Firefox Aurora, which will be Firefox 12, has a whole bunch of new permissions. Do you want your browser to take pictures, discover known accounts, administer accounts, etc.? Me, I just want it to render HTML while leaking as little info as possible. So, if you're concerned about privacy and security, heads-up.
This is too bad, because other than the spyware permissions, it's a big improvement over previous non-ndk Fennec, meaning actually usable.
i noticed the camera ..ect prior to installing went and checked official and beta its the same thing
not new
and the whole account ect. this has to do with new firefox sync app that comes with Aurora
so you can set up an account to sync your desktop browser to your phone
cashmundy said:
Firefox Aurora, which will be Firefox 12, has a whole bunch of new permissions. Do you want your browser to take pictures, discover known accounts, administer accounts, etc.? Me, I just want it to render HTML while leaking as little info as possible. So, if you're concerned about privacy and security, heads-up.
This is too bad, because other than the spyware permissions, it's a big improvement over previous non-ndk Fennec, meaning actually usable.
Click to expand...
Click to collapse
There are no "spyware permissions".
Permissions are just FYI, they're not telling you that an app is a spyware or not. I know sometimes it's hard to figure out why an app includes certain permissions, as a developer i can tell you that most of the times i have to add a permission in order to include code which is so poorly related to the scary permission's description.
Atm I'm having trouble with a user's review, it argued my app was malware just because new permissions were added.
In my opinion firefox products are safe and i'm using Aurora at the moment.
With this i'm not saying "go and install all the worst stuff you can find", paying attention to privacy and security is obviously a good thing... unless it turns into "android-specific-permissions-fobia", sure, because the other systems (PC, Mac, Linux, iOs, whatever) don't have user permissions so you just install a new app and stay happy.
There are a lot of apps that will request things like "read phone state and identity" that have no plausible reason for doing so except tracking/spying. Many run fine with it disabled.
I don't want to keep my bookmarks in the cloud, so the Aurora perms are just a privacy/security risk for me. Note that if a browser process is hijacked by malware, the malware will presumably inherit the permissions, making the trustworthiness of Mozilla moot.
If Aurora only needed the permissions when attempting to set up sync,
that would be tolerable for me, but it crashes on startup without them.
i set up one time sync to transfer bookmarks
then went to sync under the setting witch brings me to my OS account/sync menu
and disabled from attempting sync it still working fine for me
you can also delete the sync account also and still works fine
sync is not integrated into the browser for some reason maybe because it still alpha
but its integrated into official and beta browser and don't have these permission you're worrying over nothing
Actually Aurora got Sync back a few nightlies ago: now you have an icon in Programs and it's in Settings - Account too. Sync is the main reason I use FF on Android, it's brilliant!
I'm sure a lot of people are not concerned with security, data-harvesting, etc. I am, and some other folks must be also or CM wouldn't have added permissions management. A lot of things work fine with half their permissions disabled (Firefox being one). Others don't. Audible, for example, just won't run without "read phone state." I guess Amazon really wants that IMEI #.
Maybe they will patch Aurora so it will run without accounts access unless you try to set up sync.
Google's whole business model is based on data-harvesting. The ICS stock Music Player won't even work at all until you sign in.
Not everyone wants to be monetized in exchange for convenience.
Mozilla is trustworthy enough, they are a non-profit open source company that has been around for years, I'm sure they have a legit reason for the permissions.
Solution = who uses firwdox anyway?.. Boat browser!
Sent from your bedroom with my GT-I9100
Boat is what I mostly use. It wants a lot of permissions but runs just fine with them disabled. I was using Aurora as much as possible until I discovered the permissions.
Boat also stores bookmarks locally, and can save/restore from sdcard, just what I want. No shipping them off to Google or wherever they go for me, thanks.
Why would anyone use Firefox anyways?
It's slower than the default browser and it STILL doesn't support FLASH!
Odd how suddenly permissions became an issue when android decided to tell you what permissions are requested, yet before when you had your nokia/htc/motorola running other OS's, you would install any crap and not worry about it. What is the developer gonna do? Hack naked pics of your gf from your phone? Phone your friends and prank them? Show your mom you browsing dodgy pornsites from her pretty new android phone? Seriously now, everyone is making such a huge fuss about this its bordering on conspiracy paranoia
I put this posting up as a heads-up for my fellow paranoids, people who actually think about who might get their credit/phone/ssn/email etc., not for the benefit or convenience of app writers. It's like the whining from Swype about how they really needed accurate imeis or whatever so they could count unique installs. And dear Google wants everything they can get, now in one convenient location, so and only so they can serve you the right ads, and you can trust that they will never decide to more directly realize the huge shareholder value locked up there, and that they will never be cracked.
Privacy and security are like a gun: you don't need them until you *really* need them.
cashmundy said:
I put this posting up as a heads-up for my fellow paranoids, people who actually think about who might get their credit/phone/ssn/email etc., not for the benefit or convenience of app writers. It's like the whining from Swype about how they really needed accurate imeis or whatever so they could count unique installs. And dear Google wants everything they can get, now in one convenient location, so and only so they can serve you the right ads, and you can trust that they will never decide to more directly realize the huge shareholder value locked up there, and that they will never be cracked.
Privacy and security are like a gun: you don't need them until you *really* need them.
Click to expand...
Click to collapse
I understand your point of view, what i can't understand is why some people scream "beware spyware!" while they actually have no proofs at all.
permission + permission = spyware, it's a weird math which tends to damage developers and the whole android's world.
cashmundy said:
I put this posting up as a heads-up for my fellow paranoids, people who actually think about who might get their credit/phone/ssn/email etc., not for the benefit or convenience of app writers. It's like the whining from Swype about how they really needed accurate imeis or whatever so they could count unique installs. And dear Google wants everything they can get, now in one convenient location, so and only so they can serve you the right ads, and you can trust that they will never decide to more directly realize the huge shareholder value locked up there, and that they will never be cracked.
Privacy and security are like a gun: you don't need them until you *really* need them.
Click to expand...
Click to collapse
Scared your mom/wife/girlfriend sees an add for fleshlight while playing angry birds? Seriously this is a joke, 99% of developers dont give a rats ass about your bank account, email, pvt sexts. All we want is to deliver an application that would benefit the the community, and warnings like these would be the reason ppl move to other platforms because it spreads the idea that Android is an unsecure platform. So what if it logs which sites you visit? Firefox is one of the software applications that brought OSS software into the mainstream. It has been long established as more secure than IE. If it wasnt for software like this, we would not have had an open platform for our devices, making them much more affordable
Magnumutz said:
Why would anyone use Firefox anyways?
It's slower than the default browser and it STILL doesn't support FLASH!
Click to expand...
Click to collapse
+1 both Firefox and this Aurora are horrible browsers. Firefox team needs to get their **** together. Opera is just SO MUCH better. fast, easy, pretty much all options, hardware acc., flash, , and not once it slowed down or crashed on me.
firefox is supporting HTML5 (without h.264 because of licence) and flash is just added, it's still buggy because of AURORA. Aurora is very buggy as you noticed, lets think why? Oh, yes, it's just an alpha relase not even beta. I'm usin firefox beta in my mba 11" and old school 19" pc and both uses sync (which is amazing) I'm also giving feedback all the time with reports, logs and surveys. In mobile I was using dolphin but I can see posibilities.
Firefox is coming with steady steps. Everyone knows ff, and also chrome. Chrome just relased v.17 for pcs and macs. but still no mobile (except ICS beta) (also chrome is a google product and gathers your datas so many times more than firefox) I want to say people could remember time gaps between 3.5 and 3.6 and 4.0 of firefox and you see, now they are relasing new versions on few months which is very good (because now you don't need to wait new features for 5 months or you don't need to install minefield etc.)
About permissions, yes new permissions could be dangerous but hey, these permissions for give you something new like sync, flash plugin or new features. Mozilla is trustworhty and helpful. They are bringing Free Internet Space for years and you can't say they are spying us. there is versions for qr droid, with/without some permissions, maybe firefox can do samething for paranoids.
Also yes I'm supporting and defending firefox but no, I'm not a fanboy, at least I'm still using dolphin for manything and also safari.
Magnumutz said:
Why would anyone use Firefox anyways?
It's slower than the default browser and it STILL doesn't support FLASH!
Click to expand...
Click to collapse
The alpha supports flash and is huge improvement over official and beta that is currently on market
Sent from my Nexus S using xda premium
I use "spyware permissions" in a pretty loose sense of "permissions which are not clearly essential to the core functionality of the app". I agree that Mozilla is trustworthy, moreso because you can read the source. But the browser is the most internet-facing and thus most dangerous app, most likely to be cracked, most likely to have access to lots of personal info, so needs to receive the closest privacy /security scrutiny.
Unlike the Facebook crowd, I look at my info as my property, and ask not why I should not share my info with the world at large, but why should I, what benefit do I receive in exchange for giving away what someone else can monetize (the whole Facebook/Google business model) and which may do me real harm if for example app writers Ivan Ivanovich and his friend Bala Babangida turn out to be not such nice guys, and use my info to send me spam texts or clean out my bank account.
Case in point: Google+ app just added "record audio", but the app doesn't have any audio capability, you can't record and post a sound. I remembered that some years back Google wanted to be able to record audio on laptops, "purely for analytical purposes". That didn't fly back then. I uninstalled Google+.
cashmundy said:
I use "spyware permissions" in a pretty loose sense of "permissions which are not clearly essential to the core functionality of the app". I agree that Mozilla is trustworthy, moreso because you can read the source. But the browser is the most internet-facing and thus most dangerous app, most likely to be cracked, most likely to have access to lots of personal info, so needs to receive the closest privacy /security scrutiny.
Unlike the Facebook crowd, I look at my info as my property, and ask not why I should not share my info with the world at large, but why should I, what benefit do I receive in exchange for giving away what someone else can monetize (the whole Facebook/Google business model) and which may do me real harm if for example app writers Ivan Ivanovich and his friend Bala Babangida turn out to be not such nice guys, and use my info to send me spam texts or clean out my bank account.
Case in point: Google+ app just added "record audio", but the app doesn't have any audio capability, you can't record and post a sound. I remembered that some years back Google wanted to be able to record audio on laptops, "purely for analytical purposes". That didn't fly back then. I uninstalled Google+.
Click to expand...
Click to collapse
Best you can do is contact the developers and ask them about the permissions included. If Ivan Ivanovich & Bala Babangida say their notepad is not able to work without your bank account then ok, let's warn all the other people.
Probably you won't have any reply from google but most of the developers (or app writers, as you prefer) are just glad to answer via email since they're not allowed to reply in the android market.
Instead, the actual scenario is more and more devs who get their clean apps targeted as malware and users who get paranoid by reading too many reckless comments.
In general, devs are not wolfs and users are not sheeps... otherwise there were no open sources (eg Mozilla), no android, no xda-developers!
Related
Last night browsing the market, after having my phone reset for constant rebooting, I downloaded an app called "adult videos." I woke this morning to find the app wiped from my phone and from the market. Now, the problem lies not in the fact that this app is missing from my life, but in the question is google sneaking around in the middle of the night tampering with people's phones? I read that article about google remotely removing apps from phones strictly on a necessity based need. It kind of makes me wonder how selective they will be when determining what is necessary.
Google has the ability to do this and have flexed their muscles with that feature too recently,cant post links but google: "google remove android application". It uses google talk to send these removal requests. In normal conditions google will only delete apps that were malicious. (spyware/damaging/ddos/fraud/etc)
Most smartphone/ebook platforms have remote kill switches now. The more worrying part is that they also have the ability to install apps onto remote phones.
Google does this with android too? This is one of the reasons I dont like apple. This sounds like rediculous invasion of privacy. How does this work exactly?
Read the link.. disturbing both the install assett and the remove asset options. Plus the fact that Android maintains a constant data connection. Is there anyway to kill this constant connection? do you get charged for it? and can you disable the install and remove assett options?
It's Google, they live and survive off your information!
They went round WiFi snooping when they did Streetview, so God knows what they do with your mobile phone...
hungry81 said:
Google does this with android too? This is one of the reasons I dont like apple. This sounds like rediculous invasion of privacy. How does this work exactly?
Read the link.. disturbing both the install assett and the remove asset options. Plus the fact that Android maintains a constant data connection. Is there anyway to kill this constant connection? do you get charged for it? and can you disable the install and remove assett options?
Click to expand...
Click to collapse
This connection is maintained by using google talk. So as long as you are online on google talk you have a hotline to the kill switch. After these security concerns I bet some chefs are working on ROM with the kill switch disabled. But nearly all smartphones have kill switches nowadays, companies like Google, Apple and Microsoft don't want to be seen as unable to get rid of a malicious app which would impact on their reputation.
Edit: Thinking about it, if you have extreme worries about this, install some kind of firewall (like iptables (requires rooting)) and block mtalk.google.com.
The best part about these google phones is the ability to make them your own. I am currently waiting for cyanogen's mod 6 which I am pretty sure won't constantly chat with google, but I think that the fact should be recognized of who the major players are in the cell phone game. Remember that 'incident' google had with china, and how the NSA and google became friends after that. Hmm... The largest data analyzer teaming up with the largest data collector, google also reports higher sales every quarter now as well, that is alot of direct connections with alot of people. I'm not sayin' anything...I'm just sayin'.
El_Zilcho said:
Edit: Thinking about it, if you have extreme worries about this, install some kind of firewall (like iptables (requires rooting)) and block mtalk.google.com.
Click to expand...
Click to collapse
Ummm..... no.
r3s-rt said:
Ummm..... no.
Click to expand...
Click to collapse
Umm why not? Its a Linux system below the dalvik vm. There are people who got iptables running on their system and when done correctly iptables. Be aware when I talk about this, I am talking tin foil hat style here.
What if someone modifies AOSP code to just remove the INSTALL_ASSET and REMOVE_ASSET portions of the code?
Google, don't go Apple way!
http://threatpost.com/en_us/blogs/android-also-gives-google-remote-app-installation-power-062510
Old news, but they've made me "a little bit" angry Is there any way to remove all that crapware?
hmmmmm well figuring they just got in trouble for stealing multiple GB of data from private routers I'd say its a sure bet. Also I recently took a federal job and low and behold they already had my gmail account on file even though I have never given it out and only use it for family and friends, but the feds sure had it.
http://www.engadget.com/2010/07/28/new-licensing-service-replacing-existing-copy-protection-metho/
Looks like pretty soon the days of people copy and pasting apk's all over the place are coming to an end.
I hope this doesn't make theming harder.. We'll see.
From reading that article,
Seems like airplane mode or a firewall would crush all the hopes and dreams of google and app devs.
It seems that every time we open an app it needs to verify that it's been paid for by contacting a "licensing" server and retrieving a response.
I feel like that could slow down launch times, and being unable to use an app when offline would be like UBISOFT hell all over again.
I really hope google puts a lot of thought into this..
I wonder if this if already being done? Every time I try to play that golf game on my EVO on an airplane while the radios are off I get a FC when it starts. As soon as I an on the ground and turn the radios on the game works fine.
Sent from my PC36100 using XDA App
what if you are in an area with no signal or on a plane or something? you cant open any apps???
This is already in place in a number of apps, one is IP Cam Viewer.
I paid the money for it. I transferred all my files to my wife's Evo 4G, and thought "hell I'll see if it works..." Well it didn't. When I try to open the app, it tells me that I have to purchase it from the marketplace.
I'm all for buying apps when they're good, and I understand single user licensing. Guess I was just hoping I wouldn't have to spend double the money for all the apps I use.
simplyphp said:
This is already in place in a number of apps, one is IP Cam Viewer.
I paid the money for it. I transferred all my files to my wife's Evo 4G, and thought "hell I'll see if it works..." Well it didn't. When I try to open the app, it tells me that I have to purchase it from the marketplace.
I'm all for buying apps when they're good, and I understand single user licensing. Guess I was just hoping I wouldn't have to spend double the money for all the apps I use.
Click to expand...
Click to collapse
I've heard of couples sharing the same email as apps get replicated on the two phone
I can confirm that they don't get replicated..
I have two evo's right now under the same email and they're definitely not replicating crap.
cahiatt said:
I wonder if this if already being done? Every time I try to play that golf game on my EVO on an airplane while the radios are off I get a FC when it starts. As soon as I an on the ground and turn the radios on the game works fine.
Sent from my PC36100 using XDA App
Click to expand...
Click to collapse
Now that's a problem I understand about paying for apps but not working when I'm in a place with no signal. I see a law suit brewing up. I paid for the app I should be able to use the app whenever I want to. Class action law suit coming real soon.
Sent from my PC36100 using Tapatalk
Crap....
"A limitation of copy protection is that applications using it can be installed only on compatible devices that provide a secure internal storage environment. For example, a copy-protected application cannot be downloaded from Market to a device that provides root access"
...Seriously???
EDIT - the above quote was misrepresented in the place I copied from...research shows it to be misleading. the actual bit of Google's text is posted over on page to of this thread. disregard my indignation in this post...
This is discouraging, because a lot of people like to try the full before they buy it expecting more than what full has to offer, only to be disappointed later.
willwgp said:
This is discouraging, because a lot of people like to try the full before they buy it expecting more than what full has to offer, only to be disappointed later.
Click to expand...
Click to collapse
You do get a 24 hour refund option when you buy from the market so I'm not worried about trying before you buy. I do worry about not being able to play something when I'm in the bathroom at work because I don't get a signal there.
well how many ppl do actually piracy apps??? oh my bad forgot that this is Android, for a second i though it was apple!!
Just to clarify a couple of things:
There are 2 ways to use the Licensing - one is Strict - you CAN NOT USE THE APP WITHOUT ACCESS TO MARKETPLACE. Personally, screw that.
Option 2, however, is a non-strict policy. Server managed, where the license is 'cached' to storage. You also can programmatically set how long your app can be used without any license check.
That'd be the way i go
josue85 said:
You do get a 24 hour refund option when you buy from the market so I'm not worried about trying before you buy. I do worry about not being able to play something when I'm in the bathroom at work because I don't get a signal there.
Click to expand...
Click to collapse
That'll be up to the developer. I like this approach, as I'd be happy to do say... a 5-7 day turn around on the license check. After 7 days with no data signal, seriously, where the hell are you? LOL
Besides, if you've used a paid app for 7 days, and by that time can't decide if you need it or not - wow.
And of course, as soon as you got signal again, the license check would go through and you can use the app again, no problem.
I'm sure there will be UbiSoft and EA style implementations though - way too damn draconian for my tastes. I don't care to know every single second that someone's using my app. I would just like to know that they haven't 'copied that floppy' as it were LOL
I have no doubts this will be defeated in time, though. All it would really take is mimicking the server license response, which can be extracted from the locally cached license of an actual paid product.
People that pirate software are going to do it, regardless. Don't make the honest people pay the price of draconian DRM.
The best approach I can make as a developer, is give my customers the features they want, in a stable, good performing package, and discourage 'casual' piracy. Beyond that, it's out of the developer's control, and honestly, any more than that usually just pisses off the customer and annoys the pirates for about a day and a half.
Ok...had to read the SDK paperwork as I really wanted to know this...my previous post was incorrect and here is the update...
From Google:
Android Market Licensing is a flexible, secure mechanism for controlling access to your applications. It effectively replaces the copy-protection mechanism offered on Android Market and gives you wider distribution potential for your applications.
A limitation of the legacy copy-protection mechanism on Android Market is that applications using it can be installed only on compatible devices that provide a secure internal storage environment. For example, an application using the copy-protection mechanism cannot be downloaded from Market to a device that provides root access, and the application cannot be installed to a device's SD card.
With Android Market licensing, you can move to a license-based model in which access is not bound to the characteristics of the host device, but to your publisher account on Android Market and the licensing policy that you define. Your application can be installed and controlled on any compatible device on any storage, including SD card.
Click to expand...
Click to collapse
Also...there are options for the Devs to allow for apps to be used a chosen number of times before they need to check in for licenses. Strict has to check in every time....other option allows dev to choose based on times used or time since last check in.
SO...all in all I am much less worried about this now.
topdnbass said:
I can confirm that they don't get replicated..
I have two evo's right now under the same email and they're definitely not replicating crap.
Click to expand...
Click to collapse
With licensing the dev can choose whether an app can be accessed from different phones. It is an option...
(greeked...multiple times)
Question: Does that mean we won't be able to open, modify, and resign apks? Like...to change the appearance (make a widget clear, etc).
More like bad news for paying consumers. That's who always pays for everything. Those of us who actually buy the products.
I plan on speaking with my wallet. I wont buy any app that requires I have an internet connection.
A limitation of the legacy copy-protection mechanism on Android Market is that applications using it can be installed only on compatible devices that provide a secure internal storage environment. For example, an application using the copy-protection mechanism cannot be downloaded from Market to a device that provides root access, and the application cannot be installed to a device's SD card.
Click to expand...
Click to collapse
Wait so according to google us rooted folk couldn't download copy-protected apps before now?
Urrr, i think im missing something
This is actually a nice implementation for both the software developer and the user. Most will implement this where it only has to check-in every week or two. So the odds of getting caught in a spot where there is no connection is low.
At the end of the day, it is a pretty straightforward way to handle copy protection that really shouldn't inconvenience anyone.
Also it will bring more developers to the platform if they know they don't have to worry as much about piracy.
Piracy will still run rampant. People will find ways to circumvent this, that's just how it is. At least it will curb some piracy since copying and pasting an apk file wasn't much of a deterrent.
Worrying article on how apps are using personal information.
www.theregister.co.uk/2010/09/30/suspicious_android_apps/
I'm sick that they had to go too such lengths to find out. We need a better net architecture to enable a proper firewall to work.
Sent from my HTC Desire using XDA App
Also, app naming FAIL!
Well, since they only tested 30 apps and won't release the names of the ones they tested, only saying that they are "the most popular", personally I don't buy it.
And the information these apps are sending out is primarily geolocation. Well, no ****. If an app wants your location and you don't think it should have it, it's either using it for ads or you should decline to install the app and just send an email to the dev asking him why he needs that information.
tjhart85 said:
Well, since they only tested 30 apps and won't release the names of the ones they tested, only saying that they are "the most popular", personally I don't buy it.
And the information these apps are sending out is primarily geolocation. Well, no ****. If an app wants your location and you don't think it should have it, it's either using it for ads or you should decline to install the app and just send an email to the dev asking him why he needs that information.
Click to expand...
Click to collapse
Agreed... geolocation is pretty obviously straight forward. I don't know about the 'transmissing every 30 seconds' thing though.
Any thoughts ont he transmitting sim card and IMEI info?
http://www.youtube.com/watch?v=qnLujX1Dw4Y
Also discussed here:
http://forum.xda-developers.com/showthread.php?t=795702
With explanation where to get it from http://www.appanalysis.org/
A very well-written reply by "Steven Knox" on The Register, demonstrating how this 'research' is simply a pile of intentionally-misleading statistical rubbish:
By selecting only from applications that access both personal data and the internet, they're overstating the significance of their study by about 3x. Furthermore, their summaries blur this distinction unnecessarily.
Specifically, their FAQ says "We studied just over 8% of the top 50 popular free applications in each category that had access to privacy sensitive information in order to get a sense of the behaviors of these applications." Since there were 22 categories at the time they did the study, that would imply (22*50=1,100 * 8% =) 88 applications. However, they actually only tested 30, because of the 1,100 top 50 applications only (from the PDF) "roughly a third of the applications (358 of the 1,100 applications) require Internet permissions along with permissions to access
either location, camera, or audio data." -- meaning that the other 742 apps don't have the necessary permissions to play badly. The clause "..that had access to privacy sensitive information in order to get a sense of the behaviors of these applications." from the FAQ is grammatically ambiguous in this case (it may refer to "applications" or "category"), and not specific enough to indicate that over 2/3 of the applications are (relatively) safe by dint of not having the necessary permissions.
They also didn't include in their study apps from 10 of the 22 categories, but they don't explain whether that was due to a) there not being any or enough applications in those categories that required internet and personal data permissions, b) a conscious choice to focus on the other 12 categories, or c) the results of random selection (with an explanation of why they did not use a stratified sample).
Once you factor back in the applications they ignored, the numbers don't look quite so bad. Assuming their sample was representative, 2/3 of the 358, or about 239 applications of the top 1,100 of the time use personal data suspiciously. That's about 21.7% or just over 1 in 5 -- still significant, but a far cry from 2 out of 3. In fact, the worst case maximum is actually 358 of 1,100 or just under 1 in 3 (32.45%) because they are as mentioned above the only ones that actually acquire the permissions necessary to do anything "suspicious".
I understand why both the researchers and the reporter used the 2/3 figure -- you all believe you have to sell the point as hard as possible*. But the real story is that it's likely that at least 1 in 5 Android Apps use private data "suspiciously" -- and that number is still high enough to cause concern and to justify the further use of tools like TaintDroid. It's a pity you didn't trust the facts enough to avoid the unnecessary sensationalism.
*I am assuming, here, that Mr. Goodin did actually read and digest the paper as I did, rather than simply picking out the figures from the study, the FAQ, or a press release.
Click to expand...
Click to collapse
good spot. But one in ten woolf be too many. The point is we should have more fine grained control and transparency off what apps do over the net, and we can't, by design.
Sent from my HTC Desire using XDA App
We need to develop a shim that reports modified IMEI/SIM data for different apps. IMO, very few apps need that information. We may not be able to keep all those apps from sending our private information, but we can make that information useless if it appears that we all are using the same IMEI/SIM...
patp said:
...The point is we should have more fine grained control and transparency off what apps do over the net...
Click to expand...
Click to collapse
agreed....
if you are rooted. With Root Explorer go to /data/system/ and open accounts.db you might be surprised what you find in it... Some people it will be fine for but mine it shows my exchange email and password in plain text and a few others show up as plain text has well...Its not geo they are worried about (for the most part) and...this file has been known about for awhile
Don't worry though unless your downloaded android specific virus holding apps you wont have any problem. And if your getting all your apps legally through the market then its no big deal =) and if your pirating them...well I don't feel bad for you...
echoside said:
if you are rooted. With Root Explorer go to /data/system/ and open accounts.db you might be surprised what you find in it... Some people it will be fine for but mine it shows my exchange email and password in plain text and a few others show up as plain text has well...
Click to expand...
Click to collapse
Opened it, my accounts are there, but no passwords....
rori~ said:
Opened it, my accounts are there, but no passwords....
Click to expand...
Click to collapse
my gmail is somesort of encrypted but doesnt look that great.
Exchange shows up
facebook doesnt show anything at all aha
Thats why I said some might not have anything. Awhile back when I first heard about it one of my friends had two or three right there in plain English I didn't have a phone at the time to check...
Its been reported before but kind of just brushed over no biggy. To go real conspiracy theorist....I think apple is submitting all these articles...
ButtonBoy said:
We need to develop a shim that reports modified IMEI/SIM data for different apps.
Click to expand...
Click to collapse
Great idea
The source code/instructions for TaintDroid are now out:
http://appanalysis.org/download.html
Anybody found a (recent) kernel with built-in TaintDroid-support?
My phone is both unlocked and rooted. I couldn't stand the crap. I just froze it since all the apps I want install on the card anyway.
With this leak for Android (which Google is patching) is there any app or ROM that will make password entry required (no saved passwords - I don't save them on the computer, so it's no hardship)
I do have wifi calling, and I will use it over public wifi. I go to places where I get one bar at the most, and the motel has free wifi. I want my pet sitters and house watcher to be able to contact me at any time. My daughter moved to England, so I need Skype, and Skype only works on wifi on Android.
I don't use Picasa, sync the calendar, but I don't want my contacts to be bothered if that is what a hacker has in mind. There is no personal info saved on my phone. I also don't game. I don't watch movies.
Also, I would like a firewall. I have both Bing and Groupon banned in the firewall and in the hosts file. Bing is getting too far ahead of itself. It's allied with Yahoo and I do have a Yahoo mail account.
I use the phone as a PDA reference guide, and the processor speed and screen is why I bought it. I have frozen all the social apps and I might delete them. The phone has been working super since it's been rooted and I enjoy it.
Thanks,
Zuben
I am not sure what you are exactly asking?
You mention password entry? If you are talking about accessing the phone, there is the lockscreen that you can either password enable or choose a pattern to lock the device.
You also mentioned about a firewall? There is webroot security which you can manage things. But, you said that you blocked a few things already? I dont understand.
fknfocused said:
I am not sure what you are exactly asking?
You mention password entry? If you are talking about accessing the phone, there is the lockscreen that you can either password enable or choose a pattern to lock the device.
You also mentioned about a firewall? There is webroot security which you can manage things. But, you said that you blocked a few things already? I dont understand.
Click to expand...
Click to collapse
I want the apps to ask for a password - not the phone. If I use app market I want to log in every time - do not save the password.
Google mail and Tmobile I could stop from automatic sync. I don't want them syncing automatically unless it's a needed function.
Example: I got a list of updates today, and I can't block the ones I don't want.
There's one in the list for Youtube and Youtube is frozen. So is Facebook. So I didn't allow the updates.
So does anyone have a custom ROM or an app that does this? And where do you find info on webroot security?
Unfortunately the SGS4G is still in its early stages of development, there are a couple good roms out there but they are still stock and not custom, however they do improve the performance of the phone. As for what your asking for, no there are no roms that do this yet
dsexton702 said:
Unfortunately the SGS4G is still in its early stages of development, there are a couple good roms out there but they are still stock and not custom, however they do improve the performance of the phone. As for what your asking for, no there are no roms that do this yet
Click to expand...
Click to collapse
Thanks, do you think there will be one?
How far can developers go to get rid of stuff?
I saw this:
http://www.usatoday.com/tech/news/2011-05-09-emergency-alerts_n.htm
and I don't want it. Especially presidential alerts. I would guess that the final version isn't out yet, but I'm curious. I think it would eventually lead to abuse.
I buy my phones for my own reasons and use them in my own way, so I'm not your typical user. I see the phone as a PDA, only voice/text is communication.
The rest is all my required information at my fingertips, and the new screens and processors on the phones are great.
For those who spend a lot of time looking at a computer, and can't be bothered to look at their phone very often, Sand Studio has introduced AirDroid, an app that allows users to control their Android Phone from a computer via WiFi.
http://www.youtube.com/watch?feature=player_embedded&v=WfNnQxpw7Uw
http://www.youtube.com/watch?v=BfXRhSIm-m0
The great thing about AirDroid is that it works - it's easy to start up, and functions flawlessly (in my experience). The interface is also very polished - mimicking a desktop launcher complete with moveable icons, a task bar, and controls that allow you to do just about anything.
One of the most impressive features is the ability to access SMS messages, manage them, and send messages right from a web browser. Users can also manage contacts, uninstall/backup apps (AirDroid will download your apps as apk files), browse files, access the Android Market, and manage music and ringtones, in addition to the ability to look at phone information from CPU status to battery level and beyond.
Best of all, AirDroid is completely free from the Android Market. With all the powerful features it offers, this app is certainly worth checking out.
ITS FREE
DOWNLOAD
https://play.google.com/store/apps/details?id=com.sand.airdroid&feature=search_result
the market is blocked my country
can someone put mirror please
mehdi.moha said:
the market is blocked my country
can someone put mirror please
Click to expand...
Click to collapse
befarmain
http://www.megaupload.com/?d=AURZDHQ2
wish i could send and recieve whatsapp messages from it...
edit: just installed the app..sometimes the app makes the phone go crazy!! i have to logout fro the browser or turn off wifi for the phone to become normal.
This is without a doubt 'the best' app for controlling your phone from your browser. I've installed and played with many and this one tops the lot in my opinion.
It's clean, easy to use, great interface (both on the phone and PC).
Side note: This thread would probably be much better off in General Android Apps and Themes forum - http://forum.xda-developers.com/forumdisplay.php?f=530. The app isn't specific an LG Optimus.
---------- Post added at 12:31 PM ---------- Previous post was at 12:07 PM ----------
mehdi.moha said:
the market is blocked my country
can someone put mirror please
Click to expand...
Click to collapse
It's also available on the official website: http://www.airdroid.com/apk/airdroid_1127.apk
saw this in a google search, was just about to post in the GNote forum....
Anyone else used this? Am very tempted, but concerned of legitimacy of app (never heard of devs and truly paranoid about security )
Sent from my GT-N7000 using xda premium
SpyderTracks said:
Anyone else used this? Am very tempted, but concerned of legitimacy of app (never heard of devs and truly paranoid about security )
Click to expand...
Click to collapse
I'm a little hesitant to try out apps like this as well but they have nothing but good feedback on the market and a good following on both Facebook and Google+, as well as having their own website, so I was happy to give it ago.
@smackdownn Yeah I am with you on the whatsapp, this app is brilliant.
@Nucleotide & SpyderTracks Seriously? Whats the issue with privacy? Scared these devs are going to email or sms your gf while you are out? Either that or learn to hide your porn somewhere that is not your phone. I have said this before on so many occasions, when you were using a nokia/winmo/other NON android phone, they sneakily NEVER asked for permissions, but you installed apps that could pretty much do anything on your phone anyway
This app is by far the best solution I have tried in this regard, it just works and damn well too
@Cornelha
Lol.... I get what you're saying, but I think it's a little naive... the information we hold on smartphones these days compared to "our old nokias" means security is vital. After years of dodgy torrents, malware and hacked accounts, I've learnt to take it a bit more seriously, albeit probably to the extreme
Sent from my GT-N7000 using xda premium
This app is fantastic. We were the first to review it:
http://www.androidstatic.com/must-have-air-droid-lets-you-control-your-phone-from-your-browser
SpyderTracks said:
Lol.... I get what you're saying, but I think it's a little naive... the information we hold on smartphones these days compared to "our old nokias" means security is vital. After years of dodgy torrents, malware and hacked accounts, I've learnt to take it a bit more seriously, albeit probably to the extreme
Click to expand...
Click to collapse
I agree. I don't have anything I would call "sensitive data" on my phone but I do have a lot of contact information such as names, addresses, email addresses, phone numbers and other information which although not really sensitive, I still don't want other people to have - especially if I don't know about it. Not only that but apps can track your location, the buttons you press on your phone, numbers dialed, text messages sent, websites you visited, and the list goes on.
With that in mind I take caution when installing any app. I check for things like the amount of reviews on the market, the quality of the reviews (good vs. bad), does the developer have a website, a Facebook page with a good following, and so on.
one of the best app i ever know
good job mate
slow files transfers but great app !
have been using it for about 2 days and I have to say it is great...downloading files takes a very long to though
-love the SMS from desktop feature and comes very handy for different ROM users when putting files on devices
Love this app
Sent from my HTC Desire using XDA
i love this app!!!! i wish it would have a feature like an android simulator as well so we can open certain apps like whatsapp via mac/pc...
I have been using Lazy Droid but after using this for couple of days, I have uninstalled Lazy Droid. Nice app. thanks
I love AirDroid!!! It helps me to transfer photos and files from my phone to my PC wirelessly. I don't need to carry my cable anywhere with me. It's a great app. Nice job!
what do you have to install on the PC? if you want to link a PC to smartphone, for example
FASAR said:
what do you have to install on the PC? if you want to link a PC to smartphone, for example
Click to expand...
Click to collapse
You don't need to install on the PC. You just need to open the browser and visit web.airdroid.com to log in. Then you can manage you phone on the web. Easy, right?