto-updated database to identify suspicious IP address ranges
- systematic in-out firewall control auto updated with peerguardian database and community based rules database
- hardened malware protection and app permissions with automatic permission audit based on application type
- full device encryption and lockup (in case of unauthorized user)
- full remote wipe out and bricking with auto IMEI reporting (in case of theft, might have to be amended because of attack vector)
- full remote location capability with real time tracking (that one might have to be scratched, high security risk because of attack vector)
This obviously doesn't cover all the bases but would be a good start... I know a lot of these options can be implemented with a mismatch of apps and custom Roms but having it all at an OS level AOKP style would greatly help in building an android by the people for the people community that could eventually loosen the stranglehold of less than transparent corporations.
60 views in 24 hours and not one comment. Obviously I'm approaching this the wrong way. More news at 11.
e-motion said:
60 views in 24 hours and not one comment. Obviously I'm approaching this the wrong way. More news at 11.
Click to expand...
Click to collapse
I don't want to be insulting, but no programming work has been done on your part, and you're just asking for people to dive in this project to get managed by someone they never heard of. It's not really surprising no one has commented yet.
I understand what you're saying but any comment, even if only just to show interest in such a project, will be key to drive developers to it.
I might not have started any development but I have clear understanding of how to design secure solutions. I can't go into details of why that is, however you can clearly see with my 2nd post that some research has been done. If I wanted a solution for me alone, I could just go on with my own little pudding of custom ROM and security apps.
However, because of the recent news events that SHOULD have awaken this population, I thought now might finally be the right time to try to get such a project off the ground. But without anyone even showing any interest, why would any developer be drawn to it ? If people would rather focus more on content consumerism than on what might happen under an umbrella of spooks that they're paying for with their taxes, then they have learned nothing from history and deserve what's coming to them, simple as that.
This is NOT a development thread in case you haven't noticed, so telling me I haven't developed anything yet is not even relevant.
In case anyone cares, this will be moved shortly in the t-mobile Note 2 Android development thread as a Touchwiz proof of concept ROM. Little steps, little steps...
Sent from my SGH-T889 using Tapatalk 2
mobile sec
While I am not a developer I would be interested in this project. I've been thinking about this a bit lately given recent events. I think a useful privacy preserving security related app and phone combo might have these features:
-some way to separate the baseband processor (radio) from the OS. It seems most phones share memory with the radio and this fact can and has been exploited. Own the bb processor and you own the phone. Perhaps a 3g dongle plugged into an android phone in host mode would work. Some of these usb "data only" radios can be unlocked for voice too. I believe a rooted phone with IP tables/firewall running would be much more secure than a conventional mobile phone.
-an anonymising network for connecting to servers/peers. I think the i2p network is well suited for this purpose. Rather than connect to services that are not designed with your anonymity/privacy in mind, connect to hidden/darknet servers that make it extremely difficult to ascertain your real IP and location. Perhaps an i2p router running on your home computer relaying i2p traffic while also maintaining a long lived encrypted connection to your mobile in order to "push" data to it. In this way the user benefits from the anonymising network, contributes to the network, but doesn't have the battery drain of relaying packets from the phone (if this is even possible).
-end-to-end encryption. Perhaps OTR messaging for texting and perhaps openPGP for transferring binary files as I don't believe file transfer in OTR is available at this time.
-an app that uses the above network that is capable of sending/receiving encrypted text, audio, video, gps location etc and does not leak any personal information that you don't want leaked. XMPP might be a good choice (with perhaps out-of-band binary transfers for efficiency). Giving your unique identifier to another person that is using the same app would allow you to communicate with them while not revealing your phone number, imei, imsi, etc. There would be some latency in the communication especially with binary transfers but I would gladly accept that for the added security.
anyway, just wanted to add this to the conversation and hope to see this project take shape as we definitely need more security enabled os's and apps.
Ive been through the entire security forum. Must say till a little raw but it will mature hopefully. Still a lot of noobs talking and no serious dev talk. Im not a developer but I have done some research esp on encryption systems and keep myself updated with the loopholes in various apps. Until such time when they do join in I think it would be a good idea (esp if the higher-level know-its) would share their list of apps they use for their everyday functioning and especially how you currently protect yourself best against unwarranted attacks to the types other forums are talking about.
My list is:
K-9 mail : for email. I use APG with that though im still not convinced its worth it cause the keys would be a easy to 'reverse engineer' as you can easily detect the device you use to send the mail and thus an estimate of the computing power essentially showing them the narrow range of prime numbers in which the key could have been generated. But you would need to be a dedicated target for that. Plus its open-source and very popular.
Xprivacy: its good for apps with too many unnecessary permissions but it wont protect you against intruder attacks.
network connections: just switched over to this from wire shark. Still undergoing testing. But it tell you the current internet connections and seem promising. You can block the suspicious IPs using xposed framework called peerblock (look into the xposed mod index). Needless to say but I think blacklisting google would be perhaps make you life considerably old-fashioned esp if your plugging the google 'backdoor' access they provide to 'he-who-shall-not-be-named' organizations.
Browser: im using the native AOSP browser. Firefox would be a better alternative in my opinion to chrome or others. I wish we had chromium for android.
Quickpic: using it instead of the native gallery after i found that it was connecting to the internet.
Calander: using the native AOSP calander but deleted the calander sync cause i try to avoid relying on google too much. selectively Denied internet permission.
ES file manager: a very complete tool. root explorer with checksum built-in. denied internet permissions.
TextSecure : Using this for standard texting because it seems to offer more encryption that any other texting app at the moment. Plus its going to be the default messaging app in Cyanogen ROMs in the future. Offers One-Time-Pad system encryption which is encryption theoretically secure (what that means for the common man is that this encryption is the only one that has stood the test of time to be unbreakable of used properly. All other encryption systems rely on the fact that the decrypting systems used to 'crack' the encryption lag behind the algorithms. Lets hope the devs did implement it properly)
Remove Google from CM10+ ROMs : http://www.xda-developers.com/android/remove-the-google-from-cyanogenmod-with-freecygn/
"Not every user particularly cares for Google’s proprietary bits and its tendency to put them everywhere. As such, XDA Senior Member MaR-V-iN has created a script to clear out Google proprietary binaries from all CM10+ ROMs. Freecyngn disassembles the CyanogenMod settings app and replaces Google Analytics library with the free NoAnalytics. The whole process doesn’t break the Settings app, and turns your device into one that is Google-free"
Click to expand...
Click to collapse
Thanks to @SecUpwN for the site: www.prism-break.org As you will see by visiting this site its not secure but just a list of more open-source projects.
I dont use a lot of google products like gmail or chrome or maps but i would like to minus the uneasiness that i have using it. And i dont use public wifi at all. The great things in life are hardly ever free!
Needless to say but i use CM 10.1 since its well developed and open-source. Looking forward to omniROM by chainfire and other great devs. I do believe we need some serious stenographic programs for android because encryption alone is not the way to go. Maybe they will take this more seriously. This remains a work in progress. As always hit thanks if it helps.
CM is now for profit. It's CyanogenMOD Inc. Anyway, this is a pretty naive approach, IMHO. You want to keep something secret you can't tell technology about it. Check out "Schneier on Security."
where did you download "network connections" from?
@aejazhaq: See www.prism-break.org!
runwithme said:
where did you download "network connections" from?
Click to expand...
Click to collapse
I downloaded it when the dev was giving the pro version free for a limited time to XDA members. How ever its available on the play store...https://play.google.com/store/apps/details?id=com.antispycell.connmonitor&hl=en
SecUpwN said:
@aejazhaq: See www.prism-break.org!
Click to expand...
Click to collapse
Yes i cam across that just a week ago. It seems to me as my knowledge progress' that the apps available are just to keep the selective data eg your mails private if you use APG with that. @pan.droid I think anything on your device is still as vulnerable as can be honestly and don't think, at least as of now that you can protect your data on you device with any satisfactory means, at least not yet. I'm interested in stenographic means more now than ever because I think encryption alone wont cut it esp keys generated on the phone; the prime numbers needed for a foreseeable future (3+ yrs) protection are elusive on the phone, perhaps the PC can do a better job, but again with its fallacies esp with emails being stored in the cloud permanently means that there's an expiration date on such material you choose to share. And given it lacks forward secrecy and anyone using PGP in emails is definitely shouting encrypted msgs being transmitted perhaps arousing more suspension and the subsequent package.
Thus I do agree the list is currently very naive but perhaps the best we can do at the moment. Thats why I'll leave people to share their opinions on this because this is perhaps an ongoing discussion.
I'm really interested in a contacts replacement. I hate the new style google version but I don't trust ANYTHING free from the app store. They all download your contacts!
You didn't mention AFWall+, the iptables firewall I consider instrumental in blocking most phone home attempts.
SecUpwN said:
@aejazhaq: See www.prism-break.org!
Click to expand...
Click to collapse
Actually, pretty great site!
pan.droid said:
Actually, pretty great site!
Click to expand...
Click to collapse
You're welcome. If you're interested in security projects, have a look!
I'd totally jump on board with that, but all I have is a WI-FI tablet, ATM. Great activist project for anyone serious about security.
pan.droid said:
I'd totally jump on board with that, but all I have is a WI-FI tablet, ATM. Great activist project for anyone serious about security.
Click to expand...
Click to collapse
Sadly, our project is missing real security enthusiasts and DEVELOPERS. Do you know anyone I should get in touch with?
I use "Keepass2Android Offline" to manage my passwords. This "offline" version removes Internet access permissions which I consider essential for security of my database.
xda-developers 15
Forum Home Home Android Development and Hacking Android Apps and Games What Android security setup do you use/recommend?
MESSAGESTHREADSFORUMS
You have no unread messages.
View all messages.Log Out
XDA PORTAL POSTS
Dirty Unicorns ROM for Verizon S4
XDA Senior Memberjbatsbrings usDirty Unicorns for Verizon S4, an AOSP based ROM with good aesthetics and … more
22 Feb 2015
By Mario Tomás Serrafero
Experiam Black Theme for Sony
CyanogenMod devices aren’t the only ones with awesome theme engines, as the Sony Xperia line of phones … more
22 Feb 2015
By Tomek Kondrat
Beginners Guide to Git and Building a Kernel
XDA Senior MemberNicknoxxwrote up a guide based on his building experiences, where he explains … more
22 Feb 2015
By Mario Tomás Serrafero
Materialistic Xperia Theme
Sony is yet to release the Lollipop update for the Xperia line. While the materialized look is still unknown, XDA … more
21 Feb 2015
By Tomek Kondrat
Post Reply Subscribe to Thread
+1 Like Tweet Rate Thread Add Poll What Android security setup do you use/recommend? OPzakazak
zakazak
Yesterday, 03:38 PM | #1
OP Senior MemberThanks: 14
401 posts Joined: Dec 2010
Hey there,
I have spent a lot of time with security on Windows (research, testing, etc) and have about 10 years of experience when it comes to security, malware & privacy. On Windows I believe to have a very decent setup and there is little that can bypass my security setup. I want to achieve the same on my Android phone (currently Nexus 6) and wonder what you do and recommend to safe your privacy and improve your phone's security.
A little history of my Android security path:
On my HTC Desire HD I used Dr. web, when it got released (being the top product back then). With my Nexus 4 I switched over to Avast being the top product at that time as well as using ParanoidAndroid and it's feature to disable permissions per app (e.g. no location permission for facebook). After some time I felt like Avast was slowing down my phone and replaced it by CM Security. Well CM Security isn't the most transparent app and I am struggling with privacy when using this app.
So now on my Nexus 6 I am using the following setup so far:
App Ops (aka privacy guard) - To disable permissions per app
Override DNS - To change DNS Server for 3G/4G/WIFI to "NortonDNS"
Telegram - For secure chats
SuperSU - For root management
I disabled untrusted certificates (e.g. government) based on what certificates are allowed in Firefox browser (Android 5.x)
Phone is using encryption (Android 5.x)
I would still like to have an app that does scans every few days with high detection rate but low resource usage when on idle. SMS and Phone Call block would be a nice feature as well. Also I would want to "lock" apps with a "password pattern" so other people can't open it.
ESET seems to be lightweight, high detection rate and is a very trustable company. But 15€ a year is a little bit... meh
What setup do you guys use and recommend?
First of all there is no security on Windows. People always making the same mistake, talking and talking about what software they use to improve something and forgetting one big thing, that there are a lot of proof-of-concepts, 0day and other possible attacks out there which can't be easily "fixed" by installing an security product such an AV. There are much known and also much unknown puplic attacks (and some 0day you can pay for) that working at the lowest possible level, such BIOS hacks, HDD firmware and partitions hacks (/TLDS/BACK/and such) that are almost impossible to identified for the normal user and even a professionals it's almost impossible or simply coasts a lot of time. And I know nobody which can spend the whole day to read everything on the net which could be security news related or is able to fix it, because lack of knowledge. Knowlage is even more poverfull than installing any AV or any other products which claims to "secure" something because if you know how the hacks working, you now how to defeat them (mostly without any tools), that usually starts with something like not install software which everyone use (like flash player plugins). Sure, it does not fix the fact that there are a lot of ofter vulnerable software out there, but the risk is lower because lack of hacker interest to infect something that is only used by a few people.
You definitely not need any AV on Android, Android isn't windows and even on Windows most stuff only works if you not use any administrative account. Same like under Android, there is a sandbox which normally protect apps from crashes/evaluation escape and other stuff. Of course there are some hacks and stuff which always works (some low-level attacks like certificate attacks, poisoning and such) but recently there is more and more a focus to get your private data or hack something that affects a lot of people (mentioned certificate hacks).
So the "best" someone can do is to read, read, stay up-2-date and use some brain to not install every plugin, not click every popup and not trust every app just because 1000 or more people use it (with five star ratings, even this never protects you against all stuff).
So there is and never will be any guide or recommendation what's safe and what's not. There are opinions and links/pages to read but the rest is matter of taste, brain, knowledge and tests.
Another example is that now people starting with Android 5 people more and more use the encryption but that does not help against data leaks or will stay safe forever.
My opinion is that Telegram and some other mentioned things aren't secure and there are several good reasons but people always want to believe the hype, but's my opinion. And to change the DNS is almost useless, Android uses default the google dns - why change to another DNS if apps like whatsapp, google play services constantly trying to connect to google (for e.g. ads, ping backs, sync,..)? To believe that DNS can't be attacked is a myth, there are several attacks, especially you recommend Firefox - but by default it uses his own DNS system (which needs to be disabled first via about:config).
AppOps is also only necassary if your ROM does not have the CM privacy Feature or a similar feature.
I not understand why you asking for e.g. a phone call blocking software, just use a black-/whitelist or simply go to airplain mode or shutdown the phone (shutdown the phone should be the best against known attacks).
But as said, instead talking about which app which guy prefer (which is useless) we should start a general talk how to secure the whole os and fix possible data leaks instead of taking all over again about something what is million times written on the net.
I’ve been a CyanogenMod user since CM6 for the HTC EVO. While I can’t claim to have contributed much directly to the community (I’m no developer and more of a sys admin kind of guy), I have installed CM on countless phones over the years - basically any friend or family member who sat their phone down long enough. As soon as it was available, I snagged a OnePlus One, and it’s still the phone I have today. While I was initially excited to see where the foundation of Cyanogen Inc. would take the project, I’ve become increasingly disappointed with the direction that things have gone (both CM and COS), and I think my next phone will likely be a Nexus device with stock Android. I’m fairly certain that this post won’t accomplish much (aside from starting a flame-war/trolling/what-have-you), but I thought I would post it just to see what might come of it.
What I initially loved about CM was the fact that it added a number of useful features to stock Android, it allowed a ton of functional customization, it seemed to be more efficient and stable, and it let me continue to update devices that manufacturers had artificially sunsetted. I was impressed by the fact that lead developers were more interested in code quality and security than by shiny features. Amidst the desire to make Android better, there was also a sense of perfectionism to CM as evidenced by the “don’t ask for ETAs” mantra - it would get done when it was ready, and I was always willing to wait.
When Cyanogen Inc. formed, I was curious to see how they planned to make money. I actually decided to be a bit bold, contacted Kirt and Steve via LinkedIn, and offered to share some of my ideas. One of my biggest suggestions was that they should do something to fill the gaping hole left by Blackberry. At that point (and even still today), no manufacturer had really been able to provide the enterprise-grade functionality provided by Blackberry and BES. MDM solutions were (and are) a double-edged sword that are really just a patch for the solution. Given the huge priority that Cyanogen placed on security, I thought it would be a good direction to take. I’ve sent a few other suggestions over the years (including attempting to get the OnePlus One on the shelves at Walmart when I worked at the corporate offices), but it never seemed to go anywhere.
Right now, when I wake my phone, I have a reminder that there is a system update ready for my OnePlus One that will install COS 13.1. This update adds “new mods for Cortana, OneNote, Microsoft Hyperlapse, Skype, and Twitter.” I have yet to hit install. My issue is far less that Cyanogen is working with Microsoft and more with the fact that the company, much like Canonical/Ubuntu, seems to have the not-invented-here syndrome. (Side note: here’s a great article from the Turnkey Linux team that serves as partial inspiration for this post https://www.turnkeylinux.org/blog/ubuntu-not-invented-here-syndrome). Instead of offering new and useful features, Cyanogen is reinventing wheels and cramming the OS full of things that aren’t really at the top of anyone’s list for issues that could be solved or features that could be added. The innovation just seems to be gone. Most of the features that were exclusive to CM and drew me to the project are now part of stock Android. It makes me wish Cyanogen had taken up Google on their $1B offer.
Here are a few examples. Who remembers when ADW was the stock launcher of CM? I do. In contrast, who actually uses Trebuchet? I think it’s a featureless piece of junk. No gestures? No ability to hide icons in the drawer? No useful functionality that really sets it apart from other launchers? Why develop something new just for the sake of doing it yourself when it only provides basic functionality? Right up there with it is the File Manager application. There are plenty of other more feature-rich applications on the market, and I frankly never use the app provided by Cyanogen because it isn’t nearly as functional as something like ES File Explorer.
Similarly (but more egregiously), is the Browser application. Show of hands: who uses the browser provided in AOSP? No? Me, neither. Be it Chrome, Firefox, Opera, or something else, no one uses the browser built into the ROM. Why did Cyanogen feel the need to create another browser that lacks functionality, is rarely updated for security patches like mainstream offerings, and is basically just another piece of lint on everyone's phones? I fail to see the innovation, there.
I initially loved the idea of having a Cyanogen Account because it was pre-Google Device Manager. However, now that Device Manager exists, I don’t see a reason to use my Cyanogen Account because there haven’t been any additional additions to the feature set. I emailed Kirt and Steve once about potentially folding the WebKey project into Cyanogen and linking it to the Cyanogen account. That would provide remote access, remote file management, a remote shell, and countless other features (most or all of which could be made to work without needing root if baked into the ROM). How much would that add to the ROM and set it apart from other offerings? Neither Google, Apple, Microsoft, or Blackberry have anything close, and it would be a game-changer.
The Themes engine. Alright, so some may disagree with me, here, but I don’t really care about theming my phone or my computer. For me, that was cool back when Compiz/Beryl were the hotness for Linux. Now, I’m more interested in function over form. Why spend so much time building this thing when there are actually useful additions that could be made to CM/COS?
In conjunction to this, there are a number of features provided by CM that are now part of AOSP and make me wonder why I'm still on CM/COS. Google has added permissions management. They have included tethering. The majority of Developer Options are baked in. They switched the whole tap/long press to turn on/off/open settings feature in the notification panel. There isn't much to set Cyanogen apart, anymore.
Instead of just complaining, I wanted to start a list of things that I really thought Cyanogen would have provided by now (or would have at least considered). Some of these would provide Cyanogen with a revenue stream so they wouldn't have to keep cozying up to Microsoft, something that I'm sure most of us would appreciate (does anyone actually use Cortana?) I’d be interested to hear what other features the community would like to see added to CM/COS:
WITHOUT root, implement NFC tag actions that are available with the screen off. For example, allow a user to unlock/wake their phone, turn certain settings on or off, switch to a different profile, or perform a set of pre-defined actions by tapping a NFC tag. Obviously, there would have to be some security mechanisms built in order to whitelist trusted tags so the functions can be used with the screen off, but I’ve always wanted to be able to set my phone down on a tag at my desk and have it automatically connect to my company’s WiFi, put my phone on vibrate, etc.
Partner with an existing developer or independently build parental controls into COS.
Add a login manager for public hotspots to accept terms and conditions on subsequent logins after the first connection (would need to use MAC address, GPS, or some other unique identifier since some companies use the same provider, e.g. Starbucks and McDonald's both use ATTWiFi as their network name but have different captive portals)
Make a Kiosk version for customers at coffee shops and the like.
Create a mobile pay kiosk version similar to the Chili’s tablets since Cyanogen is known for security.
Make a version tailored toward the elderly (lock certain features, provide a restricted set of capabilities that are easy to access, etc).
As previously mentioned, build in WebKey or similar functionality that is tied to a Cyanogen account.
Include Tor without needing root.
Allow the ability to modify DNS settings.
Develop AirPlay compatibility for the Cast feature.
Right now, I’m at the point that I was at with Ubuntu about five years ago. Canonical had “improved” Debian into a bloated nightmare complete with in-house developed projects such as Unity, Ubuntu One, the Ubuntu Software Center, Mir, and others that no one asked for or wanted. If Distrowatch rankings are to be believed, Debian (and Mint) is now more popular than Ubuntu, likely as a result of Canonical’s decisions.
This is not a call to arms but rather a suggestion. Perhaps it is time that the community creates, by way of analogy, a Cyanogen Mint. Maybe we need to go back to the foundation of AOSP just like many users have done by going back to Debian. For me, at least, Cyanogen isn’t satisfying the same needs that it did two years ago, and I’d like to have a mobile OS or ROM that does. There are a lot of custom ROMs out there like Paranoid Android, AOKP, and OmniROM, but they are incredibly fragmented in the devices that they support, and none of them have the level of backing that Cyanogen gained. Perhaps as a community, we need to consolidate our efforts, focus on a common project, and bring forth a high-functioning ROM that can fill the void that Cyanogen no longer does.
In light of today's news about the layoffs at Cyanogen, thoughti might bump my thread to see if anyone would be interested in joining this conversation.