A quick note
If you've come from Google Play to get support, welcome! I'm glad you made it here.
Please do post a description of the problem you are having, but you may also want to read the section below labelled What should I do when it fails?, as this will make it much easier for me to provide support.
If you're having a problem, the place to post it is here, because if you do so on Google Play then I have no way of responding. Unfortunately, this has been the case where an issue has become apparent, and I have included a fix, but there is no way for me to notify those who had the problem.
In any case, back to our normal program...
What is it?
PDroid Manager is an alternative OpenPDroid/PDroid 2.0 Management App. It is currently the 'official' management app for OpenPDroid, and serves as an alternative to the PDroid 2.0 App for PDroid 2.0.
It is GPL licensed (with additional attribution conditions). Source can be obtained from my github.
What does it need?
First, this relies on either the OpenPDroid Core/Framework patches (recommended), or the PDroid 2.0 Core/Framework patches being present in the ROM. You need to have them installed, either by getting the patches (OpenPDroid, PDroid 2.0), patching and compiling a rom yourself; or using the excellent autopatcher tool by mateorod and pastime to patch an existing rom.
It also requires Android 4.1.2 or 4.2.1.
Status
This app is in a supremely alpha state. It does have bugs. It will crash if you run it without the PDroid core/framework patches. It does have a problem with the way notification icons display if you install multiple apps without configuring them. It will crash in a range of other situations I haven't thought of yet.
It will crash if you try to use it while you have the PDroid 2.0 App installed. (It's a permissions signature thing, and you can't have both installed unless you resign them both yourself: see here for how to do that.)
It has been tested on three devices a Galaxy Nexus running AOKP, and a B&N Nook (cheers to mateorod) and a Nexus 7 running AOSP.
Probably others too now, what with people using it, but I don't have a list for that =)
What is the difference between this and the PDroid 2.0 App
This is an ALPHA status tool, so it has more bugs.
This isn't complete - it is missing useful things like an 'about' box, the ability to check the PDroid core version, backup & restore, all of which are in the PDroid 2.0 App.
It can keep logs of application activities. There is currently no way to view these, though. Logs are now (I think?) supported in PDroid 2.0 App. I haven't tried them though.
You can filter the app list by whether it is a system or user app, and by the type of permissions used. Now also in PDroid 2.0 App.
You can filter apps by the 'type' of permission they use - e.g. 'messaging', 'calls', etc.
The source is available.
It can create and restore multiple (human-readable) backups on your SD card or 'external storage'.
It supports multiple languages, thanks to the contributions of others (languages and contributors are listed below) PDroid 2.0 App now supports German and English (but not Russian and French).
Did I mention it has more bugs?
What is the difference between this and Permissions Denied, and other permission-modifying apps
In brief: OpenPDroid and PDroid 2.0 do not actually change the permissions of apps; rather, they intervene when the apps try to use some of the features allowed by these permissions. For example, it doesn't remove permission for an app to use the camera - instead, it lets the app believe it is using the camera normally but then feeds back a fake image when a 'photo' is taken. Similarly, the app can try to request the phone number from the phone, but PDroid can return either a blank number, or a fake number, to the app. The main advantage of this is that rather than the app crashing, as often happens if it finds expected permissions have been removed, it continues to operate simply using incorrect data as its input.
The downside is that PDroid requires modifications to the ROM, which is difficult.
What should I do when it fails?
First, check if the problem you have discovered is a known issue, by looking at issues on my github. If if has already been lodged, but you have additional information to add, then ideally attach it to the issue in github. Otherwise, you can post it here but please clearly refer to the existing issue in github when doing so.
If it is not a known issue in the github:
You can open an issue on my github, providing a logcat: see how to get a logcat.
You can post on this thread, providing a logcat. I will try to monitor this thread, but if it starts getting out of control then I will probably try to run up a bug tracker somewhere else for people to use (and I will always fall back on the github issue tracker).
When will you stop telling me about the bugs and give me a link?
I have added PDroid Manager to the Play store, so you can obtain it from there (which means easier updating). If you do get it from the Play store, remember that support is provided via this thread, not via the Play store comments. I have only added the app to the Play store as a convenience so people can get updates without monitoring this thread.
Check the attachments to this post for the PDroid ALPHA releases. Make sure you read that ALPHA part.
Source at my github.
Requirements: Android API 16 (i.e. 4.1.2 - haven't tested in 4.2 yet).
What does it look like?
This:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Why did you build it?
The original PDroid app by Syvat, and the subsequent PDroid Addon/Extension/2.0 apps by CollegeDev didn't do everything I wanted them to do. I couldn't modify them because I didn't have the source. I'd never created an app before and I wanted to give it a shot.
Why does it need permission to access my SDCard?
I've added the ability to backup and restore your settings to the external storage. In order to do this, I need to be able to write to, and read from, the external storage. I will be adding a version at some point which doesn't require this permission, and cannot do backups.
Isn't doing backups to the external storage really insecure? Couldn't another program edit my backups?
In general, doing backups to the external storage would be insecure, in two ways: other apps could read your settings from the backup, and other apps could edit the backup so when you restore it your settings are wrong.
The ability for other apps to read your settings is a problem even ignoring backups. The Pdroid 2.0 Core (and the original PDroid Core) do not prevent applications from reading settings without any permissions whatsoever. Yes, any app can read your settings directly from the PDroid service. That is the way the PDroid core is built at present (and I don't much like it, but that's another story).
The second problem is one that I have attempted to address. Each installation of PDroid Manager will generate a 'digital signing key', and any backup you create will be signed with this key. When you attempt to restore the backup, the signature is checked to ensure the backup (or signature) has not been modified. If the signature doesn't match, you are warned and given the opportunity to restore anyway. You cannot export this signing key, because exporting that key to your external storage would make it accessible to other programs, and with it they could re-sign your backups to make it appear that they had not been modified. This means if you uninstall and reinstall PDroid Manager, you will get 'invalid signature' warnings on all the backups made from previous installations. If you don't want this to happen, I recommend downloading and using Titanium Backup - it will store the encryption key (although on external storage, which itself could be a security risk). Thus, unless you uninstall and reinstall your PDroid Manager installation, the app will verify that backups have valid signatures before restoring them. Mind you, a root app could steal the signing key. As is always stated, for root apps it is all up for grabs.
I have a great suggestion! How should I get it to you?
First, keep in mind that there are various degrees of detail which can be provided with suggestions, such as:
A suggestion of a feature which could be included
A description of how the feature should work (e.g. user cases: list XYZ, then user presses N, dialog P opens, etc.)
Storyboards or images of what the feature could look like (even if it just a box diagram done in Powerpoint or something).
A suggestion of an app which implements a similar behaviour that could be used as a reference for implementation
A bit of example code
Suggestions of new features are excellent, and some suggestions need less description than others - e.g. "add a help button to each setting" needs less description than "add the ability to filter by the 'trust' state of the app" (although in both cases, interface diagrams could be helpful: e.g. should the help button go to the left or right of the text label for the setting?)
You don't have to provide all of these details, and indeed even if you do provide some details I may not actually use them (e.g. if your suggested images were very inconsistent with the Android UI idioms, or the rest of the app). You can certainly make suggestions that are quite simple: e.g. I would like to be able to apply settings to multiple apps at once, or I would like to be able to filter by individual settings rather than groups of settings (although the latter would be a good candidate for interface suggestions too). If you are suggesting complex features, though, some suggestion of how the interface should work could be handy too - even if I don't use the suggestions as such, they can be very useful for giving me different perspectives.
If you have a suggestion then please describe clearly the suggested feature, interface or behaviour change, or whatever your suggestion it may be. If it requires a new UI screen, or a change to an existing one, descriptions of how it should work, drawings or imagery (or pointing to another app) are very welcome.
In order of 'most desirable' to 'least desirable' (from my perspective) I suggest:
Post the suggestion to my github
Post the suggestion on this thread
PM me (this is low on the list because if I get a flooded PM box it will be hard to find anything).
Finally, remember nothing says "I'd love this feature to be in the app" like a patch to implement it
Can I contribute a translation?
Absolutely! I welcome translations! The process for doing a translation will depend on whether you have a github account or not.
Currently we have translations being contributed for:
English
French (jpeg729 and patrickpr)
German (TamCore)
Hungarian: appelsson
Russian (Beasty)
If you have a Github account
You can fork the PDroid Manager project, and create a "values-xx" directory for the relevant language (e.g. values-de for German). Into that directory, you will need to copy:
Files containing text displayed to the user are:
access_notification_text.xml, which is the text for notification messages provided to the user when an app attempts to accesses a particular type of data.
arrays.xml, which currently contains the text of the drop-down lists used for filtering, and the 'Untrusted, Trusted, No Settings' text displayed.
settings_strings.xml, which contains the text descriptions of each setting, and the associated help text. (I have *just* pushed an update to github for this file, so if you want to translate it make sure you do a pull).
strings.xml, which contains the 'general' strings used in the app.
Once you have created those files, you can commit them, and then create a 'pull request' so I know they are ready to be integrated. I'll then integrate them.
If you don't have a github account
You will need to download the four files linked above, and translate the strings in them. Once you have done that, post to this thread with the files attached.
Remember:Keep in mind that if you have the files sitting around for a while in a partially translated state, they could change in development! When doing translations, make sure you have the latest version from the server. If you find that the strings etc have changed on the server, and you have done a partial translation, you can use a tool like WinMerge to merge the new changes into your file without a lot of work.
Also, if you are creating translation files, please include yourself as an @author in the header to the file, or nominate the details you would like to have recorded against your authorship. Also note that basically the entire app is under a GPL license, and I will only accept material which is licensed under a GPL or BSD license, to make sure that people are free to copy and edit the code as they see fit.
What do you have planned next?
Fix bugs
Add a 'preferences' and 'info' screen to check PDroid core/framework version, etc mostly done
Add help to the individual settings, so users can understand what they mean DONE!
Add the ability to view log and delete logs
Add the ability to create 'profiles' - i.e. pre-configured groups of settings, which can then be applied to an app
Add batch processing, so profiles can be applied to multiple apps in a single action Released in 0.9.3
Add filtering of apps by individual settings, not just by 'setting group'.
Add filtering of apps by setting state (i.e. trusted, untrusted, no settings)
If you want you can give it a go. Read the source. Have fun. Just don't complain that you haven't been warned about it being buggy.
2013-01-15 v0.2.9.9 ALPHA
Changes
Added support for 4.2.1 - not that it stopped you installing it anyway, but for Google Play it mattered =)
Added Spanish support, thanks to alceasan.
2013-01-12 v0.2.9.8 ALPHA
Changes
Fixed a force-close affecting everyone as a result of a corrupted APK. Sorry about that, all!
2013-01-12 v0.2.9.7 ALPHA
Changes
Added Hungarian language support thanks to appelsson.
Updated French language support thanks to jpeg729.
Fixed (I think) a bug in which the app crashed when an installed app does not have an icon.
2012-12-15 v0.2.9.5 ALPHA
Changes
Theoretically fixed a bug which I was unable to reproduce (but I think I know why) which caused a crash rather than a friendly message when a user attempted to run PDroid Manager without the PDroid core installed.
CHANGE LOG
2012-12-15: v0.2.9.4 ALPHA
Changes
Added detection of whether necessary permissions to write to the PDroid core were present, and provide a friendly message if they are not. (These permissions are absent if PDroid 2.0 App is installed before PDroid Manager, not uninstalled before PDroid Manager is installed, and the two packages have not been re-signed with the same key).
Otherwise, this version is identical to v.0.2.9.3. It was just added because I saw some crashes due to PDroid 2.0 App being installed with Google Play users.
2012-12-14: v0.2.9.3 ALPHA
Changes
The main stand-out of this release is batch processing: further details about that are after the list.
Instead of crashing if you don't have PDroid installed, it will now give you a message telling you that you need to install it.
Batch processing: you can now select a bunch of apps, and change their settings. Long-press on an app to enter selection mode, touch other apps to select or deselect them, then use the action bar options to choose what to do.
Added a 'purge settings' option to preferences. This deletes all settings for all apps.
Changing language now triggers a restart of the app (after prompting the user) to immediately switch language
Restructured the filtering interface to work better on smaller devices, and generally look nicer.
Info/help buttons for settings only appear on larger devices now (due to screen real-estate issues). Clicking on the name of the setting will display the help on smaller devices.
Performance improvements
Known bugs
When multiple apps are installed one after the other, the notification to update settings of previous installations is replaced (rather than additional icons appearing). Still.
I think there is still something funny going on with the 'trust' indicator after you save an app, but that may be a new issue. Still.
App names in the application list don't get reloaded when the phone locale changes, which means they stay in the old language until manually refreshed. I'm no longer going to call this an issue, because it is handled by the OS.
Also see my github list: https://github.com/wsot/pdroid-manager/issues
Key points about batch processing:
When you select some apps and choose 'custom settings', only the settings relevant to the apps will be displayed (unless you choose 25+ apps; then it was too slow to work out which ones were relevant).
Only those settings you select new values for will be changed. Those with no pressed buttons will be left alone.
You can 'deselect' a button in batch mode by pressing it again (effectively clearing that setting row, so it will not be changed).
Batch processing can be a bit slow, but unfortunately that is a consequence of the Privacy service to which PDroid Manager connects. I have modified this service to improve performance, but I'm still testing the changes so the app does not require those modifications.
You can't avoid overriding the 'logging' and 'notification' settings when doing batch processing at this stage. I will resolve this soon.
2012-12-07: v0.2.8 ALPHA
This is a minor update: It provides an updated German translation from TamCore, and
Changes
Updated German translation from TamCore,
fixes the Application List scrolling back to the top when you open details for an application, thus losing your place.
Known bugs
When multiple apps are installed one after the other, the notification to update settings of previous installations is replaced (rather than additional icons appearing). Still.
The app will probably crash if PDroid is not installed. Still.
I think there is still something funny going on with the 'trust' indicator after you save an app, but that may be a new issue. Still.
App names in the application list don't get reloaded when the phone locale changes, which means they stay in the old language until manually refreshed. Still.
Also see my github list: https://github.com/wsot/pdroid-manager/issues
2012-12-03: v0.2.7 ALPHA
A couple of new features in this one, and returning to just one version (rather than multilingual and English). The backup and restore features are shiny and new, and *should* work, but be cautious when using them. I've tried them out quite a bit, with custom settings etc, but there could be bugs there that will cook all your PDroid settings. If you find one, please, please report it (see the section on reporting bugs).
Changes
Added a 'preferences' screen, with 'About' box, 'Credits', and a link to this thread
Added language selection (i.e. overriding phone language), again in the preferences screen. Note that for the language to change, you need to force-close and restart PDroid Manager after switching languages. I'm looking at how to resolve this.
Added backup and restore of settings. This requires access to your external storage, hence the new permission. I will be adding supporting code at some stage to allow a separate version without backup and restore to be easily generated for those who are uncomfortable with SDcard access by the app. You can read more details about the backup approach in the Why does it need permission to access my SDCard? and Isn't doing backups to the external storage really insecure? Couldn't another program edit my backups? sections.
Known bugs
When multiple apps are installed one after the other, the notification to update settings of previous installations is replaced (rather than additional icons appearing). Still.
The app will probably crash if PDroid is not installed. Still.
I think there is still something funny going on with the 'trust' indicator after you save an app, but that may be a new issue. Still.
App names in the application list don't get reloaded when the phone locale changes, which means they stay in the old language until manually refreshed. Still.
Also see my github list: https://github.com/wsot/pdroid-manager/issues
2012-11-30: v0.2.6 ALPHA
This release has two versions: Forced English (PDroid_Manager_0.2.6_en) and multilingual (PDroid_Manager_0.2.6_multilingual). The multilingual will automatically use the language matching the phone where possible. The 'en' version uses the exact code I intend to apply to allow users to override the automatic language selection. Basically, this is the same as having a button to force the app to always use English, except the button isn't on the user interface and is always pressed. If you find this isn't always showing English, please let me know so I can fix it.
Changes
Incorporated updated help text (fine work by wbedard, to which I made minor edits. Thus, errors are probably mine not wbedards).
Added German translation (thanks to TamCore) and French translation (thanks to patrickpr on GitHub; note I removed a few words from the translations because the English help text changed, so may have introduced gramattical errors into patrick's French).
Added automatic language data re-loading. To optimise speed, some language-specific text is stored in the database. To make sure that stays up to date, the App will check if the language has changed, and regenerate that database data if it has. If this doesn't happen for you, and the interface stays in English when you switch your phone to German, etc, please report it..
Added different button sizes for 'large' vs 'non-large' devices. This means that buttons will appear larger on most 7-inch tablets (and maybe 10-inch tablets too; my 10-inch isn't working right now) than on phones.
Modified the code to use Android 'Fragments': hopefully, this will be invisible to users at this stage; however, in future it will allow easier development of a multi-panel tablet interface. This is a pretty major change, so may have introduced bugs. Sorry.
Updated notification bar icon to match Google's style guide.
Known bugs
When multiple apps are installed one after the other, the notification to update settings of previous installations is replaced (rather than additional icons appearing). I will fix this soon, honestly.
The app will probably crash if PDroid is not installed.
I think there is still something funny going on with the 'trust' indicator after you save an app, but that may be a new issue.
App names in the application list don't get reloaded when the phone locale changes, which means they stay in the old language until manually refreshed. I'm undecided as to whether to I consider this a bug or not. Feedback (or patch to fix it) welcome.
Also see my github list: https://github.com/wsot/pdroid-manager/issues
2012-11-25: v0.2.3 ALPHA
Changes
Added improved text for the access notifications
Added a help button for each setting with a summary of what the setting does (I know it is ugly, and I plan to fix that soon).
The application list status indicator should now work under all normal circumstances
Dialogs have been added when loading, saving etc. to avoid interactions that could cause crashes
Known bugs
When multiple apps are installed one after the other, the notification to update settings of previous installations is replaced (rather than additional icons appearing).
The app will probably crash if PDroid is not installed.
Also see my github list: https://github.com/wsot/pdroid-manager/issues
2012-11-19: v0.2.2 ALPHA
Changes
Re-added some debug logging (but still much less than was there originally).
Added the ability to delete privacy settings from an app, both in the application settings detail screen, and on the long-press menu on the application list.
The application list status indicator (i.e. trusted, untrusted, no settings) now updates after the long-press menu is used, or the settings are changes in the detail display
An 'all' option has been edited when filtering by the type of settings (e.g. messaging, media, etc).
Known bugs
The trusted/untrusted is sometimes incorrect - 'trusted' apps may appear as 'untrusted'.
When multiple apps are installed one after the other, the notification to update settings of previous installations is replaced (rather than additional icons appearing).
The app will probably crash if PDroid is not installed.
Also see my github list: https://github.com/wsot/pdroid-manager/issues
2012-11-16, later: v0.2.1 ALPHA
Removed writing to the device log (so logcat will not be hideously large)
Contribution to PDroid Manager acknowledgements (in alphabetical order):
mateorod: testing assistance, great ideas, building Autopatcher.
patrickpr: French translation
TamCore: contributing Android.mk, markdown for tables in README.md which were unreadable, German translation
wbedard: textual descriptions of the individual settings
Still playing with the 2e version. I like what you have done with this a lot. Having an open source version will keep us from being in-between working versions, like we were between gingerbread and the auto-patcher release.
An open source alternative like this keeps that from ever happening again.
I had noticed that CollegeDev had not added preloaded-classes to his PDroid2.0 build patches, a potential security leak. Without any access to the source or even version control with the patches I didn't have much recourse to correct the issue. I was left to suggest it in his thread and hope for the best. While he never brought it up again, I did finally see that the suggested change was integrated, but it struck me that having version control for the patches would be for the best as well.
In the spirit of having the entire process open AND available, I have pushed repos for the updated original PDroid patches, worked on by pastime1971 with some help from me, and the PDroid2.0 build patches (which I call PDroidCorePatches) by CollegeDev (which are already open-source, just not available with version control AFAIK) pushed as well.
If CollegeDev or you update the build patches for 4.2, we can either use those repos or start new ones, if necessary. But I am more than willing to add read/write to both of you. Wbedard has ported the PDroidCore patches to AOSP, but I will wait and see if he wants to put up a repo first before adding a new one (or possiibly a aosp-4.1.2 branch).
My hope is that the move towards complete open-source could galvanize all of us who work on PDroid to work together instead of splitting our efforts...we'll see how that goes.
Anyway, great job! I will eventually push the entire history (gingerbread to today) but for right now only 4.1.2 is up.
Original PDroid
PdroidCore
If anyone who has been working with us on Pdroid wants push access, pm me. Anyone who wants to contribute that I don't know yet, submit a pull request and we'll get to know you.
I think having the patches be attached to the same repo as the Auto-patcher and smali patches makes sense, but I am open to suggestion.
FFU5y said:
It is GPL licensed (with additional attribution conditions)
Click to expand...
Click to collapse
dear OP,
i was under the impression that GPL2 did not allow additional obligations (like attributions) being added to the burden of the receivers of the licensed code. however, i think GPL3 made special provisions for some extra obligations in other common permissive free software licenses (manly attributions) to make them compatible with GPL3, so there are some attribution provisions in GPL3 i think.
an example of GPL2 ban on additional restrictions: GPL3 enforces further obligations on receivers, such as non-tivoization, and thus is itself incompatible with GPL2 for the previously stated reason.
could you please clarify the method you chose to extend GPL with attributions in this case? thank you!
Lanchon said:
dear OP,
i was under the impression that GPL2 did not allow additional obligations (like attributions) being added to the burden of the receivers of the licensed code. however, i think GPL3 made special provisions for some extra obligations in other common permissive free software licenses (manly attributions) to make them compatible with GPL3, so there are some attribution provisions in GPL3 i think.
an example of GPL2 ban on additional restrictions: GPL3 enforces further obligations on receivers, such as non-tivoization, and thus is itself incompatible with GPL2 for the previously stated reason.
could you please clarify the method you chose to extend GPL with attributions in this case? thank you!
Click to expand...
Click to collapse
The code is GPL3 licensed, and the additional attribution (and differentiation) requirement are under GPL3 Section 7 (b) and (c).
If there are specific contexts in which people would like to use the app that are excluded by GPL3, they are welcome to contact me about alternative licensing arrangements. Of course, as soon as others contribute GPL3-licenced code then that will get a lot more difficult, but right now that is an option.
I hope that answers your question, but if not let me know.
This is so absolutely awesome, thanks a lot FFU5y!
The filtering options for user/system apps and permission type are exactly what I needed. Further ideas would be:
search app by name
advanced filtering for a single specific permission, e.g. "start on boot"
batch operations: e.g. block network & gps location permissions for all apps
dbx4 said:
This is so absolutely awesome, thanks a lot FFU5y!
The filtering options for user/system apps and permission type are exactly what I needed. Further ideas would be:
search app by name
advanced filtering for a single specific permission, e.g. "start on boot"
batch operations: e.g. block network & gps location permissions for all apps
Click to expand...
Click to collapse
Cheers dbx - glad you're finding it useful.
These are good ideas (and indeed, I started on 'searching app by name' but de-prioritised it for release). I'll add them to my github issues list as enhancements (so they are listed somewhere centrally).
I'm not really sure at this stage how I'd go about implementing the filtering for a single specific permission, mainly because I'm not sure how to represent it in the user interface without cluttering it up.
One way may be to have a specific view for filtering by setting, which shows a list of settings, and then upon choosing a setting shows only the apps to which that setting relates (e.g. choosing 'GPS location' from the list of settings shows only those apps which have that as a valid setting - i.e. those with permission to access the GPS).
I'm afraid those features will probably take a little bit of time to develop, but hopefully you'll find the app useful in the meantime while I'm working on them.
Version 0.2.3 ALPHA has been relased:
CHANGE LOG
2012-11-25: v0.2.3 ALPHA
Changes
Added improved text for the access notifications
Added a help button for each setting with a summary of what the setting does (I know it is ugly, and I plan to fix that soon).
The application list status indicator should now work under all normal circumstances
Dialogs have been added when loading, saving etc. to avoid interactions that could cause crashes
Known bugs
When multiple apps are installed one after the other, the notification to update settings of previous installations is replaced (rather than additional icons appearing).
The app will probably crash if PDroid is not installed.
Also see my github list: https://github.com/wsot/pdroid-manager/issues
Hi, PDroid is a very important app, and I wanted to thank you for making an open source alternative with much more features.
Wish I was a dev, so I could help you more, but I will gladly test it the moment the autopatcher supports 4.2.
Sent from my GT-I9000 using xda app-developers app
Dr.69 said:
Hi, PDroid is a very important app, and I wanted to thank you for making an open source alternative with much more features.
Wish I was a dev, so I could help you more, but I will gladly test it the moment the autopatcher supports 4.2.
Sent from my GT-I9000 using xda app-developers app
Click to expand...
Click to collapse
Cheers =)
I'm eager to give it a run on 4.2 as well, but I am aware that CollegeDev is working on a new release of the PDroid 2.0 Core and App, so I'm not going to try to port the core to 4.2 until the update is released (otherwise there may be a lot of re-working needed, and if CollegeDev is porting it already then I'd just be duplicating work).
In the meantime, I'm going to try to get some fixes and new features into PDroid Manager which can then hopefully move smoothly to the 4.2 version.
Hello, i'm using Permission pro to remove rights i don't want from program, do your program works the same way, or rights are removed by an other way ?
Also, some Gameloft games have managed to get their start at boot rights back, with every programs i used, i was never able to kick them, so this is somewhat important to know, for me, if it will fail the same way.
Don't know if it's possible to do, but people not using Jelly Beans cannot block notification from a program, amybe we could get it with PDroid manager ?
Magissia said:
Hello, i'm using Permission pro to remove rights i don't want from program, do your program works the same way, or rights are removed by an other way ?
Also, some Gameloft games have managed to get their start at boot rights back, with every programs i used, i was never able to kick them, so this is somewhat important to know, for me, if it will fail the same way.
Don't know if it's possible to do, but people not using Jelly Beans cannot block notification from a program, amybe we could get it with PDroid manager ?
Click to expand...
Click to collapse
The quick answer: PDroid and PDroid Manager do not block notifications from programs. In new version of Android, there is a feature to limit which applications can create notifications. If there are a lot of 'marketing' notifications you should report the app to Google (I think you can report it at the Play store) because they are starting to move against that kind of activity.
Anyway, continuing...
PDroid 2.0 (and PDroid Manager) work quite differently to permissions pro. First, PDroid 2.0 (which is the Android modification that PDroid Manager configures) requires a modification to be made to the ROM on the device. This allows for the Privacy Service to limit the access apps have to private information, even when they have Android permissions to access the information. The PDroid Manager App (or the alternative, PDroid 2.0 App) allows you to choose what private information is provided to what app.
So, in order to use PDroid Manager, you need:
A ROM patched to add the Privacy Servire, which you can achieve by either patching the source code yourself using the patches in the PDroid 2.0 thread and compiling the rom, or potentially by using mateorod and pastime's excellent autopatcher
PDroid Manager (or the PDroid 2.0 App) to configure
The advantages of PDroid over Permission pro is that with PDroid, the app still has the same Android permissions, but when the app requests data from the Android operating system the privacy service provides back blank or incorrect data. This means that rather than the app crashing, as often happens when its permissions are changed, it keeps running.
The main disadvantages of PDroid compared to Permission pro is that it requires changes to the Android frameworks, which means you need to be willing and able to modify your ROM in order to use PDroid. It is not 'easy', and it also means there is a delay before new Android version are supported because the patches for the framework need to be modified to support the updated framework.
I hope that helps.
Hello, thanks for your answer, on the autopatcher page, it's not clearly written if it will work on OEM's rom (but it's clearly written it won't on samsung/htc one)
I'm currently usng ASUS' stock rom and guevor's kernel, any chance to have it working ?
If the service reply false information, it's still able to block an app at boot ? to make it unable to start itself at boot ?
Magissia said:
Hello, thanks for your answer, on the autopatcher page, it's not clearly written if it will work on OEM's rom (but it's clearly written it won't on samsung/htc one)
I'm currently usng ASUS' stock rom and guevor's kernel, any chance to have it working ?
If the service reply false information, it's still able to block an app at boot ? to make it unable to start itself at boot ?
Click to expand...
Click to collapse
Autopatcher will probably not work on an OEM ROM at this stage, unfortunately. That is something mateorod has been working on, but I believe it is still a work in progress. You can give autopatcher a try nonetheless, though. If it can't patch it, it will tell you. Also, if you search around the forums for your device, you may find someone has created special patches just for that device.
If you can get the ROM modded to include PDroid, then one of the features allows you to prevent an app being notified of when the device finishes booting. For those games, that means they would not be started when the device finished booting. However, it is possible that they may use a range of other ways to make sure they start which PDroid doesn't affect.
Probably the best way to deal with these types of problem apps is to use a tool that can 'freeze' the apps, and then just 'unfreeze' them when you want to use them. If they are giving you notification bar spam, you should definitely consider reporting them at the play store, too. Notification bar spam is against Google's current policies for the Play store.
Sorry I can't give you better news - patching of already-compiled OEM ROMs is not my focus area.
Hello, i already reported gameloft for their notification ads, and a video game doesn't need to be notified of system's start. Fact are they are "super dev" in play store and i doubt google will do anything.
PDroid seems more complete than Permission Pro, to make programs unable to acces data.
So, if i understand correctly, when i refuse a right to a program, the service will give blank information instaed of letting it see the real information. Does it have a big impact on the performances ?
I wouldn't mind switching rom, but it seems that no rom is able to install and keep all the data/configuration, means you have to use the custom rom since start or you're stuck if you want to keep things.
Edit : Seems Pdroid 2 is for 4.1.2+, my device use 4.0.3, will keep this thread bookmarked and will come back once i'll have enough courage to switch rom (since ASUS won't let us get the update anyway)
Hy!
enough if I flash in recovery the my ROM's update zip?
root required ? :fingers-crossed:
hmm
it looks like it works.
Thanks.
ROM:cm10 Flinny 129.
is possible into other languages translate?
acultr said:
is possible into other languages translate?
Click to expand...
Click to collapse
It's easy. Translate this file and open a pull request or attach it here.
Trust no-one, that's the first amendment for privacy concerned people...
So can we trust the compilers, IDE's etc.?
I made some tests with Eclipse, and the results are not very encouraging.
I created a hello world app.
This app has no permissions and it's supposed to only display its "hello world" message, but when I checked with Xprivacy if it had tried to access data I found out that it had requested access to:
1-phone/Configuration.MNC (cell tower),
2-phone/Configuration.MCC (cell tower),
3-identification/serial (the phone's serial number)
4-storage/sdcard.
Not bad but wait, there's more!
Then, I passed the app through Privacy Blocker, and it said that helloworld wanted to know my network type code.
I decompiled the app, removed the whole /smali/android folder, recompiled and reinstalled the app, now it doesn't want to know my network type anymore (but it stills tries to access 1, 2, 3, 4).
That means that there's something in the smali/android folder that requests the network type.
Note that this folder is added covertly since one would never know it's there unless one decompiles the app with apktool, and that the app works without it (actually one can see it in the libs in the Eclipse project, but a newbie wouldn't know that it's added in the app's smalis since it's not in the src folder).
Then I added a simple "search" button in the layout and in the main activity, and now the app wants to access, on top of the 4 above mentioned fields, system/queryIntentActivities.
Note that the app works even with everything restricted in Xprivacy.
To my understanding part of the problem comes from Eclipse and part comes from the Android OS itself, but I'd like to know what other people with more knowledge than me think about it
http://developer.android.com/tools/support-library/index.html
unclefab said:
Trust no-one, that's the first amendment for privacy concerned people...
So can we trust the compilers, IDE's etc.?
I made some tests with Eclipse, and the results are not very encouraging.
I created a hello world app.
This app has no permissions and it's supposed to only display its "hello world" message, but when I checked with Xprivacy if it had tried to access data I found out that it had requested access to:
1-phone/Configuration.MNC (cell tower),
2-phone/Configuration.MCC (cell tower),
3-identification/serial (the phone's serial number)
4-storage/sdcard.
Not bad but wait, there's more!
Then, I passed the app through Privacy Blocker, and it said that helloworld wanted to know my network type code.
I decompiled the app, removed the whole /smali/android folder, recompiled and reinstalled the app, now it doesn't want to know my network type anymore (but it stills tries to access 1, 2, 3, 4).
That means that there's something in the smali/android folder that requests the network type.
Note that this folder is added covertly since one would never know it's there unless one decompiles the app with apktool, and that the app works without it (actually one can see it in the libs in the Eclipse project, but a newbie wouldn't know that it's added in the app's smalis since it's not in the src folder).
Then I added a simple "search" button in the layout and in the main activity, and now the app wants to access, on top of the 4 above mentioned fields, system/queryIntentActivities.
Note that the app works even with everything restricted in Xprivacy.
To my understanding part of the problem comes from Eclipse and part comes from the Android OS itself, but I'd like to know what other people with more knowledge than me think about it
Click to expand...
Click to collapse
Thank you very much for your time Sir, and thank you for this nice and personalised answer, but I already knew about libraries, and anyway you completely missed the point.
The point is:
1-why a very simple hello world app built on eclipse requires private data access?
2-why that lib, that requests access to some data behind my back, is added to the final app whereas it's not needed?
I add that I'm building other projects (and it's actually from there that I understood that something was wrong and that I decided to make a plain hello world app to check it out) and same story, data access is added without my consent.
Oh well, nobody seems to care about the matter, and I don't care if people don't care so just tell me if you want me to remove this thread and let's forget about it...
Author: Apriorit (Device Team)
Permanent link: www(dot)apriorit(dot)com/dev-blog/304-android-package-analyzer
In this article, I will tell you about the process of my research and the results I’ve obtained. I will describe PackageAnalyzer program created as a supplemental tool that displays various data on applications installed in the system. The following is a short summary of its functionality and basic elements implementation.
Research Process. Results
First of all we need to obtain the Android OS source code. The official web-site provides the detailed instruction on downloading the source code from the repository. Following this instruction, I set up the program environment and began the download. At that moment 4.1 was the latest version of the source code available for download. That process took a while, as the overall size of the data received was nearly 15Gb.
What should we begin with? How to find a way to analyze such a volume of data under tight schedule…
It is a well known fact that programmers are rather lazy, which prompts them to optimize their work process in various ways, and I wasn’t an exception to the rule. I came up with an idea how to ease this process a little bit by creating a program that would scan all installed packages and display the information I need, namely activities, services, broadcastservices. What’s the point in it? Firstly, it provides arranged information on packages, which allows to outline those that are of a particular interest to me. But you cannot always define the activity purpose by its name. That’s why I modified the program by adding a function that allows you to run a separate activity from the acquired list.
As the result I outlined the list of Android system applications that might be of a special interest:
• com.android.browser
• com.android.contacts
• com.android.development
• com.android.email
• com.android.mms
• com.android.phone
• com.android.settings
• com.android.packageinstaller
The next step was the research itself.
What should I look for and pay special attention to? As we know, activity is launched with the help of Intent. To do this, we need to call the startActivity(Intent) or startActivityForResult(Intent,int) method, if we expect to obtain certain result, and pass to it the Intent we’ve already created. Intent is a kind of a package, which a sender fills with various data and sends to the recipient (activity) for analysis. Therefore I was tasked with identifying the activities capable of executing the instructions set in Intent, which are not described in the Android manual.
Activity life cycle begins with onCreate() method. In most cases, exactly this method extracts the data included into Intent. The getIntent() method is used for this purpose. Hence, equipped with Far, I started searching for classes with included getIntent() with further research of what happens inside of each class, what data is extracted from Intent, and for what purpose it is used. Using this algorithm, I went through each system package, which was planned to be researched.
Unfortunately, I couldn’t find any hidden possibilities in the system packages of Android OS. Perhaps, it happened due to shallow application research, for which I didn’t have much time, that didn’t allow me to go deep into the features of each application. But negative result is a result after all. I am sure that Google programmers did a great work to eliminate system vulnerabilities by the release of new Android OS – all loopholes, which I was trying to find, were covered.
Program Part. Package Analyzer
As I mentioned earlier, I created the PackageAnalyzer Android application that was mainly tasked with collecting and displaying various information on installed applications. Besides, additional service that checks the requested permissions in newly installed applications and warns about the potential danger was added to the program functionality.
Functionality
• Acquiring the list of installed applications;
• Acquiring the list of Activities, Services, Broadcast Receivers, Permissions;
• Launching a separate activity from the list;
• Notifying about potentially dangerous permissions used by the application;
• Service. Tracking the applications being installed and checking the permissions they request.
Appearance
The user interface consists of two activities.
When launched, the program acquires the list of all installed packages and displays it in the main activity. After a package from the list is selected, the second activity is launched. It displays the detailed information on the internal package components (activities, services, receivers, permissions).
In the “Activities” section, you can initiate the launch of any component from the list by clicking it. In this case, an attempt to launch it with the help of Intent will be made. If everything goes smoothly, the selected activity is displayed on the screen. But not all activities can be launched this way, as an attempt to acquire certain data from Intent that initiated the launched is made in many of them, in onCreate() method, and if some data is not actual or wasn’t found, the activity cannot be launched.
Any Android application requires a permission to perform an action. The list of requested permissions is displayed to a user before each installation. That means that in theory it allows a user to make himself secure against malicious software getting into a phone. But practice shows different results: most users simply do not pay attention to this list. This gives malicious software the opportunity to get into the phone and use the user means as it wants.
That is why the ScannService service was added to PackageAnalyzer program. Its main task is to check the permissions requested by new applications and to inform a user in case any potentially dangerous permissions are detected. Such permissions would include: sending and receiving SMS, making paid phone calls, access to your location, access to personal data (contacts, emails), and so on.
The permissions are checked for new applications, as well as for already installed ones. This check is performed at the PackageAnalyzer launch. Depending on the permissions requested, the indicators in are displayed in the main activity and in the Permissions section in one of three states.
Risk level:
- high;
- middle;
- low.
If a user allowed malicious software to be installed, ScannService shows the corresponding notifications and plays a sound signal.
By clicking the notification, you launch the activity with detailed information on the package. You can start/stop this service by clicking the button on the main activity.
The ScannService registers two BroadcastReceivers at launch. The first one gets the notifications on newly installed applications and initiates the check, and the second one starts the service in case of a mobile device restart.
Implementation
Information on installed applications is located in PackageManager, which can be acquired from the context:
Code:
1 PackageManagerpackageManager = context.getPackageManager();
We acquire the list of installed packages:
Code:
public List<String> getInstalledPackagesList()
{
List<String> list = new ArrayList<String>();
List<PackageInfo> packageInfoList = packageManager.getInstalledPackages(
PackageManager.GET_ACTIVITIES );
for( PackageInfo packageInfo : packageInfoList )
{
list.add( packageInfo.packageName );
}
return list;
}
We acquire the list of activities located in the indicated package:
Code:
public List<String> getActivities( String packageName )
{
List<String> list = new ArrayList<String>();
try
{
PackageInfo info = packageManager.getPackageInfo( packageName,
PackageManager.GET_ACTIVITIES );
for( ActivityInfo activityInfo : info.activities )
{
list.add( activityInfo.name );
}
}
catch( Exception ex )
{
ex.printStackTrace();
}
return list;
}
We acquire the list of services, receivers, and permissions the same way by passing the corresponding parameter to:
Code:
getPackageInfo(): GET_SERVICES, GET_RECEIVERS, GET_PERMISSIONS
BroadcastReceivers are declared with android: enabled="false" parameter in AndroidManifest.xml file, as by default the service is stopped. The receivers are inactive until a user launches the service. The components activity state is changed in the following way:
Code:
publicintonStartCommand( Intentintent, intflags, intstartId )
{
setComponentEnabled(true, PackageInstalledReceiver.class );
setComponentEnabled(true, OnBootDeviceReceiver.class );
...
}
publicvoid onDestroy()
{
setComponentEnabled(false, PackageInstalledReceiver.class );
setComponentEnabled(false, OnBootDeviceReceiver.class );
...
}
privatevoid setComponentEnabled(boolean enabled, Class<?> clazz)
{
int state = enabled ? PackageManager.COMPONENT_ENABLED_STATE_ENABLED
: PackageManager.COMPONENT_ENABLED_STATE_DISABLED;
getApplicationContext().getPackageManager().setComponentEnabledSetting(
new ComponentName( getApplicationContext(), clazz ), state,
PackageManager.DONT_KILL_APP );
}
It is necessary to check the activity of the service at program launch. To do this, you need to acquire the list of all started services and perform a search in it:
Code:
publicstaticboolean isServiceRunning( Context context, String serviceClassName )
{
ActivityManager activityManager = (ActivityManager) context.getSystemService(
Context.ACTIVITY_SERVICE );
List<RunningServiceInfo> services = activityManager.getRunningServices(
Integer.MAX_VALUE );
for( RunningServiceInfo runningServiceInfo : services )
{
if ( runningServiceInfo.service.getClassName().equals( serviceClassName ) )
{
returntrue;
}
}
returnfalse;
}
Summary
In conclusion, I would like to note that although I didn’t obtain any results after searching for hidden possibilities of Android system applications, I created an application for analysis of programs installed on a mobile device, which can be used in the future. The functionality of the program can be extended to obtain more detailed information on applications, as well as to provide security (detection of malicious software and so on).
All articles, code pieces, example project sources and other materials are the intellectual property of Apriorit Inc. and their authors.
All materials are distributed under the Creative Commons BY-NC License.