My European Mate 9 came with some pre installed software out of the box, namely News Republic, WPS Office, Todoist and some others. I didn't bother to uninstall them but I did remove all permissions and mobile/wifi data access on day 1.
I run OpenDNS at home and when checking the logs today I've noticed some unusually high internet accesses to ksmobile.com , ksmobile.net , and cmcm.com
In the last 3 days there have been:
2969 (!!) requests to helpnewsrepublic1.ksmobile.com
82 requests to cm.gcm.ksmobile.com
67 to n.m.ksmobile.net
65 to ws.ksmobile.net
42 to ups.ksmobile.net
167 to ms.cmcm.com
The domains seem to belong to 'Cheetah Mobile', makers of News Republic among some other software that I've never heard before.
The strangest thing is I have never run News Republic. In fact as I've mentioned before I have disabled mobile data, wifi access and removed all permissions from day 1 yet it seems my phone is still communicating with Cheetah Mobile's servers.
Has anyone observed this behaviour with their Mate 9s? What could be going on here?
Wtf dude, that's a great find!
I'm gonna monitor that too. Let's find out.
We already lost privacy long time ago.
Listening in. Great find.
Skickat från min iPhone med Tapatalk
Wow, wtf that's crazy. I'm surprised you discovered all that. Can't say I am completely surprised.
wtf! this is the first time i am using china brand mobile phone, been considered for a very long period before i shift from samsung and LG. hope it is application based not kernel built-in spyware
You are right, but the problem is cheetah mobile. If you install their apps from playstore, you will have the same problem. Their apps are very useful and free, but they send information about our phones to their servers.
I'm a user of news Republic and WPS, since several years ago, in many phones and there is always the same problem[emoji35]
Enviado desde mi MHA-L29
raychak said:
hope it is application based not kernel built-in spyware
Click to expand...
Click to collapse
I've uninstalled News Republic yesterday and proactively blocked the mentioned domains on OpenDNS.com (Settings > select your network > Manage individual domains). Checking the logs today I see no blocked outbound attempts to ksmobile or cmcm which means uninstalling the app might be enough to stop it in its tracks. That's good news.
antz_77 said:
You are right, but the problem is cheetah mobile. If you install their apps from playstore, you will have the same problem.
Click to expand...
Click to collapse
Sure but that doesn't explain (nor justify) why it is establishing outbound connections when 1) I have never run the app and 2) I have disabled data/wifi access on day 1. This is bad enough for an app you've downloaded from the Play Store but even more worrying when it's a pre-installed app.
antz_77 said:
I'm a user of news Republic and WPS, since several years ago, in many phones and there is always the same problem
Click to expand...
Click to collapse
I pinpointed this to News Republic but after reading your comment I did a quick check on WPS Office and I've noticed it's made by Kingsoft which surprise surprise is the parent company of Cheetah Mobile. That's another app I'll be uninstalling then.
Even if you never run the app it still can have a background service
So 1 week after removing News Republic and WPS Office I can confirm that all suspicious traffic has stoped. OpenDNS reports 0 connection attempts in the last 7 days to any of the mentioned URLs so all's good.
Now my attention has shifted to a fairly large number of outbound connections to www.baidu.com (347 attempts yesterday alone). I noticed this on the first days of owning the device but the numbers were in the 80-100 a day. Now that the numbers have tripled I'm wondering if it's due to some rogue app that I've installed (AliExpress?) at a later time or some setting that I've enabled (HiSuite?). Connections to baidu.com don't necessarily mean something fishy is going on in the background but I still would like to know what apps exactly are causing this amount of traffic.
Unfortunately the only Android traffic monitor that I know (OS Monitor) isn't compatible with the Mate 9, or at least with my particular one. Any other suggestions? For now I've resorted to blocking baidu.com via OpenDNS and so far no apps have stopped working.
but you still use facebook ?
I've used NoRoot Firewall to take a closer look at the outbound traffic and came to the conclusion that the culprit for all baidu.com connection attempts is one (or more) of the following system processes:
Android HwResolver
Android System
androidhwext
Call Management
com.huawei.iaware
com.huawei.securitymgr
EuiReceive
FIDO UAF ASM
Fused Location
GeofenceService
HuaweiShare
HwApps
HwARService
HwChrService
HwIndexSearchObserverService
HwLBSService
imonitor
Information
Input Devices
Key Chain
MirrorShare
MMITest
Phone Manager
Power Genius
PredefinedEapSim
ProjectMenu
Settings
Settings Storage
Smart headset control
One (or more) of these processes constantly tries to connect to 103.235.46.39 (baidu.com) but unfortunately that's as detailed as NoRoot Firewall can be. Unless there's an app out there capable of telling us what process exactly is responsible for the connection attempts, the only other way to pinpoint it is by trial and error (ie disable wifi/cellular for certain system apps while keeping an eye on the OpenDNS logs until the connections stop). I don't think I'll bother though.
Once again outbound traffic to Baidu doesn't necessarily mean something fishy is going on in the background. Besides being a search engine Baidu provides cloud services similar to Akamai or Amazon AWS. Huawei might just be using Baidu Cloud Push for some of its apps.
I came searching because I found my phone reporting news republic as power hungry and recommending close. Also instagram. I have never opened either.
Using the power settings I appear to have disabled news republic.
Thanks to this thread, I've now got a longer list of apps to try and disable - its not as easy as my rooted Samsung., because I want to use android pay which precludes rooting.
I _strongly_ recommend uninstalling News Republic and WPS Office. In fact I would run a mile from anything developed by Cheetah Mobile or Kingsoft (parent company).
Regarding Instagram I suggest using Hermit ( https://play.google.com/store/apps/details?id=com.chimbori.hermitcrab ) to create a web app. That's what I did for a whole lot of power hungry apps and I'm happy with the results.
Sent from my MHA-L29 using XDA Labs
enable dev options go to the bottom force the number of background apps to 1 and monitor should allow you to pinpoint the app as it will have been the only 1 running when it pinged
Related
Hey,
jsut thought about this thought the whole day. I´ve got a Moto XT720 (Stock ROM) and it works pretty good. Now the thing is, I have the Google Account and so on. But I do not want that Google is tracking me, has access to my phone, and that my phone can connect to google servers (Mail, Calendar, Market, SYSTEM).
Is it possible that I can delete some apk´s so that I have a real standalone mobile phone?
Sorry for my bad english,
greetings
you gotta be kidding
Google's stuff is the spirit of their OS... Android needs google's account for the market moreover.
sounds a little impossible. just make an account for the market and don't use it for anything else. Only thing i can think of.
Exactly, but he wants remove google's apps too...
He wants a total googleapplicationless Android phone. What a problem !
Thanks guys,
I do not need the market also (for what?, I have the apps I want to use)
Greets
push..no one knows it?
If you do any web browsing on any device even on a pc or iphone google and bing etc will track data about you. You can't use any device online without someone tracking you unless you use a proxy and even then the proxy could still track you.
You can delete or freeze googles apps but browsing will be tracked on any online device so only sure way is switch off wifi and mobile data.
But that defeats the point of a smartphone then.
Dave
Sent from my LG P920 using Tapatalk
Maybe you should forget mobiles cause anytime you're tracked as soon as you power it on
Sent from my GT-I9000 using Tapatalk
a guess, flash a custom rom and dont flash the google apps pack?
ICS, at least stock ICS, has the ability to disable system apps.
Settings -> Apps (under 'Device) -> 'All' tab, click an app, click "Disable". It won't be uninstalled, but it will never run, meaning it cannot connect to the internet or do anything else.
e.coli said:
ICS, at least stock ICS, has the ability to disable system apps.
Settings -> Apps (under 'Device) -> 'All' tab, click an app, click "Disable". It won't be uninstalled, but it will never run, meaning it cannot connect to the internet or do anything else.
Click to expand...
Click to collapse
The problem is if he ever uses internet he will still be tracked. If he uses gps his location can also be tracked.
Dave
Sent from my LG P920 using Tapatalk
mistermentality said:
The problem is if he ever uses internet he will still be tracked. If he uses gps his location can also be tracked.
Dave
Sent from my LG P920 using Tapatalk
Click to expand...
Click to collapse
Yeah, it's a very strange request, but he could disable all internet-capable apps, and just use his phone for voice and offline apps?
He could still use GPS though, but not A-GPS. GPS just receives the signal from the satellites, this is why you can still log your position while off the cell network. It's one-way communication, so there's no way to be tracked just by listening to the GPS signal. He could download maps to the phone and use it for navigation that way.
Don't get an Android phone is my advice if you want no connection to Google.
-Sent from my Droid 2-
I agree, why would you use an google operating system, if you don't want to have any connection with google?
Android without the Android market is pretty dull, and even if you would use the amazon appstore (which is officially only working in the US/and maybe CAN) you would be stuck with only a fractal of not up to date apps, since in the amazon app store are alot of old versions flying around.
And please dont believe in the old google creep, who is sitting in front of the "internet" waiting is whole life only to set cookies in your browser. He does not exists!
I don't understand why you would want Android on your mobile device and not want google on it? Thats how smartphones work, if you don't want google on your phone I suggest you get a non smart phone.
Why so much hostility? Isn't the point of Android, and these forums, that it is so customizable? Maybe he doesn't like the new privacy policy.
Anyways, he could disable all Gapps and install Firefox or whatever, which would disconnect most of your connection to Google, but it's hard to avoid it if you want to use the internet at all.
e.coli said:
Why so much hostility? Isn't the point of Android, and these forums, that it is so customizable? Maybe he doesn't like the new privacy policy.
Anyways, he could disable all Gapps and install Firefox or whatever, which would disconnect most of your connection to Google, but it's hard to avoid it if you want to use the internet at all.
Click to expand...
Click to collapse
I don't think anyone's been hostile, just surprised maybe as seems op wants no tracking yet to be able to use internet which can't be done except at best through a proxy.
To the op, you can root and uninstall or freeze google apps and browse via a public proxy server if you want to avoid tracking but your carrier and possibly google (the main operating systems all record your gps data inc ios android and wp7, think only wp7 was found collecting that though which is why I say possibly not probably) can still see where you have physically been via cell, gps and wifi logs.
If its just google you wish to avoid another option could be use a firewall or dns blacklist app to stop your device being able to connect to known google internet addresses.
Dave
Sent from my LG P920 using Tapatalk
miro101 said:
And please dont believe in the old google creep, who is sitting in front of the "internet" waiting is whole life only to set cookies in your browser. He does not exists!
Click to expand...
Click to collapse
Actually, he does:
http://www.stateofsearch.com/top-15-of-eric-schmidts-remarkable-quotes/
If you don't know by now that all of the "free" apps aren't really free, you're kidding yourself. How do you think Google makes money? It's primary purpose is collecting information. Private informtaion (even the carriers...search on the term "carrier IQ"). That is the age we live in. The best that can be done is to either throw your phone away or learn how to secure your phone and info in as much as is possible. There are apps that can identify what apps are sending what data and block them from doing so (on rooted phones). Even then, data still gets out. It's a trade-off. For now, it's used for marketting purposes. However, that much data is bound to fall into the hands of some government who will use it to control the masses. It's just too tempting, and it's the nature of humanity. So, I'll limit whatever data exodus I can and accept the trade-off for the rest (until the government {read Anti-Christ} wrests control). The old saying applies: "It's not paranoia if they really are out to get you".
I honestly don't get the point in using a smartphone with fears of being 'monitored' or tracked. If you don't want to be tracked, don't use the internet, don't use a cell phone, and live under a rock for the rest of your life. That's the best advice I can offer.
Has anybody deleted some of the bloatware apps, more specifically the stock File Manager?
com.jrdcom.filemanager
/data/app/com.jrdcom.filemanager-2/base.apk
Wondering if anybody tried and had any ramifications from it.
This thing just all of a sudden activated itself and runs in memory, and there is no Disable for it. I could install an app to freeze it, but that defeats the purpose.
Moscow Desire said:
Has anybody deleted some of the bloatware apps, more specifically the stock File Manager?
com.jrdcom.filemanager
/data/app/com.jrdcom.filemanager-2/base.apk
Wondering if anybody tried and had any ramifications from it.
This thing just all of a sudden activated itself and runs in memory, and there is no Disable for it. I could install an app to freeze it, but that defeats the purpose.
Click to expand...
Click to collapse
Im runnin lineage on mine and doesnt even have it on there.
I would freeze it. Make sure your downloads and such still work ok.
Give it a few days if good then remove.
TheMadScientist said:
Im runnin lineage on mine and doesnt even have it on there.
I would freeze it. Make sure your downloads and such still work ok.
Give it a few days if good then remove.
Click to expand...
Click to collapse
Thanks, I deleted the culprit. No issues so far.
LOL...after 3 or 4 days the lovely File Manager App magically installed itself. Looks like a more indepth investigation is forthcoming.
Obviously there is another app that re-installs it.
Stinkin thing.
I switched over to the xperia rom on idol 3 And it got rid of a load of crap, Bunch of xposed is working.
I just dont care for the stock rom on this thing at all, Even debloated it runs like crap,
Ive had this device now over a week and cant find any sort of setup I like, I am used to lgs UI.
Even tried t get touchwiz ui and grace to run but nogo.
Did you remove the system update apps too by chance?
TheMadScientist said:
Stinkin thing.
I switched over to the xperia rom on idol 3 And it got rid of a load of crap, Bunch of xposed is working.
I just dont care for the stock rom on this thing at all, Even debloated it runs like crap,
Ive had this device now over a week and cant find any sort of setup I like, I am used to lgs UI.
Even tried t get touchwiz ui and grace to run but nogo.
Did you remove the system update apps too by chance?
Click to expand...
Click to collapse
Haven't really had a chance to look deep into it yet. I've disabled auto updates, so pretty sure it's not getting it from the netz.
Funny thing, I tried running a 100mb system update and i failed to completely install. Havent thot about it much since then, But I suspect it was in that update somewhere, as I had never seen nor had an issue with it before.
Will strip down that update and see when I get a chance.
It comes pre installed as 'files' app, auto updates to "file manager" to then run this 'boost' branded adware. I call it adware because it does not adhere to the android force stop, disable peeking or any other android OS settings and automatically regenerates itself despite the OS not allowing auto updates.
Android should never allow provider apps to have a higher privelage that renders the OS setting useless, bundled apps should also not disable the uninstall and disable functionality of the OS.
I have spent weeks in settings to find out it is allowed to act like a virus and do what ever it wants being rewarded with ad revenue.
Thanks Google for allowing me to purchase hardware pre loaded with junk ads by default with no way of opting out, it's not only a privacy and security concern, it's a consumer complaint.
adware/spyware
Not happy said:
It comes pre installed as 'files' app, auto updates to "file manager" to then run this 'boost' branded adware. I call it adware because it does not adhere to the android force stop, disable peeking or any other android OS settings and automatically regenerates itself despite the OS not allowing auto updates.
Android should never allow provider apps to have a higher privelage that renders the OS setting useless, bundled apps should also not disable the uninstall and disable functionality of the OS.
I have spent weeks in settings to find out it is allowed to act like a virus and do what ever it wants being rewarded with ad revenue.
Thanks Google for allowing me to purchase hardware pre loaded with junk ads by default with no way of opting out, it's not only a privacy and security concern, it's a consumer complaint.
Click to expand...
Click to collapse
Yes , this lovely new addition to the file manager is actually the "Hawk Super Cleaner/ antivirus" seen here: https://play.google.com/store/apps/details?id=com.apps.go.clean.boost.master&hl=en
You can see my complaint(s) here: https://forum.xda-developers.com/idol-3/help/joy-launcher-joy-t3628670
I just installed TWRP and SuperSU on the stock Marshmallow following this guide:https://forum.xda-developers.com/idol-3/general/twrp-custom-recovery-idol3-6045-t3162608 and will be removing this cancer for good!
Cheers, I might have a look at rooting (pain seeing I bought 4 of these for myself and fam). I have reported the appin the playstore for being installed with root permissions bypassing the expected android user settings and will be following up with a complaint to the consumer watchdog.
I never bought hardware with the knowledge an innocent bloatware provider app would turn rouge with root permissions for ad revenue.
My phone will most likely be thrown at the wall so "File Manager" doesn't get another 1000 or so false positive downloads in the playstore from me.
Had 3 myself
Not happy said:
Cheers, I might have a look at rooting (pain seeing I bought 4 of these for myself and fam). I have reported the appin the playstore for being installed with root permissions bypassing the expected android user settings and will be following up with a complaint to the consumer watchdog.
I never bought hardware with the knowledge an innocent bloatware provider app would turn rouge with root permissions for ad revenue.
My phone will most likely be thrown at the wall so "File Manager" doesn't get another 1000 or so false positive downloads in the playstore from me.
Click to expand...
Click to collapse
I hear ya, I bought 3 of these.
I am very careful what I install on my device and read the manifest files on EVERYTHING so you can imagine how angry I was when my own phone manufacturer pushed unwanted adware/possible-probable spyware on to my device with no warnings or asking my permission.
Another odd thing is that after I uninstalled the Facebook app I had 2 apps appear (or were left over?) com.facebook.appmanager.apk and com.facebook.system.apk that were using up data and could not be removed until tonight after rooting.
Interesting article here: https://forum.xda-developers.com/tmobile-lg-v10/help/suspicious-apps-apps-section-facebook-t3415876
I have been studying computer and mobile security as a hobby for some time and have found that these "antivirus" and 'cleaner" apps on Android are the worst offenders of privacy of them all.
Scanning all your files, installed apps, contacts etc etc and sending all that data back to God knows where!
I have found that almost every single app that I have downloaded from the Play Store has some form of data mining and/or analytics.
Unfortunately, it's a catch 22 in Android..rooting your device breaks what little security is built into the system but it's the only way to remove pre-installed crapware.
---------- Post added at 06:02 AM ---------- Previous post was at 05:53 AM ----------
Also, good luck trying to get anything done with Google or Alcatel.
I battled with Google for almost 8 months straight trying to stop an unscrupulous advertiser that was using FAKE virus warnings to trick users into installing an "antivirus" app on the Play store and just got sent around in circles.
Google is complicit!
I was finally successful in stopping the fraudulent activity after I contacted the Federal Trade Commission.
http://smisecurity.altervista.org/DFNDR.html
Data mining is a given these days which is why I have Pi-hole for my home dns and ubuntu for my home box, gotta do what you can. As for this phone I wouldn't do much on it unless I re flash it which is why I am angry with it.
As for Android taking the normal software stance of do nothing unless legally required, this time is interesting to me because they are effectively allowing the bypassing of the playstore agree feature to Install an app, being side loaded from Alcatel like this one would think breaks the playstore terms so knowledge should be enough for action in this case from the android or playstore devs. Doubt it but.
Also apon sale did not mention android as being adapted software that over rides expected android and playstore behaviour but did advertise android and use their logo so most likely a trademark vialation also.
The problem is Alcatel are adapting android and side loading apps to bypass security and privacy user settings to double dip on the customer for income despite the final result, android and the playstore can bury their heads in the sand all they want but they have been made aware of the risks.
Went over it again for peace of mind (sorry) but I wish you the best in your education as we need more people shinning the light on privacy simply because we are in the rise of the machines, not long before people worldwide ask what happened to all the jobs and when did the need for conventional ID actually dissapear.
Not happy said:
The problem is Alcatel are adapting android and side loading apps to bypass security and privacy user settings to double dip on the customer for income despite the final result, android and the playstore can bury their heads in the sand all they want but they have been made aware of the risks.
.
Click to expand...
Click to collapse
Very well said!
The supervisor I spoke to at Alcatel tried to say that I/we agreed to the terms by using their devices which allowed them to push this on to our phones but I disagreed with him.
At one point I even thought of ditching my phone and getting an iPhone or an Android device that is compatible with the Replicant OS https://www.replicant.us/
I have a few Raspberry PI's laying around but never used one as an access point. (I'm assuming that's what your doing?)
I just sent a very nasty email to the developer "[email protected]" and referenced this thread.
Keep us updated if you get anywhere and I will be fighting this from my end and posting any updates as well.
Will do, I don't plan on not continuing with this one because my hardware and android do not operate as advertised.
The day I can rely on Linux for a phone OS is the day android gets ditched but will definatly check out your link also.
Pi-hole is basically a collection of hosts files that block ads and known bad domains on the DNS level, point the home router to it and bam the whole household gets an adblocker by default. Runs smooth but added a few commands to auto upgrade the lists with a Cron job.
Not happy said:
Pi-hole is basically a collection of hosts files that block ads and known bad domains on the DNS level, point the home router to it and bam the whole household gets an adblocker by default. Runs smooth but added a few commands to auto upgrade the lists with a Cron job.
Click to expand...
Click to collapse
Very cool!
I'll have to check that out.
I altered the hosts file on both my laptop and my other rooted phone to block ads and apps I used to have.
This is a small sample of IP's I blocked in the hosts file after running NETSTAT scans, there are a TON more that I added from MVP hosts (it is against MVP's EULA to post their blocked IP's)
http://winhelp2002.mvps.org/hosts.htm
127.0.0.1 localhost
127.0.0.1 search.vip.gq1.yahoo.com
127.0.0.1 a96-6-122-162.deploy.akamaitechnologies.com
127.0.0.1 a-0001.a-msedge.net
127.0.0.1 yahoo.com
127.0.0.1 rtr3.l7.search.vip.gq1.yahoo.com
127.0.0.1 c.amazon-adsystem.com
127.0.0.1 yandex.st
127.0.0.1 mc.yandex.ru
127.0.0.1 c1.popads.net
127.0.0.1 c1.popads.net/pop.js
127.0.0.1 google-analytics.com
127.0.0.1 google-analytics.com/analytics.js
::1 localhost #[IPv6]
---------- Post added at 01:40 PM ---------- Previous post was at 12:54 PM ----------
Wow! that PI-hole block list on Git Hub is a LOT larger than the one I was using!
Him guys and thanks again for the thread. Anyone found a solution? This app is wasting 20 percent of my battery, which does not last me a whole day anymore, it's outrageous. I also sent a report to Google and the app developers.
Cheers
Guys, I found someone with a solution, just see this post: https://forum.xda-developers.com/showpost.php?p=73642381&postcount=4
Cheers
That is not much of a solution unfortunately. The REAL solution is to install TWRP recovery on the adware/spyware infested Alcatel phone and flash to a different operating system. There is an (unofficial) ROM of Lineage 14 Nougat that is pretty decent that can be found on the XDA site.
sloshnmosh said:
That is not much of a solution unfortunately. The REAL solution is to install TWRP recovery on the adware/spyware infested Alcatel phone and flash to a different operating system. There is an (unofficial) ROM of Lineage 14 Nougat that is pretty decent that can be found on the XDA site.
Click to expand...
Click to collapse
It solved my problems
It's easy to solve the problem. Just go to applications. Select file manager uninstall upgrades, it will revert it back to factory version, no more spam !
I was getting really annoyed by the app that stealthily installed itself and called itself File Manager for my Alcatel POP 4. It constantly wanted to clean, boost, virus-protect, be a flashlight and camera app with it’s own toolbar and playing an ad whenever you asked any of those actions to be performed. The beauty of it was that it could not be disabled or uninstalled. I was desperately looking for a way to get rid of it without drastic measures, like a full factory reset or rooting my device. I found a suggestion on the net to install AppMgrIII from the Play Store. I did it as I was determined to try anything at that point. It offered me to replace the app with a “factory version”. I accepted that and sure enough, a normal-looking File Manager with no ads or toolbars appeared, all the rockets, boosts, virus-protection, cleaning brushes gone! I hope it won’t reinstall itself magically. In a perfect world I would prefer to have no file manager on my machine at all and a choice of installing one that I prefer but at least the nightmare of this intrusive monster seems to be over. I hope it stays that way.
Update: reverting back to factory version stopped the spam but it all came back with the next update. Now I reverted it back again and stopped automatic updates on Google Play for all apps. I will pick apps to be updated manually.
Hi, I'm a Samsung galaxy note 3 user, android version 4.4.2, I have it rooted, and xposed installed. I never installed xposed before but I installed it a couple of days ago and now I'm seeing that I can do a lot of things with it, and because of this I started wondering something.
Well, I have an app called Abematv which is a free japanese tv app that I can't use unless I connect through a japanese vpn. I do this by using an app called "japan vpn" and "openvpn connect for android". The problem with this is that sometimes is too slow and the video quality is very low. So I was wondering how could I make this app think I'm using a japanese vpn when I'm really connected to my home wifi without any vpn.
I don't know if this can be done but it sounds like it's the kind of thing that you do through a xposed module. If there's a module that can do this, I don't know how to search for it. So if anyone knows how to do this via xposed or via whatever it makes it possible, please leave a comment
Thanks
azigta said:
Hi, I'm a Samsung galaxy note 3 user, android version 4.4.2, I have it rooted, and xposed installed. I never installed xposed before but I installed it a couple of days ago and now I'm seeing that I can do a lot of things with it, and because of this I started wondering something.
Well, I have an app called Abematv which is a free japanese tv app that I can't use unless I connect through a japanese vpn. I do this by using an app called "japan vpn" and "openvpn connect for android". The problem with this is that sometimes is too slow and the video quality is very low. So I was wondering how could I make this app think I'm using a japanese vpn when I'm really connected to my home wifi without any vpn.
I don't know if this can be done but it sounds like it's the kind of thing that you do through a xposed module. If there's a module that can do this, I don't know how to search for it. So if anyone knows how to do this via xposed or via whatever it makes it possible, please leave a comment
Thanks
Click to expand...
Click to collapse
Ok well first things first. Don't mention lucky patcher here. It is banned as a Warez app and app developers will add code to that purposely causes issues if it is detected.
Depending in how it is getting your location you could make the device think it is in Japan. Something like mocking the Gps.
zelendel said:
Ok well first things first. Don't mention lucky patcher here. It is banned as a Warez app and app developers will add code to that purposely causes issues if it is detected.
Depending in how it is getting your location you could make the device think it is in Japan. Something like mocking the Gps.
Click to expand...
Click to collapse
Hi, I eddited the message so the words don't appear. (would be good if you edit your message so the words don't appear there too, I don't want troubles xD) Thanks.
About the gps thing, I think it doesn't use the gps since I have it disabled and the app doesn't have the permission to get the location, so I think it gets the location based on the ip.
Not all VPN services are the same. Your current VPN service may be slow because it has you connecting through Japan. Nice VPN services allow you to connect to a VPN server in your country while they route your country VPN server to the final destination VPN server. This allows you to sometimes benefit with improved connection speeds. You can do free trials with most VPN services and I recommend maybe moving to another.
Example: Normal VPN> your-device->VPN server in japan->your-device
(upload/download limits determined by home network and ISP max connections)
Higher end VPN> your-device->local VPN->VPN server in japan->local VPN->your-device
(upload/download limit between VPNs determined by VPN servers which maximize limits before passing the information to your local device)
Other info relevant to the topic:
There are many options available to a developer to verify your location in today's internet.
Even your browser for your device has a unique "fingerprint" and if your gps or IP location changes they can still verify it's coming from the same device.
There are ways around browser fingerprinting.
With most programs, there is an order or hierarchy of testing your location. Spoofing your GPS may overrule an IP check. To overcome issues it's important to try and test and try even when met with failures. It's important to not be dismissive of possible solutions when troubleshooting an issue or searching for a work-around.
TehZig said:
Not all VPN services are the same. Your current VPN service may be slow because it has you connecting through Japan. Nice VPN services allow you to connect to a VPN server in your country while they route your country VPN server to the final destination VPN server. This allows you to sometimes benefit with improved connection speeds. You can do free trials with most VPN services and I recommend maybe moving to another.
Example: Normal VPN> your-device->VPN server in japan->your-device
(upload/download limits determined by home network and ISP max connections)
Higher end VPN> your-device->local VPN->VPN server in japan->local VPN->your-device
(upload/download limit between VPNs determined by VPN servers which maximize limits before passing the information to your local device)
Other info relevant to the topic:
There are many options available to a developer to verify your location in today's internet.
Even your browser for your device has a unique "fingerprint" and if your gps or IP location changes they can still verify it's coming from the same device.
There are ways around browser fingerprinting.
With most programs, there is an order or hierarchy of testing your location. Spoofing your GPS may overrule an IP check. To overcome issues it's important to try and test and try even when met with failures. It's important to not be dismissive of possible solutions when troubleshooting an issue or searching for a work-around.
Click to expand...
Click to collapse
ok thanks, I will try to spoof the gps and will comment how it worked .
Hi all, I work at a group home and one of the clients recently purchased an Amazon Fire tablet to facebook chat with his dad.
My issue is that thanks to the crapiness of humanity I know that there's a strong potential for the tablet to grow legs.
Without getting into details, the client cannot have the tablet always in their posession, and we can't conveniently lock it down anywhere, and ideally whoever is supporting him needs to have access to the tablet whenever possible.
I'm wondering if there is an app, or even better, a device, which can cause the tablet to alert my manager the moment the device leaves the property? Ideally something not easily accessed or removed.
I know getting a tablet just for facebook chat is overkill, I wasn't the one who purchased it for the client, I'm just trying to make do with what is available.
theseventensplit said:
Hi all, I work at a group home and one of the clients recently purchased an Amazon Fire tablet to facebook chat with his dad.
My issue is that thanks to the crapiness of humanity I know that there's a strong potential for the tablet to grow legs.
Without getting into details, the client cannot have the tablet always in their posession, and we can't conveniently lock it down anywhere, and ideally whoever is supporting him needs to have access to the tablet whenever possible.
I'm wondering if there is an app, or even better, a device, which can cause the tablet to alert my manager the moment the device leaves the property? Ideally something not easily accessed or removed.
I know getting a tablet just for facebook chat is overkill, I wasn't the one who purchased it for the client, I'm just trying to make do with what is available.
Click to expand...
Click to collapse
It's an Android right?
I had a look at the Amazon store for anti-theft apps but there were none that I recognised from sources I trust (nit that I have researched them, but maybe you can find a reliable review) You have to be certain it's from a trusted source as these type of apps require special permissions eg admin in order to do their job, and could be abused by a malicious app.
I would recommend Cerberus Anti Theft, I used them for years & they have a good reputation, even though Google removed the app form play store. This is because they had to link the Google app to additional downloads in order to maintain the functionality of the app that made it the best, after Google changed what permissions apps could be granted for apps downloaded from Google store.
You can download for Android devices from their website
https://www.cerberusapp.com/
However there is a potential problem with all antitheft apps, ie. Turning off wifi/data means you can't communicate with it(but Cerberus could be activated via SMS), also a factory reset will remove them, so if a knowledgeable person steals a phone/tablet they can remove the antitheft app, so possibly you would have limited time to activate it. Which is why I used to root & install as a system app, which meant only reinstalling the full factory Android operating system to remove it.
There should be the basic "fined my device" on Android built in (I'm not familiar with Amazon variants) but its not very powerful.
I'll look into it, thanks. It does have tracking but unfortunately that wouldn't alert in time to be able to accurately determine who took it.
If Cerberus can do sms then my manager might be able to get immediate notification if it walks away, once it disconnects from wifi
What I don't get is why isn't there a hardware based solution, something that you have connected to your wifi that alerts you if devices in connected to that wifi signal get disconnected. Or even simpler, bluetooth based.
The problem is that tablets don't all have data, and if turned off they lose the anti theft features. So there needs to be something outside of the device itself that can alert the owner. Maybe it's just to specific a problem unfortunately.
theseventensplit said:
What I don't get is why isn't there a hardware based solution, something that you have connected to your wifi that alerts you if devices in connected to that wifi signal get disconnected. Or even simpler, bluetooth based.
The problem is that tablets don't all have data, and if turned off they lose the anti theft features. So there needs to be something outside of the device itself that can alert the owner. Maybe it's just to specific a problem unfortunately.
Click to expand...
Click to collapse
PS. You could use Tasker app (or other automation app) on your phone to set up an alert when the tablet losses connection, if you use your phone as a hotspot, I think.
Situation:
I have somewhat of a "love-REALLY HATE" relationship with Google apps and ecosystem.
On one hand, they are great at what they do.
On the other, it's like having a spy satellite overhead, given how much telemetry it does.
Question:
I'd like to cut all of the Google apps' internet, location, sensor and background activity access for good when not in use. Or at least spoof whatever personal data is being sent (Device info, location, activities, etc). Any way to do that?
What I've done so far:
My current way-to-go method involves installing RethinkDNS+firewall, then blocking every single one of google apps including Gboard. It sort-of works, but very inconvenient, as I have to manually enable internet access for a particular app and/or service when needed. I also tried edXposed's XluaPrivacy module to cut off access to certain permissions. Again, cumbersome.
After going through F-Droid, I found an app called "Insular", that claims being able to put all of the "big brother" apps (such as Gapps) behind an isolated sandbox, a digital gulag of sorts.
Thanks for the pointer to Insular whose advertising on F-Droid says:
Insular is a FLOSS fork of Island.
With Insular, you can:
Isolate your Big Brother apps
Clone and run multiple accounts simutaniuosly
Freeze or archive apps and prevent any background behaviors
Unfreeze apps on-demand with home screen shortcuts
Re-freeze marked apps with one tap
Hide apps
Selectively enable (or disable) VPN for different group of apps
Prohibit USB access to mitigate attacks with physical access
Click to expand...
Click to collapse
Based on that, I suspect this XDA thread about "Island" may be useful.
[APP][5.0+][BETA] Island - app freezing, privacy protection, parallel accounts
"Island" is a sandbox environment to clone selected apps and isolate them from accessing your personal data outside the sandbox (including call logs, contacts, photos and etc) even if related permissions are granted. Device-bound data is still accessible (SMS, IMEI and etc).
Isolated app can be frozen on demand, with launcher icon vanish and its background behaviors completely blocked.
Click to expand...
Click to collapse
Totesnochill said:
Question:
I'd like to cut all of the Google apps' internet, location, sensor and background activity access for good when not in use. Or at least spoof whatever personal data is being sent (Device info, location, activities, etc). Any way to do that?
Click to expand...
Click to collapse
Like you, my relationship with Google is strained where I don't set up any Google Account on Android and it works just fine.
I don't have a contacts.db sqlite database for that reason too, so my favorite communication apps are all designed to store their own contacts db internally to the app itself.
I replace Google apps with FOSS equivalents such as NewPipe (or, more recently, Vanced YouTube) for example.
And I spoof my GPS location by default (using Lexa Fake GPS, for example).
Of course, given I don't have a Google Account on my phone, I use the Aurora Store instead of the Google Play Store. Of course, I strive for apps that don't require Google Framework Services (GSF) which Aurora neatly filters out for us.
Since I'm not rooted, I can't delete Google Play Store, but I can disable it, which is almost as good.
And, I use privacy-aware apps for my messenger, calendar, contacts, and dialer apps (many of which come from Simple Mobile Tools' suite which are available on F-Droid).
To keep my WiFi SSID/BSSID/GPS/Strength/etc. out of the hands of Google (& Mozilla and Kismet and Wigle, etc.), I add "_nomap" to the SSID and I turn off the SOHO router SSID broadcast (which "hinders" most cellphones from uploading my BSSID information to Google public servers); but then I have to also turn off "AutoReconnect" on Android 12 and also I have the Developer Options set in Android 12 to randomize the MAC address on EACH connection; however that means I need to set any "static" connections on my LAN from the phone and not with address reservation on the router (which typically utilizes the MAC address).
And it's not just Google we need to keep our data out of their hands, as I even use WhatsApp privacy aware tools such as the WhatsApp dialer and WhatsApp Click to Chat mechanisms (to keep my contacts out of Facebook's hands too).
For offline maps, I use a quick web browser lookup on a privacy browser (such as Tor or Epic or Opera), since the Google address lookup is still the best in the world... (which is the love/hate relationship, right?)... and then I paste the GPS coordinates that the privacy browser found on the maps.google.com web site into a local routing application (such as a shortcut to a browser to google maps on the phone or better yet, to a dedicated offline map program such as OSM And~), and even traffic can be gotten without Google (e.g., Sigalert & 511 apps).
I used to reset the Advertising ID with a homescreen shortcut that could be activated from Windows via a batch file over Wi-Fi, but now with Android 12 we can wipe out the Advertising ID altogether (i.e., reset it to all zeroes). However, I still periodically change my GSF ID and other supposedly unique identifiers.
I'm still trying to figure out the implication of "trackers", so if anyone has more information about them, please advise.
Off hand there must be scores more things I do for privacy, where we probably should have a main thread on this site of all the myriad things people can do to increase their privacy on Android (some of which I've screenshotted for you below).
GalaxyA325G said:
Like you, my relationship with Google is strained where I don't set up any Google Account on Android and it works just fine.
Click to expand...
Click to collapse
Thanks heaps for the very in-depth response. Really opens up on a lot of things I wasnt aware of, and I realized that unlike desktop, when it comes to mobile privacy I'm still a bit behind.
Are there any guides where I can do some reading on the concepts and techniques you've described? Especially regarding contacts.db sqlite database, GPS spoofing and privacy-aware options for accessing WhatsApp.
Also, what are your thoughts on MIcroG?
Totesnochill said:
Thanks heaps for the very in-depth response.
Click to expand...
Click to collapse
I try to put effort into the response so that others can benefit (but nobody ever presses the like button so maybe it's not worth the effort).
For example, when I mentioned I spoof my GPS, I looked up the app I used and linked to it so that you wouldn't have to test a score of apps like I did to find the best one.
Totesnochill said:
Really opens up on a lot of things I wasn't aware of, and I realized that unlike desktop, when it comes to mobile privacy I'm still a bit behind.
Click to expand...
Click to collapse
That was just off the top of my head where there has to be at least a hundred different privacy things I do on Android to distance me from Google that most people don't bother to do.
I admit, sometimes it feels like we're putting a dozen locks on the front door, but in the end, we LEARN a lot about Android in the process.
A lot of the protection is to protect ourselves from others who don't know how to configure their phone, so they are uploading our private information (like our contacts and home locations) to Google databases.
For example, the typical Android phone when it drives by your front door uploads to google your exact location, your signal strength, your unique BSSID and your SSID... where you'll note in my response above I had to do a half dozen things on my phone and router to prevent that from happening (i.e., just adding "_nomap" doesn't work but most people don't realize that because they don't think about it).
Totesnochill said:
Are there any guides where I can do some reading on the concepts and techniques you've described?
Click to expand...
Click to collapse
I'm sure there are plenty.
But I have been in MANY situations where there are none.
Take, for example, changing the GSFID... almost nowhere on the net is that described how to do it. Almost nobody does it, but it can be done if you know how.
I really should write a set of privacy tutorials so that everyone can do it but I have to find the time, and this web site doesn't like text tutorials I found out recently. So they make it a PITA in the end to help people. Sigh.
Totesnochill said:
Especially regarding contacts.db sqlite database, GPS spoofing and privacy-aware options for accessing WhatsApp.
Click to expand...
Click to collapse
If you look at the links I gave you in my response for contacts, gps spoofing and privacy-aware WhatsApp, you'll get a good start.
A quickie is to not have a contacts.sqlite database, which means you need your own contacts.csv or more likely contacts.vcf file, which you can maintain on the PC if you like (works with Excel for example).
Now that you don't have a contacts.db sqlite database, you need to find the contacts and dialer and mms/sms apps that can suck in their own contacts.vcf file, which I pointed you to in the Simple Mobile Tools suite.
For GPS spoofing, I didn't mention you need to turn "Mock Location" on in the Android Developer Options, but that's what most people already do so I assumed you knew that. Once you turn that on, you can just select the mock location app of your choice (where I suggested one above which isn't perfect but none of them are).
That particular app moves your location every few feet and it gets the altitude and it can easily be stopped and started, etc., but I'd like it if it didn't move just "west by 10 feet every minute" but instead if it would follow a pre-determined route that I could give it. So they need a lot more work to be as good as we'd like them to be.
For What'sApp privacy, look at the two apps I linked to in the prior post as they don't need the contacts.sqlite database to work.
Your WhatsApp should only have an icon in your folders for the people you contact and nothing else, IMHO. That's the best privacy you can get, although WhatsApp does decent hashing on the contacts file when it uploads it to their servers - but still - why give them your entire contacts when you only contact 10 people (or whatever) on WhatsApp. Right?
Totesnochill said:
Also, what are your thoughts on MIcroG?
Click to expand...
Click to collapse
Funny you mentioned microG since I installed it for the first time yesterday when I was setting up Vanced Youtube based on this thread.
I generally choose apps that don't use GSF but sometimes you have to use a GSF app (e.g., Zoom meetings), and then it's nice to use MicroG instead of Google Services Framework.
I only installed it yesterday so I really don't know how well it will work for me as I didn't even need to install it to install VancedYoutube. You just need it to log into YouTube but I never do that anyway.
In summary, there's probably a hundred things we do to our phones to set up privacy but I'd have to write each one up in detail to help everyone and that's a lot of work.
Especially if almost nobody reads these threads.
GalaxyA325G said:
I try to put effort into the response so that others can benefit (but nobody ever presses the like button so maybe it's not worth the effort).
In summary, there's probably a hundred things we do to our phones to set up privacy but I'd have to write each one up in detail to help everyone and that's a lot of work.
Click to expand...
Click to collapse
Thank you for doing God's work out there. Ethics like these are what creates the content that keeps the internet from becoming a dumpster fire otherwise. Tutorials and explanations that come from the fellow users are THE best and usually directly on-point.
When I was just starting setting up Linux environment, I wrote "how-to notes" on every successful step. At first it was more like the "sticky notes" to help me remember, but eventually (as the list grew) I started writing these tips in a way as if they were to be read by someone with little background in the subject. What used to be the "Linux notes" file became 10563 lines monstrosity now... So every time I need to answer someone's question I just copypaste from this file.
GalaxyA325G said:
That was just off the top of my head where there has to be at least a hundred different privacy things I do on Android to distance me from Google that most people don't bother to do.
I admit, sometimes it feels like we're putting a dozen locks on the front door, but in the end, we LEARN a lot about Android in the process.
Click to expand...
Click to collapse
Absolutely. I've spent about 2 weeks tweaking my new phone (Nokia X6), trying out different roms/recoveries and app setups. Pissed off a bunch of people in the process - most wouldn't understand that I'm setting up a system to last another 7 years, just like my previous phone (Galaxy Gprime). Not to mention that with the amount of sensitive info on the phone, security and privacy are a legit concern, and worth learning about just how one learns to install and use the lock on the front doors.
Phones became disposable both in software and hardware, and so have the general attitude towards the devices.
My final setup became AOSP PixelPlusUI Rom (comes with about openGapps nano worth of Google stuff) with most other stock apps (contacts , dialer, keyboards, msg etc) removed via ADB and replaced with F-Droid alternatives.
I've also used Rethink DNS with whitelist set up/AppInspector to put Google in the Goolag - no internet access for anything google-related at all times. So far my phone has 253 apps blocked (including almost all of the system apps). Surprisingly, all of the necessary apps off google play store (Whatsapp, FB messenger) still function well. Whenever I need a particular Gservice (like a translator), I just enable access for that (and only that) until I dont need it anymore.
GalaxyA325G said:
If you look at the links I gave you in my response for contacts, gps spoofing and privacy-aware WhatsApp, you'll get a good start.
A quickie is to not have a contacts.sqlite database, which means you need your own contacts.csv or more likely contacts.vcf file, which you can maintain on the PC if you like (works with Excel for example).
Click to expand...
Click to collapse
Thanks! I'm not sure why the links didnt show up at first. I'll give this a look. I've been using "simple mobile tools" for quite a while, and I must say I like how they are completely autonomous and transparent about what prems they need and why.
GalaxyA325G said:
For GPS spoofing, I didn't mention you need to turn "Mock Location" on in the Android Developer Options, but that's what most people already do so I assumed you knew that.
Click to expand...
Click to collapse
I definitely saw the option in the dev settings, but didnt experiment with it. Well, now I know, thanks!
Funny you mentioned microG since I installed it for the first time yesterday when I was setting up Vanced Youtube based on this thread.
I generally choose apps that don't use GSF but sometimes you have to use a GSF app (e.g., Zoom meetings), and then it's nice to use MicroG instead of Google Services Framework.
I only installed it yesterday so I really don't know how well it will work for me as I didn't even need to install it to install VancedYoutube. You just need it to log into YouTube but I never do that anyway.
In summary, there's probably a hundred things we do to our phones to set up privacy but I'd have to write each one up in detail to help everyone and that's a lot of work.
Click to expand...
Click to collapse
I will give microG a try (in a form of LineageOS for MicroG). In fact I did install this rom before but I was a bit confused about what it did and assumed that it is a regular LinOS repack with Gplay store and apps built-in. Time to test again.
Especially if almost nobody reads these threads.
Click to expand...
Click to collapse
Threads like these is how I passed my uni exams. Not even exaggerating XD. Thanks again for a very detailed insightful read!
Hello my friends, very happy to meet good hearted people who think alike about Gugle.
as my name suggests I'm noob still and didn't understand much of discussion but very happy to meet you friends. My love & warm regards to all here. Here is what I did uptill now before I saw this thread :
1> Load GSI/ROM.
2> Load TWRP
3> Load Magisk
4> Load microG
5> Install Service Disabler
5.1> Disable bunch of internal services like telemetry, analytics, location (FusedLocation not possible to disable) for every app (3-rd party & system app), contacts sync etc.
6> Install SD-Maid Pro
6.1> Freeze apps like Gugle Calendar Sync Adapter & Gugle Contacts Sync Adapter
7> Install CIAFirewall Fake VPN & configure it.
8> I use Opera browser for Banking, Youtube, Cab booking, Surfing, Gmail, Food Order etc.
9> Install Aurora Store for general app management & installation
10> For contacts I save all contacts in notepad app, and let all calls purposely bounce then I call back aftter checking whose call it was & state false apologies.
#FYI :- Gugle, Mycrowsowft , eFbee are not really to be blamed, rhey are having to comply with FBI, Phentagon, Central Intelligence Agencies, Interpol, etc. or they have to shut bizness.
GalaxyA325G said:
Like you, my relationship with Google is strained where I don't set up any Google Account on Android and it works just fine.
Click to expand...
Click to collapse
Hi, I’m glad to have found this thread as I’m not happy with how my normal Android phone is spied upon by google. But I’m not technically knowledgeable and I don’t want to risk bricking my phone by trying amateur attempts at rooting, or installing Insular, etc…
So far I have not signed in, I allow only minimum permissions, use Netguard, Aurora and FDroid, and have disabled bloatware. I also force-stop apps as much as possible when not in use, and enable Location and Bluetooth only when needed.
I know this is just an amateur, token attempt to reduce spying - so I may have to eventually buy a degoogled phone.
I’ve also done some of the privacy suggestions in the attachments you posted.
Could you help me with a couple of newbie questions…
1): I might have minimised some personal data harvested by most of the apps I use, but I guess my privacy precautions will have no significant effect on the amount of telemetry collected by google?
2): If my precautions really have no significant effect, I’m wondering if would it make any real difference if I was signed in as I don’t use any of the google backup services anyway?
Thanks.