Related
So i have a pending update for Maps for my android. Why is it pending? because it wants new permissions. It wants permission to access my contacts. Why does it need to access my contacts all of the sudden?
Also, Another app, a white noise generator wanted the same permission. I have removed that app cause i saw no need for it to access that information.
(also, why is there a checkbox for "Is this a question" if the forum is going to ***** at me for it not being a Q&A forum?)
I believe its because it wants to mix the Latitude app, the Navigation and the Maps all in one. That and I think Google wants to make people use Google Plus as well.
dwappo785 said:
I believe its because it wants to mix the Latitude app, the Navigation and the Maps all in one. That and I think Google wants to make people use Google Plus as well.
Click to expand...
Click to collapse
I've found that now ALL google apps want access to contact information. I am not updating any of them because i dont see why it needs legitimate access to that personal information.
Lyian said:
I am not updating any of them...
Click to expand...
Click to collapse
Mmm keep your software outdated certainly will not help you to have a secure system, google probably already has all your contacts (sync,mail,etc..) I don't think he would need to steal them.
Rather, you should ask if there is a method to deny these permissions without unistalling the app, considering that the smartphone is your, like the contacts...
Greetings.
as you know, even if we disable "android device manager" from settings->security->device administrators, it still can be enabled from https://www.google.com/android/devicemanager "enable lock & erase"
from one side it is good, but from other side it is bad - i don't want that my phone can be remotely erased by google
this functionality definitely resides in gmscore.apk
of course, we can just kill all google services, but we loose too much.
so : probably someone from devs here already know answer what to patch in gmscore to disable this behavior ?
with latest gmscore update ( 6.1.74 (1511752-038) ) the only message i can see, when pushing "enable lock and erase" :
GCM message com.google.android.gms 0:1414056810224892%136ddda63e77bab2
Click to expand...
Click to collapse
of course, hex payload different each time.
disabling service
Code:
com.google.android.gms.mdm.services.GcmReceiverService
did job
:good:
Thanks you, I 'm searching since 10 minute.
the_laser said:
disabling service
Code:
com.google.android.gms.mdm.services.GcmReceiverService
did job
Click to expand...
Click to collapse
Thanks! I was wondering how to do that.
thanks, but...
the_laser said:
disabling service
Code:
com.google.android.gms.mdm.services.GcmReceiverService
did job
Click to expand...
Click to collapse
I can't seem to find that service, heck I can't even find gmscore.apk
When I use find / -name gmscore.apk in terminal nothing came up.
Running 4.4.2 on galaxy S5, google framework 4.4.2-940549
Any ideas?
I would really not want my device wiped If my google account was compromised (really only have it for android)
as i remember, this service because build into gmscore from 4.4.4 and enabling downloading some external application.
can be wrong, though.
damn it google!
This is really frustrating. I can't find a way to disable it and I can't find 'com.google.android.gms.mdm.services.GcmReceiverService'.
This a serious security flaw, let me explain why.... I have a company account on my phone, just for the purpose of receiving gmail, and that's very important to me. This also means this account can access my phone through android device manager. So, anyone that can log in to firm's gmail can lock and erase my phone and there's no way to disable it. Best I could do was turn off location reporting and hide my phone from showing in device list. However, anyone that can log in to this account, can also change this in settings and unhide it, enable lock and erase, make it ring and.... well, lock and erase it.
This is very worrying when you have a lot of people with access to gmail account that you also have on your phone. ATM only solution I see is to remove account on my phone and search for other email app.
Anyone knows how one could deal with this and still use gmail app?
gimche said:
This is really frustrating. I can't find a way to disable it and I can't find 'com.google.android.gms.mdm.services.GcmReceiverService'.
This a serious security flaw, let me explain why.... I have a company account on my phone, just for the purpose of receiving gmail, and that's very important to me. This also means this account can access my phone through android device manager. So, anyone that can log in to firm's gmail can lock and erase my phone and there's no way to disable it. Best I could do was turn off location reporting and hide my phone from showing in device list. However, anyone that can log in to this account, can also change this in settings and unhide it, enable lock and erase, make it ring and.... well, lock and erase it.
This is very worrying when you have a lot of people with access to gmail account that you also have on your phone. ATM only solution I see is to remove account on my phone and search for other email app.
Anyone knows how one could deal with this and still use gmail app?
Click to expand...
Click to collapse
Instead of a problem with ADM, this sounds like a massive security issue on your company's side. I don't know why your company need to share the same email account, but the more people who have access, the more likely someone will spill the beans. If I am you, getting my phone wiped will the least of my worries.
Sent from my iPhone using Tapatalk
Thank you, that is what I want. Great!
Ok so Im facing the same problem is there any way to disable this process ?
gimche said:
This is really frustrating. I can't find a way to disable it and I can't find 'com.google.android.gms.mdm.services.GcmReceiverService'.
This a serious security flaw, let me explain why.... I have a company account on my phone, just for the purpose of receiving gmail, and that's very important to me. This also means this account can access my phone through android device manager. So, anyone that can log in to firm's gmail can lock and erase my phone and there's no way to disable it. Best I could do was turn off location reporting and hide my phone from showing in device list. However, anyone that can log in to this account, can also change this in settings and unhide it, enable lock and erase, make it ring and.... well, lock and erase it.
This is very worrying when you have a lot of people with access to gmail account that you also have on your phone. ATM only solution I see is to remove account on my phone and search for other email app.
Anyone knows how one could deal with this and still use gmail app?
Click to expand...
Click to collapse
deadwolf666 said:
Ok so Im facing the same problem is there any way to disable this process ?
Click to expand...
Click to collapse
tamuin said:
I can't seem to find that service, heck I can't even find gmscore.apk
When I use find / -name gmscore.apk in terminal nothing came up.
Running 4.4.2 on galaxy S5, google framework 4.4.2-940549
Any ideas?
I would really not want my device wiped If my google account was compromised (really only have it for android)
Click to expand...
Click to collapse
Install My Android Tools then go to Service>Google Play Service then disable the corresponding service.
https://play.google.com/store/apps/details?id=cn.wq.myandroidtools&en
How about using a ROM without gapps?
Cyclu said:
Install My Android Tools then go to Service>Google Play Service then disable the corresponding service.
https://play.google.com/store/apps/details?id=cn.wq.myandroidtools&en
Click to expand...
Click to collapse
This dosent appear to be working, as after I disable all the above services, clicked on "enable lock and erase" from my google account it reactivated said services. So which service is activating and overriding the services I disabled?
Im running Android 4.4.2(goldeneye rom, Googymax kernal) on a Samsung i9505, I use Xprivacy, Android firewall, and Appmaster(app uninstaller & autostart manager)
Trying to secure an oem samsung Rom from google and its services while still using all the factory apps is going to be like herding cats...
It's similar to going to the pool and expecting to swim but not getting wet.
If you use Google apps and use the accounts feature of Android then you are going to have Google play services and other Google services running, and sadly you can stop them all you want they update and restart themselves regularly.
You just can't get away from Google, if you still use Google play, the Google mail app, Google voice search, Google account verifier, Google download manager, Google hangouts, Google plus or the host of other Google services and apps that a baked into your rom.
All you will do in find yourself with a lot of force closes from apps, and less hair more cats.
What @Cyclu said was the right way. there are several services and receivers that have "mdm" , probably what you could do is use the search function in the app while viewing the services for GooglePlayServices. at the top of the screen, click menu, toggle full, (full/short option) then tap the magnifying glass, then the search box and type "mdm" , then do the same thing under the receivers section
This is so annoying. Can you imagine disabling admin on the phone, knowing that after reading the description in that area of the settings that it cannot be used to wipe the phone? Then someone testing it to prove it and they click "Enable" and wipe the phone? Know how dangerous that is? My phone is an S5 mini, stock firmware and rooted with SuperSU. What can I do to just prevent admin mode being enabled? I want to be able to track my phone's location but I do NOT want my phone able to be remotely wiped by anyone including myself, remotely.
I tried all. Looks like there is no way to disable ADM. Even if u disable corresponding service for ADM still when u restart that service gets re-enables it self again. Had any got a solution to disable this crappy android device manager fully?? thx in advance.
Forgive me, but this thread is just pathetic. If you have Gapps, your device is not yours. It is Google's. Period. If you can't live without hangouts and similar garbage, then enjoy them, but stop *****ing about remote wipe. You can't be half-pregnant. By the way, remote wipe is not the worse thing that could happen to you. Anything could be silently installed on "your" phone, even if you somehow disable ADM. It could be done through Google play and google services framework. Not to mention thar google analytics record everything about your activities and gsf regularly reports the same "home" i.e Google.
To gmail at work guy: if you can't use another client to access your work gmail, get a separate feature phone.
even "android = google" ? much less gapps , eh ?
"all i can really do is stay out of my own way and let the will of heaven be done"
mrrocketdog said:
even "android = google" ? much less gapps , eh ?
"all i can really do is stay out of my own way and let the will of heaven be done"
Click to expand...
Click to collapse
Android, unlike Gapps, is open source. So, you can get under the hood and clean lots of things.
What is different in security for cyanogenmod and normal android?
Is cyanogenmod has google spyware?
Thank you
arexium said:
What is different in security for cyanogenmod and normal android?
Is cyanogenmod has google spyware?
Thank you
Click to expand...
Click to collapse
No, cyanogenmod does not have google apps. For more info: http://wiki.cyanogenmod.org/w/Google_Apps
Even if they don't use google apps, they have their own spyware. For more how to secure your device see this: http://forum.xda-developers.com/general/security/tuto-how-to-secure-phone-t2960077
setmov said:
No, cyanogenmod does not have google apps. For more info: http://wiki.cyanogenmod.org/w/Google_Apps
Even if they don't use google apps, they have their own spyware. For more how to secure your device see this: http://forum.xda-developers.com/general/security/tuto-how-to-secure-phone-t2960077
Click to expand...
Click to collapse
This hard for apply and may be not work for my phone
You know easy way?
You thinks not use smart phone and also not use android better?
Only normal phone and for internet only use computer?
Different idea, if you have only text secure app on phone and cyanogenmod how they spy and see message?
Thank you
arexium said:
This hard for apply and may be not work for my phone
You know easy way?
You thinks not use smart phone and also not use android better?
Only normal phone and for internet only use computer?
Different idea, if you have only text secure app on phone and cyanogenmod how they spy and see message?
Thank you
Click to expand...
Click to collapse
I suggest you take a look here: http://forum.xda-developers.com/showthread.php?t=2550769
setmov said:
I suggest you take a look here: http://forum.xda-developers.com/showthread.php?t=2550769
Click to expand...
Click to collapse
This good, I check it
What you think this one please, Replicant OS?
arexium said:
This good, I check it
What you think this one please, Replicant OS?
Click to expand...
Click to collapse
What phone do you have?
setmov said:
What phone do you have?
Click to expand...
Click to collapse
This lenovo a5000
What you think Replicant OS, good one? I changes phone if this good one
arexium said:
This lenovo a5000
What you think Replicant OS, good one? I changes phone if this good one
Click to expand...
Click to collapse
Honestly I haven't tried it, so I don't know. But, what are you looking for? A secure rom, or just a rom without google apps?
setmov said:
Honestly I haven't tried it, so I don't know. But, what are you looking for? A secure rom, or just a rom without google apps?
Click to expand...
Click to collapse
Yes I want secure ROM even if not work on my phone, I can change phone
arexium said:
Yes I want secure ROM even if not work on my phone, I can change phone
Click to expand...
Click to collapse
Then, I suggest you to be patient. There will be some news soon.
try AFWall Donate version, XPrivacy, AppOps, MyAndroidTools Pro, ChatSecure, Orbot, Network Connections or Network Log App in playstore, override DNS app, SD Maid, Firefox browser...these are all good apps known for supporting end-user privacy or for strong root level management of your system. It really depends on what type of "secure" youre interested in. Android is relatively secure security-wise, but privacy-wise, not so much... actually in its default state, not at all, especially with google inside. Knowing your settings, and config, almost any ROM can be secure.
arexium said:
Yes I want secure ROM even if not work on my phone, I can change phone
Click to expand...
Click to collapse
If you are willing to switch to a Nexus 5 we (Graphite Software) have posted a ROM (Secure Spaces) that allows you to create a separate space (virtual phone) where you can easily configure the settings (enable and disable a number of attributes - bluetooth , networking, adb, etc). Also you can remove the Google Play apps in this personal or hidden space, but allow the owner space to still have Google Apps if you want. This new space is encrypted using ecryptfs and also has pid namespaces enabled in the kernel, plus some additional security features. You can push apps into this space to limit their access to the owner space , or you can think of this space as a private space where maybe you launch only a banking app for example.
ElwOOd_CbGp said:
try AFWall Donate version, XPrivacy, AppOps, MyAndroidTools Pro, ChatSecure, Orbot, Network Connections or Network Log App in playstore, override DNS app, SD Maid, Firefox browser...these are all good apps known for supporting end-user privacy or for strong root level management of your system. It really depends on what type of "secure" youre interested in. Android is relatively secure security-wise, but privacy-wise, not so much... actually in its default state, not at all, especially with google inside. Knowing your settings, and config, almost any ROM can be secure.
Click to expand...
Click to collapse
Sounds like a good start to helping secure my android, but how do you use the apps effectively?
Thanks
talkcc144 said:
Sounds like a good start to helping secure my android, but how do you use the apps effectively?
Thanks
Click to expand...
Click to collapse
All I can say is do what I did. Check them out. Read, follow instructions, experiment. Android may come shipped with some functionalities disabled but the capability is there...in a major way. You just have to take the time to learn. Familiarize yourself with settings, apps, services, device signals.
Is it possible to install MIUI original apps on Cyanogenmod or any other phone/OS?
Living in China, backing up to the Mi Cloud is easier than to syncing with Google, as it does not require switching on the VPN and thus does not drain the battery waiting for a VPN connection and gets generally higher network speeds.
Also, the dialler and the messaging app have features that are handy for users in China. The messaging app automatically picks up tracking codes from courier services and can track their progress on the official website easily. It also knows which companies use which phone numbers for broadcast messages and automatically assigns logos and names to their messages.
The dialler app comes with phone number tagging. A phone number that is tagged as a scam, telemarketeer or a courier will show up as such so you have a chance to decline or accept an unknown number.
All these features are a little too handy to be missed. Can they be reinstalled now that I put Cyanogenmod on my phone, or could they even be installed on, say, a Samsung phone without MIUI?
LBE and xiaomi launcher
But in foreign countries, usefulness
coderstory said:
LBE and xiaomi launcher
But in foreign countries, usefulness
Click to expand...
Click to collapse
Don't need LBE, I don't think much of the whole 'security' app thing on a phone. But would the Launcher bring back the dialler and the messaging? But then I can't use these apps if I decide to keep Catapult launcher?
So I wonder why, for instance, I cannot install the Xiaomi Music app onto my Cyanogenmod. It says app not installed after I download it from the Mi Appstore. Is it missing a framework or something? Or does it just check whether it's in the MIUI environment and bails if it's not?
bluppfisk said:
So I wonder why, for instance, I cannot install the Xiaomi Music app onto my Cyanogenmod. It says app not installed after I download it from the Mi Appstore. Is it missing a framework or something? Or does it just check whether it's in the MIUI environment and bails if it's not?
Click to expand...
Click to collapse
I would say because its a system app, you have to put it to /system/priv-app via a root Explorer and change permissions to rw r r .
Or can try to put it in /system/app.
Maybe this works.
Does it have the same heat problems that it have with MIUI multilanguage (aka development) version at least? I'm installing stable version right now to test if the heat and throttle in heavy graphics games is still a problem.
L.E. Sorry (very) wrong thread.
bluppfisk said:
Is it possible to install MIUI original apps on Cyanogenmod or any other phone/OS?
Living in China, backing up to the Mi Cloud is easier than to syncing with Google, as it does not require switching on the VPN and thus does not drain the battery waiting for a VPN connection and gets generally higher network speeds.
Also, the dialler and the messaging app have features that are handy for users in China. The messaging app automatically picks up tracking codes from courier services and can track their progress on the official website easily. It also knows which companies use which phone numbers for broadcast messages and automatically assigns logos and names to their messages.
The dialler app comes with phone number tagging. A phone number that is tagged as a scam, telemarketeer or a courier will show up as such so you have a chance to decline or accept an unknown number.
All these features are a little too handy to be missed. Can they be reinstalled now that I put Cyanogenmod on my phone, or could they even be installed on, say, a Samsung phone without MIUI?
Click to expand...
Click to collapse
You could always try to look at miui forum for your needs. They have this launcher but if I remember correctly I think there is one more app that brings more of MIUI on any other phone. I dont remember it now. Start diging there, maybe you get what you need.
Try this camera mates:
http://forum.xda-developers.com/showthread.php?p=62516972
rob rich said:
I would say because its a system app, you have to put it to /system/priv-app via a root Explorer and change permissions to rw r r .
Or can try to put it in /system/app.
Maybe this works.
Click to expand...
Click to collapse
This worked :good:
might be u interested
https://forum.xda-developers.com/xi...ui-framework-features-cloud-services-t3701010
What is LBE?
What is LBE for install miui apks in cm roms?
If you go into settings and search for 'covid', you'll see settings implying that contact tracing functionality is installed.
How far does it go? It needs bluetooth but will it enable bluetooth regardless if you enable your antenna or not?
Will it show your bluetooth to be on or not?
I don't need answers to these questions. I want to remove this stuff from my phone.
My understanding is that the functionality was installed 'as a part of' and 'in an update of' Google Play-Services.
To remove it, I guess we would need a modified Google Play-Services package
or
remove Google Play-Services altogether.
I don't know to what lengths Google Play-Services is required by OxygenOS or other distros for that matter.
Google Apps won't work anymore without it. That definitely suck for Translate and Maps but I guess there are alternatives for that.
Google bought Waze. I wonder if Waze needs Google Play-Services..
I never was a fan of custom ROMs and rooting. I was perfectly happy with OxygenOS (OnePlus 7).
Now I really don't care, I want this garbage off my phone. Kr,
progonkpa said:
If you go into settings and search for 'covid', you'll see settings implying that contact tracing functionality is installed.
How far does it go? It needs bluetooth but will it enable bluetooth regardless if you enable your antenna or not?
Will it show your bluetooth to be on or not?
I don't need answers to these questions. I want to remove this stuff from my phone.
My understanding is that the functionality was installed 'as a part of' and 'in an update of' Google Play-Services.
To remove it, I guess we would need a modified Google Play-Services package
or
remove Google Play-Services altogether.
I don't know to what lengths Google Play-Services is required by OxygenOS or other distros for that matter.
Google Apps won't work anymore without it. That definitely suck for Translate and Maps but I guess there are alternatives for that.
Google bought Waze. I wonder if Waze needs Google Play-Services..
I never was a fan of custom ROMs and rooting. I was perfectly happy with OxygenOS (OnePlus 7).
Now I really don't care, I want this garbage off my phone. Kr,
Click to expand...
Click to collapse
Next phone you can consider huawei.. Lol.. Legally required to ship with no trace of Google.
Sent from my SM-G985F using Tapatalk
OpenGapps the way forward?
progonkpa said:
To remove it, I guess we would need a modified Google Play-Services package
Click to expand...
Click to collapse
I am interested in this approach, as Aurora Store isn't able to fully replace google play at this time (no app purchasing)
So I have 2. questions to the community at large:
Would OpenGapps be the way forward? would this prevent googleplayserevices from be update by google thus preventing unauthorised/non-consented changes that facilitate state-level tracking.
And regard9ing the existing google services is there anyway to disable the covid19 toast notification appearing everytime time you enabled/disable bluetooth and or gps. The xposed module 'EnhancedToast' is able to do this, but only works on Andoird 6/7 or below.
b1k3rdude said:
I am interested in this approach, as Aurora Store isn't able to fully replace google play at this time (no app purchasing)
So I have 2. questions to the community at large:
Would OpenGapps be the way forward? would this prevent googleplayserevices from be update by google thus preventing unauthorised/non-consented changes that facilitate state-level tracking.
And regard9ing the existing google services is there anyway to disable the covid19 toast notification appearing everytime time you enabled/disable bluetooth and or gps. The xposed module 'EnhancedToast' is able to do this, but only works on Andoird 6/7 or below.
Click to expand...
Click to collapse
Covid-19 contact tracing requires installing an app, if you, yourself, the user, have not installed some form of Covid-19 contact tracing app, then you "should" be in the clear unless you somehow agreed to/allowed/gave permission to something without knowing what you were agreeing to/allowing/giving permission to .
Sent from my SM-S767VL using Tapatalk
Droidriven said:
Covid-19 contact tracing requires installing an app, if you, yourself, the user, have not installed some form of Covid-19 contact tracing app, then you "should" be in the clear unless you somehow agreed to/allowed/gave permission to something without knowing what you were agreeing to/allowing/giving permission to .
Sent from my SM-S767VL using Tapatalk
Click to expand...
Click to collapse
Google admitting they installed this on your phone without your permission
youtube video titled "Exposure Notifications System: Helping Health Authorities fight COVID-19"
check your android - settings/general/google->COVID-19 Exposure Notifications
I'm assuming being rooted is required to do anything towards removing/disabling it?
ultra4e said:
Google admitting they installed this on your phone without your permission
youtube video titled "Exposure Notifications System: Helping Health Authorities fight COVID-19"
check your android - settings/general/google->COVID-19 Exposure Notifications
I'm assuming being rooted is required to do anything towards removing/disabling it?
Click to expand...
Click to collapse
The only way to get rid of it is to delete Google Play Services. That's how they snuck it in. On Android Pie it's simple. Just debloat via ADB using pm list packages prompt and voila! it's gone. On Android 10 it works the same EXCEPT none of the google apps, firefox, instacart, or anything like that will WORK. So you can de-google all you want - they've baked it into everything. It's something I'm struggling with now since I was forced to upgrade.