Over at Random Blame's Sero 7 Pro Jellytime thread http://forum.xda-developers.com/showthread.php?t=2474673&page=20 there was a brief discussion about creating a locked down kid-safe rom for kids with known internet-misuse issues. My basic idea was to turn the Sero into a glorified media player, with no access at all to communication capabilities, including browser, facebook and such, but still permitting youtube and some other niceties.
There are "apps for that" in the store, but at least the free apps have security holes in them bigger than the Titanic, post-iceberg. The largest hole is the easy workaround of accessing the play store through an ad, then simply uninstalling the PC software. If the kid remembers to put it back later, you might never know it was done.
Here's what I came up with, rolling with several of the ideas proposed in that thread. I'm no dev, and no ability to create a rom, all I did was butcher an existing one In theory, you could do this with any custom rom for any rooted device. It's a one-way trip, so make sure you save the original image someplace in case you want to return to full functionality.
As always, proceed at your own risk.
So for my Sero 7 Pro I did as follows:
1. Root and install XboxeXpert's custom rom, from post 3 here: http://forum.xda-developers.com/showthread.php?t=2297246
2. Install any apps you want on the device from Google Play. Do NOT install from Amazon, they won't work without the Amazon App store installed, which defeats the entire purpose. Trust me, I blew hours on this.
3. Install titanium backup and save everything thus far. Move the save files to a secure laptop so you can reinstall and update later, as needed.
4. Use an app manager like App Master and start stripping out everything related to communications. I blew away Messenger, Browser, Email services, and a number of others. Use your imagination.
5. Lastly, in direct opposition to almost everything XDA stands for, remove Play Store.
* App Master has a backup function, and you may be tempted to use this to preserve Play Store in case you want to install something else later. I found it does not restore correctly and Play Store was unusable, and had to re-flash and start all over again. You may have better luck with Titanium, but I did not try it.
Without a browser, the kid cannot get on any inappropriate sites. Without an app store, they cannot replace the stock browser / messenger or add Facebook / Snapchat to the tablet, even by clicking on an add. The free game apps I installed worked fine, but the ads went nowhere.
This is pretty efficient, about the only thing the kid can do at this point is install a new rom fresh, for which they would need access to a computer, which you would also control in your own house. Can it be beaten? Sure, some of these kids give the NSA night-sweats, but unless your kid is an aspiring dev, it's about as secure as you can hope for.
Best of Luck,
TM
Related
I've got a rooted SGS4G. I still have the stock ROM since I run the phone as a PDA.
I got rid of the social and entertainment apps, and rooting was the only way.
Now Google maps is driving me crazy. I just want the coordinates, I live in this town so I know what's around and will not use an entertainment guide, want no part of Latitude. The stupid app just updates everything and I can't move it to the card or get rid of the extras. If I freeze it, Weatherbug Elite isn't happy. It updated yesterday, I undid the update with Titanium, and it updated itself again today.
I just might want a map sometime, so I don't want to delete it.
Anything suggestions about getting control over this stuff?
you realize that places, navigation, latitude are all a part of google maps. if you dont use it, dont put it on your homescreen and you should be good. let maps update because its helpful. use launcher pro or an app that hides apps and hide the app from your app drawer and you're fine.
dont try to mess with it because it is an integral part of the phone...
im not sure if that helps; im not 100% sure what youre trying to do
It doesn't. I don't need the maps - just the coordinates for astronomy and weather.
If I want a map, I'll download from mapquest on the computer and turn it into a pdf. Or use the printed page. I prefer print maps, I don't need a map to navigate.
If I can tell MS to get lost even though they say they own the latest OSs, then I should be able to tell Google the same. I dislike assumption.
I need a hosts file on the phone.
You could be nicer about it so good luck with what you're trying to do. I don't think it can be done to be honest. whiskey or acid may help you out
Sent from my SGH-T959V using xda premium
Backup with titanium, delete with titanium, restore when needed with titanium.
Sent from my SGH-T959V using Tapatalk
I've been doing that. I have a question about TI backup. I told it to delete the Kindle App, and using manage apps on the phone, Kindle is still listed. Did TI actually remove it?
I can't use Kindle as a reader since it's only linked to Amazon's bookstore. I like Manybooks and Gutenberg project and you can't read them on either the Kindle or Nook apps. It's funny that I could read any file on the Nook Wifi I had.
The phone is rooted and unlocked. I use it mostly as a PDA.
I liked the Palm platform and now enjoying Linux. Ubuntu doesn't assume anything. Mine came with Open Office, but if I'd rather use Libre Office, I can delete Open and install Libre.
The carriers, Samsung, and Google are assuming too much in some cases. There's quite a few that would love plain vanilla Android.
I think you see kindle app after uninstalling because you didn't get rid of correspondent .odex files. Until you do, you're going to see a link to kindle on your app drawer.
Sent from my SGS4G using xda forum app
Thanks for that info. I am not familiar with Android extensions.
There's a couple of apps that will allow you to move stuff to the card. I have App2SD and am not impressed. I can understand some of the built in programs not being moved, but I have a financial app that I bought that won't let me move it.
Do any of the other move to sd card apps work any better?
Since I'm rooted, can I use a firewall to stop the updates? I was looking at Droidwall, but I'm not sure about IP tables.
I read in another section about low memory, I've done most of that, and there's still high usage from something.
Hey there,
I was surfing through the android market days ago and found some interesting news, non pleasant ones i may say.
I took the applications Granny Smith and Big Great War Game to give it a go, installed them, and failed to check the onscreen advice, so install was successfull.
The applications were working properly, tested it, but i noticed my notification bar had an extra app going, ads mostly, regarding other available purchases. Yes i know some apps do this on a regular basics but this isn't the case. As one of the apps referred above asks for SU privileges, (both are games), and when i tried to uninstall them, i get always "Uninstallation not Successfull". Also, it appears two install apps for each one, example: Granny (240kb) and Granny (14mb). Either way you simply cannot uninstall them.
I then tried the root explorer to hunt these b*astards down manually, after a quick search, i did managed to delete every trace. But though it was done properly, the damn icon still appears on my apps list, and with various uninstall tools available, simply gives you error after error.
Down side is, so far you may think this is harmless, after all its publicity and there are a ton of apps doing the same. Right?
Well, not quite. You see, the apps run with the system constantly, with 3G or WIFI or not, not appearing on any task killer, and thus completely draining your battery in 1hr tops.
I would like to know if anyone encountered any issue relevant or similar to this case, as is critical to at least inform the customer the malware capabilities of such apps.
If needed or for experiment use, you can ask me for the apk files, i saved copies of it.
Cheers.
Haveing personal security on a device without out root is not easy.
I am being given a lg g tab v522 for a Xmas with 2gb a month data over lte for 2 years.
But sadly from all the research I've done the tablet is not going to be rootable.
So I'm looking for ways to ensure my security without root.
And I will report back here with what I find and how I feel about it.
Please feel free to post any applications I should look at.
Like history wipe,app backup, or ways to reset the Android id and other tracking methods without root.
things I will be looking for
(Preferably with out internet access)
Secure contacts storage
Because using Android contact's is just silly
Secure calendar app
That's right I don't need Google sync
Secure online storage
Possibly ghost commander with a mega plugin
Firewall
Looking at the no root firewall
Bookmarks
There are a few apps that don't need sync
Web browser
Firefox? Pale moon? Other?
Notes
Using mininoteviewer now, have to look at other possible s
Video player
Music player
????? I like folder players over play lists but security will be most important
Forums application.
I use xda labs now.. But have to look at its permissions closely
Gps spoofer
Thank goodness that this can be done without root.
Ok this should be considered dead
After a nightmare of a time dealing with customer service trying to get the tablet shipped as a present to a different address they get it wrong three times
Now it is out of stock..
So they can stuff it.
Which means I will not be getting a non rootable tablet so I have no motivation to risk my information testing with out root.
Happy solstice.
Hi all,
I had the suspicion for some time now that my Android phone is somehow collecting private information without my knowledge and using it to bombard me with ads but I wasn't sure how. I know that google is reading my emails, my calendars and has access to my data stored on Google Drive but today something totally weird happened. I was watching a video clip on YouTube when suddenly the clip paused and an ad show up about a salve I was discussing about the night before with my girlfriend. This cannot be a coincidence! The phone was during the conversation on Standby mode.
I've found some articles and even some videos on YouTube regarding this topic so I'm not paranoid.
Has anyone else experienced this?
Meanwhile I have deactivated microphone permission for all google apps but I doubt this is enough. What else can I do to stop it if it is really true?
I have stock ROM from Honor installed, would it be helpful to install a custom ROM?
droidis said:
Hi all,
I had the suspicion for some time now that my Android phone is somehow collecting private information without my knowledge and using it to bombard me with ads but I wasn't sure how. I know that google is reading my emails, my calendars and has access to my data stored on Google Drive but today something totally weird happened. I was watching a video clip on YouTube when suddenly the clip paused and an ad show up about a salve I was discussing about the night before with my girlfriend. This cannot be a coincidence! The phone was during the conversation on Standby mode.
I've found some articles and even some videos on YouTube regarding this topic so I'm not paranoid.
Has anyone else experienced this?
Meanwhile I have deactivated microphone permission for all google apps but I doubt this is enough. What else can I do to stop it if it is really true?
I have stock ROM from Honor installed, would it be helpful to install a custom ROM?
Click to expand...
Click to collapse
Google, Amazon, etc do pay a lot of attention to what you do online, which can seem a little intrusive. But we're not quite at the stage yet of people being listened to for the purposes of advertising.
It would be very labour-intensive, kill your battery and wreck your data. Not to mention the massive backlash from the public if and when it was discovered.
It's not impossible that some malware could be made which does listen to you, but it's not going to be an official Google app.
But, if you're still worried, deactivating microphone permission will stop the apps from being able to hear anything. There's no way to sidestep this to my knowledge. If an app doesn't have permission to use the mic, it can't use it.
Ticklefish said:
Google, Amazon, etc do pay a lot of attention to what you do online, which can seem a little intrusive. But we're not quite at the stage yet of people being listened to for the purposes of advertising.
Click to expand...
Click to collapse
I disagree. If you know someone who has a Google Home or Amazon Alexa product, ask them if they've had a similar experience. I know people who have those products, and they had a similar experience as OP.
Eavesdropping via Google Home/Amazon Alexa is a little different than eavesdropping on private phone conversations, because you must give Google Home/Amazon Alexa explicit permission to listen in order for it to work. However, I would not be surprised if Google monitors phone calls/texts in some manner to tailor advertisements.
answers
Google, Amazon, etc do pay a lot of attention to what you do online, which can seem a little intrusive. But we're not quite at the stage yet of people being listened to for the purposes of advertising.
http://qz.com/1145669/googles-true-...nd-nsa-research-grants-for-mass-surveillance/
http://www.theverge.com/2018/8/13/17684660/google-turn-off-location-history-data
https://video.foxnews.com/v/5731183327001/
Ads are being fed to users based on their voice content, online searches, etc. It is easy for machines to convert voice to text nowadays. That text is analysed for any text or phrase. Been going on for years with our spied-on phone calls and emails. Just see some YouTube videos for realtime subtitles in various languages for proof that this is done routinely.
Cameras, wifi, cellular and GPS are activated without our knowledge or permission routinely by OS, games and apps. Info is sent to Google and third parties when online. If your device is filled with Google's own battery-sucking apps, forget any semblance of privacy, I reckon. If your front camera is not covered...you are probably a sitting duck. You can buy camera covers on ebay if you want to be selective about when it's OK, these have a slider, otherwise consider taping it over. Same with your laptop.
If you are using Google Services or using Google Apps then I think you are a sitting duck ready to take some bullets. Much like Apple and Microsoft users are. To be fair, that is probably 99.99% of device owners.
Third-party apps and games do it too. So there's that. Your data is siphoned-off and sent over the interwebs by them.
Is your device rooted? If not, I'd recommend using a device that has TWRP for it, so you can more cleanly root it without resorting to more questionable root software with its own spyware. I'd recommend making a TWRP back-up before heavily uninstalling apps.
I'd recommend downloading open-source apps on f-droid.org. With a root uninstaller you can uninstall many things they normally don't let you: like all the Google spyware apps and components. Also things that you don't see listed under your Apps. Disabling Google apps doesn't stop them running. Uninstalling them then removing leftover files is a far better approach. For that you'll want a root uninstaller and a root file manager. Some uninstallers are better than others.
Trusting Google's own Permissions thing was always a bit like entrusting your kid to the local paedophile, to me. Google have CIA origins (and backing) and NSA funds keeping them primed. Do you know what just these 2 do worldwide? Unspeakable horrors. Consult William Blum or Susan Lindauer for starters.
I'd consider an open-source keyboard from f-droid.org. Like AnySoftKeyboard. I'd.consider replacing all default stock apps, including the Launcher.
The following has been safely removed by me after rooting my devices (various Mediatek-based Lenovo tablets):
Android Live Wallpapers, Android Work Assistant, Basic Daydreams, Black Hole, BSPTelephonyDevTool, Bubbles, Calculator, Calendar, Calendar Storage, Certificate Installer, Chrome, Clock, com.android.backupconfirm, com.android.browser.provider, com.android.providers.partnerbookmarks, com.android.sharedstoragebackup, com.android.wallpaper.holospiral, com.huaquin.factoryservice, com.mediatek, com.mediatek.voiceexztension,ConfigUpdater, Contacts, Contacts Storage, Device Service, dongle,Drive, DRM Protected Content Storage, Email, Exchange Services, FactoryKit Test, FM Radio, FTPrecheck, Fused Location, FwkPlugin, FWUpgrade, Gallery, Gamestore, Gmail, Google Account Manager, Google Backup Transport, Google App, Google Calendar Sync, Google Keyboard, Google One Time Init, Google Partner Setup, Google Play Movies, Google Play Music, Google Play services, Google Play Store, Google Services Framework, Guvera Music, Hangouts, Launcher3, Lenovo ID, Maps, Market Feedback Agent, McAfee Security, MmsService
Mobile Data, Mobile Network Configuration, MTKFloatMenu, MTK Logger, MTK NLPService, Music Visualisation Wallpapers, MusicFX, PacProcessor, Permission Control, Phone, Photos, RawDataTEst, RunInRebootSystem, Schedule power on & off, Search Applications Provider, Setup Wizard, SHAREit, Skype, SmartcardService, Sound Recorder, SYNCit HD, System Update, Tap the Frog HD, Tedongle Settings, Twitter, UC Browser HD, UpgradeSys, Vcalendar, VoiceCommand, Volidation Tools, YGPS, YouTube
Some of thistuff might be needed for phones but I use a tablet. All the telephony stuff is uninstalled.
If i need an app from Google's Spyware Play Store I use sites like https://apps.evozi.com/apk-downloader/ to download the APK directly without signing in to Google's Spyware Store infrastructure (since no Google apps are installed on my device). Otherwise f-droid.org caters to 95+% of my needs.
AdAway is one of the first things I install, along with a decent firewall like AfWall+
Xprivacy deserves some of your attention as do these apps from Tibor Kaputa https://simplemobiletools.github.io/
I've never rooted an Android. One of the warnings I see over and over is that rooted devices are more vulnerable to malware. I don't see any solutions for this though.
What extra measures will I need to take to keep my Android safe?
I use Norton 360 on my PC and Androids. Will this be of any help?
Are there any apps I can install to help with this issue?
Are there any system settings I should use for this particular problem?
Thank you
With stock or rooted the biggest threat is the user themselves. Most either install or download the malware themselves. A fully updated stock Android isn't invulnerable; there's no saving dumb bunnies...
Side loaded apps are high risk; at the least scan with online Virustotal and consider the results before installing. Keep email in the cloud and be careful if you choose to download anything.
All downloads stay in the download folder until vetted. Jpeg's and png's are suspect; open them there first before moving them and watch for strange behavior in that folder. Check the download folder daily for anything you didn't download, if found do not open, delete.
Keep thrash social media apps off the phone, all of them. They are targets and vectors for malware of all types.
Use a good firewall and police what apps are doing. Revoke internet access to all apps that don't need it. Know what apps have run at start permissions; do they need it? Updates and upgrades can cause more lost time then malware trying to find work arounds. Lock auto updates down, and download them only if needed. Updates and firmware upgrades can and do break things...
Most importantly cover your six and be prepared.
Critical data can not be lost, protect it!
Redundantly backup all critical data to at least 2 hdds that are physically and electronically isolated from each other and the PC. Be ready to do a full reload if needed.
If malware is found or suspected, isolate the phone and if it can't be completely deleted in an hour or two, nuke that load. Be ready to change passwords and secure accounts.
Never trust antivirus apps to detect malware or save you, mostly they just waste resources on an Android.
Thank you!
I'm already doing a lot of those things, especially social media apps.
One of the reasons I want to root my phone is that I can't uninstall, force stop, disable or take away permissions for some apps, like Facebook, Facebook App installer, FB app manager Google, ad nauseum. The same goes for the millions of preinstalled Samsung bloatware apps. They dont stay disabled and routinely restore permissions. Im sick of having to routinely check them all. I'll never buy another Saamsung again.
You're welcome. Welcome to XDA
I run 2 stock N10+'s, one on Pie, the other on 10.
I use package disabler to kill bloatware and services I don't want to run at bootup. You can also use a adb editing app to disable apks. Don't go too nuts; be wary of disabling any Samsung system apps. Most of these apps just sit unless needed. Dependencies... actions have consequences; understand what the app does and what other apps, services or UI functions are dependent on it!
Google play Services can be disabled when not needed; disable find my device as System Administrator first.
On Pie Karma Firewall is fully functional but not on Android 10 and up, although it will still block access. It uses virtually no battery.
Once you sort it out (learning curve ahead) stock Samsung's especially older ones like the N10+ are easy to run. They are the most customizable stock Android on the planet with an excellent UI. The current load on this one will be 2 yo this June; still fast, stable and fulfilling its mission. Security is simply not an issue.
blackhawk said:
You're welcome. Welcome to XDA
I run 2 stock N10+'s, one on Pie, the other on 10.
I use package disabler to kill bloatware and services I don't want to run at bootup. You can also use a adb editing app to disable apks. Don't go too nuts; be wary of disabling any Samsung system apps. Most of these apps just sit unless needed. Dependencies... actions have consequences; understand what the app does and what other apps, services or UI functions are dependent on it!
Google play Services can be disabled when not needed; disable find my device as System Administrator first.
On Pie Karma Firewall is fully functional but not on Android 10 and up, although it will still block access. It uses virtually no battery.
Once you sort it out (learning curve ahead) stock Samsung's especially older ones like the N10+ are easy to run. They are the most customizable stock Android on the planet with an excellent UI. The current load on this one will be 2 yo this June; still fast, stable and fulfilling its mission. Security is simply not an issue.
Click to expand...
Click to collapse
The more annoying Samsung apps I was referring to are the Bixby apps, AR doodle, Smarter things... those kind of apps. If they didn't re-enable themselves restore permissions, I wouldn't mind them so much. But they DO.
I won't be using that phone much longer anyway. I'm going back to Motorola.
I always buy factory or globally unlocked phones. That helps some. But Motorola recently started forcing FB. I can uninstall it, however I have to review updates to make sure it doesn't end up on my phone again. But then I review all updates before installing them anyway..
I always look up the system apps before making any changes. Like Google Easter Egg. Everything I could find says it's unnecessary.
All those mentioned apps can be safely disabled.
Bixby Vision is used for barcode scanning though.
Try the free Galaxy store icon packs, themes and the Good Lock family of apps including One Handed Operation plus.
Chose theme>icon pack>whatever wallpaper you want. The native high contrast theme looks good.
Play with it...
blackhawk said:
All those mentioned apps can be safely disabled.
Bixby Vision is used for barcode scanning though.
Try the free Galaxy store icon packs, themes and the Good Lock family of apps including One Handed Operation plus.
Chose theme>icon pack>whatever wallpaper you want. The native high contrast theme looks good.
Play with it...
Click to expand...
Click to collapse
I actually already ordered a new Moto. It will be here tomorrow. Well, it's after 1am, so I guess it'll be here later today.
I've disabled multiple Samsung apps, restricted data and battery, taken away permissions, not just in app settings, but in permissions setting, special access permissions... And all the other weird ways I keep finding out about that you wouldn't think would be a place to remove permissions. When my phone starts to slow down, or the battery isn't lasting very long, sure enough, Samsung has gone behind my back and reset my preferences again. I never had issues like this any of the Motorola phones I've had.