Does a comprehensive and plain english list exist anywhere that tells who is who and why they have a security certificate installed on my android phone?
I've asked this before and never found an answer. I find it odd that it isn't questioned and recently when installing FoxFi, it was made more poignant when many became up in arms about the FoxFi cert and the notification that some unknown entity could be monitioring activity. FoxFi is pretty clear about why that cert is there and I can't say that for the factory installed ~200 certs.
Also, is there a comprehensive list anywhere that tells what factory installed and system apps do? Many have very obscure names and even names which are quite misleading upon actually discovering what they really do. I'm sure I can't be the only one that would like to know exactly which apps are safe to freeze, disable or uninstall and upon doing so, what functionality will be lost or what other apps will no longer work, if any.
I think Google needs to step things up in these two areas so people can actually know. The work in the area of app permissions is a step in that direction, but, still a long way from full and forthright disclosure aimed at educating all android device owners.
Thanks for any direction you can provide.
Hmmmmm.... its merely about the desire to know why every android I've owned for coming on ten years now has security certs installed belonging to the DOD, Japanese Government, Experia, Equifax and many more that I have no idea who they are unless I want to research each and everyone of them. Even doing so in most cases still doesn't reveal why those entities have a cert on my phone and what it actually means. I wonder what happens if they are removed and why they are there in the first place.
As far as the many pre-installed apps that I can't imagine many people having a clue as to why they are installed or what they actually do, well, that kinda speaks for itself as well.
Nobody else wonders or does everyone else but me already know?
However, in the mean time, I'll refine my quest to changing permissions and any insightful threads on that for dummies would be appreciated.
Thanks
Hi
Thanks for writing to us at XDA Assist. Unfortunately I can't find anything relating to your question on XDA, it's probably best to ask here:
Android Q&A, Help & Troubleshooting
No response in two days, thread closed.
Related
Hi everybody, I got my 1st WM device 2 weeks ago, and wherever I went, I found links to this forum. Since then I found so many great applications here (and I haven't even done a systematic search), so thanks a lot for this cool place!
One thing is missing badly for me though: On my old Symbian 3rd I was asked every time an application wanted to access the internet (and also write/read data). I could block it, allow it once or permanently. So almost exactly the same I have on my desktop with Sunbelt.
Now on WM, it seems to be totally common that every application can access the net as it likes to, without any kind of user confirmation. And I really don't feel comfortable about it. Who knows an application doesn't scan my phonebook or other personal data and upload it somewhere without me even knowing about it?!
So I did lots of searches, and the "best" I found was "Airscanner Mobile Firewall". Unfortunately though, it lacks application-based rules. You can only block E-Mails completely, or ICMP, or... But it doesn't protect you from installed software going online is it pleases.
Apart from that, there seem to be no tools for this at all. There are call blockers or tools that cut off internet completely, but no tools to control web access based on application. To be honest, I'm totally surprised by this, since there is thousands of apps for WM for anything else. It doesn't even seem to be a topic that concerns lots of WM users, while the creators of Symbian obviously took it quite serious.
I know I could have posted this in the "ideas for apps" thread, but first I wanted to check I didn't miss any existing software.
Thanks for any hints!
http://forum.xda-developers.com/showthread.php?t=382660&highlight=firewall
Rudegar said:
http://forum.xda-developers.com/showthread.php?t=382660&highlight=firewall
Click to expand...
Click to collapse
Tak for the reply, but as I said...
I did lots of searches, and the "best" I found was "Airscanner Mobile Firewall". Unfortunately though, it lacks application-based rules. You can only block E-Mails completely, or ICMP, or... But it doesn't protect you from installed software going online is it pleases.
Click to expand...
Click to collapse
Well, if this seems to be of no interest to anybody, I guess it means there never have been any cases of spyware on WM yet ever?
Is it not technically possible for an application to read the entire memory of a WM device and send it anywhere without the user taking notice? Let alone install a keylogger, reset the device and other evil stuff?
not that I know off and the virus are also a handful which are more likely proof of concept then real malware
So I have been looking around online just some basic stuff about privacy on the android phones and so forth.
I have also looked around the xda forums about Privacy and Protecting your ID or anything that you dont want to get out or w.e the case maybe so Im looking for some help and maybe this can help others about this if they wish to.
Well im looking for something that I can have the most protection toward viruses/malware/ID theft or any "stealth" like traces after uninstalling apps and anything that falls into that category. I have came across something called DroidDream Not sure if this is still going on in the world of android or some other form of it. But over all its something that the malware is designed to only run while the android phone is sleeping. Also talks about Once the Android smartphone is rooted, DroidDream searches for a specific package named "com.android.providers.downloadsmanager". If the package is not found, DroidDream silently installs a second malicious app without the user's knowledge. Other malicious apps can be installed in stealth from the DroidDream command and control servers I did find this info from pcworld site but thats some basic stuff..also it talks about the the update of gingerbread helped fixed that issue.
But like I said was looking for something that I can use or other members if they are not aware of such to help lock/protect their phones. I also did come across this link int he xda forums http://forum.xda-developers.com/show...hlight=Privacy
Also check this out https://www.androidpolice.com/2011/1...ction-lawsuit/
This app seems to be prefect for what im looking for or maybe anyone may have other ideas for something like this.
Thanks for all who reply and is helpful..
OK, I know I'm about to start a flame war, but...
This 10-post requirement, while well-intentioned, seems rather silly.
Just rooted my Droid 3 today after seeing a talk at DerbyCon; I'm not entirely retarded when it comes to Android dev, either, as I've been scripting up a way to automate running malicious binaries on virtual devices at work lately (I work for a security vendor). My first thought was to go and remove all the bloat on my device, and after finding:
http://forum.xda-developers.com/showthread.php?t=1238472
...I was very excited. Problem is, the script is quite broken on my Android 2.3.4 Droid 3 - even the remount command is going to fail, as the mount point it uses doesn't exist (it seems to have been tweaked a bit, as obviously /system is mounted). After poking around the phone a bit, just removing .apk files in /system/app (or renaming them, or whatever) isn't sufficient to kill the bloat, either - I found, for example, that the ZumoCast app was in 5 or 6 different spots around the filesystem that had to be cleaned.
I went to post in that thread with a question about the safety implications of whacking all of these files, plus an offer to update the script appropriately, and I've been blocked. Given that there are threats that threads will be killed if they're just attempts to reach the 10-post threshold, and that I can't post in relevant threads...I'm really somewhat frustrated, as this will involve a large time sink to get to the point where I can offer to help.
I can see where you guys are going trying to keep pests and n00bs to a minimum in useful threads (my day job involves dealing with people on an active open-source project's mailing lists, and I get sick of the same idiotic questions myself)...but is there no better way to let someone prove that they're not an idiot?
Sir, what seems rather silly to you, is not....there are reasons for the limit, here are some good reading for you, so you can see the reasoning.
Question for you, why don't you post in your device Gen Section your issues, since there are Q&A sections for your Device so that you issue can be addressed.
http://forum.xda-developers.com/showthread.php?t=1699450
http://forum.xda-developers.com/announcement.php?a=81
hi all!
please note: i am nothing near a professional user or even coder! i rooted my phone and i install custom roms on it, and thats about it. in addition to that i am concerned about my privacy. for me it started with the LBE Privacy Guard from the play store, it was quite nice until it stopped working, and made my phone stuck in a boot loop...
i have read and searched a lot of stuff before i decided to write this. but i havent found an easy and understandable how to. maybe that is because there no easy way to this. please go easy on me if there is already a thread for this...
i just installed openpdroid on my samsung galaxy s+ (i9001) and that is just because user bululu has made a patch for the rom i am using (cm10.1 from user davidteri) - thanks to both of them! i installed the patch with cwm (clockworkmod) and afterwards i was wondering there is no privacy setting in my menu or anything that would let me set up permissions. but from all the stuff i was reading before i figured i will need some kind of gui (not sure this is the right word - that goes for most of the stuff, but please correct me where u can, i will try and learn) so i installed 'pdroid manager' from the play store. that would finally let me set permissions for the apps! so far, so good. i am now using openpdroid...
should be all good at this point u might think, but this is where my questions begin ^^ f.ex:
is this the best solution atm? are there more solutions? what are the differences? what can u recommend?
furthermore i try to figure out how to encrypt email on android. most things i read point to k9 mail and using agp (or apg? is this the same?). i did some research on that topic an it seems to be the 'android privacy guard'. more questions here too...
it seems to be out of development, since the last changes are from 25.12.2010. is there a newer alternative for that or something i missed? or maybe it is still the thing to use or it is quite finished in its current state?!? but i dont wanna clog my device with old or unsupported software until i am 99% sure on what to do...
so basically i am asking if there is a nice and user friendly (with images) 'how to' for this kind of stuff i was just missing or is it just impossible (at the current state) to do such thing? if both answers are 'no' i'd like to start something like that, of course with your help that is...
because it seems the info i found is not coherent, its all bits and pieces one needs to bring together (in the right order and with compatible software). at least thats what it feels like for me as non-professional user and linux noob. i have no problem with puzzling stuff together but i also would like to help others who would like to do increase their security and get different opinions on whats the best way to do some things...
so if any of u got an opinion to any of the above please let me know! and help or links would be greatly appreciated! lets see if we can bring some things together and make our devices, our communication and our data more secure! and please note: this should not be device specific, my device and rom was just for information and for better understanding my starting point. this should be as broadly defined and open minded as possible. so everybody could partake and make use of it...
thanks for reading!
kind regards
bad1080
So I am going to post this here, because the development section is ferboten to people trying to offer useful suggestions. Geez, I hope this is the right section.
Let me set it up. ANDROID IS BASED ON THE LINUX KERNEL. Everything, and I mean everything after that fact becomes android and bloat. Given this as the basis of all things android, I have a simple set of guidelines that should be used to create a solid, reliable, bullet proof operating system for devices able to use the android operating system.
#1. Create the kernel boot section of the basic platform that supports the very basic hardware features, including touch screen, radios, power/charging/battery management, wifi, bluetooth, nearfield, audio, microphone, s-pen,etc. Basics only. Root access is standard and can be turnd on/off just like developwer functions. No special tricks or addon hoops to jump through.
#2 At this point STOP. Every single process or service to be run on the device from this point forward should be able to be individually selectable - or not. Yes, I understand that individual services or apps may have dependancies to other processes and that thouse need to be functional in order for a particular app to work. That is why, each additional service or app must list the dependencies and in the selection process, the installion will be required to verify you have the proper services installed and functioning, if not to list them and allow you to make the decision to proceed. Viola, we have NO MORE BLOAT WARE.
#3 Make selecting additional services/apps selection process a menu driven, tag selectable process. Make the unselection process smart to verify and identify the other apps dependant on the item you are killing/removing.
#4 Allow a built in snapshot option to capture the entire system as you have customized it for yourself and allow it to be backed up to external memory with the ability to bring it back, AT WILL. With no big hassles.
Those 4 items are a good start. By themselves alone, it would put all of us in the drivers seat of controlling and living with our devices.
I am aware that such a system is not for everyone. It does require some basic technical understanding of the process. But for the vast majority of users, I am certain, that an a la carte system is far superior to the bloated monstrosities being forced down our devices.
I would appreciate any refinements to my suggestions.
The silence is deafening. It has been days. Kind of says something, don't you think?
I am so very happy (not) that these boards a compartmentalized to the point where you can't get through.
Pretty much a waste of my valuable time, especially considering the fact that if my suggestions where applied, people would be clamoring for an installation with those features. I guess there is not much true "developer" in xdadevelopers anymore.
Funny guys, with the pay to remove ads spam here. Really? Why? For what.
I leave here disappointed. Not angry. Just sad.
I'm not a developer so I have nothing valuable to contribute to your suggestions in your original post but I can offer an observation regarding your perception of the level of contribution to your thread and that is the fact that is particular area of the forums probably isn't the ideal spot to have a discussion such as this. You figured that out already so sure you can call me Capt. Obvious if you wish but I'm just pointing out that yes the forums are compartmentalized (as you've stated) in such a way that development for each device is separated out. This development is centered around AOSP based ROMs or "stock" ROMs (using manufacturer released source) so if you're looking to have higher level discussions about what AOSP should look like then deep down at this device specific level probably isn't where you want to be. So there's that . . . then there's the fact that for this particular device you can basically hear a pin drop in the sub-forums as it is since nothing much is going on by way of development.
Where specifically such a discussion would see more input I'm not sure, perhaps the main general discussion section?
Thank you for your sobering reply. I get frustrated. Already had my post bounced out of "wrong" forum while trying to speak directly to "developers" (i wanted air quotes because the term does not accuratly describe its target) So I tried this. The note pro 12.0 is still the best hardware giving the ipad a run for its money. The problem its monkeyshines kiddie software running it, or not running, or barely running it. ANDROID, indian word for crappy wannabe software, developed by clueless kids.
Again, thanks for the gentle nudge. I appreciate someone willing to conduct a conversation
Are you looking for an Ubuntu or SUSE type of setup?
I think what you are looking for is similar to apt-get type of installs, I could be wrong of course. This might be helpful for many "users". I think one of the barriers is that there are slight differences between the models of tablets, and creating the logic to put in for the sub-dependencies might prove problematic. You might get more answers to this possibility by asking one of the developers directly and sharing with them. Not a developer myself.