Database Info

[Q] How do I allow only one app to access data connection?

As the title says: How do I allow only one app which I select to access the data connection?
To clarify, I want all apps to have permission to access the data connection, just not at the same time. (I want only the app I'm using to access the internet at that time.)

Disable background data in settings and use Droidwall (search in market)
Press the THX BUTTON BELOW if I HELPED !!!
Contact me:
My website: Droidiser.in
Facebook
My Facebook Page
Add me to your circles
Twitter

I'm not rooted, so I can't use Droidwall. And, apps seem to access the internet even when background data is disabled

bumpbumpbumpbumpbumpbumpbumpbumpbump

These are the incentives I tired my phone for, Droidwall and other things
Sent from my Galaxy S Infinity on xda free

You have to root it if you wanna block anything. Then Droidwall or LBE.
Wrong section btw.
via XDApp

What are the repercussions of removing contacts provider in Android?

Personally I think the contacts provider (and other providers)in Android is a huge security risk. Every app and it's brother wants full access to your contacts so they can mine them for usable information. This can be just to add easy links to friends or to spam them with advertisements or offers to identity theft.
I've started using a pim manager that does not access Androids contact provider, calendar provider , tasks or other providers in it's operations.(And I really wish it was open source)
I have already removed the Google sync apks from my device and have removed contacts, calendar in the past. But not the providers.
It might cause some badly written apps to crash.
But I can't forsee any other serious problems.
Ideas? Thoughts?

Honestly sounds like a good idea..
Myself I decided to go for a while without any gapps and any other "store" installed on my phone.
My contacts are imported from a .vcf file which i update manually when needed.
I also have installed AFWall+ and i blocked the internet access to pretty much all the other apps including the system ones.. (everything i could get away with basically )
This could be a solution as well but it's rudimentary one at the moment.
nutpants said:
Personally I think the contacts provider (and other providers)in Android is a huge security risk. Every app and it's brother wants full access to your contacts so they can mine them for usable information. This can be just to add easy links to friends or to spam them with advertisements or offers to identity theft.
I've started using a pim manager that does not access Androids contact provider, calendar provider , tasks or other providers in it's operations.(And I really wish it was open source)
I have already removed the Google sync apks from my device and have removed contacts, calendar in the past. But not the providers.
It might cause some badly written apps to crash.
But I can't forsee any other serious problems.
Ideas? Thoughts?
Click to expand...
Click to collapse

I already don't have Google apps on my device.
Everything blocked with afwall+ using profiles so things only get net when I'm using them on the net.
Fdroid is where I get 90% of my software and from the internet for much of the other 10%
I have a old phone with nothing on it personal at all. Which has play store for the 3 or 4 paid apps I need, it does updates for them and a few free ones. I copy the apks over to my daily driver.
I constantly hound developers on play store to support offline devices and not to implement features that break the app when there is no internet. Even app I don't use lol.
(I have 2 tablets and far too many old phones.only two devices are online(some are local lan only))
Someone should start a offline foundation. But being online it might be ridiculous..

I too removed contacts by using /system/app mover from f-droid. It was unintended as I wanted them as a user application but they wouldn't work like this and the icon vanished, that was fine with me for a long time. The other day I wanted contacts for signal (and telegram also won't work without them). I restored the application files from a backup,
For reference in /system/app/ the missing files were
SecContacts.apk
SecContactsProvider.apk
Other contacts programs like Simple Contacts can't run without a system permission called com.android.contacts and without those files in /system/app the permission doesn't get created at boot. The result being that no contact creation is possible.
What I would really like is a modified version of the system app that passes contacts data to the calling program depending on individual contact entry permissions with regard to each calling app; one list for telegram, another for signal etc. I gather that recent android versions above 6.0.0 have functionality to check calling application certificates so something along these lines should be possible. For earlier versions it might be necessary to switch between multiple contacts databases before starting the messaging app and also removing it from the autoboot list.
https://developer.android.com/guide/topics/permissions/defining

[Completed] Is there a way to block apps from accessing internet in Lollipop?

I did some research on internet and most of the articles related to this topic are either outdated or suggests using some kind of another app.
I want to block internet access to apps I've installed without installing any other app or firewall. I was wondering whether there are any inbuilt settings in Lollipop which has this feature?
Basically I am worried that apps like Clean Master, etc. would be snooping around my msgs, contacts lists, pics and sending them to their servers.

Hi,
Thanks for using XDA Assist.
No, there's no built-in feature in Lollipop to block Internet access. That's not a priority for Google
However I do recommend you to use AFWall+ (root required) or NetGuard.

Mobile Device Management - MDM

well my company decided that company emails will work only under MDM. So today we tested this app on my mobile on BYOD mode as logical container.
https://www.manageengine.com/mobile-device-management/
And I am really not happy to what this app has access and I can't restrict it, because the access is enabled by admin of MDM. Please see attached screenshot.
the app has access to: camera, contacts, location, phone and storage and i can't block this access.
for contacts, phone and storage it looks like it has access only to folders in container (I hope, as i can't access my contact and documents from work profile). However accessing camera and location is not ok for me. Yes the admin of MDM app can see where i am in live and i can't block it. If I root the device the program will stop working, any other way how to prevent access to camera and location? Using oneplus 7T on Oxygen OS 10.0.15. Thinking about removing this app, but work email on the phone is almost must have for me.

wolfyy said:
well my company decided that company emails will work only under MDM. So today we tested this app on my mobile on BYOD mode as logical container.
https://www.manageengine.com/mobile-device-management/
And I am really not happy to what this app has access and I can't restrict it, because the access is enabled by admin of MDM. Please see attached screenshot.
the app has access to: camera, contacts, location, phone and storage and i can't block this access.
for contacts, phone and storage it looks like it has access only to folders in container (I hope, as i can't access my contact and documents from work profile). However accessing camera and location is not ok for me. Yes the admin of MDM app can see where i am in live and i can't block it. If I root the device the program will stop working, any other way how to prevent access to camera and location? Using oneplus 7T on Oxygen OS 10.0.15. Thinking about removing this app, but work email on the phone is almost must have for me.
Click to expand...
Click to collapse
Whenever a device is enrolled with MDM mobile device management solution, you do not have any control over it. Only an IT admin can make any changes to the device.
The IT admins configure the MDM agent on the device via the MDM server. This includes policy configuration, apps, and content push as well as security controls.

Can the work profile have access to my browsing history, device files, etc.?

I was recently admitted to a company, and as an ease of accessing my e-mails and work schedule, the android "work profile" was made available so that I could have access to company information (such as e-mails, calendar, information and others) without having to receive a corporate cell phone.
However, my biggest concern is with the organization's access to my data. My organization that created the work profile, can have access to my browsing history, data on the device (such as photos, application files, etc.), time I spend using my cell phone, contacts, call logs, and other data personal profile?
I have already visited the google instructions page, but I was still unsure because my organization installed some network certificates and the warning "Your organization can monitor network traffic ..."
Another question:
If I leave a work profile app open in the background, and use my personal profile at the same time, can my organization have access to network traffic and consequently my personal information?
All questions, however redundant, are intended to clarify the details of the organization's access to my personal information
From now on, I am immensely grateful for the help and time you spent reading my questions.

You are holding a phone in your hands for which an organization has concluded a data plan contract and is paying for it. They therefore will have a legitimate interest in the network traffic on this device, unless it is a contract for unlimted bandwidth. Network traffic is triggered by apps / services , which can actually be read out: they simply have to install a HTTP/S proxy what is intercepting the HTTP/S traffic on any app housed on the phone.

jwoegerbauer said:
You are holding a phone in your hands for which an organization has concluded a data plan contract and is paying for it. They therefore will have a legitimate interest in the network traffic on this device, unless it is a contract for unlimted bandwidth. Network traffic is triggered by apps / services , which can actually be read out: they simply have to install a HTTP/S proxy what is intercepting the HTTP/S traffic on any app housed on the phone.
Click to expand...
Click to collapse
The phone is mine, and there is no plan
of internet hired by the company.
It's my personal cell phone, and for me to get
view emails and talk to people from
within the organization, I had to enable
the "work profile".
So I had my personal and work profile
on my personal device.
My question is: my company can see
my personal files and my online activity
in the "PERSONAL PROFILE"?

Fred964 said:
The phone is mine, and there is no plan
of internet hired by the company.
It's my personal cell phone, and for me to get
view emails and talk to people from
within the organization, I had to enable
the "work profile".
So I had my personal and work profile
on my personal device.
My question is: my company can see
my personal files and my online activity
in the "PERSONAL PROFILE"?
Click to expand...
Click to collapse
I created a second user on my phone named "Company".
If I do this it asks me if I wan't to turn on phone calls and SMS and then warns that
Call and SMS history will be shared with this user.
Click to expand...
Click to collapse
That makes sense, since I (as the owner) can decide whether or not other users of my phone can access that data.
I tried to access owners files via filemanager from "Company" account. I couldn't see anything.
I tried the same but via adb using a root shell -> I had full access to owners files.
Owner has a VPN active. I tried to access that VPN from within "Company". Didn't work.
Tried to access apps from within "Company" -> no luck.
Checked settings -> some are gone, some aren't. E.g. I can see my paired devices (paired from owner) when I'm in "Company" account.
Soo, to answer your question:
Fred964 said:
My organization that created the work profile, can have access to my browsing history, data on the device (such as photos, application files, etc.), time I spend using my cell phone, contacts, call logs, and other data personal profile?
I have already visited the google instructions page, but I was still unsure because my organization installed some network certificates and the warning "Your organization can monitor network traffic ..."
Click to expand...
Click to collapse
Access to browsing history, data, contacts? No.
Time spend? I don't know but in battery usage settings I can see how much battery has been used by the owner account.
Call logs? Yes, If you accepted that.
Your language? Yes.
About certificates: I don't know excactly what they do (I figured if you turn them off your device cannot connect to the internet anymore if that certificate is needed for that connection attempt) but you can go to Security -> Encryption & credentials -> Trusted credentials and turn them off while your in your personal account.
However: One questions remains: Does the profile your company created somehow differ from the one you can create manually via settings? I don't think so, so above things should be valid.
If that's an option you could also ask your company directly (even though I can understand if you might not want to trust them).