Scoped storage introduced in Android 11 is good, but RESTRICTED Storage would be an even better option.
On Android, at the moment, apps that have access to internal storage for their own files, also have access to every other file in the system. This is not only a privacy risk, but also a security concern. With the introduction of Scoped Storage, some of that is being addressed. Yet, there is still scope for misuse if apps have malicious intent.
I would like to have a system where every app that needs access to a file must go through the built in file manager to prevent misuse. What that means is no app has permanent access to files that are not created by them, and can only access files each time with explicit user consent and interaction. This would completely address the privacy concerns with regards to files.
This is how the Files app in iOS is designed and is an extremely well thought out one. Let me illustrate with an example:
We all know how Facebook is notorious when it comes to privacy. Let's assume you have a Facebook account and the Facebook app is installed on your phone. If you want to share a picture on Facebook, you have to grant the app access to your internal storage. On Android, this effectively grants Facebook access to every file on your storage. Given the reputation, it won't be surprising if Facebook app scans all your pictures/ videos for its AI/ ML, or even uploads them without your knowledge.
On iOS, the permission screen looks like this:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
You have the choice of either granting permanent access (Option 1), or limit the access to just the file(s) you want (Option 2). This permission can be set per app.
On Android, it is essentially Option 1 alone. You have to grant access to the entire file system for you to be able to upload your pics to Facebook.
On iOS, you have the choice of uploading just the pic you want, without giving the app access to any other file in your internal storage. This is a huge privacy boon.
In this case, Facebook app has to make a request to the built in file manager (which obviously has access to every file in the system), and you browse your media library using the built-in file manager (with which the built-in Photos app is integrated) to grant access. Facebook app sees absolutely nothing. It only makes a query, and everything else is handled by the built-in file manager. So even without granting blanket access, you are able to upload the file you want!
Same holds true for every app. An app should only have permanent access to its own files, and not any other file. For access to any other file, the app has to go through the built-in file manager route and access only the file that the user wants it to see.
Alternatively, ALL folders will be 'Restricted' by default. However, users will have the option to selectively relax the restrictions (per folder) for one or more apps (under folder properties) to give just those apps full access.
Hope Google (and custom ROM makers) can design something like this keeping in mind the privacy needs of its users, and the abusive intents of large corporations and malicious actors.
Here is an app that achieves the objective defined above:
Storage Isolation
Load trusted, vetted apps only; you are what you load. Don't allow apps to update; they may pass Playstore security only to update latter installing their payload. Firewall block all apps that don't need an internet to do their job. Most don't need access once activated.
Never load social media or shopping apps on the device, they are malware and an ongoing high security risk. If the social media site can't be fully logged onto and accessed by browser, ditch it.
Nothing can protect you from yourself, actions have consequences.
blackhawk said:
Load trusted, vetted apps only; you are what you load. Don't allow apps to update; they may pass Playstore security only to update latter installing their payload. Firewall block all apps that don't need an internet to do their job. Most don't need access once activated.
Never load social media or shopping apps on the device, they are malware and an ongoing high security risk. If the social media site can't be fully logged onto and accessed by browser, ditch it.
Nothing can protect you from yourself, actions have consequences.
Click to expand...
Click to collapse
The implementation suggested above would address privacy concerns related to user files and I'm not sure why Google hasn't yet done so.
Buying a smartphone and limiting it's usability severely as you say isn't practical.
TheMystic said:
The implementation suggested above would address privacy concerns related to user files and I'm not sure why Google hasn't yet done so.
Buying a smartphone and limiting it's usability severely as you say isn't practical.
Click to expand...
Click to collapse
Why has Google or Samsung not integrated a native firewall to Android? I use Karma Firewall, it uses almost no battery. Unfortunately it's valuable logging feature doesn't work on Android 10 and higher. Works fine with Pie though. I have apps like the 6yo free version of WPS office that wouldn't load on 11, pleasantly surprised it loaded on 10. It has no drop in replacement today that's not cloud or free. I simply firewall block it so it doesn't want to update to the current paid version. Doesn't effect usability.
What Google did with scoped storage kills a lot of useful and trusted apps while giving a false sense of security. Hackers never sleep and will always find workarounds to get your data.
Google is one of the worst data miners and purveyors of disinformation, trust them?
blackhawk said:
Why has Google or Samsung not integrated a native firewall to Android? I use Karma Firewall, it uses almost no battery. Unfortunately it's valuable logging feature doesn't work on Android 10 and higher. Works fine with Pie though. I have apps like the 6yo free version of WPS office that wouldn't load on 11, pleasantly surprised it loaded on 10. It has no drop in replacement today that's not cloud or free. I simply firewall block it so it doesn't want to update to the current paid version. Doesn't effect usability.
What Google did with scoped storage kills a lot of useful and trusted apps while giving a false sense of security. Hackers never sleep and will always find workarounds to get your data.
Google is one of the worst data miners and purveyors of disinformation, trust them?
Click to expand...
Click to collapse
This is why I prefer Oxygen OS, Colour OS and MiUI, all of which offer a native firewall within their OS. Since OOS 12, Oxygen OS is now showing a popup everytime a blocked app is launched. This is extremely annoying.
Karma Firewall appears to be an abandoned project with no update. It isn't working properly on Android 12 and newer. Netguard is currently the best.
Giving the user ability to setup which folders/ files each app can access would greatly enhance privacy. Scoped Storage is a half baked implementation, even though something is better than nothing. The implementation suggested above will address many of the current shortcomings.
Nothing is foolproof or failsafe. But bringing in improvements is always welcome.
Google may be the biggest data miner, but unfortunately their apps and services do not have competing alternatives. Users have to make lots of compromises when choosing alternatives.
The other reason I prefer Google/ Microsoft apps is because they help me be platform independent, since their apps are also available on iOS, Windows and Mac.
Mind sharing that cloud free version of WPS?
TheMystic said:
This is why I prefer Oxygen OS, Colour OS and MiUI, all of which offer a native firewall within their OS. Since OOS 12, Oxygen OS is now showing a popup everytime a blocked app is launched. This is extremely annoying.
Karma Firewall appears to be an abandoned project with no update. It isn't working properly on Android 12 and newer. Netguard is currently the best.
Giving the user ability to setup which folders/ files each app can access would greatly enhance privacy. Scoped Storage is a half baked implementation, even though something is better than nothing. The implementation suggested above will address many of the current shortcomings.
Nothing is foolproof or failsafe. But bringing in improvements is always welcome.
Google may be the biggest data miner, but unfortunately their apps and services do not have competing alternatives. Users have to make lots of compromises when choosing alternatives.
The other reason I prefer Google/ Microsoft apps is because they help me be platform independent, since their apps are also available on iOS, Windows and Mac.
Mind sharing that cloud free version of WPS?
Click to expand...
Click to collapse
Developers come and go. Karma Firewall is great app. After what Google did with scoped stoirage I don't blame them for bailing.
I have nothing against added security per se but it should be an option if it causes loss of functionality or uses resources. Knox is another one I hate. Gmail is the only Google app I regularly use. All my apps are backed up as installable copies on the data drive so no Playstore needed to reload. Completely self contained and self sufficient.
Make sure you firewall block it. It may not load on 11 or higher. To save docs you may have to play with it a bit but it will create, modify and save Word (doc x too) documents. More versions are found on APKmirror. About 81.37mb installed.
blackhawk said:
Developers come and go. Karma Firewall is great app. After what Google did with scoped stoirage I don't blame them for bailing.
I have nothing against added security per se but it should be an option if it causes loss of functionality or uses resources. Knox is another one I hate. Gmail is the only Google app I regularly use. All my apps are backed up as installable copies on the data drive so no Playstore needed to reload. Completely self contained and self sufficient.
Make sure you firewall block it. It may not load on 11 or higher. To save docs you may have to play with it a bit but it will create, modify and save Word (doc x too) documents. More versions are found on APKmirror. About 81.37mb installed.
Click to expand...
Click to collapse
I was using Karma, until it stopped working reliably. So went back to Netguard which is really good, and with some very useful feature not available in Karma.
Where do you install new apps from? APK backups help in going back to an older version. But for newer versions, you need Google Play Store, unless you are happy with apkmirror or similar.
I have a MS 365 subscription, so this is just a backup of a clean version of WPS, whose newer version destroys all context menus by showing up everywhere. I wish Android provided a way to customise context menus as well as share menus.
Thanks for the apk though.
TheMystic said:
I was using Karma, until it stopped working reliably. So went back to Netguard which is really good, and with some very useful feature not available in Karma.
Where do you install new apps from? APK backups help in going back to an older version. But for newer versions, you need Google Play Store, unless you are happy with apkmirror or similar.
I have a MS 365 subscription, so this is just a backup of a clean version of WPS, whose newer version destroys all context menus by showing up everywhere. I wish Android provided a way to customise context menus as well as share menus.
Thanks for the apk though.
Click to expand...
Click to collapse
That's one reason this N10+ is still running on Pie. I've been wanting to try out netguard.
Rarely from Playstore. I try not to same apps as they can potentially damage the system or worse. Some of my copies date back 6 years, most 2-3, many over the years from Playstore. They run well. Playstore also uses battery, every bit counts.
I do a few side loads that are always scanned with online Virustotal. If they look even a little iffy I don't install them. I use F-Droid too. No issues with the side loaded apps, yet...
You're welcome. I get tired of renting apps and a capable office app is absolutely essential.
blackhawk said:
That's one reason this N10+ is still running on Pie. I've been wanting to try out netguard.
Rarely from Playstore. I try not to same apps as they can potentially damage the system or worse. Some of my copies date back 6 years, most 2-3, many over the years from Playstore. They run well. Playstore also uses battery, every bit counts.
I do a few side loads that are always scanned with online Virustotal. If they look even a little iffy I don't install them. I use F-Droid too. No issues with the side loaded apps, yet...
You're welcome. I get tired of renting apps and a capable office app is absolutely essential.
Click to expand...
Click to collapse
Netguard is very good, actually much better than Karma (it will reactivate itself if the OS kills it, automatically blocks new apps, etc). The one very good thing about Karma is that it has no internet permissions. But Netguard says it doesn't collect any data or track anything.
Personally, i prefer to have the latest versions of both OS and apps, so I'm surprised that you are not updating the OS just to use an app, especially when a better alternative is already available.
I too have sideloaded a few apps (after checking them on VirusTotal), but i stick with Google Play Store mostly. It is rare that an update breaks something or takes away a useful feature, so this works for me. Besides, i do keep a backup of the important APKs with me, should it be required.
TheMystic said:
Netguard is very good, actually much better than Karma (it will reactivate itself if the OS kills it, automatically blocks new apps, etc). The one very good thing about Karma is that it has no internet permissions. But Netguard says it doesn't collect any data or track anything.
Personally, i prefer to have the latest versions of both OS and apps, so I'm surprised that you are not updating the OS just to use an app, especially when a better alternative is already available.
I too have sideloaded a few apps (after checking them on VirusTotal), but i stick with Google Play Store mostly. It is rare that an update breaks something or takes away a useful feature, so this works for me. Besides, i do keep a backup of the important APKs with me, should it be required.
Click to expand...
Click to collapse
Rule #1 - if an OS is fast, stable and fulfilling its mission, let it be!
Upgrades/updates can and do break things. It's mostly all play time with this old load. No surprises, it just runs. I spent a lot of time optimizing it and changing the firmware or updating apps changes my manicured playing field into a sinkhole of trouble.
Android 11, 12, and 13 bring nothing I want to the table and are trying to steal the silverware. Google seeks to stay relevant like the lame big sister it is. Their improvements don't make my device run better or even any more secure but they do waste my time. Plus I don't like the way it looks. It's the smell.
TheMystic said:
Scoped storage introduced in Android 11 is good, but RESTRICTED Storage would be an even better option.
On Android, at the moment, apps that have access to internal storage for their own files, also have access to every other file in the system. This is not only a privacy risk, but also a security concern. With the introduction of Scoped Storage, some of that is being addressed. Yet, there is still scope for misuse if apps have malicious intent.
I would like to have a system where every app that needs access to a file must go through the built in file manager to prevent misuse. What that means is no app has permanent access to files that are not created by them, and can only access files each time with explicit user consent and interaction. This would completely address the privacy concerns with regards to files.
This is how the Files app in iOS is designed and is an extremely well thought out one. Let me illustrate with an example:
We all know how Facebook is notorious when it comes to privacy. Let's assume you have a Facebook account and the Facebook app is installed on your phone. If you want to share a picture on Facebook, you have to grant the app access to your internal storage. On Android, this effectively grants Facebook access to every file on your storage. Given the reputation, it won't be surprising if Facebook app scans all your pictures/ videos for its AI/ ML, or even uploads them without your knowledge.
On iOS, the permission screen looks like this:
View attachment 5183183
You have the choice of either granting permanent access (Option 1), or limit the access to just the file(s) you want (Option 2). This permission can be set per app.
On Android, it is essentially Option 1 alone. You have to grant access to the entire file system for you to be able to upload your pics to Facebook.
On iOS, you have the choice of uploading just the pic you want, without giving the app access to any other file in your internal storage. This is a huge privacy boon.
In this case, Facebook app has to make a request to the built in file manager (which obviously has access to every file in the system), and you browse your media library using the built-in file manager (with which the built-in Photos app is integrated) to grant access. Facebook app sees absolutely nothing. It only makes a query, and everything else is handled by the built-in file manager. So even without granting blanket access, you are able to upload the file you want!
Same holds true for every app. An app should only have permanent access to its own files, and not any other file. For access to any other file, the app has to go through the built-in file manager route and access only the file that the user wants it to see.
Alternatively, ALL folders will be 'Restricted' by default. However, users will have the option to selectively relax the restrictions (per folder) for one or more apps (under folder properties) to give just those apps full access.
Hope Google (and custom ROM makers) can design something like this keeping in mind the privacy needs of its users, and the abusive intents of large corporations and malicious actors.
Click to expand...
Click to collapse
So lol
blackhawk said:
Rule #1 - if an OS is fast, stable and fulfilling its mission, let it be!
Upgrades/updates can and do break things. It's mostly all play time with this old load. No surprises, it just runs. I spent a lot of time optimizing it and changing the firmware or updating apps changes my manicured playing field into a sinkhole of trouble.
Android 11, 12, and 13 bring nothing I want to the table and are trying to steal the silverware. Google seeks to stay relevant like the lame big sister it is. Their improvements don't make my device run better or even any more secure but they do waste my time. Plus I don't like the way it looks. It's the smell.
Click to expand...
Click to collapse
Updates also bring in security improvements, along with the excitement of new and improved features. I always install them when available, with very rare exceptions.
Ideally, they shouldn't require users to make any changes to their setup, and that has also largely been my personal experience.
TheMystic said:
Updates also bring in security improvements, along with the excitement of new and improved features. I always install them when available, with very rare exceptions.
Ideally, they shouldn't require users to make any changes to their setup, and that has also largely been my personal experience.
Click to expand...
Click to collapse
Unfortunately that is more marketing hype than fact. One reason I run this N10+ on Pie with no updates is to test that statement. This 3yo device and firmware is a cleaner running and a more capable device than the S22U. How can that be? Poor design from both Samsung and Google Android.
I use to always buy new cars, but I learned better and the folly of my ways 25 years ago as new car quality steadily declined. Now Android is reminding me of that bs. For over a $1G it better out perform my N10+ in every especially with SOT and storage. It should be lighter and slimmer. Yes, well...
blackhawk said:
Unfortunately that is more marketing hype than fact. One reason I run this N10+ on Pie with no updates is to test that statement. This 3yo device and firmware is a cleaner running and a more capable device than the S22U. How can that be? Poor design from both Samsung and Google Android.
I use to always buy new cars, but I learned better and the folly of my ways 25 years ago as new car quality steadily declined. Now Android is reminding me of that bs. For over a $1G it better out perform my N10+ in every especially with SOT and storage. It should be lighter and slimmer. Yes, well...
Click to expand...
Click to collapse
There are definitive improvements in hardware: CPU, GPU, RAM, Storage, etc. And most importantly the Cameras. The cameras on the S22U are really very good.
I don't have too many complaints with this device, except for the recent battery drain which I hope to solve.
I don't agree with your used car statement, unless you buy one from someone you know has taken care of it very well. Newer cars are definitely more safe than the old cars, both in terms of material used and in terms of safety features. Lighter alloys can be stronger and safer than heavier metals, so don't go by how strong a material feels.
But it is also true that companies are increasingly designing products that would fail within a certain time period, and this applies to gadgets, consumer durables, components used, etc.
It comes down to your experience over the useful life of the product that the company designs them for. And this is the area where newer products usually excel.
TheMystic said:
There are definitive improvements in hardware: CPU, GPU, RAM, Storage, etc. And most importantly the Cameras. The cameras on the S22U are really very good.
I don't have too many complaints with this device, except for the recent battery drain which I hope to solve.
I don't agree with your used car statement, unless you buy one from someone you know has taken care of it very well. Newer cars are definitely more safe than the old cars, both in terms of material used and in terms of safety features. Lighter alloys can be stronger and safer than heavier metals, so don't go by how strong a material feels.
But it is also true that companies are increasingly designing products that would fail within a certain time period, and this applies to gadgets, consumer durables, components used, etc.
It comes down to your experience over the useful life of the product that the company designs them for. And this is the area where newer products usually excel.
Click to expand...
Click to collapse
The SOC is faster, has better bandwidth and is more capable as is the ram, but is only marginally faster by milliseconds for most tasks.
The battery is huge but it gets significantly less SOT
The display can run brighter, but because of variable refresh rate it lacks the color/gamma accuracy/calibration of the N10+. It's pixels will suffer if used at higher brightness levels, they aren't immune to that.
No expandable storage means no 1tb dual (data) drive and no onboard redundancy. 5G isn't as useful as it was hyped up to be in practice and is less efficient for many tasks. It's still power hungry even today.
Its all about balance, functionality and form factor, something Samsung has forgotten how to do. They are completely hype driven now and their insanity is showing. The components look like great but the result doesn't equal the sum of the parts. It even doesn't exceed the N10+/Pie is some important specs.
The N10+ running on Pie is snappy fast, get great SOT/screen off times, has maybe the best display there is in terms of color accuracy etc, more storage that doesn't get wiped in a crash or factory reset. It's a powerful but well balanced device that's a reliable joy to use and weighs 30gms less. The N10+ is also cool running, I can use it for web browsing at 98F ambient for hours with no cooling without it overheating. Upper operating range is 102F ambient at which point I either cool it or stop using it.
Steel is still the best crash material for absorbing massive amounts of impact energy and maintaining it's integrity. I take a 89 Volvo 240 wagon in a crash of any type vs a newer car.
Even has no damage 5 mph impact no damage bumpers. Rock solid, reliable, easy to work on and gets at least 20 mpg no matter how you drive it. Best of all they're easy and fun to drive.
Or
A 89 F-250 Super Suspension 4×2 with a International naturally aspirated diesel with a C6. Fast off the line, minimum 20 mpg.
TheMystic said:
I would like to have a system where every app that needs access to a file must go through the built in file manager to prevent misuse. What that means is no app has permanent access to files that are not created by them, and can only access files each time with explicit user consent and interaction. This would completely address the privacy concerns with regards to files.
Click to expand...
Click to collapse
Glad to note that this is finally coming on Android 14.
I had made a post on this in Oct'20, and it is almost 2.5 years since then. Better late than never.
Related
After so long of developing apps for other people, I've decided to make one 100% by myself, and publish it.
The app is basically an alternative to the default app-manager of Android, and it provides some unique features that helps you manage and uninstall apps quicker and easier.
If you've found this app useful, please support it by sharing/donating/comment on the play store.
Installation link :
APK mirror:
https://www.apkmirror.com/apk/androiddeveloperlb/app-manager/
ApkPure:
https://apkpure.com/app-manager/com.lb.app_manager
Some screenshots
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
So, here's some information about it:
Background
How many times have you tried to uninstall an app but found it annoyingly hard, whether you've forgot its name or it's hidden in a bunch of many apps you have?
Have you ever wanted to uninstall a built in app, which came from the carrier/manufacturer?
Are you a programmer/tester and need to uninstall/reset your apps frequiently?
If so, this is the app for you.
Short description
As I've written ,the purpose of this app is to replace the default app-manager, and ease the uninstallation task as much as possible.
The app is free and supports Android 2.3 and above, but works best from Android 4.0.
The app has ads (banners) but you can easily remove them by donating.
Who is it useful for?
The app is intended for multiple kinds of people:
For the common user, it's easier to perform searches of apps, easier to unisnstall them, and easier to share them.
It's also easier to go to the play store page of the app ,give feedback about it and contact the developers.
For power users, it's easier to uninstall built in apps (AKA "system apps"), like the bloatware that come with the OS.
For developers, QA, and beta testers, it's easier to uninstall/reset the recently installed app, by using widgets.
You can also share apps as APK files, and see the version of the apps.
Features and advantages over other apps
Viewing of app types of apps, and not just those that you can launch (example: plugins, live wallpapers, keyboards,...).
Widgets, for quick uninstallation/reset of the most recently installed app.
Quick uninstallation of apps. For rooted devices, the uninstallation (and other operations) can be silent (in the background)
Easy uninstallation of apps that got admin privilages.
Ability to automatically add app shortcuts when they get installed, no matter how they got installed.
Also the ability to choose which launcher will create the shortcuts.
Easy to use - one click to uninstall. Long click for multi-selection
Context menu options on selected app:
Run
Share Play store link, Amazon AppStore link, or even APK file (no need for Root)
Manage
Open app on the Play store.
Kill background process, or stop the app (needs root)
Quick reset of the app (needs root).
disable/enable app (needs root).
Create shortcut.
Search the app via your search engine or the Internet.
Sort the apps bysize, name, by package name, by date installed, and by date updated
Filter apps by:
System/user apps,
Enabled/disabled apps
Installation path : SD card / internal storage
Ability to uninstall system apps (Root only, and might not work on some cases)
Ability to replace the default uninstaller .
Detailed yet short view of the installed apps, including app name, package name, date insalled and version information.
Safe and automatic deletion of certain folders after uninstallation, that some Android OS versions don't handle for some reason.
Theme chooser, in case you don't like the cards UI.
Hopefully more to come, will be written about on the play store
App translation
https://crowdin.com/project/com-lb-app_manager
Beta testing
Links for the beta testing group:
- https://play.google.com/apps/testing/com.lb.app_manager
Articles
https://web.archive.org/web/2014050...roid/supercharge-your-android-app-management/
http://reviewttb.blogspot.in/2014/04/app-manager-review.html
http://iandroid.co.il/dr-iandroid/archives/16296
http://www.appbrain.com/app/app-manager/com.lb.app_manager
https://www.androidrank.org/application/app_manager/com.lb.app_manager
FAQ
The OS says the app runs in the background, or the app has a notification of its own. Why? Doesn't it consume battery?
The app is triggered by app operation events : uninstall, install, clear-data...
Upon each of those, it saves the state for various purposes, in the background. For example the removed-apps list, and the widget. Those have to be handled right away, so it must be done even if you don't see the app.
In the rest of the time, it does absolutely nothing.
This is why the app is so efficient in battery usage, that you won't see it in the list of battery-consuming apps. Meaning it doesn't even reach the 1% battery usage. I am sure it doesn't even reach 0.001% .
You can hide the notification, but sadly on some Android versions (8.0, but not 8.1 and above) you might see a different notification, that the app might use the battery. You can safely ignore it. I guarantee there is no noticeable difference in battery consumption.
In fact, due to the optimizations I've added for Android 8.0 and above, and because the app's process doesn't get killed so often, it might even be better in battery usage. The reason is that the app always had to listen to app-events, and before Android 8.0, the app got triggered by them, meaning its process started each time if it was killed before. Less CPU, more battery.
I have a Xiaomi device and the app fails to install any kind of app. How come ?
Seems it's an issue that will exist for quite some time, and that it is turned by default on Xiaomi devices and causes various issues (read here for example). This "feature" is called "MIUI optimization" , and for now you can only disable it on the "Developer options".
So, for now, you can overcome this by enabling developer options and there to disable "Turn on MIUI optimization".
Note that once you do this, the OS will reset a lot of apps, mainly in terms of permissions. This includes my app too.
Just a side note: Xiaomi is known as one that breaks a lot of apps, as it creates its own made up rules and permissions, very much against how Android works. This is also why there is a website that speaks about it, here, so for better handling of the app, also white list it from the various permissions Xiaomi has created, too.
Sadly I have no way to handle those things, as long as Xiaomi chooses to make their own non-standard rules.
I don't have a rooted device, but I still want to disable/uninstall a system app. Is it possible?
It's possible... to try, using a PC connected to your device.
I've made a tutorial for this here (old one here ).
If the OS would allow, you could uninstall or at least disable system apps this way.
I think I got some nasty app, which shows ads randomly or takes control of the smartphone in some way (or any other bad behavior that I don't like). Can this app help me find it and neutralize it?
Even though it wasn't originally intended for such a task, I've noticed it helped many people with it. There are multiple reviews telling that it helped them removing such "virus" apps. I've even done it myself on both my device and for my family-relatives.
So the answer is that it might help you. Here's what you can do to try to handle it:
https://forum.xda-developers.com/showpost.php?p=77987186&postcount=543
What are split-APK files? What are "APKS" that are being generated sometimes when sharing apps?
Split apk files (AKA "app bundle" apps) are not meant to be installed just like normal APK files. They are used as you use the app, getting installed by the Play Store, to use only the minimal things you will use on your device, with your Android version, with your CPU architecture, with your locales, with your screen density, and so on...
Not only that, but if you install such files on other configurations, they might not work properly or fail to install.
As far as I know, backup&restore of such apps is not even working on popular backup apps such as Titanium backup.
Currently the app allows to share such apps as APKS files, which is just a zipped file with all of the APK files of the app. This is similar to what's done on various other apps and services (SAI, ApkPure, APK-mirror,...) with various file extensions (APKS, XAPK, APKM,...).
To install them using my app (which supports all files that I've mentioned: APKS, XAPK, APKM ), you can currently do this only from other apps that trigger it. The most common way to do it is directly from file-manager apps, but this should also be possible via chatting apps and others.
If you wish to do it on your via the PC, you can do it too:
use adb command as such:
Code:
adb install-multiple apk1 apk2 ...
Why isn't there a permissions management feature?
For permissions management, I actually planned some management tool, but sadly Google has changed how permissions groups work, and so permissions sometimes go to a different group. For example, before Android P, the permission "WRITE_CALL_LOG" belonged to "Phone" permission group, but from Android P, it moved to "Call log" permission group, which never existed before.
Currently, Google removed all APIs to get which permission group has which permission. Even in the documentation there is no mention anymore which permission group holds which permissions. Not only that, but OEMs sometimes make up their own permission which aren't official in any way (see "auto start" that Xiaomi made, and the reason that "don't-kill-my-app" website exists, for example). I still hope that one day I will be able to get a reliable way to get the correct information, no matter which version of Android the app runs on.
Why isn't there an option to install an old version of an APK when I have a newer one installed?
Apps aren't designed to handle this situation. They are only designed to handle upgrades. So, Google made it impossible to do it starting from Android 7 (read here). If you want to try it anyway, you can do it using PC&adb tool, as written here.
Why isn't there a boot-up management feature? Memory freeing/boosting? CPU usage? RAM usage? Automatic-task-killing? Modify apps ?
Various features of those types are not documented and not recommended to be used. Those can ruin how the apps work, just like OEMs do it sometimes even by default. This can also cause false crashes, or crashes that can't be reported. For users, some of those functions have the false promise by various apps that say it will make reduce battery consumption (search google for "Android task killer myth").
It is not a good thing to alter how apps work and behave, and Google has rules about modifying APKs, so I do not want to take the risk in doing so.
As for viewing information alone, this is something that isn't useful for users, but more for developers who already have them via the various development tools and even apps that specialize about it.
This app was made for users and power users mostly, and I want to make it work properly as much as possible, without worrying that for some devices or at some day things will be broken. I prefer to have as little workarounds as possible.
That's why I decided to stick with things that are more standard, more commonly used, and more available to be used.
I have an SD-card. Why can't I set an installed app to be on it, properly?
Installing an app to the SD-card has various restrictions that determine whether it's possible or not, and how much it will affect how well the app behaves.
To do it here, you have to have a rooted device (or use a PC with adb command as written above), the OS should allow to do it, and the target app should allow to do it.
That being said, you might try your luck via the developer-settings of the OS (check how to enable it on Google for your device), via "force allow apps on external" preference.
Why not share version-name and app-name alone instead of version-code and package-name with others?
Simply put, version-name and app-name are not unique enough, depend on the current locale, can be of any length (so it can be too long) and not restricted by which characters are used (so can be problematic on some OSs).
That's while version-code is always an increasing number, and package-name is always safe to use and is considered as the ID of the app on the Play Store and probably on any app-store.
That being said, I might allow to customize what to share some day, and let users be responsible of possible issues if they might occur.
In the past versions, the app didn't need to run in the background, and didn't need to have usage-stats permission at all. What happened?
In one word: Google . Google has changed the rules:
- For running in the background , the reason is that a lot of types of global events (called "Intents") need to be handled only with an app that has a sticky notification (called "foreground service"). Before Android 8.0, it was possible without this requirement. The app would have been awakened for each such event, handle it and go to sleep, while the OS can kill it if needed. Now it's not possible (read here). Adding to this, is that Google forces all new apps and updated to existing ones to do it for Android 8.0 and above, by the end of the year (read here). This means you should expect more apps to show their notifications, or they will present a weaker functionality.
The good news is that this actually helps with battery usage on Android 8.0 and above. Instead of re-creating the process of App-Manager for each event, the process is already alive, so less CPU will be used. And, since it's already alive, handling it will take less time. So, less CPU and less time, meaning more battery for you. You can also hide the notification if it bothers you.
- For usage-stats permission, before Android 8.0 I could get the exact app-size without any permission. And, before Android 5.0, I could get the recently launched apps with a permission that doesn't require requesting in runtime. Because of the recent changes, this is not possible anymore without usage-stats permission. And, since getting app-size and sorting apps by recently launched - are quite basic features, I decided to request it all in the beginning together with the storage permission that was always a requirement.
Getting the app-size was tricky before Android 8.0, and so I added a fallback in case it's not working for some users, or working too slow for them. It wasn't perfect, but it was all I could do.
The good news about this, is that it's much more efficient than what I did before. Getting app size is super fast, and it will always work because there is now an official way to do it. In fact it's so quick that I've removed the fallback for Android 8.0 and above.
Privacy policy ?
Written on this post.
Thank you!
Very simple and useful app!
newHere:) said:
Thank you!
Very simple and useful app!
Click to expand...
Click to collapse
You're welcomed, and I do hope that it will succeed as I wish to improve it even more and make other useful and cool apps.
cool app,very helpfull for me,because im test so many apps from here and now its much easier to deinstalling,i like it!!!
-CALIBAN666- said:
cool app,very helpfull for me,because im test so many apps from here and now its much easier to deinstalling,i like it!!!
Click to expand...
Click to collapse
Yes, that's actually why I made the app myself, since I am both a developer and a user that tries out many apps.
will try it!! sounds nice
I would like to get some feedback from you people:
1. What is the best feature that you liked on the app?
2. What is the best feature that you'd like to have?
3. In case you have a good English accent, have the ability to record your device, would you like to put your video review?
If so, I will put your video (if it's good enough) on the play store, along with credits (or you put them at the end of the video if you wish).
No ads in the video, please .
AndroidDeveloperLB said:
I would like to get some feedback from you people:
1. What is the best feature that you liked on the app?
2. What is the best feature that you'd like to have?
3. In case you have a good English accent, have the ability to record your device, would you like to put your video review?
If so, I will put your video (if it's good enough) on the play store, along with credits (or you put them at the end of the video if you wish).
No ads in the video, please .
Click to expand...
Click to collapse
Well overall, the app is quite streamline and easy to navigate.
And the making of APK to share file is the best feature that I liked.
It would be nice if the app could have the feature to natively share apks of different apps, from within, using wifi direct, if another device has this installed. Would make it even better.
About the review, I have had some experience with them, so i'll give it a shot tomorrow morning, it's 10 pm here at the moment so I can't prepare and edit now.
I like this, for me the most useful part is the sorting by install and updated. Enough that I did the donation thing to get rid of the ads.
Some suggestions:
Tabs or Drawers / Categories with Tags
- The way this would work is that you can tag apps with categories (each app being able to be tagged with as many categories as the user likes). For instance, I may make a category for frequently used and camera. I would tag my several camera apps with the camera tag, and the one I use most I would also tag with the frequently used tag.
- Then, when searching I could search for the tags as well, such as searching frequently used and all those with that tag would come up.
- Going a step further is the creation of preset tag search tabs. So at the top, or side or wherever it fits best, there may be a place for the Camera Tab Search that I would select it and see all my camera apps.
I think the above feature would make organizing and accessing the apps even more awesome.
The next suggestion is moving towards replacing the stock app manager.
- I use XPosed with Gravity Box. I set up the long press of the home button to launch your App Manager.
- I also use the GEL Settings that changes the Home Button into the Apps Button when you are already on your home screen. It would be awesome if you did the same, but instead made it link to your app.
KNIGHT97 said:
Well overall, the app is quite streamline and easy to navigate.
And the making of APK to share file is the best feature that I liked.
It would be nice if the app could have the feature to natively share apks of different apps, from within, using wifi direct, if another device has this installed. Would make it even better.
About the review, I have had some experience with them, so i'll give it a shot tomorrow morning, it's 10 pm here at the moment so I can't prepare and edit now.
Click to expand...
Click to collapse
Thank you for sharing your opinion.
About sharing via Wifi-Direct, isn't it already possible in case both devices have an app for sharing stuff over Wifi-Direct?
For example, using "SuperBeam" ? I never tested the app or the feature, but I think it's already possible, no?
Some Roms (and I think it includes some stock Roms) even have this built in, as I remember.
Not sure though, if any of those solutions share APK files, or just media files.
Since I don't have multiple devices, I can't check it out, and I'm not sure if I will be able to develop it in a way without any bugs...
AndroidDeveloperLB said:
Thank you for sharing your opinion.
About sharing via Wifi-Direct, isn't it already possible in case both devices have an app for sharing stuff over Wifi-Direct?
For example, using "SuperBeam" ? I never tested the app or the feature, but I think it's already possible, no?
Some Roms (and I think it includes some stock Roms) even have this built in, as I remember.
Not sure though, if any of those solutions share APK files, or just media files.
Since I don't have multiple devices, I can't check it out, and I'm not sure if I will be able to develop it in a way without any bugs...
Click to expand...
Click to collapse
Yeah, many apps have this feature, but I just asked for it because this app already has many different methods of sharing an app, and this could make it even faster and better, due to more streamlined representation of your apps. But if it's hard for you, don't worry, no one's forcing you; you are the Dev, you decide how you app is.
But the functionality is quite great.
maddbomber83 said:
I like this, for me the most useful part is the sorting by install and updated. Enough that I did the donation thing to get rid of the ads.
Some suggestions:
Tabs or Drawers / Categories with Tags
- The way this would work is that you can tag apps with categories (each app being able to be tagged with as many categories as the user likes). For instance, I may make a category for frequently used and camera. I would tag my several camera apps with the camera tag, and the one I use most I would also tag with the frequently used tag.
- Then, when searching I could search for the tags as well, such as searching frequently used and all those with that tag would come up.
- Going a step further is the creation of preset tag search tabs. So at the top, or side or wherever it fits best, there may be a place for the Camera Tab Search that I would select it and see all my camera apps.
I think the above feature would make organizing and accessing the apps even more awesome.
The next suggestion is moving towards replacing the stock app manager.
- I use XPosed with Gravity Box. I set up the long press of the home button to launch your App Manager.
- I also use the GEL Settings that changes the Home Button into the Apps Button when you are already on your home screen. It would be awesome if you did the same, but instead made it link to your app.
Click to expand...
Click to collapse
Thanks for sharing your opinion.
About the tagging suggestion:
Do you mean auto-tagging, or letting the user tag them? or maybe scan the play-store and tagging the apps using the category they were in...?
Currently, it's a rather time consuming thing to add this feature of tagging, especially if I will add a server side storage that will hold the tags of all the users.
It's a very good suggestion, though, and I will keep it in mind for future releases.
For now, if you wish to organize apps, there are plenty of launchers out there that do the job by putting the apps shortcuts into folders . Some, like "everything.me" launcher, will do it for you.
About having tabs of tags, I think it's against the guidelines of Google to have too many tabs (think how annoying it will be when you create many tags). Maybe a navigation drawer is better.
BTW, I also use Nova launcher, and I've tried a lot of launchers.
About replacing the stock app manager, that was my goal, but I still need to handle operations that I didn't find how to deal with, such as clearing the default of apps, getting the size of them correctly, toggling notifications on/off,...
I'm familiar with using XPosed, but didn't use Gravity Box module. I'm not sure what this module does (I've read its description now) ...
I didn't understand what you did with GEL settings. Did you make it so that the home button of the navigation buttons changed to anything you wish on certain cases?
KNIGHT97 said:
Yeah, many apps have this feature, but I just asked for it because this app already has many different methods of sharing an app, and this could make it even faster and better, due to more streamlined representation of your apps. But if it's hard for you, don't worry, no one's forcing you; you are the Dev, you decide how you app is.
But the functionality is quite great.
Click to expand...
Click to collapse
My app only uses the apps that are already installed on your device. That's how Android works (using "send" intents in this case).
For example, if you had "WhatsApp" installed, it will be shown on the dialog I've made, and if "WhatsApp" supports sending APK files, it will also work (sadly I think it doesn't, but I'm pretty sure "Telegram" does).
BTW, the dialog I've made isn't the native one just because I wanted to add some features to it and I also didn't like how slow the default one is.
Can you please check if Wifi-direct is possible for this task, before I consider adding this feature? I will also try it out at the office if I get the chance.
AndroidDeveloperLB said:
My app only uses the apps that are already installed on your device. That's how Android works (using "send" intents in this case).
For example, if you had "WhatsApp" installed, it will be shown on the dialog I've made, and if "WhatsApp" supports sending APK files, it will also work (sadly I think it doesn't, but I'm pretty sure "Telegram" does).
BTW, the dialog I've made isn't the native one just because I wanted to add some features to it and I also didn't like how slow the default one is.
Can you please check if Wifi-direct is possible for this task, before I consider adding this feature? I will also try it out at the office if I get the chance.
Click to expand...
Click to collapse
Yeah, telegram is the only one which would let you send apk files.
But I am not a dev, so I won't be able to check or add things. I am just a tester for the apps and roms and sometimes co-operate with reviews.
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
So I found a small bug, in the sharing menu of the app, aside the regular apps, it also displays apps from music streaming services, but only the ones which allow uploading of content, like grooveshark.
KNIGHT97 said:
Yeah, telegram is the only one which would let you send apk files.
But I am not a dev, so I won't be able to check or add things. I am just a tester for the apps and roms and sometimes co-operate with reviews.
Click to expand...
Click to collapse
About checking it, I didn't mean that you'd develop anything, not even search the internet about it.
I meant installing an app that lets you send files over WIFI-Direct (like the app I've mentioned), open it (not sure, but I think it's needed so that it would be enabled), and then use my app to send the APK via this app.
AndroidDeveloperLB said:
About checking it, I didn't mean that you'd develop anything, not even search the internet about it.
I meant installing an app that lets you send files over WIFI-Direct (like the app I've mentioned), open it (not sure, but I think it's needed so that it would be enabled), and then use my app to send the APK via this app.
Click to expand...
Click to collapse
My bad, got you wrong there.
So I tested with Superbeam(tried other apps too, but just won't show them in share menu) and it works fine. The transfer is carried out normally like choosing a file to be transferred from any other app.
--------------------------------------------------------------------------------------------------------------------------------------------------------
Going to sleep for now. Will test, review and report further tomorrow morning.
KNIGHT97 said:
My bad, got you wrong there.
So I tested with Superbeam(tried other apps too, but just won't show them in share menu) and it works fine. The transfer is carried out normally like choosing a file to be transferred from any other app.
--------------------------------------------------------------------------------------------------------------------------------------------------------
Going to sleep for now. Will test, review and report further tomorrow morning.
Click to expand...
Click to collapse
Not sure I understood :
Did it show up there ?
Did you succeed transferring the APK file using WIFI-Direct?
If so, that's great news. I wonder though how come WIFI-Direct sharing isn't a built in feature on Android.
I think it should be easy as using the Bluetooth.
Also I don't get why Android-Beam uses Bluetooth instead of WIFI-Direct (as done on Samsung's devices). In fact, maybe Google could make the files transfer faster by harnessing both Bluetooth and WIFI-Direct together.
Thanks very handy.... Donated.... And again cause I'm
.. And again
Christiancs1969 said:
Thanks very handy.... Donated.... And again cause I'm
Click to expand...
Click to collapse
Wow. Thanks. :good:
You are the first one who is...
Well one more for luck then.....
Seriously... Its very handy thanks
I think Android has a Big Problem - There is little Real FOSS on Android. It's partly Google's fault. It's partly the Linux communities fault. It's partly the Developers fault. Yeah guys i'm talking about You. Or perhaps I'm just really bad at searching but no, I won't accept that. I've seen whats on the Google Play Store.
Sure there is F-Droid which is Awesome but it's not enough. I get that people want to make money. If you have a good app you want to charge for that's fine but Don't expect me to use a Keyboard App for example that wants to access my SD Card and have permission to delete files or view my contact list. Whats wrong with you developers? Don't you even care that most of your apps use unscrupulous practices?
I go about looking for a simple app to increase the size of the icons so my tired eyes can actually read the text below the icon. (Marshmallow 6.0.1) F-Droid doesn't seem to have one. Google Play has lots of ways to do this but they all have ads. O.k. I think, perhaps I can live with an ad or two but then I look at the Permissions and balk! Why does an icon app need to view my network connections or have full network access or change my system settings when all I need it to do is make a bigger icon - It doesn't. ( I won't even go into the Flashlight spying on you issue, Goggle it)
I consider these apps spyware that should NOT be offered on Google Play. That's 99 % of all apps on Google Play. No telling what these apps may be doing in the background and here is the problem. Why this practice seems to be accepted in our society is way beyond me. Or I can admit the truth that we live in a corrupt society where people no longer care.
My 89 year old Mom has had the same IPhone for the past 7 years. It has a tiny screen, poor resolution. She uses it for a phone - that's all. She wont use the internet or any apps on it at all - yet she calls me to look stuff up for her all the time. I'd like to switch her to a much cheaper and more modern Android phone that she can actually use but I Can't and Won't because she don't need the nightmares of ads every 5 minutes and apps that want to access things they have no business accessing.
Android doesn't need virus's, the apps have become the virus. It's sad this has become the norm. Perhaps things will change but I doubt it. Why doesn't Google Play offer a Foss category? Where are all the real Foss apps, does anyone know cus I'm just not seeing them and I think that's sad. It screams volumes that reflect badly on this community. Thank you for reading my rant.
https://medium.com/insurge-intelligence/how-the-cia-made-google-e836451a959e
Google = CIA
F-droid = can replace most embedded spyware apps. Rooting your device and going nuts with a good root uninstaller are the first steps. Get rid of all Google crap. Installing AdAway is next. Replacement of nearly all bundled spyware is possible.
You will never achieve perfection while using the most popular spyware OS on the planet. But you will not get perfection on Windows or iOS or blackberry or Symbian either. Though it's much worse now.
I am a brand new owner of a OP 8. First thing I did was flash it to OOS 11, then installed Magisk. The phone is now up and running and rooted.
I am coming from a galaxy S5 that I have owned and used for more than 7 years, and for most of that time it has been running Lineage OS. I am used to the control that Lineage gives me, and I would expect that I could exercise the same degree of control with a rooted OOS.
But, this appears to not be true.
On the S5, I had 3C System Tuner Pro which is now an obsolete app, so I have replaced it with the current variant; 3C All-In-One toolbox. This package should allow me to control which apps start at boot, but it seems I cannot turn any of the apps off; when I uncheck them, the app fails to actually remove them from the startup list.
Also, I expect the 3C tool to allow me to uninstall pretty much any app, but there are a lot of google apps that I just can't remove.
I also use greenify (the paid version) and mostly it seems to be working OK, except that I cannot seem to access system apps from it, which makes it very hard for me to shut down things that I don't want running.
I also use afwall (the paid version) and it seems to work as expected. Which is good.
My focus is security and privacy, and my mantra is: "on android, the app that is not running is the app that is not spying". Thus, I want everything that is not needed to satisfy my purposes to not be running, and I only want apps running when *I* say that they can run.
Now, my S5 was running Lineage 17.1 which is android 9. I did not update it past that. And now I am running android 11, and I note that there is a lot of new hardware-based validation in android 11. So possibly I can't remove some things without disabling this validation (which I would prefer not to do). But even if I can't remove, I can disable (which, fortunately, I AM able to do). But I should be able to remove things from the startup list so they don't get started automatically at boot time. Right now, the way it works is they all start, then greenify shuts them down (and that isn't always completely reliable). I need more to make this phone genuinely secure and private.
So.
Does anyone here know how I could gain the capability to remove apps (including system apps) from the startup list and have it stick? Does anyone know what I need to do to get greenify to recognize system apps so I can shut them down when they are not needed, or failing that, can anyone steer me to a different app than greenify that will do that?
Perhaps I would gain by adding the xposed framework? I have not used it in a very long time (since I move to lineage) and I recall it being a bit of a pain.
I suppose I could move to Lineage from OOS, but I would prefer to not do that because of the camera software. This device seems to have a fine camera and not a lot of bloatware, so I would much prefer to stay with OOS for as long as the device is supported by the manufacturer.
But I do insist on being able to completely control it, and disabling apps that I can't stop from running is a much bigger hammer than I would like to use; some of those apps I might actually want to use from time to time.
OK, after some work I have successfully taken full control of the OnePlus 8 and have been able to configure startups as I want them. I installed xposed through Magisk.
I also installed the latest greenify (3.7.8) and afwall, and have those set up too. Since I did purchase greenify, I am able to greenify system apps as well. So, generally, I have full control over the device.
But there remains a problem.
I have disabled wifi and data connections in settings for all apps that I don't want to have accessing a network. I have also blocked those apps in afwall. And yet, my pihole DNS server that services my LAN shows me some of my apps are trying to call home, even when their capability to talk on the internet is denied.
Specifically, greenify is denied network access and is firewalled off, yet there is an attempt to connect to oasisfeng.com.
Also, I use an old version of ES File Explorer (from before it was sold and turned into something very like malware) and it is allowed LAN access but denied any access beyond the LAN...and I see it trying to call its old home domain (estrongs.com).
Similarly, I use an old version of UB Reader (later versions again approach malware status), and it is completely denied network access. But, I see a connection to mobisystems.com.
This clearly indicates that there is a proxy in use somewhere in the system, that is allowing these guys past my blocks. I am using adaway to block these specific domains, but it would be far better to just block that proxy.
However, I don't know where the proxy is and what it is called. Can someone here tell me?
If not, it will be trial and error, which is painful because functionality will break when I turn something off to see if this is it.
jiml8 said:
OK, after some work I have successfully taken full control of the OnePlus 8 and have been able to configure startups as I want them. I installed xposed through Magisk.
I also installed the latest greenify (3.7.8) and afwall, and have those set up too. Since I did purchase greenify, I am able to greenify system apps as well. So, generally, I have full control over the device.
But there remains a problem.
I have disabled wifi and data connections in settings for all apps that I don't want to have accessing a network. I have also blocked those apps in afwall. And yet, my pihole DNS server that services my LAN shows me some of my apps are trying to call home, even when their capability to talk on the internet is denied.
Specifically, greenify is denied network access and is firewalled off, yet there is an attempt to connect to oasisfeng.com.
Also, I use an old version of ES File Explorer (from before it was sold and turned into something very like malware) and it is allowed LAN access but denied any access beyond the LAN...and I see it trying to call its old home domain (estrongs.com).
Similarly, I use an old version of UB Reader (later versions again approach malware status), and it is completely denied network access. But, I see a connection to mobisystems.com.
This clearly indicates that there is a proxy in use somewhere in the system, that is allowing these guys past my blocks. I am using adaway to block these specific domains, but it would be far better to just block that proxy.
However, I don't know where the proxy is and what it is called. Can someone here tell me?
If not, it will be trial and error, which is painful because functionality will break when I turn something off to see if this is it.
Click to expand...
Click to collapse
If you are concerned about security, you should stay away from Xposed.
First of all, Xposed requires disabling Selinux, otherwise, it won't work. So during the installation, your Selinux status is turned to 'permissive'. That, coupled with the fact that almost every custom rom sets 'ro.secure to Zero', exposes your System partition to third party apps. So, basically, anything can exploit your phone.
Second, Greenify, with all due respect to its great developer, is not needed anymore, since Android 10, because now we have builtin sleep mode that does the same thing as Greenify.
Third, even if Xposed didn't require disabling Selinux, it is still an exploit that creates a back door to your system.
optimumpro said:
If you are concerned about security, you should stay away from Xposed.
First of all, Xposed requires disabling Selinux, otherwise, it won't work. So during the installation, your Selinux status is turned to 'permissive'. That, coupled with the fact that almost every custom rom sets 'ro.secure to Zero', exposes your System partition to third party apps. So, basically, anything can exploit your phone.
Second, Greenify, with all due respect to its great developer, is not needed anymore, since Android 10, because now we have builtin sleep mode that does the same thing as Greenify.
Third, even if Xposed didn't require disabling Selinux, it is still an exploit that creates a back door to your system.
Click to expand...
Click to collapse
Device security is only one aspect of security, and I handle that mostly through device configuration and usage policy anyway.
Overall security involves many other factors, which include maintaining full privacy and control over all data that gets out of the device and goes...elsewhere. To maintain this level of privacy requires reconfiguring any android device to prevent the release of that information. If this requires setting Selinux to permissive, then that tradeoff is quite acceptable. I might prefer it not be the case, but so long as all android devices sold into the marketplace represent the interests of google, the manufacturer, and any third-party that pays the manufacturer ahead of my interests then I will make that tradeoff.
As for Greenify, I have not found the sleep mode that is available in Android 11 to be adequate because it does not allow me to control system apps. You can take it as a maxim that the only android app that does not spy is the android app that is not running - and this includes lots of system apps that I might not want to delete or disable but also don't want running unless I say so, and then only while I am satisfying MY purpose for them.
As for the problem I was asking about, I added the specific URIs to the adaware blocklist and that suppressed them. Prior to that, I was seeing the DNS requests on my LAN DNS. I suspect the network utility I am using to monitor the phone's traffic is reporting requests ahead of the iptables FILTER table, and the packets were being suppressed prior to leaving the device, but I am not certain of that. The only way I could tell would be to monitor the device traffic as it went through the upstream VPN gateway on my LAN, and I did not do that.
Adaware works adequately for this, and I am not seeing any other unexpected/unacceptable traffic from my phone. The one remaining thing I need to check for will involve monitoring from the VPN gateway, as I look for any DoH or DoTLS traffic. I hope I don't find any; that will be a ***** to block. I do block it on the IOT VLAN on my network, but it requires a separate device running a script I wrote. To block DoH/DoTLS on my phone, while allowing appropriate DNS will be...fun.
Edit: And, actually, I just took a quick look. The sestatus command returns that my selinux status is "enforcing". The xposed framework I installed, actually, is lsposed, which is a systemless install using magisk. It implements the xposed framework but in a systemless way; I was just lazy when I wrote about it in my previous post.
jiml8 said:
Device security is only one aspect of security, and I handle that mostly through device configuration and usage policy anyway.
Overall security involves many other factors, which include maintaining full privacy and control over all data that gets out of the device and goes...elsewhere. To maintain this level of privacy requires reconfiguring any android device to prevent the release of that information. If this requires setting Selinux to permissive, then that tradeoff is quite acceptable. I might prefer it not be the case, but so long as all android devices sold into the marketplace represent the interests of google, the manufacturer, and any third-party that pays the manufacturer ahead of my interests then I will make that tradeoff.
As for Greenify, I have not found the sleep mode that is available in Android 11 to be adequate because it does not allow me to control system apps. You can take it as a maxim that the only android app that does not spy is the android app that is not running - and this includes lots of system apps that I might not want to delete or disable but also don't want running unless I say so, and then only while I am satisfying MY purpose for them.
As for the problem I was asking about, I added the specific URIs to the adaware blocklist and that suppressed them. Prior to that, I was seeing the DNS requests on my LAN DNS. I suspect the network utility I am using to monitor the phone's traffic is reporting requests ahead of the iptables FILTER table, and the packets were being suppressed prior to leaving the device, but I am not certain of that. The only way I could tell would be to monitor the device traffic as it went through the upstream VPN gateway on my LAN, and I did not do that.
Adaware works adequately for this, and I am not seeing any other unexpected/unacceptable traffic from my phone. The one remaining thing I need to check for will involve monitoring from the VPN gateway, as I look for any DoH or DoTLS traffic. I hope I don't find any; that will be a ***** to block. I do block it on the IOT VLAN on my network, but it requires a separate device running a script I wrote. To block DoH/DoTLS on my phone, while allowing appropriate DNS will be...fun.
Edit: And, actually, I just took a quick look. The sestatus command returns that my selinux status is "enforcing". The xposed framework I installed, actually, is lsposed, which is a systemless install using magisk. It implements the xposed framework but in a systemless way; I was just lazy when I wrote about it in my previous post.
Click to expand...
Click to collapse
I have been building Android roms for multiple devices for 9 years. When I started, I also gave a significant positive weight to Xposed, etc... . But the more I learned Android code, the more I became convinced that all those 'privacy' layers are mostly useless and even harmful, because they create a false sense of security.
Vanilla Android roms, actually, contain very little advertising/spying, and it makes a perfect sense: why would Google open-source their spying/advertising machine?
The only thing that might be considered spying (in vanilla Android) is captive portal detection that checks the internet connection and a few other network tools/tests that periodically connect to the internet, but not necessarily with nefarious purposes. But even these could be disabled or changed to other servers.
Android becomes an advertising tool only when you install Google Apps/Google Services Framework, register a Google account, etc. Once you have that, and 100% of stock roms do, no amount of tweaking can prevent spying, because these Google 'structures' sit lower than any systemless layer. In other words, they can go around Magisk/Xposed tricks. Moreover, on devices with stock roms, one doesn't even need encryption and the use of apps like Signal/Telegram/Silence etc.. Google Services Framework can see your outgoing messages before they are encrypted, and incoming messages after decryption. In other words, they can see what your eyes see on the screen.
So, the only way to prevent Google interests from taking over your phone is never install Google 'things', which is the case with my rom and my phone.
optimumpro said:
I have been building Android roms for multiple devices for 9 years. When I started, I also gave a significant positive weight to Xposed, etc... . But the more I learned Android code, the more I became convinced that all those 'privacy' layers are mostly useless and even harmful, because they create a false sense of security.
Vanilla Android roms, actually, contain very little advertising/spying, and it makes a perfect sense: why would Google open-source their spying/advertising machine?
The only thing that might be considered spying (in vanilla Android) is captive portal detection that checks the internet connection and a few other network tools/tests that periodically connect to the internet, but not necessarily with nefarious purposes. But even these could be disabled or changed to other servers.
Android becomes an advertising tool only when you install Google Apps/Google Services Framework, register a Google account, etc. Once you have that, and 100% of stock roms do, no amount of tweaking can prevent spying, because these Google 'structures' sit lower than any systemless layer. In other words, they can go around Magisk/Xposed tricks. Moreover, on devices with stock roms, one doesn't even need encryption and the use of apps like Signal/Telegram/Silence etc.. Google Services Framework can see your outgoing messages before they are encrypted, and incoming messages after decryption. In other words, they can see what your eyes see on the screen.
So, the only way to prevent Google interests from taking over your phone is never install Google 'things', which is the case with my rom and my phone.
Click to expand...
Click to collapse
I don't really program Android, though I am a kernel developer in both Linux and Freebsd. I also am one of the principal architects of a network infrastructure appliance that is getting a lot of attention in the industry.
So, while I do not know android in detail at a low level, I know linux thoroughly and I am fully equipped to completely monitor and control what access that android (or any other computer) has to any network. And that has been my dilemma; I can see what my device is doing and I am determined to stop it.
I agree with you about vanilla Android, absent all the google stuff. It is just linux with a different desktop on it, and the connections it makes to google are just for network management functions; the network device I have built also contacts google (and a few others) for network maintenance only and not any information transfer.
Unfortunately, the google apps infrastructure is required for some things that I use the phone for. Google maps is required by both Uber and Lyft; without Maps, I can't use those apps - and there are times when I am traveling where I really need to be able to use those apps.
Also, unfortunately, the company I am contracted to (where I am part-owner) for which I have built this network appliance makes heavy use of google tools. I have not been able to convince my partners to move away from google, and they can outvote me.
I have to allow Meet, and Chat to run on my device; I don't have a practical alternative. So I have spent a lot of time determining exactly which google components are the minimum required to allow those apps to run, and I have disabled or blocked or restricted permissions for all other google components - and both greenify and afwall play key roles in this activity.
With my old Galaxy S5, I just would install the smallest google package that supported Maps onto my Lineage OS on that device, but on this OnePlus 8, I have elected to stick with OOS for as long as it receives updates. So, tying google's hands is a lot more work.
My monitoring tells me I have it now as good as it will be. There are a few connections to google, as expected, but the frequency of those connections is not high and very little data is being transferred in either direction. I believe most of the traffic is administrative. The only thing I have not yet checked is whether there is any DoH or DoTLS traffic. My IOT VLAN watches for and blocks such traffic (my IOT VLAN exists to isolate and completely control my Android TV), and I have connected the phone to the IOT VLAN for a short while to see if any DoH/DoTLS was detected and none was - but I really need to connect it to that VLAN for an extended period.
I do root around in the phone's databases (which reveals what Google is doing, and Google can't stop that...) and the result is that I know Google is not doing much.
So, it isn't perfect. I would be much happier if the company would move away from google. But it is as good as its going to get, and I don't believe google is sneaking anything by me; I would have detected it. I do block a LOT of google URIs.
Also, as far as google open-sourcing their spying machine...that, quite explicitly, is the purpose of Android. It is open-sourced spyware for google.
They open-sourced it partly because they had to (the gnu licensing ties their hands) and partly to gain acceptance; its open source nature is why it is now the dominant architecture. It greatly reduces development costs for device manufacturers while providing a standardized framework upon which they can build.
Those of us who put in the effort to exploit that open-source nature to stop the spying are a small fraction of the total marketplace, and google can easily tolerate us.
Android has increased google's reach and ability to collect data about individuals to an enormous extent. From the standpoint of knowing everything about everybody (which is google's explicit goal) it is an enormous win for them.
I've never rooted an Android. One of the warnings I see over and over is that rooted devices are more vulnerable to malware. I don't see any solutions for this though.
What extra measures will I need to take to keep my Android safe?
I use Norton 360 on my PC and Androids. Will this be of any help?
Are there any apps I can install to help with this issue?
Are there any system settings I should use for this particular problem?
Thank you
With stock or rooted the biggest threat is the user themselves. Most either install or download the malware themselves. A fully updated stock Android isn't invulnerable; there's no saving dumb bunnies...
Side loaded apps are high risk; at the least scan with online Virustotal and consider the results before installing. Keep email in the cloud and be careful if you choose to download anything.
All downloads stay in the download folder until vetted. Jpeg's and png's are suspect; open them there first before moving them and watch for strange behavior in that folder. Check the download folder daily for anything you didn't download, if found do not open, delete.
Keep thrash social media apps off the phone, all of them. They are targets and vectors for malware of all types.
Use a good firewall and police what apps are doing. Revoke internet access to all apps that don't need it. Know what apps have run at start permissions; do they need it? Updates and upgrades can cause more lost time then malware trying to find work arounds. Lock auto updates down, and download them only if needed. Updates and firmware upgrades can and do break things...
Most importantly cover your six and be prepared.
Critical data can not be lost, protect it!
Redundantly backup all critical data to at least 2 hdds that are physically and electronically isolated from each other and the PC. Be ready to do a full reload if needed.
If malware is found or suspected, isolate the phone and if it can't be completely deleted in an hour or two, nuke that load. Be ready to change passwords and secure accounts.
Never trust antivirus apps to detect malware or save you, mostly they just waste resources on an Android.
Thank you!
I'm already doing a lot of those things, especially social media apps.
One of the reasons I want to root my phone is that I can't uninstall, force stop, disable or take away permissions for some apps, like Facebook, Facebook App installer, FB app manager Google, ad nauseum. The same goes for the millions of preinstalled Samsung bloatware apps. They dont stay disabled and routinely restore permissions. Im sick of having to routinely check them all. I'll never buy another Saamsung again.
You're welcome. Welcome to XDA
I run 2 stock N10+'s, one on Pie, the other on 10.
I use package disabler to kill bloatware and services I don't want to run at bootup. You can also use a adb editing app to disable apks. Don't go too nuts; be wary of disabling any Samsung system apps. Most of these apps just sit unless needed. Dependencies... actions have consequences; understand what the app does and what other apps, services or UI functions are dependent on it!
Google play Services can be disabled when not needed; disable find my device as System Administrator first.
On Pie Karma Firewall is fully functional but not on Android 10 and up, although it will still block access. It uses virtually no battery.
Once you sort it out (learning curve ahead) stock Samsung's especially older ones like the N10+ are easy to run. They are the most customizable stock Android on the planet with an excellent UI. The current load on this one will be 2 yo this June; still fast, stable and fulfilling its mission. Security is simply not an issue.
blackhawk said:
You're welcome. Welcome to XDA
I run 2 stock N10+'s, one on Pie, the other on 10.
I use package disabler to kill bloatware and services I don't want to run at bootup. You can also use a adb editing app to disable apks. Don't go too nuts; be wary of disabling any Samsung system apps. Most of these apps just sit unless needed. Dependencies... actions have consequences; understand what the app does and what other apps, services or UI functions are dependent on it!
Google play Services can be disabled when not needed; disable find my device as System Administrator first.
On Pie Karma Firewall is fully functional but not on Android 10 and up, although it will still block access. It uses virtually no battery.
Once you sort it out (learning curve ahead) stock Samsung's especially older ones like the N10+ are easy to run. They are the most customizable stock Android on the planet with an excellent UI. The current load on this one will be 2 yo this June; still fast, stable and fulfilling its mission. Security is simply not an issue.
Click to expand...
Click to collapse
The more annoying Samsung apps I was referring to are the Bixby apps, AR doodle, Smarter things... those kind of apps. If they didn't re-enable themselves restore permissions, I wouldn't mind them so much. But they DO.
I won't be using that phone much longer anyway. I'm going back to Motorola.
I always buy factory or globally unlocked phones. That helps some. But Motorola recently started forcing FB. I can uninstall it, however I have to review updates to make sure it doesn't end up on my phone again. But then I review all updates before installing them anyway..
I always look up the system apps before making any changes. Like Google Easter Egg. Everything I could find says it's unnecessary.
All those mentioned apps can be safely disabled.
Bixby Vision is used for barcode scanning though.
Try the free Galaxy store icon packs, themes and the Good Lock family of apps including One Handed Operation plus.
Chose theme>icon pack>whatever wallpaper you want. The native high contrast theme looks good.
Play with it...
blackhawk said:
All those mentioned apps can be safely disabled.
Bixby Vision is used for barcode scanning though.
Try the free Galaxy store icon packs, themes and the Good Lock family of apps including One Handed Operation plus.
Chose theme>icon pack>whatever wallpaper you want. The native high contrast theme looks good.
Play with it...
Click to expand...
Click to collapse
I actually already ordered a new Moto. It will be here tomorrow. Well, it's after 1am, so I guess it'll be here later today.
I've disabled multiple Samsung apps, restricted data and battery, taken away permissions, not just in app settings, but in permissions setting, special access permissions... And all the other weird ways I keep finding out about that you wouldn't think would be a place to remove permissions. When my phone starts to slow down, or the battery isn't lasting very long, sure enough, Samsung has gone behind my back and reset my preferences again. I never had issues like this any of the Motorola phones I've had.
Situation:
I have somewhat of a "love-REALLY HATE" relationship with Google apps and ecosystem.
On one hand, they are great at what they do.
On the other, it's like having a spy satellite overhead, given how much telemetry it does.
Question:
I'd like to cut all of the Google apps' internet, location, sensor and background activity access for good when not in use. Or at least spoof whatever personal data is being sent (Device info, location, activities, etc). Any way to do that?
What I've done so far:
My current way-to-go method involves installing RethinkDNS+firewall, then blocking every single one of google apps including Gboard. It sort-of works, but very inconvenient, as I have to manually enable internet access for a particular app and/or service when needed. I also tried edXposed's XluaPrivacy module to cut off access to certain permissions. Again, cumbersome.
After going through F-Droid, I found an app called "Insular", that claims being able to put all of the "big brother" apps (such as Gapps) behind an isolated sandbox, a digital gulag of sorts.
Thanks for the pointer to Insular whose advertising on F-Droid says:
Insular is a FLOSS fork of Island.
With Insular, you can:
Isolate your Big Brother apps
Clone and run multiple accounts simutaniuosly
Freeze or archive apps and prevent any background behaviors
Unfreeze apps on-demand with home screen shortcuts
Re-freeze marked apps with one tap
Hide apps
Selectively enable (or disable) VPN for different group of apps
Prohibit USB access to mitigate attacks with physical access
Click to expand...
Click to collapse
Based on that, I suspect this XDA thread about "Island" may be useful.
[APP][5.0+][BETA] Island - app freezing, privacy protection, parallel accounts
"Island" is a sandbox environment to clone selected apps and isolate them from accessing your personal data outside the sandbox (including call logs, contacts, photos and etc) even if related permissions are granted. Device-bound data is still accessible (SMS, IMEI and etc).
Isolated app can be frozen on demand, with launcher icon vanish and its background behaviors completely blocked.
Click to expand...
Click to collapse
Totesnochill said:
Question:
I'd like to cut all of the Google apps' internet, location, sensor and background activity access for good when not in use. Or at least spoof whatever personal data is being sent (Device info, location, activities, etc). Any way to do that?
Click to expand...
Click to collapse
Like you, my relationship with Google is strained where I don't set up any Google Account on Android and it works just fine.
I don't have a contacts.db sqlite database for that reason too, so my favorite communication apps are all designed to store their own contacts db internally to the app itself.
I replace Google apps with FOSS equivalents such as NewPipe (or, more recently, Vanced YouTube) for example.
And I spoof my GPS location by default (using Lexa Fake GPS, for example).
Of course, given I don't have a Google Account on my phone, I use the Aurora Store instead of the Google Play Store. Of course, I strive for apps that don't require Google Framework Services (GSF) which Aurora neatly filters out for us.
Since I'm not rooted, I can't delete Google Play Store, but I can disable it, which is almost as good.
And, I use privacy-aware apps for my messenger, calendar, contacts, and dialer apps (many of which come from Simple Mobile Tools' suite which are available on F-Droid).
To keep my WiFi SSID/BSSID/GPS/Strength/etc. out of the hands of Google (& Mozilla and Kismet and Wigle, etc.), I add "_nomap" to the SSID and I turn off the SOHO router SSID broadcast (which "hinders" most cellphones from uploading my BSSID information to Google public servers); but then I have to also turn off "AutoReconnect" on Android 12 and also I have the Developer Options set in Android 12 to randomize the MAC address on EACH connection; however that means I need to set any "static" connections on my LAN from the phone and not with address reservation on the router (which typically utilizes the MAC address).
And it's not just Google we need to keep our data out of their hands, as I even use WhatsApp privacy aware tools such as the WhatsApp dialer and WhatsApp Click to Chat mechanisms (to keep my contacts out of Facebook's hands too).
For offline maps, I use a quick web browser lookup on a privacy browser (such as Tor or Epic or Opera), since the Google address lookup is still the best in the world... (which is the love/hate relationship, right?)... and then I paste the GPS coordinates that the privacy browser found on the maps.google.com web site into a local routing application (such as a shortcut to a browser to google maps on the phone or better yet, to a dedicated offline map program such as OSM And~), and even traffic can be gotten without Google (e.g., Sigalert & 511 apps).
I used to reset the Advertising ID with a homescreen shortcut that could be activated from Windows via a batch file over Wi-Fi, but now with Android 12 we can wipe out the Advertising ID altogether (i.e., reset it to all zeroes). However, I still periodically change my GSF ID and other supposedly unique identifiers.
I'm still trying to figure out the implication of "trackers", so if anyone has more information about them, please advise.
Off hand there must be scores more things I do for privacy, where we probably should have a main thread on this site of all the myriad things people can do to increase their privacy on Android (some of which I've screenshotted for you below).
GalaxyA325G said:
Like you, my relationship with Google is strained where I don't set up any Google Account on Android and it works just fine.
Click to expand...
Click to collapse
Thanks heaps for the very in-depth response. Really opens up on a lot of things I wasnt aware of, and I realized that unlike desktop, when it comes to mobile privacy I'm still a bit behind.
Are there any guides where I can do some reading on the concepts and techniques you've described? Especially regarding contacts.db sqlite database, GPS spoofing and privacy-aware options for accessing WhatsApp.
Also, what are your thoughts on MIcroG?
Totesnochill said:
Thanks heaps for the very in-depth response.
Click to expand...
Click to collapse
I try to put effort into the response so that others can benefit (but nobody ever presses the like button so maybe it's not worth the effort).
For example, when I mentioned I spoof my GPS, I looked up the app I used and linked to it so that you wouldn't have to test a score of apps like I did to find the best one.
Totesnochill said:
Really opens up on a lot of things I wasn't aware of, and I realized that unlike desktop, when it comes to mobile privacy I'm still a bit behind.
Click to expand...
Click to collapse
That was just off the top of my head where there has to be at least a hundred different privacy things I do on Android to distance me from Google that most people don't bother to do.
I admit, sometimes it feels like we're putting a dozen locks on the front door, but in the end, we LEARN a lot about Android in the process.
A lot of the protection is to protect ourselves from others who don't know how to configure their phone, so they are uploading our private information (like our contacts and home locations) to Google databases.
For example, the typical Android phone when it drives by your front door uploads to google your exact location, your signal strength, your unique BSSID and your SSID... where you'll note in my response above I had to do a half dozen things on my phone and router to prevent that from happening (i.e., just adding "_nomap" doesn't work but most people don't realize that because they don't think about it).
Totesnochill said:
Are there any guides where I can do some reading on the concepts and techniques you've described?
Click to expand...
Click to collapse
I'm sure there are plenty.
But I have been in MANY situations where there are none.
Take, for example, changing the GSFID... almost nowhere on the net is that described how to do it. Almost nobody does it, but it can be done if you know how.
I really should write a set of privacy tutorials so that everyone can do it but I have to find the time, and this web site doesn't like text tutorials I found out recently. So they make it a PITA in the end to help people. Sigh.
Totesnochill said:
Especially regarding contacts.db sqlite database, GPS spoofing and privacy-aware options for accessing WhatsApp.
Click to expand...
Click to collapse
If you look at the links I gave you in my response for contacts, gps spoofing and privacy-aware WhatsApp, you'll get a good start.
A quickie is to not have a contacts.sqlite database, which means you need your own contacts.csv or more likely contacts.vcf file, which you can maintain on the PC if you like (works with Excel for example).
Now that you don't have a contacts.db sqlite database, you need to find the contacts and dialer and mms/sms apps that can suck in their own contacts.vcf file, which I pointed you to in the Simple Mobile Tools suite.
For GPS spoofing, I didn't mention you need to turn "Mock Location" on in the Android Developer Options, but that's what most people already do so I assumed you knew that. Once you turn that on, you can just select the mock location app of your choice (where I suggested one above which isn't perfect but none of them are).
That particular app moves your location every few feet and it gets the altitude and it can easily be stopped and started, etc., but I'd like it if it didn't move just "west by 10 feet every minute" but instead if it would follow a pre-determined route that I could give it. So they need a lot more work to be as good as we'd like them to be.
For What'sApp privacy, look at the two apps I linked to in the prior post as they don't need the contacts.sqlite database to work.
Your WhatsApp should only have an icon in your folders for the people you contact and nothing else, IMHO. That's the best privacy you can get, although WhatsApp does decent hashing on the contacts file when it uploads it to their servers - but still - why give them your entire contacts when you only contact 10 people (or whatever) on WhatsApp. Right?
Totesnochill said:
Also, what are your thoughts on MIcroG?
Click to expand...
Click to collapse
Funny you mentioned microG since I installed it for the first time yesterday when I was setting up Vanced Youtube based on this thread.
I generally choose apps that don't use GSF but sometimes you have to use a GSF app (e.g., Zoom meetings), and then it's nice to use MicroG instead of Google Services Framework.
I only installed it yesterday so I really don't know how well it will work for me as I didn't even need to install it to install VancedYoutube. You just need it to log into YouTube but I never do that anyway.
In summary, there's probably a hundred things we do to our phones to set up privacy but I'd have to write each one up in detail to help everyone and that's a lot of work.
Especially if almost nobody reads these threads.
GalaxyA325G said:
I try to put effort into the response so that others can benefit (but nobody ever presses the like button so maybe it's not worth the effort).
In summary, there's probably a hundred things we do to our phones to set up privacy but I'd have to write each one up in detail to help everyone and that's a lot of work.
Click to expand...
Click to collapse
Thank you for doing God's work out there. Ethics like these are what creates the content that keeps the internet from becoming a dumpster fire otherwise. Tutorials and explanations that come from the fellow users are THE best and usually directly on-point.
When I was just starting setting up Linux environment, I wrote "how-to notes" on every successful step. At first it was more like the "sticky notes" to help me remember, but eventually (as the list grew) I started writing these tips in a way as if they were to be read by someone with little background in the subject. What used to be the "Linux notes" file became 10563 lines monstrosity now... So every time I need to answer someone's question I just copypaste from this file.
GalaxyA325G said:
That was just off the top of my head where there has to be at least a hundred different privacy things I do on Android to distance me from Google that most people don't bother to do.
I admit, sometimes it feels like we're putting a dozen locks on the front door, but in the end, we LEARN a lot about Android in the process.
Click to expand...
Click to collapse
Absolutely. I've spent about 2 weeks tweaking my new phone (Nokia X6), trying out different roms/recoveries and app setups. Pissed off a bunch of people in the process - most wouldn't understand that I'm setting up a system to last another 7 years, just like my previous phone (Galaxy Gprime). Not to mention that with the amount of sensitive info on the phone, security and privacy are a legit concern, and worth learning about just how one learns to install and use the lock on the front doors.
Phones became disposable both in software and hardware, and so have the general attitude towards the devices.
My final setup became AOSP PixelPlusUI Rom (comes with about openGapps nano worth of Google stuff) with most other stock apps (contacts , dialer, keyboards, msg etc) removed via ADB and replaced with F-Droid alternatives.
I've also used Rethink DNS with whitelist set up/AppInspector to put Google in the Goolag - no internet access for anything google-related at all times. So far my phone has 253 apps blocked (including almost all of the system apps). Surprisingly, all of the necessary apps off google play store (Whatsapp, FB messenger) still function well. Whenever I need a particular Gservice (like a translator), I just enable access for that (and only that) until I dont need it anymore.
GalaxyA325G said:
If you look at the links I gave you in my response for contacts, gps spoofing and privacy-aware WhatsApp, you'll get a good start.
A quickie is to not have a contacts.sqlite database, which means you need your own contacts.csv or more likely contacts.vcf file, which you can maintain on the PC if you like (works with Excel for example).
Click to expand...
Click to collapse
Thanks! I'm not sure why the links didnt show up at first. I'll give this a look. I've been using "simple mobile tools" for quite a while, and I must say I like how they are completely autonomous and transparent about what prems they need and why.
GalaxyA325G said:
For GPS spoofing, I didn't mention you need to turn "Mock Location" on in the Android Developer Options, but that's what most people already do so I assumed you knew that.
Click to expand...
Click to collapse
I definitely saw the option in the dev settings, but didnt experiment with it. Well, now I know, thanks!
Funny you mentioned microG since I installed it for the first time yesterday when I was setting up Vanced Youtube based on this thread.
I generally choose apps that don't use GSF but sometimes you have to use a GSF app (e.g., Zoom meetings), and then it's nice to use MicroG instead of Google Services Framework.
I only installed it yesterday so I really don't know how well it will work for me as I didn't even need to install it to install VancedYoutube. You just need it to log into YouTube but I never do that anyway.
In summary, there's probably a hundred things we do to our phones to set up privacy but I'd have to write each one up in detail to help everyone and that's a lot of work.
Click to expand...
Click to collapse
I will give microG a try (in a form of LineageOS for MicroG). In fact I did install this rom before but I was a bit confused about what it did and assumed that it is a regular LinOS repack with Gplay store and apps built-in. Time to test again.
Especially if almost nobody reads these threads.
Click to expand...
Click to collapse
Threads like these is how I passed my uni exams. Not even exaggerating XD. Thanks again for a very detailed insightful read!
Hello my friends, very happy to meet good hearted people who think alike about Gugle.
as my name suggests I'm noob still and didn't understand much of discussion but very happy to meet you friends. My love & warm regards to all here. Here is what I did uptill now before I saw this thread :
1> Load GSI/ROM.
2> Load TWRP
3> Load Magisk
4> Load microG
5> Install Service Disabler
5.1> Disable bunch of internal services like telemetry, analytics, location (FusedLocation not possible to disable) for every app (3-rd party & system app), contacts sync etc.
6> Install SD-Maid Pro
6.1> Freeze apps like Gugle Calendar Sync Adapter & Gugle Contacts Sync Adapter
7> Install CIAFirewall Fake VPN & configure it.
8> I use Opera browser for Banking, Youtube, Cab booking, Surfing, Gmail, Food Order etc.
9> Install Aurora Store for general app management & installation
10> For contacts I save all contacts in notepad app, and let all calls purposely bounce then I call back aftter checking whose call it was & state false apologies.
#FYI :- Gugle, Mycrowsowft , eFbee are not really to be blamed, rhey are having to comply with FBI, Phentagon, Central Intelligence Agencies, Interpol, etc. or they have to shut bizness.
GalaxyA325G said:
Like you, my relationship with Google is strained where I don't set up any Google Account on Android and it works just fine.
Click to expand...
Click to collapse
Hi, I’m glad to have found this thread as I’m not happy with how my normal Android phone is spied upon by google. But I’m not technically knowledgeable and I don’t want to risk bricking my phone by trying amateur attempts at rooting, or installing Insular, etc…
So far I have not signed in, I allow only minimum permissions, use Netguard, Aurora and FDroid, and have disabled bloatware. I also force-stop apps as much as possible when not in use, and enable Location and Bluetooth only when needed.
I know this is just an amateur, token attempt to reduce spying - so I may have to eventually buy a degoogled phone.
I’ve also done some of the privacy suggestions in the attachments you posted.
Could you help me with a couple of newbie questions…
1): I might have minimised some personal data harvested by most of the apps I use, but I guess my privacy precautions will have no significant effect on the amount of telemetry collected by google?
2): If my precautions really have no significant effect, I’m wondering if would it make any real difference if I was signed in as I don’t use any of the google backup services anyway?
Thanks.