CM12 Privacy Guard - WiFi Scan for Location always active? - Security Discussion

As no one in the Q&A forum could give me an answer, maybe here someone knows what's going on "under the hood".
Privacy Guard tells me that location is constantly active using Wi-Fi scan with the settings app although I've Wi-Fi turned off:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
That is annoying as first I do not want my location constantly monitored and second this maybe also is not "battery friendly".
Anyone knows what's going on here exactly? Is it true what privacy guard tells me?
On CM11 the settings app was not constantly monitoring the location using Wi-Fi when Wi-Fi was turned off.

First have you gone to main setting>wifi>setting button>advanced>scanning always available and make sure its disabled. This is one of those crappy things google.just cant help.itself.not slipping i the and tries to cover it with goog.intentions which are questionable. It purposely buries it way down in setting even those that want to be sure its off may have trouble finding. Also if you look at.the wording its supposedly there to help other apps have your location but also adds "and for other purposes". Which in legaleeze means wide open and to google means we are going to log all the info we can to use for our profit.
Anyways make sure that is off first and formost. After that I will include someother info below to consider and just some FYI stuff you may or maynot be interested in.
I dont know what apks.you have loaded but I know if you have gapps installed there is a number of call home features built into it and if anyone knows how to.bypass things in android its google dev team. It is for this reason i deal.with the inconvenience of not having gapps. Choosing instead to side load or use fdroid and other alternatives for googles various apps. I duckduckgo for searchs. Privacy apk if I wanted to tweet or FB. Email I use a paid service but there are a jumber of free that do not log. I also keep things local and sync it with my pc so nothing is left on servers. You can even setup cloud storage in a way where it acts as a virtual drive and everyrhi g is encrypted while on the cloud but decrypts locally on the device so its seemless.on the users end.
Secondly even without any of these sort.of apps installed google has built in a quasi call back function into the kernel. Its main use is to identify when a data network connection is behind a captive.portal. The setting not accessable from the UI is global captive portal. Its what is the cause of the ! you may sometimes see on the signal bar animaton. Android gives you an option to disable it thru a terminal windohus by changing captive_portal_enable setting from 1 to 0. But interestingly enough its been found that even when set to disabled the system will still use the global captive portal entry regardless. Its setting is to client3.google.com IIRC.
The other issue is that if you have disabled captive portal you will lose the ability to save the config in wireless networks for any network that does not broadcast its ssid or any that is a captive portal which are basically all the commerical wifi such as starbucks book stores libraries etc.. See goggle wants all that info so they can map the worlds wifi network aps (you can now see one way they have found to use this with their up coming release of cellular service where one of its main features is to auto offload both data and calls to any open wifis it has access as they come in range. Thus dumpings its costs and load to.those other companies offering free wifi to its customers and the community)
Interestingly it only does this to wifi not cellular data even though it scans and indicates both with the "!".
The way to stop this is either change the global captive portal to loopback i.e. 127.0.0.0 or you can host a basic webpage your device.
You can do the same for the ntp service as well as it too calls out automatically regardless of.settings in the UI.
The other possibility of the location leak could be from someother app you may not have disabled network or location from that has a call home feature.
You could put a network scanner and log what ip and then see based on its owner to figure out the program.
Another idea is to run a firewall and creat a script to stop all of this kind of leaks. I would recommend AF+Wall.

Related

Android Town

Ok, Android Town is now an obsolete name and application on the market. It was renamed to Peeples. Peeples is a seperate app on the market so you would need to download that one. It uses the same DB as Android Town so all your information is saved.
Peeples is a social community application which is location based. It enables users to see other users of the application on the map and strike up a conversation with them. Privacy options are also available.
So far the application has over 11k users.
Peeples has the added options of:
- uploading profile pictures and avatar through the application
- sending files from SD card with messages as attachments (5Mb limit for now)
Try it out and let me know what you think.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Running it on a G1 running CM 4.2.15.1.
Noticed a few things.
1) Registration via App Only (not a big deal, just no indication on the site as such)
2) Registration within the app resulted in "passwords do not match" ANY time I left a password field even when they did match
3) Map reacts slowly when being moved or zoomed in/out
As there's no one yet in my area run ning this, I haven't tested many of the other features. I'll report as I experience more.
Thanks for giving it a try. Hopefully some more US citizens register so you'll be able to interact with them. 5000 kms (around 3100 miles) is the biggest radius so far. Most of the users are in Europe at the moment.
Thanks for the heads up on the registration part. I will definitely try to improve it.
I was also thinking about adding content from social networks if users have any (FB, Twitter, FLickr...). What do you think about that?
And thanks again for testing
Have yet to install the newer release for testing, but looking forward to it.
The concept of linking other social media is a fine idea, provided that there are switches set in place to allow for selected/unselected status. I know plenty of users who would want to publish information for their Facebook, but may want to avoid doing so on other networks.
Either way, yeah, further integration with social media is a fine idea.
ill install and test tmmrw probably
seems pretty cool ill make sure to throw it on my EVO as soon as it freakin comes out
Added to my G1. Will let you know what happens.
Cheers. I sent you a msg in the app as well. Can you test how the send message screen looks on lower resolution please?
Testing it out now , but not many *users* in norway.
I'm the only one
Application is still in its's early days. If you choose a larger radius you will see more users (around 45 accross the world right now)
Application has just been published to the market as well, under the Social category of applications.
How about making a public chat channel that every one is in , when we connect . And late maybe switch it so it will be local / country only.
All depending on how many users this app gets
That's actually a very good idea. I'll be sure to do that as soon as possible...shouldn't be that hard (at least for a single one for starters)
Good nice app!
Already tweeted this. I'll Buzz it as well.
Private Messages look fine on the G1. No issue there.
I'll be comparing my experience to my friend's on the Nexus. Hopefully provide you some better feedback concerning how this works with the G1's older hardware.
Edit: First things we noticed, "Passwords do not match!" error is still present when registering via the app, even if the passwords do match. This issue has been replicated on the G1 and the Nexus 1.
Other noted issues:
Attempt to "Add as friend" on the G1 results in a toast of "Error". No other information contained in error.
Sending a picture on the G1 took about 1 min 45 seconds from time of shot to "Picture sent!" toast showed up.
I'll see what I can do to provide better information (such as screenshots, etc)
Let me know what else you could use.
Just a thought, an option to register via the desktop(internet) as well.
i couldn't figure out how to register until I found it as an option in settings when the app was open.
Doh.
It's lonely in the south of england......
Working on the mentioned bugs as we speak. Will probably release an upgrade today that might fix a few things.
@squirreleater: the internet register option is definitely needed. I agree.
anyone from germany?
feature request: please include option to add user with the username directly so that people from here can invite eachother other than searching on the map
install
Wont install on my Hero ??

[APP] Location Cache Viewer/Blocker [ROOT] v0.6

Simple app that lets you see what locations have been cached on your android device.
You can take a look at them in a list (text) and on map.
Root is required to read and delete the location cache!
Block Cache will change permissions on the file so the LocationProvider can't write the files back to disk.
Changelog
v0.2
- blocking (chattr)
- delete files
v0.3
- blocking for all devices with busybox installed
- fix for "no data"
v0.4
- gpx export
- fix force close on map
v0.5
- fix for another FC
v0.6
- maps shows accuracy
- clean ups and bugfixes
FAQ
Can I block the cache without root?
Yes, disable "Use wireless networks" under "Location & Security settings"
But you have to live with a slower location lock on maps.
Showing Map does not work (Force close)?
You should update your ROM/GApps
Your device has a buggy Google Maps Library installed
Screenshots are blurred for privacy reasons!
Android Market
https://market.android.com/details?id=ch.rrelmy.android.locationcachemap
YAAM Market
http://yaam.mobi/dev/app.php?id=ch.rrelmy.android.locationcachemap
Source at github.com
https://github.com/rrelmy/LocationCacheMap
Credits go to packetlss and stericson
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Thanks for this.
I have 200 in WiFi and 50 on cell
Sent from my HTC Liberty using XDA App
I am in awe. It knows everywhere i have been since monday. I have GPS off too! Good app.. it could be used to spy on spouses too. I am the 1st review in the market
con247 said:
I am in awe. It knows everywhere i have been since monday. I have GPS off too! Good app.. it could be used to spy on spouses too. I am the 1st review in the market
Click to expand...
Click to collapse
I see this same smile on google's face since they can spy on anyone...not just their spouses.
why does the app need full internet access?
bobloblawsum said:
why does the app need full internet access?
Click to expand...
Click to collapse
for the map visualisation i would guess
I wanted to code it during this weekend... looks very nice to me, especially the map mode!
No Data until 9th of March only
App is working fine, and shows correct information, but only until 9th of March, no data logged afterwards (which i like).
Is this based on the fact that using Network for Location is disabled? I am sure it is.
What about GPS data? Where could this be stored?
BTW, blocking the kernel in Droidwall should help a bit, as it tries to send data to Google Analytics!
Cheers
Alex
Internet is only used for the map tiles
If you have disabled "use wireless networks" under Location no data should be cached.
There is no cache for gps locks.
Thank you for this app. Saves me the trouble messing around with python scripts.
Thanks for this, works great on my Dinc running CM7.
Wow, not a single record on my Desire!
*ifeelsafenow*
I'm scare....
mine says no data found, which I think is hard to believe because i have use wireless networks enabled in location services....
hmmm
Thank you!
I've been traveling this week, the info is.....startlingly scary, and fascinating.
Every Android user should install this!
No data??
No data in wifi or cell? Could it be because of link2sd??
Nice app, good for awareness. Everyone should opt-out of the Google location sharing if they are concerned about being tracked. They ask you regarding this
Mixed feelings about this.
This scares the **** out of me and on the other hand it's cool.
Wouldn't be good if we could delete the "culprit" files? Which are they? Is it easy to add such a feature in the app, or it will need s-off?
Villis87 said:
Wouldn't be good if we could delete the "culprit" files? Which are they? Is it easy to add such a feature in the app, or it will need s-off?
Click to expand...
Click to collapse
The files are "/data/data/com.google.android.location/files/cache.wifi" and "/data/data/com.google.android.location/files/cache.cell".
Just disable "Use wireless networks" under Settings -> Location & security and be happy... Google makes it your choice to store these information. If you don't want it just disable it.

[App] Network Tools

Hi!
I have created a new application, Network Tools.
Basic idea of this app is periodic monitoring of websites, servers, routers, surveillance systems, etc. After a specified period of time the resource is checked, in case of failure user will get a warning. Such control will allow you to respond quickly to encountered problems.
You can add new resource to monitoring list, select the type and time interval between checks. At any time you can change the settings or manually check for a specific host. The corresponding commands are available on the context menu.
App contains additional tools: whois, ping and traceroute, for diagnosing network problems. For these commands there are implemented lists of previously entered addresses, so user does not need to retype them again.
Free, no ads.
Android Market link
You are welcome for feedback and comments.
WBR
Screenshots:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Network Tools 1.1.4 in Android Market
Network Tools 1.1.4 in Android Market.
What's new:
Version 1.1.4
* HISTORY;
* History auto delete;
* History auto update;
* Option: number of attempts to check;
* Option: timeout value;
* Host check algorithm improvements.
Version 1.1.3
* WHOIS;
* Separate ringtone option if host is working again;
* Copy to/Send to commands for traceroute;
* New status bar icons;
* Minor changes in the host verification algorithm.
Reserved for future use
Awesome, thank you!
this is a great tool! im looking for this one in Android for long time. Ive been using this app in windows mobile DNetworkTools.
i hope you could put some stuff like in DNetworkTools.
Thanks for the great app!
Ill support this one.
You just made my monitoring servers over the weekend a lot easier ^_^
Great app.
randolph2000 said:
i hope you could put some stuff like in DNetworkTools.
Click to expand...
Click to collapse
Thank you and everyone at this thread for feedback!
Be sure to look to the application's page that you specify. Thanks again.
WBR
Great Work!!!
Please don't take this as anything against the app, but if any admin actually relies on an app like this as the only monitoring solution for critical 24/7 servers, they should be dragged behind the woodshed and paddled. It has NOTHING to do with the app, rather the fact that mobile networks are simply not 100% viable.
That said, when there are issues (power, network etc..) with other monitoring systems, this is a FANTASTIC option. This will be part of my Android install kit forever.
I have a couple of requests:
1. A scrollable widget that shows the last result for each server/test would be cool. I will give you a full screen on my phone! ;-)
2. I need to test specific services: HTTP, HTTPS, FTP, SSH. Additional service options and maybe an option to manually define ports/services would be really nice. Customers of mine that have security camera systems using a DVR often forward random ports for external access to the DVR and it would add "peace of mind" for them to be able to see that their security system is up and running.
Dissenter said:
if any admin actually relies on an app like this as the only monitoring solution for critical 24/7 servers
2. I need to test specific services: HTTP, HTTPS, FTP, SSH. Additional service options and maybe an option to manually define ports/services would be really nice.
Click to expand...
Click to collapse
Sure, nobody says about critical servers monitoring.
In actual app version you can use Generic TCP option with URL like http://site.com:3128, or HTTP Get option with fully qualified URL to make some tests. I understand, this is not complete test of concrete service, and have plans to add more to my app.
Now I'm busy with another private application, but, I hope, this is not forever.
By the way, you say about test services like HTTP, FTP or SSH. What exactly do you think should make the application? Any ideas are welcome.
very cool app thanks mate.
Empty message, sorry
Excellent app.. just what I was after. Thank you!

The lion King is released on play store for xperia play

classic the lion king now on play store trt to play it with your xpweria play, its just awesome, my fav. game..
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Download from Play store
​
is that the Megadrive version?
hunthunt said:
is that the Megadrive version?
Click to expand...
Click to collapse
well i don't know much about it, i just share it.. thanks
hunthunt said:
is that the Megadrive version?
Click to expand...
Click to collapse
Yup, straight emulation, I wouldnt touch it. See below
PLAY Store Images:
Sega Genesis:
Yeah don't mined straight up ports but would not spend ya money as Disney will likely get this taken down. It's funny how they rename it slightly to try and get away with it just like fake clothes "The Loin'S king" lol
Sent from my LT30p using Tapatalk 2
poo-tang said:
Yeah don't mined straight up ports but would not spend ya money as Disney will likely get this taken down. It's funny how they rename it slightly to try and get away with it just like fake clothes "The Loin'S king" lol
Sent from my LT30p using Tapatalk 2
Click to expand...
Click to collapse
Yup. Wont be long. This is a poor attempt to steal peoples money.
Sent from my R800at using xda premium
bwhahaha...look at the permissions being asked lol
Code:
Permissions
THIS APPLICATION HAS ACCESS TO THE FOLLOWING:
YOUR LOCATION
APPROXIMATE LOCATION (NETWORK-BASED)
Allows the app to get your approximate location. This location is derived by location services using network location sources such as cell towers and Wi-Fi. These location services must be turned on and available to your device for the app to use them. Apps may use this to determine approximately where you are.
NETWORK COMMUNICATION
FULL NETWORK ACCESS
Allows the app to create network sockets and use custom network protocols. The browser and other applications provide means to send data to the internet, so this permission is not required to send data to the internet.
YOUR PERSONAL INFORMATION
READ YOUR CONTACTS
Allows the app to read data about your contacts stored on your tablet, including the frequency with which you've called, emailed, or communicated in other ways with specific individuals. This permission allows apps to save your contact data, and malicious apps may share contact data without your knowledge. Allows the app to read data about your contacts stored on your phone, including the frequency with which you've called, emailed, or communicated in other ways with specific individuals. This permission allows apps to save your contact data, and malicious apps may share contact data without your knowledge.
READ CALL LOG
Allows the app to read your tablet's call log, including data about incoming and outgoing calls. This permission allows apps to save your call log data, and malicious apps may share call log data without your knowledge. Allows the app to read your phone's call log, including data about incoming and outgoing calls. This permission allows apps to save your call log data, and malicious apps may share call log data without your knowledge.
PHONE CALLS
READ PHONE STATUS AND IDENTITY
Allows the app to access the phone features of the device. This permission allows the app to determine the phone number and device IDs, whether a call is active, and the remote number connected by a call.
STORAGE
MODIFY OR DELETE THE CONTENTS OF YOUR USB STORAGE MODIFY OR DELETE THE CONTENTS OF YOUR SD CARD
Allows the app to write to the USB storage. Allows the app to write to the SD card.
SYSTEM TOOLS
DRAW OVER OTHER APPS
Allows the app to draw on top of other applications or parts of the user interface. They may interfere with your use of the interface in any application, or change what you think you are seeing in other applications.
PREVENT TABLET FROM SLEEPING PREVENT PHONE FROM SLEEPING
Allows the app to prevent the tablet from going to sleep. Allows the app to prevent the phone from going to sleep.
RETRIEVE RUNNING APPS
Allows the app to retrieve information about currently and recently running tasks. This may allow the app to discover information about which applications are used on the device.
yeah...this wont last long lol
Probably have a much better time playing this on a super nintendo emu its pretty much exactly what they are doing anyway...
Thanks for sharing though!
Well, this app actually worked for one thing:
It makes me wanto to download the rom for Tiger Genesis.
Downloading now, lol....

Privacy concerns about AOKP - Best alternative of Cyanogenmod, AOKP, Replica, etc?

I currently have AOKP (Maclaw) installed on my Samsung Galaxy SIII Mini, but as I was looking through the apps, there was one particular app that got me slightly concerned. It´s called Panda and when I click it, the only option I have is to "Enable Energy Save Mode", yet that utterly simple app has FULL access to the entire phone.
Firstly with Panda, you do not have the option to uninstall it the easy way, so a noob is forced to have it there.
If you try to forcibly stop Panda in the app manager, it will restart itself automatically.
Further more - Panda have the perrmissions to
- directly call phone numbers
read phone status and identity
- read your text messages (SMS or MMS)
send MMS messages
- take pictures and photos
- record audio
- approximate location (network-based)
precise location (GPS and network-based)
- modify your contacts
read your contacts
- read your own contact card
- modify or delete the contents of your SD card
- disable your screen lock
- set an alarm
- read Google service configuration
use accounts on the device
view configured accounts
- read terms you added to the dictionary
- change system display settings
modify secure system settings
retrieve system internal status
- change network connectivity
change WiMaX state
connect and disconnect from Wi-Fi
connect and disconnect from WiMaX
control Near-Field Communication
full network access
view network connections
view Wi-Fi connections
- access Bluetooth settings
pair with Bluetooth devices
- re-order running apps
retrieve running apps
run at startup
- draw over other apps
- control vibration
prevent phone from sleeping
- add words to user-defined dictionary
- change your audio settings
. read sync settings
read sync statistics
toggle sync on and off
- expand / collaps status bar
- modify system settings
read battery statistics
read Home settings and shortcuts
test access and protected storage
write Home settings and shortcuts
- full permissions to all device features and storage
- Set global theme
..meaning I guess that this Panda app has full administrator/root permissions.. - ..but why?
Why does a seemingly useless application like Panda have root permissions, which in turn also makes it fairly difficult to remove? What is the application Panda´s true purpose? Why is it there in the first place? What does it do, exactly?
My concerns with these alternative smartphone operating systems is that there might be an Ubuntu/Debian scenario, where Debian is a nice clean OS giving you the very basics and letting you choose whatever extra you want from there, whereas Ubuntu comes with a lot of extra stuff that you do not really need and / or should be given the ability to choose if you wanted to install or not, upon install.
So, I guess my question to the experienced, security- and privacy-oriented smartphone-OS user is:
What is the best alternative smartphone OS that gives you a simple OS without anything extra such as that suspicious Panda app?
In other words, which smartphone alternative out there today can be trusted the most to respect my privacy? I would of course look into Firefox OS if it was available.
Am I being overly paranoid about AOKP? Should I just keep that, or perhaps Cyanogenmod is the way to go? Or perhaps I am missing an even better solution?
Thanks.
You know you can easily disable those permissions with app ops, do you?
Sent from my GT-I8190 MaclawStudio CM 11 using Tapatalk
GXGOW said:
You know you can easily disable those permissions with app ops, do you?
Sent from my GT-I8190 MaclawStudio CM 11 using Tapatalk
Click to expand...
Click to collapse
Not with the Panda application you cant, and thats using the original App Ops with 4.3 support.
If you access App Ops to edit permissions for Panda, you arent given a single permission to alter.
The App Ops I am using works just fine with other applications, and I can easily alter permissions - but with Panda, not so--I cannot edit a single permission of Panda´ s, and yet that application has full access to my entire phone.
Panda is an application that seems to come by default with the MacLaw releases, at least on AOKP - I havent tested their Cyanogenmod release yet.
That Panda bear logo of this particular Panda app that I am talking about is the same Panda depicted on http://maclaw.pl - so it kinda begs to question - why is there an application like that with the AOKP MacLaw releases in the first place? Does that app gather information? Can it be accessed remotely? What exactly does it do?
The Panda "Teddy" logo:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
You could upload the app to VirusTotal and if nothing is picking it up then send it to a AV provider that you like as a suspicious file and they'll check it over.
Or upload it and post the link here and I'm sure someone who knows far more than I do) could look it over.
You could also just ask him yourself, but I don't think he'll be collecting your personal information. The only thing that app does, is turning off one CPU core and setting the governor to OnDemand. That's all I know.
PSA root apps, or mods to the system don't really need to declare permissions, they can obtain the same functionality other routes. Don't judge the safety of an app just based on it's permissions.

Categories

Resources