[App][7.0+][Early Access] Truvark - modern file encryption - Android Apps and Games

Truvark is a modern file encryption app for Android. You might be wondering why building another vault app as there are already a lot of options. The difference is that Truvark is built around security by design and privacy by default. To proof that I take that serious, this is an offline app, it does not have/requests Android's Internet permission. Features like cloud synchronization are not compatible with the mentioned paradigms. However, that does not mean that you cannot sync or backup your data through a third-party app (on your own risk). Read more about (unique) features below.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Features​Multiple vaults​You can create multiple vaults on your device. Any empty folder can become a vault. All your data remains on the shared device storage, means you can access the encrypted files from a file manager e.g. for backups.
This is a major difference to alternatives. Some apps don't even encrypt your files, they just move them to the app's internal storage. These often speak about "hiding data" instead of encrypting. Others using encryption still prohibit access. You fully rely on their export feature.
Deep folder structures​Truvark is not an encrypted gallery that just lets you group your pictures into albums. It is a file encryption app providing full support for creating folders inside folders. You are not limited in organizing your files.
View encrypted files​The aim is to be able to view common file types in the app. Currently supported are images, videos and audio. The decryption takes place "on the fly" means the required data is decrypted in memory while needed. This is especially important for long videos that would not fit into memory. The image viewer supports high-res pictures and shows more details when zooming in instead of becoming pixelated.
Here are more differences to alternatives to spot. While I analyzed a wide range of vault apps from multimillion downloads to open source ones I found many flaws. Apps decrypting the full file to disk before showing it, scarify performance and possibly put that file on a risk. Others don't encrypt thumbnails, just the original files.
Privacy by default​To make it short this app has no Internet permission. There are no analytics, ads, telemetry or requirements for an account. However, there is an option for logging that is turned off by default. Logging is required to be able to help any user that has an issue with my app. The user needs to provide these logs, they are not automatically sent (what is technically impossible because of the missing Internet permission).
Security by design​Truvark is using a component (library) for encryption that is built by Google engineers and used in Google Pay. It's called Tink and has the following promise:
A multi-language, cross-platform library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.
Click to expand...
Click to collapse
The last part is important. In cryptography it is enough to get a single parameter wrong to make an encryption insecure. Therefor I decided to rely on a popular open source library.
Additionally, Argon2(id) is used for key derivation. It won the Password Hashing Competition back in 2015 and is one of the best (if not the best) algorithm for that task out there.
The cryptographic core of Truvark (the combination of both libraries) is open source and available on GitHub.
The database is a Realm database. Realm can feature encrypted databases and of course that is in use. I have seen a lot of vault apps without encrypted database during my analysis.
Furthermore, Truvark supports biometric (e.g. fingerprint) authentication for unlocking a single vault. That feature is backed by the Android Keystore and might not be available on devices even though they offer biometric authentication because a strong authentication is required that not every device supports.
Partly open source, fully in future​As mentioned above the cryptographic core is already open source and available on GitHub. You can see that this is not my first open source project. Because I'm committed to open source, I plan to publish the full source code sometime in future. The idea is to do that when the app leaves early access but all in all I will do that when I think it's ready.
About development​On the one hand I want to let you know that I'm a professional software developer and not coding as hobby only, on the other hand I have to put a disclaimer here that I'm not a cryptography expert. However this app was carefully build over time and not in a hastle. Although this app is in early access, it is not a prototype or minimal valuable product. Every release is going trough automated and manual tests. For the manual tests I'm using multiple devices. Nevertheless I'm not afraid to say that bugs can happen. I personally lost data using alternatives in the past, so I am very aware of that issue. Therefor this app stores many information redundant. For example in near future a corrupted or deleted database can be almost fully restored (only some information about the folder structure will be lost but you don't need to organize all files again). The app is already designed to support featues like this in future. Furthermore to backup your encrypted files all you need to do is copy the vault folder.
Upcoming features​
Move files and folders to different folders
Rename folders
Rename vault
Material3, followed by many UI and UX improvements
Performance improvements
Future plans​
Support more file types (like text and PDF)
Fully open source
Provide desktop clients (cross platform)
Download​Download from Google Play

Changelog:
0.4.0:
Target Android 13
Handle new notification permission (first and only required permission)
Support themed icons (Android 13)
Update dependencies
0.3.2:
Replace prebuild Argon2 (used for password derivation) with own build from official source
Update various dependencies (including improvements to the in-app file presenter)
0.3.1:
Fix a bug during biometric setup

Thanks for this, I noticed in recents I did not have to relog in to open, pixel as far as I understand doesn't close recents and clearing them also doesn't actually end the process losing a security risk. Great app though!

7h3DuD3 said:
Thanks for this, I noticed in recents I did not have to relog in to open, pixel as far as I understand doesn't close recents and clearing them also doesn't actually end the process losing a security risk. Great app though!
Click to expand...
Click to collapse
Hi,
many thanks for giving Truvark a try and for providing feedback. Indeed there is no mechanism automatically closing a vault or the app itself. Actually I spend a bunch of hours on this feature already and haven't found a solution yet that significantly improves security while keeping encryption/decryption/etc reliable.
You might have noticed that this app makes heavy use of background scheduling. Other apps show a dialog forcing you to wait while they encrypt one file after another, where Truvark runs encryption parallel in background and you still can view your already encrypted files. This is one of the reasons why the feature you mentioned is not available yet, closing a vault would cancel background operations that cannot be automatically started again when the vault is opened next time, because of storage permissions.
Truvark is completely build on Android's "new" storage design (that Google enforced in Android 10/11) by using the storage access framework (SAF).
Therefor I cannot grantee that automatically closing a vault will ever be available, however likely there will be at least a button to close a vault inside the app or maybe a login screen to prevent access to the UI while still having that vault open in background. Actually I’m planning bigger changes on how the vaults are opened with the goal to make it possible having multiple vaults open at the same time. During that process I will reevaluate if it is easier to implement that feature.

@7h3DuD3 did my post answered your questions or are you looking for different information? Happy to answer any question or feedback.
May I ask you in case you regularly use a vault/encryption app what app you're using? What you like about it and what could be improved in your opinion?
Furthermore, I might be able to give insights about the security and privacy of alternative apps if they were part of my analysis. Hoping to analyze more vault apps soon, possibly on request.

Actually don't use one ever for more than a few days, however I've been using this for a bit and find it adequate. Perhaps a triggered deletion of the vault, say recieve an email or text, but I'm fairly certain tasker could do that or multiple other apps not to mention the security risk of having something like that poses a security risk in itself. But overall I'd say it's better then what I've used in the past and files I carry on my personal thumbdrive are vaulted which feels better knowing should I lose it my personal information won't just be in a .hiddenpasswords.txt file lol that's been the main thing is bs where they hide the file like no one's gonna see that or rename the extension with no encryption. I haven't tried a brute force, might be kinda fun to do. Suggestion, Better variety of file types *

7h3DuD3 said:
I haven't tried a brute force, might be kinda fun to do.
Click to expand...
Click to collapse
Starting with your last sentence, I wish you good luck with that. Of course it depends on your password. Assuming you picked a good password (Truvark requires 8 character at the moment) brute force is by far the worst attack you could try. For hashing Argon2id is used with a configuration above the minimal recommendations by OWASP and for encryption Google's Tink library is used that "has been deployed in hundreds of products and systems" (quote from their readme file) including Google Pay.
I think you should try attacking the implementation instead of globaly used algorithms.
7h3DuD3 said:
Actually don't use one ever for more than a few days, however I've been using this for a bit and find it adequate. Perhaps a triggered deletion of the vault, say recieve an email or text, but I'm fairly certain tasker could do that or multiple other apps not to mention the security risk of having something like that poses a security risk in itself. But overall I'd say it's better then what I've used in the past and files I carry on my personal thumbdrive are vaulted which feels better knowing should I lose it my personal information won't just be in a .hiddenpasswords.txt file lol that's been the main thing is bs where they hide the file like no one's gonna see that or rename the extension with no encryption. I haven't tried a brute force, might be kinda fun to do. Suggestion, Better variety of file types *
Click to expand...
Click to collapse
Thanks that you overall seem to like my app. I don't plan to implement a remote deletion because I believe that strong cryptography does not need that. If you really want to build that yourself in a first step you could just delete the file with the name "vault". It contains a so called salt and the encrypted database key, without the file the attack surface is reduced (and you lose access to your files even with correct password btw).
Because you mentioned a thumb drive, that is one of the benefits of the new storage APIs. Truvark fully supports sdcards and external USB devices without workarounds or the need to move data manually from time to time. I have seen lots of vault apps with bad sdcard support.
What file support are you looking for? I plan GIFs, basic text files and PDFs next.

0.3.2:
Replace prebuild Argon2 (used for password derivation) with own build from official source
Update various dependencies (including improvements to the in-app file presenter)
Development is currently a little slow or let's say less visible to users because of many under the hood changes. Furthermore, I'm waiting for improvements/new features in some dependencies. Next will be various improvements to the database. After that I plan to work on Material3 design.

0.4.0:
Target Android 13
Handle new notification permission (first and only required permission)
Support themed icons (Android 13)
Update dependencies
Was quiet in the last months, also because I had little time, the development will progress much faster in the next weeks. I am still working on the replacement of the database implementation. Afterwards it goes on with the Material3 redesign that will come with many new features.

0.5.0:
Fix lags affecting the in-app file viewer
Loop video/audio playback
Update various dependencies
Drop a dependency in favor of official implementation
Obviously, my plans (see above) didn't work out. Unfortunately I'm still waiting for a final feature for database migration, which is finally in development upstream. So here is another small update.
I commit to continue improving this app and bring it out of early access status, as well as go fully open source in future.

Related

[APP][4.1.2+ with OpenPDroid or PDroid2.0] PDroid Manager ALPHA[2013-01-12 v0.2.9.8]

A quick note
If you've come from Google Play to get support, welcome! I'm glad you made it here.
Please do post a description of the problem you are having, but you may also want to read the section below labelled What should I do when it fails?, as this will make it much easier for me to provide support.
If you're having a problem, the place to post it is here, because if you do so on Google Play then I have no way of responding. Unfortunately, this has been the case where an issue has become apparent, and I have included a fix, but there is no way for me to notify those who had the problem.
In any case, back to our normal program...
What is it?
PDroid Manager is an alternative OpenPDroid/PDroid 2.0 Management App. It is currently the 'official' management app for OpenPDroid, and serves as an alternative to the PDroid 2.0 App for PDroid 2.0.
It is GPL licensed (with additional attribution conditions). Source can be obtained from my github.
What does it need?
First, this relies on either the OpenPDroid Core/Framework patches (recommended), or the PDroid 2.0 Core/Framework patches being present in the ROM. You need to have them installed, either by getting the patches (OpenPDroid, PDroid 2.0), patching and compiling a rom yourself; or using the excellent autopatcher tool by mateorod and pastime to patch an existing rom.
It also requires Android 4.1.2 or 4.2.1.
Status
This app is in a supremely alpha state. It does have bugs. It will crash if you run it without the PDroid core/framework patches. It does have a problem with the way notification icons display if you install multiple apps without configuring them. It will crash in a range of other situations I haven't thought of yet.
It will crash if you try to use it while you have the PDroid 2.0 App installed. (It's a permissions signature thing, and you can't have both installed unless you resign them both yourself: see here for how to do that.)
It has been tested on three devices a Galaxy Nexus running AOKP, and a B&N Nook (cheers to mateorod) and a Nexus 7 running AOSP.
Probably others too now, what with people using it, but I don't have a list for that =)
What is the difference between this and the PDroid 2.0 App
This is an ALPHA status tool, so it has more bugs.
This isn't complete - it is missing useful things like an 'about' box, the ability to check the PDroid core version, backup & restore, all of which are in the PDroid 2.0 App.
It can keep logs of application activities. There is currently no way to view these, though. Logs are now (I think?) supported in PDroid 2.0 App. I haven't tried them though.
You can filter the app list by whether it is a system or user app, and by the type of permissions used. Now also in PDroid 2.0 App.
You can filter apps by the 'type' of permission they use - e.g. 'messaging', 'calls', etc.
The source is available.
It can create and restore multiple (human-readable) backups on your SD card or 'external storage'.
It supports multiple languages, thanks to the contributions of others (languages and contributors are listed below) PDroid 2.0 App now supports German and English (but not Russian and French).
Did I mention it has more bugs?
What is the difference between this and Permissions Denied, and other permission-modifying apps
In brief: OpenPDroid and PDroid 2.0 do not actually change the permissions of apps; rather, they intervene when the apps try to use some of the features allowed by these permissions. For example, it doesn't remove permission for an app to use the camera - instead, it lets the app believe it is using the camera normally but then feeds back a fake image when a 'photo' is taken. Similarly, the app can try to request the phone number from the phone, but PDroid can return either a blank number, or a fake number, to the app. The main advantage of this is that rather than the app crashing, as often happens if it finds expected permissions have been removed, it continues to operate simply using incorrect data as its input.
The downside is that PDroid requires modifications to the ROM, which is difficult.
What should I do when it fails?
First, check if the problem you have discovered is a known issue, by looking at issues on my github. If if has already been lodged, but you have additional information to add, then ideally attach it to the issue in github. Otherwise, you can post it here but please clearly refer to the existing issue in github when doing so.
If it is not a known issue in the github:
You can open an issue on my github, providing a logcat: see how to get a logcat.
You can post on this thread, providing a logcat. I will try to monitor this thread, but if it starts getting out of control then I will probably try to run up a bug tracker somewhere else for people to use (and I will always fall back on the github issue tracker).
When will you stop telling me about the bugs and give me a link?
I have added PDroid Manager to the Play store, so you can obtain it from there (which means easier updating). If you do get it from the Play store, remember that support is provided via this thread, not via the Play store comments. I have only added the app to the Play store as a convenience so people can get updates without monitoring this thread.
Check the attachments to this post for the PDroid ALPHA releases. Make sure you read that ALPHA part.
Source at my github.
Requirements: Android API 16 (i.e. 4.1.2 - haven't tested in 4.2 yet).
What does it look like?
This:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Why did you build it?
The original PDroid app by Syvat, and the subsequent PDroid Addon/Extension/2.0 apps by CollegeDev didn't do everything I wanted them to do. I couldn't modify them because I didn't have the source. I'd never created an app before and I wanted to give it a shot.
Why does it need permission to access my SDCard?
I've added the ability to backup and restore your settings to the external storage. In order to do this, I need to be able to write to, and read from, the external storage. I will be adding a version at some point which doesn't require this permission, and cannot do backups.
Isn't doing backups to the external storage really insecure? Couldn't another program edit my backups?
In general, doing backups to the external storage would be insecure, in two ways: other apps could read your settings from the backup, and other apps could edit the backup so when you restore it your settings are wrong.
The ability for other apps to read your settings is a problem even ignoring backups. The Pdroid 2.0 Core (and the original PDroid Core) do not prevent applications from reading settings without any permissions whatsoever. Yes, any app can read your settings directly from the PDroid service. That is the way the PDroid core is built at present (and I don't much like it, but that's another story).
The second problem is one that I have attempted to address. Each installation of PDroid Manager will generate a 'digital signing key', and any backup you create will be signed with this key. When you attempt to restore the backup, the signature is checked to ensure the backup (or signature) has not been modified. If the signature doesn't match, you are warned and given the opportunity to restore anyway. You cannot export this signing key, because exporting that key to your external storage would make it accessible to other programs, and with it they could re-sign your backups to make it appear that they had not been modified. This means if you uninstall and reinstall PDroid Manager, you will get 'invalid signature' warnings on all the backups made from previous installations. If you don't want this to happen, I recommend downloading and using Titanium Backup - it will store the encryption key (although on external storage, which itself could be a security risk). Thus, unless you uninstall and reinstall your PDroid Manager installation, the app will verify that backups have valid signatures before restoring them. Mind you, a root app could steal the signing key. As is always stated, for root apps it is all up for grabs.
I have a great suggestion! How should I get it to you?
First, keep in mind that there are various degrees of detail which can be provided with suggestions, such as:
A suggestion of a feature which could be included
A description of how the feature should work (e.g. user cases: list XYZ, then user presses N, dialog P opens, etc.)
Storyboards or images of what the feature could look like (even if it just a box diagram done in Powerpoint or something).
A suggestion of an app which implements a similar behaviour that could be used as a reference for implementation
A bit of example code
Suggestions of new features are excellent, and some suggestions need less description than others - e.g. "add a help button to each setting" needs less description than "add the ability to filter by the 'trust' state of the app" (although in both cases, interface diagrams could be helpful: e.g. should the help button go to the left or right of the text label for the setting?)
You don't have to provide all of these details, and indeed even if you do provide some details I may not actually use them (e.g. if your suggested images were very inconsistent with the Android UI idioms, or the rest of the app). You can certainly make suggestions that are quite simple: e.g. I would like to be able to apply settings to multiple apps at once, or I would like to be able to filter by individual settings rather than groups of settings (although the latter would be a good candidate for interface suggestions too). If you are suggesting complex features, though, some suggestion of how the interface should work could be handy too - even if I don't use the suggestions as such, they can be very useful for giving me different perspectives.
If you have a suggestion then please describe clearly the suggested feature, interface or behaviour change, or whatever your suggestion it may be. If it requires a new UI screen, or a change to an existing one, descriptions of how it should work, drawings or imagery (or pointing to another app) are very welcome.
In order of 'most desirable' to 'least desirable' (from my perspective) I suggest:
Post the suggestion to my github
Post the suggestion on this thread
PM me (this is low on the list because if I get a flooded PM box it will be hard to find anything).
Finally, remember nothing says "I'd love this feature to be in the app" like a patch to implement it
Can I contribute a translation?
Absolutely! I welcome translations! The process for doing a translation will depend on whether you have a github account or not.
Currently we have translations being contributed for:
English
French (jpeg729 and patrickpr)
German (TamCore)
Hungarian: appelsson
Russian (Beasty)
If you have a Github account
You can fork the PDroid Manager project, and create a "values-xx" directory for the relevant language (e.g. values-de for German). Into that directory, you will need to copy:
Files containing text displayed to the user are:
access_notification_text.xml, which is the text for notification messages provided to the user when an app attempts to accesses a particular type of data.
arrays.xml, which currently contains the text of the drop-down lists used for filtering, and the 'Untrusted, Trusted, No Settings' text displayed.
settings_strings.xml, which contains the text descriptions of each setting, and the associated help text. (I have *just* pushed an update to github for this file, so if you want to translate it make sure you do a pull).
strings.xml, which contains the 'general' strings used in the app.
Once you have created those files, you can commit them, and then create a 'pull request' so I know they are ready to be integrated. I'll then integrate them.
If you don't have a github account
You will need to download the four files linked above, and translate the strings in them. Once you have done that, post to this thread with the files attached.
Remember:Keep in mind that if you have the files sitting around for a while in a partially translated state, they could change in development! When doing translations, make sure you have the latest version from the server. If you find that the strings etc have changed on the server, and you have done a partial translation, you can use a tool like WinMerge to merge the new changes into your file without a lot of work.
Also, if you are creating translation files, please include yourself as an @author in the header to the file, or nominate the details you would like to have recorded against your authorship. Also note that basically the entire app is under a GPL license, and I will only accept material which is licensed under a GPL or BSD license, to make sure that people are free to copy and edit the code as they see fit.
What do you have planned next?
Fix bugs
Add a 'preferences' and 'info' screen to check PDroid core/framework version, etc mostly done
Add help to the individual settings, so users can understand what they mean DONE!
Add the ability to view log and delete logs
Add the ability to create 'profiles' - i.e. pre-configured groups of settings, which can then be applied to an app
Add batch processing, so profiles can be applied to multiple apps in a single action Released in 0.9.3
Add filtering of apps by individual settings, not just by 'setting group'.
Add filtering of apps by setting state (i.e. trusted, untrusted, no settings)
If you want you can give it a go. Read the source. Have fun. Just don't complain that you haven't been warned about it being buggy.
2013-01-15 v0.2.9.9 ALPHA
Changes
Added support for 4.2.1 - not that it stopped you installing it anyway, but for Google Play it mattered =)
Added Spanish support, thanks to alceasan.
2013-01-12 v0.2.9.8 ALPHA
Changes
Fixed a force-close affecting everyone as a result of a corrupted APK. Sorry about that, all!
2013-01-12 v0.2.9.7 ALPHA
Changes
Added Hungarian language support thanks to appelsson.
Updated French language support thanks to jpeg729.
Fixed (I think) a bug in which the app crashed when an installed app does not have an icon.
2012-12-15 v0.2.9.5 ALPHA
Changes
Theoretically fixed a bug which I was unable to reproduce (but I think I know why) which caused a crash rather than a friendly message when a user attempted to run PDroid Manager without the PDroid core installed.
CHANGE LOG
2012-12-15: v0.2.9.4 ALPHA
Changes
Added detection of whether necessary permissions to write to the PDroid core were present, and provide a friendly message if they are not. (These permissions are absent if PDroid 2.0 App is installed before PDroid Manager, not uninstalled before PDroid Manager is installed, and the two packages have not been re-signed with the same key).
Otherwise, this version is identical to v.0.2.9.3. It was just added because I saw some crashes due to PDroid 2.0 App being installed with Google Play users.
2012-12-14: v0.2.9.3 ALPHA
Changes
The main stand-out of this release is batch processing: further details about that are after the list.
Instead of crashing if you don't have PDroid installed, it will now give you a message telling you that you need to install it.
Batch processing: you can now select a bunch of apps, and change their settings. Long-press on an app to enter selection mode, touch other apps to select or deselect them, then use the action bar options to choose what to do.
Added a 'purge settings' option to preferences. This deletes all settings for all apps.
Changing language now triggers a restart of the app (after prompting the user) to immediately switch language
Restructured the filtering interface to work better on smaller devices, and generally look nicer.
Info/help buttons for settings only appear on larger devices now (due to screen real-estate issues). Clicking on the name of the setting will display the help on smaller devices.
Performance improvements
Known bugs
When multiple apps are installed one after the other, the notification to update settings of previous installations is replaced (rather than additional icons appearing). Still.
I think there is still something funny going on with the 'trust' indicator after you save an app, but that may be a new issue. Still.
App names in the application list don't get reloaded when the phone locale changes, which means they stay in the old language until manually refreshed. I'm no longer going to call this an issue, because it is handled by the OS.
Also see my github list: https://github.com/wsot/pdroid-manager/issues
Key points about batch processing:
When you select some apps and choose 'custom settings', only the settings relevant to the apps will be displayed (unless you choose 25+ apps; then it was too slow to work out which ones were relevant).
Only those settings you select new values for will be changed. Those with no pressed buttons will be left alone.
You can 'deselect' a button in batch mode by pressing it again (effectively clearing that setting row, so it will not be changed).
Batch processing can be a bit slow, but unfortunately that is a consequence of the Privacy service to which PDroid Manager connects. I have modified this service to improve performance, but I'm still testing the changes so the app does not require those modifications.
You can't avoid overriding the 'logging' and 'notification' settings when doing batch processing at this stage. I will resolve this soon.
2012-12-07: v0.2.8 ALPHA
This is a minor update: It provides an updated German translation from TamCore, and
Changes
Updated German translation from TamCore,
fixes the Application List scrolling back to the top when you open details for an application, thus losing your place.
Known bugs
When multiple apps are installed one after the other, the notification to update settings of previous installations is replaced (rather than additional icons appearing). Still.
The app will probably crash if PDroid is not installed. Still.
I think there is still something funny going on with the 'trust' indicator after you save an app, but that may be a new issue. Still.
App names in the application list don't get reloaded when the phone locale changes, which means they stay in the old language until manually refreshed. Still.
Also see my github list: https://github.com/wsot/pdroid-manager/issues
2012-12-03: v0.2.7 ALPHA
A couple of new features in this one, and returning to just one version (rather than multilingual and English). The backup and restore features are shiny and new, and *should* work, but be cautious when using them. I've tried them out quite a bit, with custom settings etc, but there could be bugs there that will cook all your PDroid settings. If you find one, please, please report it (see the section on reporting bugs).
Changes
Added a 'preferences' screen, with 'About' box, 'Credits', and a link to this thread
Added language selection (i.e. overriding phone language), again in the preferences screen. Note that for the language to change, you need to force-close and restart PDroid Manager after switching languages. I'm looking at how to resolve this.
Added backup and restore of settings. This requires access to your external storage, hence the new permission. I will be adding supporting code at some stage to allow a separate version without backup and restore to be easily generated for those who are uncomfortable with SDcard access by the app. You can read more details about the backup approach in the Why does it need permission to access my SDCard? and Isn't doing backups to the external storage really insecure? Couldn't another program edit my backups? sections.
Known bugs
When multiple apps are installed one after the other, the notification to update settings of previous installations is replaced (rather than additional icons appearing). Still.
The app will probably crash if PDroid is not installed. Still.
I think there is still something funny going on with the 'trust' indicator after you save an app, but that may be a new issue. Still.
App names in the application list don't get reloaded when the phone locale changes, which means they stay in the old language until manually refreshed. Still.
Also see my github list: https://github.com/wsot/pdroid-manager/issues
2012-11-30: v0.2.6 ALPHA
This release has two versions: Forced English (PDroid_Manager_0.2.6_en) and multilingual (PDroid_Manager_0.2.6_multilingual). The multilingual will automatically use the language matching the phone where possible. The 'en' version uses the exact code I intend to apply to allow users to override the automatic language selection. Basically, this is the same as having a button to force the app to always use English, except the button isn't on the user interface and is always pressed. If you find this isn't always showing English, please let me know so I can fix it.
Changes
Incorporated updated help text (fine work by wbedard, to which I made minor edits. Thus, errors are probably mine not wbedards).
Added German translation (thanks to TamCore) and French translation (thanks to patrickpr on GitHub; note I removed a few words from the translations because the English help text changed, so may have introduced gramattical errors into patrick's French).
Added automatic language data re-loading. To optimise speed, some language-specific text is stored in the database. To make sure that stays up to date, the App will check if the language has changed, and regenerate that database data if it has. If this doesn't happen for you, and the interface stays in English when you switch your phone to German, etc, please report it..
Added different button sizes for 'large' vs 'non-large' devices. This means that buttons will appear larger on most 7-inch tablets (and maybe 10-inch tablets too; my 10-inch isn't working right now) than on phones.
Modified the code to use Android 'Fragments': hopefully, this will be invisible to users at this stage; however, in future it will allow easier development of a multi-panel tablet interface. This is a pretty major change, so may have introduced bugs. Sorry.
Updated notification bar icon to match Google's style guide.
Known bugs
When multiple apps are installed one after the other, the notification to update settings of previous installations is replaced (rather than additional icons appearing). I will fix this soon, honestly.
The app will probably crash if PDroid is not installed.
I think there is still something funny going on with the 'trust' indicator after you save an app, but that may be a new issue.
App names in the application list don't get reloaded when the phone locale changes, which means they stay in the old language until manually refreshed. I'm undecided as to whether to I consider this a bug or not. Feedback (or patch to fix it) welcome.
Also see my github list: https://github.com/wsot/pdroid-manager/issues
2012-11-25: v0.2.3 ALPHA
Changes
Added improved text for the access notifications
Added a help button for each setting with a summary of what the setting does (I know it is ugly, and I plan to fix that soon).
The application list status indicator should now work under all normal circumstances
Dialogs have been added when loading, saving etc. to avoid interactions that could cause crashes
Known bugs
When multiple apps are installed one after the other, the notification to update settings of previous installations is replaced (rather than additional icons appearing).
The app will probably crash if PDroid is not installed.
Also see my github list: https://github.com/wsot/pdroid-manager/issues
2012-11-19: v0.2.2 ALPHA
Changes
Re-added some debug logging (but still much less than was there originally).
Added the ability to delete privacy settings from an app, both in the application settings detail screen, and on the long-press menu on the application list.
The application list status indicator (i.e. trusted, untrusted, no settings) now updates after the long-press menu is used, or the settings are changes in the detail display
An 'all' option has been edited when filtering by the type of settings (e.g. messaging, media, etc).
Known bugs
The trusted/untrusted is sometimes incorrect - 'trusted' apps may appear as 'untrusted'.
When multiple apps are installed one after the other, the notification to update settings of previous installations is replaced (rather than additional icons appearing).
The app will probably crash if PDroid is not installed.
Also see my github list: https://github.com/wsot/pdroid-manager/issues
2012-11-16, later: v0.2.1 ALPHA
Removed writing to the device log (so logcat will not be hideously large)
Contribution to PDroid Manager acknowledgements (in alphabetical order):
mateorod: testing assistance, great ideas, building Autopatcher.
patrickpr: French translation
TamCore: contributing Android.mk, markdown for tables in README.md which were unreadable, German translation
wbedard: textual descriptions of the individual settings
Still playing with the 2e version. I like what you have done with this a lot. Having an open source version will keep us from being in-between working versions, like we were between gingerbread and the auto-patcher release.
An open source alternative like this keeps that from ever happening again.
I had noticed that CollegeDev had not added preloaded-classes to his PDroid2.0 build patches, a potential security leak. Without any access to the source or even version control with the patches I didn't have much recourse to correct the issue. I was left to suggest it in his thread and hope for the best. While he never brought it up again, I did finally see that the suggested change was integrated, but it struck me that having version control for the patches would be for the best as well.
In the spirit of having the entire process open AND available, I have pushed repos for the updated original PDroid patches, worked on by pastime1971 with some help from me, and the PDroid2.0 build patches (which I call PDroidCorePatches) by CollegeDev (which are already open-source, just not available with version control AFAIK) pushed as well.
If CollegeDev or you update the build patches for 4.2, we can either use those repos or start new ones, if necessary. But I am more than willing to add read/write to both of you. Wbedard has ported the PDroidCore patches to AOSP, but I will wait and see if he wants to put up a repo first before adding a new one (or possiibly a aosp-4.1.2 branch).
My hope is that the move towards complete open-source could galvanize all of us who work on PDroid to work together instead of splitting our efforts...we'll see how that goes.
Anyway, great job! I will eventually push the entire history (gingerbread to today) but for right now only 4.1.2 is up.
Original PDroid
PdroidCore
If anyone who has been working with us on Pdroid wants push access, pm me. Anyone who wants to contribute that I don't know yet, submit a pull request and we'll get to know you.
I think having the patches be attached to the same repo as the Auto-patcher and smali patches makes sense, but I am open to suggestion.
FFU5y said:
It is GPL licensed (with additional attribution conditions)
Click to expand...
Click to collapse
dear OP,
i was under the impression that GPL2 did not allow additional obligations (like attributions) being added to the burden of the receivers of the licensed code. however, i think GPL3 made special provisions for some extra obligations in other common permissive free software licenses (manly attributions) to make them compatible with GPL3, so there are some attribution provisions in GPL3 i think.
an example of GPL2 ban on additional restrictions: GPL3 enforces further obligations on receivers, such as non-tivoization, and thus is itself incompatible with GPL2 for the previously stated reason.
could you please clarify the method you chose to extend GPL with attributions in this case? thank you!
Lanchon said:
dear OP,
i was under the impression that GPL2 did not allow additional obligations (like attributions) being added to the burden of the receivers of the licensed code. however, i think GPL3 made special provisions for some extra obligations in other common permissive free software licenses (manly attributions) to make them compatible with GPL3, so there are some attribution provisions in GPL3 i think.
an example of GPL2 ban on additional restrictions: GPL3 enforces further obligations on receivers, such as non-tivoization, and thus is itself incompatible with GPL2 for the previously stated reason.
could you please clarify the method you chose to extend GPL with attributions in this case? thank you!
Click to expand...
Click to collapse
The code is GPL3 licensed, and the additional attribution (and differentiation) requirement are under GPL3 Section 7 (b) and (c).
If there are specific contexts in which people would like to use the app that are excluded by GPL3, they are welcome to contact me about alternative licensing arrangements. Of course, as soon as others contribute GPL3-licenced code then that will get a lot more difficult, but right now that is an option.
I hope that answers your question, but if not let me know.
This is so absolutely awesome, thanks a lot FFU5y!
The filtering options for user/system apps and permission type are exactly what I needed. Further ideas would be:
search app by name
advanced filtering for a single specific permission, e.g. "start on boot"
batch operations: e.g. block network & gps location permissions for all apps
dbx4 said:
This is so absolutely awesome, thanks a lot FFU5y!
The filtering options for user/system apps and permission type are exactly what I needed. Further ideas would be:
search app by name
advanced filtering for a single specific permission, e.g. "start on boot"
batch operations: e.g. block network & gps location permissions for all apps
Click to expand...
Click to collapse
Cheers dbx - glad you're finding it useful.
These are good ideas (and indeed, I started on 'searching app by name' but de-prioritised it for release). I'll add them to my github issues list as enhancements (so they are listed somewhere centrally).
I'm not really sure at this stage how I'd go about implementing the filtering for a single specific permission, mainly because I'm not sure how to represent it in the user interface without cluttering it up.
One way may be to have a specific view for filtering by setting, which shows a list of settings, and then upon choosing a setting shows only the apps to which that setting relates (e.g. choosing 'GPS location' from the list of settings shows only those apps which have that as a valid setting - i.e. those with permission to access the GPS).
I'm afraid those features will probably take a little bit of time to develop, but hopefully you'll find the app useful in the meantime while I'm working on them.
Version 0.2.3 ALPHA has been relased:
CHANGE LOG
2012-11-25: v0.2.3 ALPHA
Changes
Added improved text for the access notifications
Added a help button for each setting with a summary of what the setting does (I know it is ugly, and I plan to fix that soon).
The application list status indicator should now work under all normal circumstances
Dialogs have been added when loading, saving etc. to avoid interactions that could cause crashes
Known bugs
When multiple apps are installed one after the other, the notification to update settings of previous installations is replaced (rather than additional icons appearing).
The app will probably crash if PDroid is not installed.
Also see my github list: https://github.com/wsot/pdroid-manager/issues
Hi, PDroid is a very important app, and I wanted to thank you for making an open source alternative with much more features.
Wish I was a dev, so I could help you more, but I will gladly test it the moment the autopatcher supports 4.2.
Sent from my GT-I9000 using xda app-developers app
Dr.69 said:
Hi, PDroid is a very important app, and I wanted to thank you for making an open source alternative with much more features.
Wish I was a dev, so I could help you more, but I will gladly test it the moment the autopatcher supports 4.2.
Sent from my GT-I9000 using xda app-developers app
Click to expand...
Click to collapse
Cheers =)
I'm eager to give it a run on 4.2 as well, but I am aware that CollegeDev is working on a new release of the PDroid 2.0 Core and App, so I'm not going to try to port the core to 4.2 until the update is released (otherwise there may be a lot of re-working needed, and if CollegeDev is porting it already then I'd just be duplicating work).
In the meantime, I'm going to try to get some fixes and new features into PDroid Manager which can then hopefully move smoothly to the 4.2 version.
Hello, i'm using Permission pro to remove rights i don't want from program, do your program works the same way, or rights are removed by an other way ?
Also, some Gameloft games have managed to get their start at boot rights back, with every programs i used, i was never able to kick them, so this is somewhat important to know, for me, if it will fail the same way.
Don't know if it's possible to do, but people not using Jelly Beans cannot block notification from a program, amybe we could get it with PDroid manager ?
Magissia said:
Hello, i'm using Permission pro to remove rights i don't want from program, do your program works the same way, or rights are removed by an other way ?
Also, some Gameloft games have managed to get their start at boot rights back, with every programs i used, i was never able to kick them, so this is somewhat important to know, for me, if it will fail the same way.
Don't know if it's possible to do, but people not using Jelly Beans cannot block notification from a program, amybe we could get it with PDroid manager ?
Click to expand...
Click to collapse
The quick answer: PDroid and PDroid Manager do not block notifications from programs. In new version of Android, there is a feature to limit which applications can create notifications. If there are a lot of 'marketing' notifications you should report the app to Google (I think you can report it at the Play store) because they are starting to move against that kind of activity.
Anyway, continuing...
PDroid 2.0 (and PDroid Manager) work quite differently to permissions pro. First, PDroid 2.0 (which is the Android modification that PDroid Manager configures) requires a modification to be made to the ROM on the device. This allows for the Privacy Service to limit the access apps have to private information, even when they have Android permissions to access the information. The PDroid Manager App (or the alternative, PDroid 2.0 App) allows you to choose what private information is provided to what app.
So, in order to use PDroid Manager, you need:
A ROM patched to add the Privacy Servire, which you can achieve by either patching the source code yourself using the patches in the PDroid 2.0 thread and compiling the rom, or potentially by using mateorod and pastime's excellent autopatcher
PDroid Manager (or the PDroid 2.0 App) to configure
The advantages of PDroid over Permission pro is that with PDroid, the app still has the same Android permissions, but when the app requests data from the Android operating system the privacy service provides back blank or incorrect data. This means that rather than the app crashing, as often happens when its permissions are changed, it keeps running.
The main disadvantages of PDroid compared to Permission pro is that it requires changes to the Android frameworks, which means you need to be willing and able to modify your ROM in order to use PDroid. It is not 'easy', and it also means there is a delay before new Android version are supported because the patches for the framework need to be modified to support the updated framework.
I hope that helps.
Hello, thanks for your answer, on the autopatcher page, it's not clearly written if it will work on OEM's rom (but it's clearly written it won't on samsung/htc one)
I'm currently usng ASUS' stock rom and guevor's kernel, any chance to have it working ?
If the service reply false information, it's still able to block an app at boot ? to make it unable to start itself at boot ?
Magissia said:
Hello, thanks for your answer, on the autopatcher page, it's not clearly written if it will work on OEM's rom (but it's clearly written it won't on samsung/htc one)
I'm currently usng ASUS' stock rom and guevor's kernel, any chance to have it working ?
If the service reply false information, it's still able to block an app at boot ? to make it unable to start itself at boot ?
Click to expand...
Click to collapse
Autopatcher will probably not work on an OEM ROM at this stage, unfortunately. That is something mateorod has been working on, but I believe it is still a work in progress. You can give autopatcher a try nonetheless, though. If it can't patch it, it will tell you. Also, if you search around the forums for your device, you may find someone has created special patches just for that device.
If you can get the ROM modded to include PDroid, then one of the features allows you to prevent an app being notified of when the device finishes booting. For those games, that means they would not be started when the device finished booting. However, it is possible that they may use a range of other ways to make sure they start which PDroid doesn't affect.
Probably the best way to deal with these types of problem apps is to use a tool that can 'freeze' the apps, and then just 'unfreeze' them when you want to use them. If they are giving you notification bar spam, you should definitely consider reporting them at the play store, too. Notification bar spam is against Google's current policies for the Play store.
Sorry I can't give you better news - patching of already-compiled OEM ROMs is not my focus area.
Hello, i already reported gameloft for their notification ads, and a video game doesn't need to be notified of system's start. Fact are they are "super dev" in play store and i doubt google will do anything.
PDroid seems more complete than Permission Pro, to make programs unable to acces data.
So, if i understand correctly, when i refuse a right to a program, the service will give blank information instaed of letting it see the real information. Does it have a big impact on the performances ?
I wouldn't mind switching rom, but it seems that no rom is able to install and keep all the data/configuration, means you have to use the custom rom since start or you're stuck if you want to keep things.
Edit : Seems Pdroid 2 is for 4.1.2+, my device use 4.0.3, will keep this thread bookmarked and will come back once i'll have enough courage to switch rom (since ASUS won't let us get the update anyway)
Hy!
enough if I flash in recovery the my ROM's update zip?
root required ? :fingers-crossed:
hmm
it looks like it works.
Thanks.
ROM:cm10 Flinny 129.
is possible into other languages translate?
acultr said:
is possible into other languages translate?
Click to expand...
Click to collapse
It's easy. Translate this file and open a pull request or attach it here.

App] [2.2+] TaskCoach for Android

A program to organize todo's/tasks in a treeview form.
It's an Android version of http://taskcoach.org/
The desktop version is available for Windows, Mac OS X, Linux, BSD. There is also versions for iPhone, iPad, and iPod Touch. The Android version does not have all the same features as the other versions.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Use it to keep track of to do's or for project management. The outline can have as many sub-levels as you want, or the list can be viewed "flat".
Add, view and edit your list on your phone, then use the same list on your computer. If you put the file in your DropBox folder, it will automatically be synchronized.
Files are stored in user defined folders on the sd card (can use any level of sub-directory).
Integrates with File Managers and DropBox.
Lists opened in Google Drive cannot be saved directly.
Share your lists via Gmail, DropBox, Google Drive, SkyDrive etc.
Move or copy items around.
List can be sorted (both ways) based on due date (can also use calculated dates), title, category, completion, priority or it can be unsorted.
Can be integrated with the Minimalistic Text Widget (if installed).
Home screen widget shows tasks due today.
Completed items can be hidden from view.
List can be filtered based on title.
Notes are available from main list, and hyperlinks are clickable.
List can be searched based on title.
Collapse/expand all.
Set alarms and be reminded when your task is due.
Tasks can be added to the Google calendar.
Currently supports editing of these fields:
-title
-start date
-due date
-completed
-priority
-percent done
-category
-notes
-recurrence
Because this is a beta version, every time your list is saved, the previous version will be saved too. (This feature can be turned off in the settings menu. Last 5 backups are kept)
NOTE: For people who have issues with the app, just writing a negative comment doesn't help to make it better. Instead please:
- concrete suggestions would be appreciated
- errors: send me an email with the steps that caused the error.
Since the original desktop version of this program is constantly being developed, some of the features available on the desktop might not work on the Android version.
I encourage comments or bug reports.
I have another app in Google Play, Tdl TodoList, and these two are based on the same code, so they are very similar.
Uninstall:
Any list files stored on the sd card will be left after uninstallation.
DISCLAIMER:
This is still being developed as a hobby, and is not a final version. It is being developed as I see fit, have time and am interested in doing it. THERE IS NO WARRANTY THAT THIS PROGRAM WILL WORK on your Android phone or tablet. I TAKE NO RESPONSIBILITY FOR ANY DAMAGE IT MAY CAUSE.
Backup your file manually, or do it automatically every time there is a change.
Market link:
https://play.google.com/store/apps/details?id=com.hgTaskCoach
Please release Open Source
Hi, as a formal member of the Task Coach team, I thank you for this major development! This is one of the most important items and most popular feature requests (having an Android client).
Along with some of the other users of Task Coach, I care about software freedom and got involved with Task Coach because it was the best Free/Open app. There are also others in the community who would like to make this a success. Please release the source under the GPLv3+ license so it is compatible with the main desktop app. That will allow the most collaboration, trust, and goodwill, and it will allow this to be included in F-Droid.
Thanks so much!
Aaron
Task Coach
Hi Aaron.
Just stumbled across the app. Very good move, thanks for your efforts.
Some improvements to consider which would make it even better:
Improved UI by not relying on the menu only. Maybe a toolbar, quick access to filters, etc. for tablets.
Smaller bullets
An own column for categories and priorities (maybe landscape only)
Notifications
MAybe sync/file exchange with the desktop
I also just left a positive review in the Google Play Store.
Many thanks and best regards,
Oliver
How to export to Google Calendar?
Hi,
I must say, this is a great app. I've been looking for a way to organize my crazy life, and stumbled upon Task Coach. Then I found that there wasnt an Android version... but there is now. Thanks for your efforts.
Can you explain how to export it to Google Calendar? I must be overlooking something.
ajige said:
A program to organize todo's/tasks in a treeview form.
It's an Android version of
The desktop version is available for Windows, Mac OS X, Linux, BSD. There is also versions for iPhone, iPad, and iPod Touch. The Android version does not have all the same features as the other versions.
View attachment 2728127 View attachment 2728128 View attachment 2728129 View attachment 2728130
Use it to keep track of to do's or for project management. The outline can have as many sub-levels as you want, or the list can be viewed "flat".
Add, view and edit your list on your phone, then use the same list on your computer. If you put the file in your DropBox folder, it will automatically be synchronized.
Files are stored in user defined folders on the sd card (can use any level of sub-directory).
Integrates with File Managers and DropBox.
Lists opened in Google Drive cannot be saved directly.
Share your lists via Gmail, DropBox, Google Drive, SkyDrive etc.
Move or copy items around.
List can be sorted (both ways) based on due date (can also use calculated dates), title, category, completion, priority or it can be unsorted.
Can be integrated with the Minimalistic Text Widget (if installed).
Home screen widget shows tasks due today.
Completed items can be hidden from view.
List can be filtered based on title.
Notes are available from main list, and hyperlinks are clickable.
List can be searched based on title.
Collapse/expand all.
Set alarms and be reminded when your task is due.
Tasks can be added to the Google calendar.
Currently supports editing of these fields:
-title
-start date
-due date
-completed
-priority
-percent done
-category
-notes
-recurrence
Because this is a beta version, every time your list is saved, the previous version will be saved too. (This feature can be turned off in the settings menu. Last 5 backups are kept)
NOTE: For people who have issues with the app, just writing a negative comment doesn't help to make it better. Instead please:
- concrete suggestions would be appreciated
- errors: send me an email with the steps that caused the error.
Since the original desktop version of this program is constantly being developed, some of the features available on the desktop might not work on the Android version.
I encourage comments or bug reports.
I have another app in Google Play, Tdl TodoList, and these two are based on the same code, so they are very similar.
Uninstall:
Any list files stored on the sd card will be left after uninstallation.
DISCLAIMER:
This is still being developed as a hobby, and is not a final version. It is being developed as I see fit, have time and am interested in doing it. THERE IS NO WARRANTY THAT THIS PROGRAM WILL WORK on your Android phone or tablet. I TAKE NO RESPONSIBILITY FOR ANY DAMAGE IT MAY CAUSE.
Backup your file manually, or do it automatically every time there is a change.
Click to expand...
Click to collapse
Great app! Thank's very much.
Is it possible to compact the view? The icon are too big for my taste.
Also would be very useful to show only active task.
Yeah
I agree that the icons are too large, but it's not really too much of a big deal in my opinion since it doesn't affect the functionality much to be honest
It would be nice to view more task in a single screen
bump for GPL release
Hi, I didn't see any reply to this. I'm happy to see that development has continued. Please help us keep everything compatible and allow other volunteers to help improve this by releasing the source under GPLv3+, thanks.
quadrangle said:
Hi, as a formal member of the Task Coach team, I thank you for this major development! This is one of the most important items and most popular feature requests (having an Android client).
Along with some of the other users of Task Coach, I care about software freedom and got involved with Task Coach because it was the best Free/Open app. There are also others in the community who would like to make this a success. Please release the source under an Open Source license, preferably the GPLv3 in order to match the main desktop app. That will allow the most collaboration, trust, and goodwill, and it will allow this to be included in F-Droid.
Thanks so much!
Aaron
Task Coach
Click to expand...
Click to collapse
GPL3 or no?
Is this going to be GPL3 or no?
I started using taskmanager specifically because I thought I'd be able to use a GPL android app with the same data file. Today I had planned to provide smaller images for this app so that each line would take less screen space, and also see how hard it would be enable "effort tracking" in the android app., but I can't find the source anywhere.
If this is an open source project, where can I get the source?
If this is not an open source project - is there a GPL android app intended to use the taskcoach data files, to which I can contribute?
Still not GPLv3
EDIT: We will continue to encourage this developer to release under GPLv3+. I had posted some confusion over a different developer's attempt at a beta version that they had posted under GPLv2 (which is incompatible with Android's Apachev2 license). I had made a comment about trademark as well. I am *happy* that this app is called "Task Coach for Android" rather than merely "Task Coach" and furthermore glad that the developer seems fine with communicating clearly, and so, I have no problem with their use of the Task Coach trademark (which this isn't the same team as the Task Coach app at this time, it is indeed specifically a compatible product).
I hope we can see it released under GPLv3+ still. I''ll be happy to discuss any concerns the developer has about doing that.
Please continue development
Been waiting a long time for a Task Coach client for Android, thanks for making it @ajige!
Would love to see you continue developing & improving it.
Like most others I wish it was an open source project so you could have help improving it, or if you do not wish to continue development someone else could pick up where you left off.
Thanks again for releasing it and please consider open sourcing it!
Being totally agree with previous proposal about opensourcing or continuing development. Even get myself registered here just to write it outloud
computerinfo21 said:
Been waiting a long time for a Task Coach client for Android, thanks for making it @ajige!
Would love to see you continue developing & improving it.
Like most others I wish it was an open source project so you could have help improving it, or if you do not wish to continue development someone else could pick up where you left off.
Thanks again for releasing it and please consider open sourcing it!
Click to expand...
Click to collapse
Is it possible through dropbox or google calendar (Or anything) to keep my Android TaskCoach synced with my Linux TaskCoach automatically?
dropbox sync problem
ajige said:
A program to organize todo's/tasks in a treeview form.
....
Click to expand...
Click to collapse
Hi, ajige, are you still developing the app?
I am not able to sync via dropbox.
When I try to read a task file from a dropbox folder, via the app file browser, it seems it is downloading, but then it returns to the local foder menu without any real download.
Could you help?
I am using an original android 8.1 on a LG Q6
Thanks anyway
I'm in the process of trying the code for my other, very similar, app, and when that's done, I'll do the same for TaskCoach.
In the mean time: Inside the Dropbox app, did you mark the file for offline access? That's a necessity. Also can you open the file from within the Dropbox app?
ajige said:
...
In the mean time: Inside the Dropbox app, did you mark the file for offline access? That's a necessity. ...
Click to expand...
Click to collapse
Yes, I did
ajige said:
...
Also can you open the file from within the Dropbox app?...
Click to expand...
Click to collapse
I tried (Obviously I associate TaskCoach to that file type).
Each time I open from within Dropbox , TaskCoach starts giving me two errors, sometime one, sometime another, without a specific order.
1) "Error reading bundle info.android.view WindowManager $BadTokenException Unable to add Window - token null is not valid; is your activity running?"
2) "/filecache/xxxxx..... no such file or directory Unable to write to external storage"
I tried to report the messages as exact as possible: each time they appear for a little time, then disappear. I did not find any way to view them for a longer time.
Thanks and regards
Until recently, I could open my desktop TaskCoach's data file, synched by DropBox.
Now, settings/where to look for .tsk files won't let me select my DropBox folder. How do I synch my desktop & Android TaskCoach?
mawg said:
Until recently, I could open my desktop TaskCoach's data file, synched by DropBox.
Now, settings/where to look for .tsk files won't let me select my DropBox folder. How do I synch my desktop & Android TaskCoach?
Click to expand...
Click to collapse
Hi, mawg.
I don't take care of settings. I open the TaskCoach file browser: it allows to go into the scratch directory of dropbox (obviously I made the taskcoach file available offline) and opens it. Then TaskCoach remembers the positions for future access.
Instead, still, directly from within Dropbox i'm not able to open the tasks file in Taskcoach.
ajige, as written, had other work before having time to solve that problem . Anyway opening the file from TaskCoach works for me.
Hoping my answer is useful
illolatt said:
Hi, mawg.
I don't take care of settings. I open the TaskCoach file browser: it allows to go into the scratch directory of dropbox (obviously I made the taskcoach file available offline) and opens it. Then TaskCoach remembers the positions for future access.
Instead, still, directly from within Dropbox i'm not able to open the tasks file in Taskcoach.
ajige, as written, had other work before having time to solve that problem . Anyway opening the file from TaskCoach works for me.
Hoping my answer is useful
Click to expand...
Click to collapse
Thanks a 1,000,000
I used an Adnroid file manger and "open with.." then made sure to select Settings/Open last used file. Works like a charm
But settigns/Where to look for .tsk files really needs a Fiel Manager, rather thanforcing to choose from a limited list.
And a Recent Files list would be very welcome
ajige said:
I'm in the process of trying the code for my other, very similar, app, and when that's done, I'll do the same for TaskCoach.
In the mean time: Inside the Dropbox app, did you mark the file for offline access? That's a necessity. Also can you open the file from within the Dropbox app?
Click to expand...
Click to collapse
Hoping to be useful, I send you the results of some other trials made with your TaskCoach.
- LG Q6 with Android 8.1: The access to the TaskCoach data file is not possible directly from within Dropbox, but if I start Taskcoach and search the file with its internal file browser in the offline folder of Dropbox, TaskCoach opens the file and remembers also its position;
- LG G4 with Android 6.0: Taskcoach opens the data file also directly from within Dropbox!
So, because I don't know if you was informed of it, up to Android 6.0 TaskCoach works great, the problems are with the next versions of Andorid (surely with 8.1)
Thanks for your good work
Greetings

Android 11 Scoped Storage.Android future completely Google dependent (centralization)

I read some details (Scoped Storage) about what should come in Android Q (Android 10), but was aborted first and will be introduced with Android 11.
Why Google lies to the users and what the honest developers have to say about it and have recognized it correctly.
https://www.xda-developers.com/android-q-storage-access-framework-scoped-storage/
Android Q is fundamentally changing the way storage works on your phone. In every version up to Pie, Android’s storage worked like a desktop computer: you can use any app you want to read or write any file (if you grant an app permission to do so). With Q, Google is introducing (and requiring) “Scoped Storage,“which makes Android work more like an iPhone, where storage is isolated to each app. An app can only access its own files, and if it’s uninstalled, all its files are deleted.
Click to expand...
Click to collapse
Google touts the security and privacy benefits of this change, but technically speaking, there is no improvement. Apps have had the ability to privately store files since Android 1.0, and almost all apps make use of this capability. When you grant an app access to the root directory of your storage via SAF, it can read, write, and send any file it wants to its nefarious developer in the exact same fashion it could when you granted an app access to storage in Pie.
Click to expand...
Click to collapse
The only “security improvement” comes about because it’s now a more arduous process for a user to do this. Unless of course an app only wants to steal your most personal information, like photos and videos you’ve taken, for which Google has added an alternative access solution which uses a simple pop-up click-yes security dialog. It is not known what benefits Google hopes to achieve with this change. The official stated reason in the Android Q beta documentation is to “give users more control over their files and to limit file clutter.” Scoped storage, in its present form, is a new limitation of what the user is allowed to do, not an extension of their control. The claim of reducing clutter may be somewhat valid, but only because the change reduces the ability to use files at all. And “clutter” is increased when you consider the problem of some apps now having to duplicate files to work with them.
Click to expand...
Click to collapse
If Google is truly concerned about giving users more control over files and clutter, they should architect a solution that directly addresses that, rather than falsely branding the current Android Q design as such an improvement. The simplest answer would be to let users decide if they want an app to have scoped or general filesystem access, using the extant storage permission request dialog. If there is a particular concern for users making poor decisions here, it’s certainly possible to make that dialog more prominent and require additional user interaction to approve an app for full access.
Click to expand...
Click to collapse
The answer to how Android can give users more control of their files is to actually give users more control, not to take it away and fundamentally constrain the capabilities of the Android platform.
Click to expand...
Click to collapse
What do we see here?
The developers knew exactly how to really improve it for the users and the added value behind it.
Why does Google lie and want to include it in Android Q even though it's not an improvement? Google wants to limit Android even further, just like Apple does with their iOS system and products that use this system e.g. iPhone.
Google is pursuing the same goals as Apple and Microsoft in the final stages. Building a centralized system. No more control by users (developers are also users), only server dependent.
The problem that most Android or Linux developers have known about for a long time and therefore do not develop apps for centralized systems. But the consumers don't know it yet or don't see the interrelations and that's a problem.
Since Google is able to integrate it into Android 11, they will try again and again in the future to make the Android platform similar to the Apple platform.
What many do not know Google does these steps in small steps. So it always starts first.
Only in a few years one sees the effects. Apps can only be installed from the Google Play Store. Everything else goes only by an software which one sends to Google, in order to get a permission, so that the App can be installed. Android devices can only be set up and used if the device does Internet activation (like an iPhone). No offline setup/use possible anymore!
We have to act otherwise we will be more and more controlled by global corporations that only pursue their own interests (centralization, control, economic growth, fake security problems to limit the operating system, more market power, etc).
But the cause is in reality the consumers. The majority currently believe that Google, Apple, etc... are on the users' side. No, that's not true. It's just an illusion to distract.
The fact is that without the users' money, corporations like Google cannot exist. The decision is always ours!
We millions of users can spend more money in independent systems, hardware, software. We users can support even more independent developers. It's really possible. Don't forget!
So Google tries to remove one of the main reasons for using Android. I remember that I tested the iPhone and other iOS devices and hated not being able to navigate the file system. And without internet activation it was not possible to set up the operating system locally. Totally horrible.
3 main reasons why I use Android:
- file system access*
- microSD and external storage media support
- Installing Apps outside the Google Play Store
* Thanks MiXplorer @HootanParsa
here are other reasons:
- Android has good support for external storage media = this allows manufacturers to add USB 3.1 Gen 1 or even USB 3.1 Gen 2 ports to their Android devices already today. Maybe in the future also possible with USB 3.2 Gen 2x2 and USB 4. This allows you to transfer data much much much faster via File Explorer app, similar to a desktop operating system.
- adapts to the user
Something else.
On every desktop PC there are real operating systems which must not be restricted so easily. It would be illegal to kick Linux off the desktop or off the market in general.
In the mobile areas there is no real alternative to Android without Google control.
There is no real promotion by law (strong financial support), like for the Linux community.
Actually it's illegal that Google tries to do something like this with Android and to destroy Android. LineageOS and other Android based systems have no support for strong financial support by law, so that there are real mobile operating systems and no monopoly position can be created, as it is currently the case.
On any current desktop PC or notebook I can install Linux without getting severe problems. Of course there are also some problems when using Linux, e.g. when proprietary manufacturers do not want to update their drivers.
But for normal users it is very well done and there are very few bugs in the everyday software. The installation itself almost always runs smoothly, very easy (via USB stick), no matter from which well-known manufacturer I buy the devices.
What about file managers?
Developers of apps like file managers that want access to every file in the external storage can do so through the Storage Access Framework once granted permission by Google — we learned in October 2019 at the Android Developer Summit that a program allowing for "special access" was being implemented.
Legitmitate apps need these special permissions.
A user would give permission for a file manager app to access the root (top-level folder) of the external storage, thus granting recursive access to every folder and file inside of it. Since this is a pretty broad selection and one of the goals of Scoped Storage was to reign in apps that want this level of access, it's good that Google will take a special look at apps who want to do this and grant permissions for legitimate apps like your favorite file manager.
Scoped Storage is going to happen this time
Early feedback for Scoped Storage was not very good. There was even a petition that asked Google to remove the feature rethink its implementation.
Which is mostly what Google did. Scoped Storage was available in the official Android 10 release, but developers were not required to use it. But that's all about to change.
Starting in September 2020, apps will need to target Android 10 or later if they are to be available on the Play Store.
Any app that is targeted for Android 10 or later must use the new storage APIs, and that includes Scoped Storage. Changes to Google Play's developer agreement say that starting August 1, 2020 all new apps submitted to Google Play must target Android 10 or later, and all updates to existing apps must target Android 10 or later as of November 1, 2020.
That means that unless an app developer is willing to let an app wither and die in a sea of old apps, Scoped Storage must be implemented soon. Luckily, this time Google has listened to feedback and made things easier for apps that have a need for full or special access and the new APIs in Android 11 make other things easier, too. A safer and more secure Android is something we all should want.
Click to expand...
Click to collapse
https://www.androidcentral.com/what-scoped-storage
I really laugh
There are always Android users who say that iOS is limited, but Google is trying to copy Apple. Every file manager developer must have Google's explicit permission to run their file manager applications on Android 11. Without Google, this is no longer possible.
What is the next step? Most likely, as an Android user, you will get a full device activation in Android 12 or Android 13. If users do not take this step, you will always get stuck in setup. You won't even be able to use the alarm clock, open the calendar application and much more.
Here is a video and pictures of my iPhone 11 and the current iOS 13 (first time setup). What is this?
If you have never used an iPhone before. Then I'll be happy to tell you what it is. This is a device activation in the setup. It is not possible to skip the activation, there must always be a communication with the server first. The device activation comes back when you run the setup process again, for example when you reset the iPhone to factory defaults and then want to set it up again. This also applies to other Apple products such as watchOS, tvOS and iPadOS devices. All mobile Apple devices are already fully server dependent.
Have fun, their Android user with Android/Android TV, Wear OS and Chrome OS. You will get the same.
Boardcdd said:
Here is a video and pictures of my iPhone 11 and the current iOS 13 (first time setup).
Click to expand...
Click to collapse
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
https://streamable.com/lhb0u
Why nobody is talking that EVEN if apps could get exceptions to have broader access to storage, won't be a true full access like is it now?
This will break apps like SDMaid in cleaning folders /storage/Android/, or sync/backup apps won't be able to see them either. Additionally we don't what else is going to be forbidden!!!
Have a read here
https://developer.android.com/preview/privacy/storage
Code:
Why nobody is talking that EVEN if apps could get exceptions to have broader access to storage, won't be a true full access like is it now?
This will break apps like SDMaid in cleaning folders /storage/Android/, or sync/backup apps won't be able to see them either. Additionally we don't what else is going to be forbidden!!!

[APP][5.0+][ROOT/NONROOT][GPLv3] Material Files (open source file manager)

Material Files
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
An open source Material Design file manager, for Android 5.0+.
https://github.com/zhanghai/MaterialFiles
Downloads
Google Play
F-Droid
GitHub releases
Screenshots
Features
Open source: Lightweight, clean and secure.
Material Design: Like the good old Cabinet with attention into details, and optional MD2 style.
Breadcrumbs: Navigate in the filesystem with ease.
Root support: View and manage files with root access.
Archive support: View, extract and create common compressed files.
Themes: Customizable UI colors and night mode.
Linux-aware: Like Nautilus, knows symbolic links, file permissions and SELinux context.
Robust: Uses Linux system calls under the hood, not yet another ls parser.
Well-implemented: Built upon the right things, including Java NIO2 File API and LiveData.
Why Material Files?
Because I like Material Design, and clean Material Design.
There are already a handful of powerful file managers, but most of them just isn't Material Design. And even among the ones with Material Design, they usually have various minor design flaws (layout, alignment, padding, icon, font, etc) across the app which makes me uncomfortable, while still being minor enough so that not everybody would care to fix it. So I had to create my own.
Because I want an open source file manager.
Most of the popular and reliable file managers are just closed source, and I sometimes use them to view and modify files that require root access. But deep down inside, I just feel uneasy with giving any closed source app the root access to my device. After all, that means giving literally full access to my device, which stays with me every day and stores my own information, and what apps do with such access merely depends on their good intent.
Because I want a file manager that is implemented the right way.
This app implemented Java NIO2 File API as its backend, instead of inventing a custom model for file information/operations, which often gets coupled with UI logic and grows into a mixture of everything. On the contrary, a decoupled backend allows cleaner code (which means less bugs), and easier addition of support for other file systems.
This app doesn't use java.io.File or parse the output of ls, but built bindings to Linux syscalls to properly access the file system. java.io.File is an old API missing many features, and just can't handle things like symbolic links correctly, which is the reason why many people rather parse ls instead. However parsing the output ls is not only slow, but also unreliable, which made Cabinet broken on newer Android versions. By virtue of using Linux syscalls, this app is able to be fast and smooth, and handle advanced things like Linux permissions, symbolic links and even SELinux context. It can also handle file names with invalid UTF-8 encoding because paths are not naively stored as Java Strings, which most file managers does and fails during file operation.
This app built its frontend upon modern ViewModel and LiveData which enables a clear code structure and support for rotation. It also properly handles things like errors during file operation, file conflicts and foreground/background state.
In a word, this app tries to follow the best practices on Android and do the right thing, while keeping its source code clean and maintainable.
Because I know people can do it right.
Nautilus is a beautifully-designed and user-friendly file manager on Linux desktop, and it's fully Linux-aware. Phonograph is an open source Material Design music player app (which I've been using for years), and it has just the right Material Design and implementation.
So, it's time for yet another Android file manager.
License
GPL-3.0-or-later
Code:
Copyright (C) 2018 Hai Zhang
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
XDA:DevDB Information
Material Files, App for all devices (see above for details)
Contributors
dreamingincode
Source Code: https://github.com/zhanghai/MaterialFiles
Version Information
Status: Stable
Current Stable Version: 1.0.0
Stable Release Date: 2019-12-02
Created 2019-12-08
Last Updated 2019-12-09
Reserved
Reserved
Reserved
Thank you for opening this thread on XDA. 謝謝 !
I was following this on GitHub since I saw the application on F-Droid.
Stunning 1.0 release !
A feature request I think I haven't seen yet on GitHub's issues; would it be possible to implement full long filenames ? Currently they get truncated with a "..." and some file listings show the same partial filename for all items.
 
dreamingincode said:
Reserved
Click to expand...
Click to collapse
Tried the app.Very nice app for first release and its open source(cool)
Requesting for adding cloud (drive,mega) file management feature... Thank u
Ultramanoid said:
Thank you for opening this thread on XDA. 謝謝 !
I was following this on GitHub since I saw the application on F-Droid.
Stunning 1.0 release !
A feature request I think I haven't seen yet on GitHub's issues; would it be possible to implement full long filenames ? Currently they get truncated with a "..." and some file listings show the same partial filename for all items.
 
Click to expand...
Click to collapse
You can copy the full name in the "Properties" dialog. I intentionally put the ellipsis in middle in hope that it can help distinguishing different files with numbers at end, etc. Unfortunately the file name cannot be two-line/multi-line because fast scrolling requires every item to be of fixed height
thisisarjun said:
Tried the app.Very nice app for first release and its open source(cool)
Requesting for adding cloud (drive,mega) file management feature... Thank u
Click to expand...
Click to collapse
See https://github.com/zhanghai/MaterialFiles/issues/95 or https://github.com/zhanghai/MaterialFiles/issues/148
dreamingincode said:
You can copy the full name in the "Properties" dialog.
Click to expand...
Click to collapse
Well, thanks, but that is not really a solution. In a list with dozens or hundreds of files it's not realistic to check each single filename, dozens or hundreds of times.
Organizing photos or sound files, I have listings with hundreds of files that all seem to have the exact same name.
Sorry to hear it is not possible. ( You could check Ghost Commander to see it implemented in another open source file manager. FX, MiX, not open source, but also with threads in XDA, or the venerable Total Commander, all can show full filenames. Linux file managers as well. )
Well, good luck with the project.
 
Ultramanoid said:
Well, thanks, but that is not really a solution. In a list with dozens or hundreds of files it's not realistic to check each single filename, dozens or hundreds of times.
Organizing photos or sound files, I have listings with hundreds of files that all seem to have the exact same name.
Sorry to hear it is not possible. ( You could check Ghost Commander to see it implemented in another open source file manager. FX, MiX, not open source, but also with threads in XDA, or the venerable Total Commander, all can show full filenames. Linux file managers as well. )
Well, good luck with the project.
 
Click to expand...
Click to collapse
I tried MiX with full file name enabled, and fast scrolling indeed became broken :crying:
dreamingincode said:
I tried MiX with full file name enabled, and fast scrolling indeed became broken :crying:
Click to expand...
Click to collapse
I'm not sure what fast scrolling means, but at any rate if all filenames look exactly the same, no operation is possible. Here's an example comparing with FX.
 
Ultramanoid said:
I'm not sure what fast scrolling means, but at any rate if all filenames look exactly the same, no operation is possible. Here's an example comparing with FX.
 
Click to expand...
Click to collapse
Oh, fast scrolling means if you drag the scrollbar, the scrollbar actually follows you so that you can scroll through the entire content quickly. That requires knowing the item height without laying all of them out, so dynamic item height will most likely break it.
Maybe I should consider adding an option to make all items take the height of a two-line file name. Created https://github.com/zhanghai/MaterialFiles/issues/205.
Btw I also happened to listen to that song, a really beatiful one It has been in my personal music library for years, the piano arranged version.
dreamingincode said:
Oh, fast scrolling means ... the piano arranged version.
Click to expand...
Click to collapse
I understand. Thank you very much for considering it. I had been testing the F-Droid build and this was my only serious problem. It is a really solid file manager.
Yes, I have the piano version too. It is a good soundtrack. (^^♪
 
dreamingincode said:
Oh, fast scrolling means if you drag the scrollbar, the scrollbar actually follows you so that you can scroll through the entire content quickly. That requires knowing the item height without laying all of them out, so dynamic item height will most likely break it.
Maybe I should consider adding an option to make all items take the height of a two-line file name. Created https://github.com/zhanghai/MaterialFiles/issues/205.
Click to expand...
Click to collapse
The fixed height schema is malapropos and can be problematic...
Maybe we can refer to how web browsers rendering lengthy web pages.
I checked the 1.0.1 release from GitHub since the F-Droid build is always slower to appear. Very disappointed to see it's loaded with trackers; Firebase, CrashLytics, GCM...
Hopefully the F-Droid build will be clean and without all those things, but still worrisome.
 
I am also an enthusiastic Android user myself (which is why I built the app) and I do share your concern, but as a developer I also need analytics and telemetry to know how my app works and debug issues, so I hope you could understand it.
Meanwhile, Firebase Crashlytics is one single thing (source), and I didn't use GCM which is for push notifications. So it feels kinda unfair to say the app is "loaded with trackers".
Different people may have different expectations of privacy, and I fully understand it which is why I published the app on F-Droid. F-Droid only allows building from open-source code (Firebase surely isn't open source), and makes it very hard to do otherwise, so you don't need to worry about the F-Droid version. You can check my F-Droid build file to see how nonfree code is removed before build, and the GitHub repo to see the full source code.
Regarding latency of F-Droid build, unfortunately it's a limitataion of F-Droid and I cannot do anything about it. The build file linked above already has the recommended auto update mechanism configured, so we just have to wait one or two days (see the previous link, F-Droid signing needs human intervention) for a new version to be there. You can also download the F-Droid tool to do your own build using the build file if you really want the free version quickly, which I did for once when testing the build file.
EDIT: Didn't see you screenshot. Yes Firebase Analytics and Firebase Crashlytics are two things, but both under Firebase and viewed at the same place, one for analytics and one for telemetry.
dreamingincode said:
So it feels kinda unfair ...
Click to expand...
Click to collapse
Thank you for the reply, and developer myself. But surely much older and missing the era where software was paid with money instead of personal information.
Still won't allow a single tracker on my system on any device. That's one tracker too many. Unusual, I know, but no Play Services, no social data miners, no malvertising, no crash reporters, no trackers, and no internet permission for anything other than the web browser and terminal, period. And if possible, only open-source applications to be able to audit the code.
I understand 99% of users just want convenience, and prefer a "free" pretty application that records everything they write, say, eat, do, and uses it or sells it, than running a clean but ugly Linux binary in a terminal...
Edit : Sorry if it seems I was complaining about the F-Droid delay, I wasn't, I know it's not something you can control.
 
Ultramanoid said:
Thank you for the reply, and developer myself. But surely much older and missing the era where software was paid with money instead of personal information.
Still won't allow a single tracker on my system on any device. That's one tracker too many. Unusual, I know, but no Play Services, no social data miners, no malvertising, no crash reporters, no trackers, and no internet permission for anything other than the web browser and terminal, period. And if possible, only open-source applications to be able to audit the code.
I understand 99% of users just want convenience, and prefer a "free" pretty application that records everything they write, say, eat, do, and uses it or sells it, than running a clean but ugly Linux binary in a terminal...
 
Click to expand...
Click to collapse
I'm more of a pratical user for myself, but I agree people should have the freedom to not be tracked. This app is my hobby project created for myself and others, and I surely don't want to track anyone with it, so rest assured.
The source code of this project is free (as in freedom) with GPLv3, and the F-Droid version contains only FOSS code and should be a clean and beautiful app to use. I believe free software should be as good as, or even better than proprietary ones ?
dreamingincode said:
Because I want a file manager that is implemented the right way.
This app implemented Java NIO2 File API as its backend, instead of inventing a custom model for file information/operations, which often gets coupled with UI logic and grows into a mixture of everything. On the contrary, a decoupled backend allows cleaner code (which means less bugs), and easier addition of support for other file systems.
This app doesn't use java.io.File or parse the output of ls, but built bindings to Linux syscalls to properly access the file system. java.io.File is an old API missing many features, and just can't handle things like symbolic links correctly, which is the reason why many people rather parse ls instead. However parsing the output ls is not only slow, but also unreliable, which made Cabinet broken on newer Android versions. By virtue of using Linux syscalls, this app is able to be fast and smooth, and handle advanced things like Linux permissions, symbolic links and even SELinux context. It can also handle file names with invalid UTF-8 encoding because paths are not naively stored as Java Strings, which most file managers does and fails during file operation.
This app built its frontend upon modern ViewModel and LiveData which enables a clear code structure and support for rotation. It also properly handles things like errors during file operation, file conflicts and foreground/background state.
In a word, this app tries to follow the best practices on Android and do the right thing, while keeping its source code clean and maintainable.
Click to expand...
Click to collapse
With no intent to disappoint you... But I'd like you to know:
Being of higher level of abstraction does not necessarily ensure being of higher level of quality...
...what's under the hood may be not much different from another `ls` parser.
And usually... those abstraction layers inevitably introduced some losses in the runtime efficiency of the program.
dreamingincode said:
However parsing the output ls is not only slow, but also unreliable...
Click to expand...
Click to collapse
It doesn't have to be slow... nor unreliable. When properly implemented.
If necessary, you can adapt your own version of `ls` specifically optimized for your specific purpose, to reduce the performance overhead. (though generic `ls` already works well... for most purposes, and usually still faster than calling similar functionalities from the abstraction layer of higher levels)
Indeed anything unfamiliar can be considered unreliable... though `ls` indeed gives consistent output.
dreamingincode said:
...which made Cabinet broken on newer Android versions.
Click to expand...
Click to collapse
I believe the cause is this. (check the adjacent posts too)
Something about Google's whims: the approach towards "No file in the system"... (the exact opposite of the creed of Unix)
dreamingincode said:
By virtue of using Linux syscalls...
Click to expand...
Click to collapse
More accurately, it's calling native Linux applications/libraries through the JNI.
Meanwhile... how's the app's performance in this test? (unfortunately I'm unable to verify on my system due to dependency issues)
gdgsdg123 said:
Being of higher level of abstraction does not necessarily ensure being of higher level of quality...
...what's under the hood may be not much different from another `ls` parser.
And usually... those abstraction layers inevitably introduced some losses in the runtime efficiency of the program.
Click to expand...
Click to collapse
There must be an abstraction to represent files and paths in a file manager written in Java, however you get the file data (via `ls`, Java File or custom native things). Java NIO2 file API is a good abstraction so it's an improvement over bad ones.
It's very diffrent from an `ls` parser in that it doesn't parse the output of an unknown version of a binary, and it doesn't start new processes.
It doesn't have to be slow... nor unreliable. When properly implemented.
If necessary, you can adapt your own version of `ls` specifically optimized for your specific purpose, to reduce the performance overhead. (though generic `ls` already works well... for most purposes, and usually still faster than calling similar functionalities from the abstraction layer of higher levels)
Indeed anything unfamiliar can be considered unreliable... though `ls` indeed gives consistent output.
Click to expand...
Click to collapse
It is unreliable and cannot be properly implemented, because things like newline in file name. In a word, it doesn't provide an option to separate lines with a NUL byte, and thus cannot be reliably parsed. `find` provides such an option as mentioned in the HackerNews thread, but it cannot output all the needed file metadata like `ls` and launching separate processes to retrieve metadata is painfully slower.
It has to be magnitudes slower than JNI because every time it is creating a new process, waiting for it to finish and collecting its output. This will be a huge slow-down comparing to any number of layers of abstraction within Java.
Building and bundling `ls` only solves parsing, but cannot avoid creating a new process every time in any way.
`ls` isn't something completed and untouchable, and it can be inspected, modified and improved. I consulted the source code of `ls` (and various others) in toybox (the AOSP implementation now) and OpenJDK NIO2 implementation before writing my own, not inventing something new.
I believe the cause is this. (check the adjacent posts too)
Something about Google's whims: the approach towards "No file in the system"... (the exact opposite of the creed of Unix)
Click to expand...
Click to collapse
The cause of Cabinet stopped working is unlikely the Scoped Storage work happening in Q and beyond, because it is broken on P. It is showing every file/folder name as `0` which is likely due to modification to `ls` output that added a new column, and Cabinet thought that was where the file name should be.
About the trend in Android towards scoped storage: Rooting itself is against the Android permission system, etc, and is much less supported than raw file access. So as long as root is supported on Android, having a Linux file manager makes sense to me.
More accurately, it's calling native Linux applications/libraries through the JNI.
Click to expand...
Click to collapse
Yes this is the point. Using JNI to call into a custom native library avoids the overhead of creating new processes. However, these JNI calls are simple wrappers around the original Linux syscalls, so I believe it's fine to say that the app is utilizing Linux syscalls (there's no other way of using Linux syscalls in Java).
syscalls.c is the source code for syscall wrappers written in C. Syscalls.java is the Java interface. As you can see, they are merely wrappers around the original syscalls.

[Rom][GrapheneOS]Android 12][AOSP][UNOFFICIAL]

{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Features overview​GrapheneOS is a private and secure mobile operating system with great functionality and usability. It starts from the strong baseline of the Android Open Source Project (AOSP) and takes great care to avoid increasing attack surface or hurting the strong security model. GrapheneOS makes substantial improvements to both privacy and security through many carefully designed features built to function against real adversaries. The project cares a lot about usability and app compatibility so those are taken into account for all of our features.
GrapheneOS is focused on substance rather than branding and marketing. It doesn't take the typical approach of piling on a bunch of insecure features depending on the adversaries not knowing about them and regressing actual privacy/security. It's a very technical project building privacy and security into the OS rather than including assorted unhelpful frills or bundling subjective third party apps choices.
GrapheneOS is also hard at work on filling in gaps from not bundling Google apps and services into the OS. We aren't against users using Google services but it doesn't belong integrated into the OS in an invasive way. GrapheneOS won't take the shortcut of simply bundling a very incomplete and poorly secured third party reimplementation of Google services into the OS. That wouldn't ever be something users could rely upon. It will also always be chasing a moving target while offering poorer security than the real thing if the focus is on simply getting things working without great care for doing it robustly and securely.
This page provides an overview of currently implemented features differentiating GrapheneOS from AOSP. It doesn't document our many historical features that are no longer included for one reason or another. Many of our features were implemented in AOSP, Linux, LLVM and other projects GrapheneOS is based on and those aren't listed here. In many cases, we've been involved in getting those features implemented in core infrastructure projects.
GrapheneOS​
Partial list of GrapheneOS features beyond what AOSP 12 provides:
Hardened app runtime
Stronger app sandbox
Hardened libc providing defenses against the most common classes of vulnerabilities (memory corruption)
Our own hardened malloc (memory allocator) leveraging modern hardware capabilities to provide substantial defenses against the most common classes of vulnerabilities (heap memory corruption) along with reducing the lifetime of sensitive data in memory. The hardened_malloc README has extensive documentation on it. The hardened_malloc project is portable to other Linux-based operating systems and is being adopted by other security-focused operating systems like Whonix. Our allocator also heavily influenced the design of the next-generation musl malloc implementationwhich offers substantially better security than musl's previous malloc while still having minimal memory usage and code size.
Fully out-of-line metadata with protection from corruption, ruling out traditional allocator exploitation
Separate memory regions for metadata, large allocations and each slab allocation size class with high entropy random bases and no address space reuse between the different regions
Deterministic detection of any invalid free
Zero-on-free with detection of write-after-free via checking that memory is still zeroed before handing it out again
Delayed reuse of address space and memory allocations through the combination of deterministic and randomized quarantines to mitigate use-after-free vulnerabilities
Fine-grained randomization
Aggressive consistency checks
Memory protected guard regions around allocations larger than 16k with randomization of guard region sizes for 128k and above
Allocations smaller than 16k have guard regions around each of the slabs containing allocations (for example, 16 byte allocations are in 4096 byte slabs with 4096 byte guard regions before and after)
Random canaries with a leading zero are added to these smaller allocations to block C string overflows, absorb small overflows and detect linear overflows or other heap corruption when the canary value is checked (primarily on free)
Hardened compiler toolchain
Hardened kernel
Support for dynamically loaded kernel modules is disabled and the minimal set of modules for the device model are built into the kernel to substantially improve the granularity of Control Flow Integrity (CFI) and reduce attack surface.
4-level page tables are enabled on arm64 to provide a much larger address space (48-bit instead of 39-bit) with significantly higher entropy Address Space Layout Randomization (33-bit instead of 24-bit).
Random canaries with a leading zero are added to the kernel heap (slub) to block C string overflows, absorb small overflows and detect linear overflows or other heap corruption when the canary value is checked (on free, copies to/from userspace, etc.).
Memory is wiped (zeroed) as soon as it's released in both the low-level kernel page allocator and higher level kernel heap allocator (slub). This substantially reduces the lifetime of sensitive data in memory, mitigates use-after-free vulnerabilities and makes most uninitialized data usage vulnerabilities harmless. Without our changes, memory that's released retains data indefinitely until the memory is handed out for other uses and gets partially or fully overwritten by new data.
Kernel stack allocations are zeroed to make most uninitialized data usage vulnerabilities harmless.
Assorted attack surface reduction through disabling features or setting up infrastructure to dynamically enable/disable them only as needed (perf, ptrace).
Assorted upstream hardening features are enabled, including many which we played a part in developing and landing upstream as part of our linux-hardened project (which we intend to revive as a more active project again).
Prevention of dynamic native code execution in-memory or via the filesystem for the base OS without going via the package manager, etc.
Filesystem access hardening
Enhanced verified boot with better security properties and reduced attack surface
Enhanced hardware-based attestation with more precise version information
Eliminates remaining holes for apps to access hardware-based identifiers
Greatly reduced remote, local and proximity-based attack surface by stripping out unnecessary code, making more features optional and disabling optional features by default (NFC, Bluetooth, etc.), when the screen is locked (connecting new USB peripherals, camera access) and optionally after a timeout (Bluetooth, Wi-Fi)
Option to disable native debugging (ptrace) to reduce local attack surface (still enabled by default for compatibility)
Low-level improvements to the filesystem-based full disk encryption used on modern Android
Support for logging out of user profiles without needing a device manager: makes them inactive so that they can't continue running code while using another profile and purges the disk encryption keys (which are per-profile) from memory and hardware registers
Option to enable automatically rebooting the device when no profile has been unlocked for the configured time period to put the device fully at rest again.
Improved user visibility into persistent firmware security through version and configuration verification with reporting of inconsistencies and debug features being enabled.
Support longer passwords by default (64 characters) without a device manager
Stricter implementation of the optional fingerprint unlock feature permitting only 5 attempts rather than 20 before permanent lockout (our recommendation is still keeping sensitive data in user profiles without fingerprint unlock)
Support for using the fingerprint scanner only for authentication in apps and unlocking hardware keystore keys by toggling off support for unlocking.
PIN scrambling option
LTE-only mode to reduce cellular radio attack surface by disabling enormous amounts of legacy code
Per-connection MAC randomization option (enabled by default) as a more private option than the standard persistent per-network random MAC.
When the per-connection MAC randomization added by GrapheneOS is being used, DHCP client state is flushed before reconnecting to a network to avoid revealing that it's likely the same device as before.
Improved IPv6 privacy addresses to prevent tracking across networks
Vanadium: hardened WebView and default browser — the WebView is what most other apps use to handle web content, so you benefit from Vanadium in many apps even if you choose another browser
Hardware-based security verification and monitoring: the Auditor app app and attestation service provide strong hardware-based verification of the authenticity and integrity of the firmware/software on the device. A strong pairing-based approach is used which also provides verification of the device's identity based on the hardware backed key generated for each pairing. Software-based checks are layered on top with trust securely chained from the hardware. For more details, see the about page and tutorial.
PDF Viewer: sandboxed, hardened PDF viewer using HiDPI rendering with pinch to zoom, text selection, etc.
Encrypted backups via integration of the Seedvault app with support for local backups and any cloud storage provider with a storage provider app
Secure application spawning system avoiding sharing address space layout and other secrets across applications
Network permission toggle for disallowing both direct and indirect access to any of the available networks. The device-local network (localhost) is also guarded by this permission, which is important for preventing apps from using it to communicate between profiles. Unlike a firewall-based implementation, the Network permission toggle prevents apps from using the network via APIs provided by the OS or other apps in the same profile as long as they're marked appropriately.
The standard INTERNET permission used as the basis for the Network permission toggle is enhanced with a second layer of enforcement and proper support for granting/revoking it on a per-profile basis.
Sensors permission toggle: disallow access to all other sensors not covered by existing Android permissions (Camera, Microphone, Body Sensors, Activity Recognition) including an accelerometer, gyroscope, compass, barometer, thermometer and any other sensors present on a given device. To avoid breaking compatibility with Android apps, the added permission is enabled by default.
Authenticated encryption for network time updates via a first party server to prevent attackers from changing the time and enabling attacks based on bypassing certificate / key expiry, etc.
Proper support for disabling network time updates rather than just not using the results
Connectivity checks via a first party server with the option to revert to the standard checks (to blend in) or to fully disable them
Hardened local build / signing infrastructure
Seamless automatic OS update system that just works and stays out of the way in the background without disrupting device usage, with full support for the standard automatic rollback if the first boot of the updated OS fails
Require unlocking to access sensitive functionality via quick tiles
Minor changes to default settings to prefer privacy over small conveniences: personalized keyboard suggestions based on gathering input history are disabled by default, sensitive notifications are hidden on the lockscreen by default and passwords are hidden during entry by default
Minimal bundled apps and services. Only essential apps are integrated into the OS. We don't make partnerships with apps and services to bundle them into the OS. An app may be the best choice today and poor choice in the future. Our approach will be recommending certain apps during the initial setup, not hard-wiring them into the OS.
No Google apps and services. These can be used on GrapheneOS but only if they avoid requiring invasive OS integration. Building privileged support for Google services into the OS isn't something we're going to be doing, even if that's partially open source like microG.
Compatibility layer for coercing user installed Google Play services into running as sandboxed apps without any special privileges.
Fixes for multiple serious vulnerabilities not yet fixed upstream due to a flexible release cycle / process prioritizing security.
Services​Service infrastructure features:
Strict privacy and security practices for our infrastructure
Unnecessary logging is avoided and logs are automatically purged after 10 days
Services are hosted entirely via our own dedicated servers and virtual machines from OVH without involving any additional parties for CDNs, SaaS platforms, mirrors or other services
Our services are built with open technology stacks to avoid being locked in to any particular hosting provider or vendor
Open documentation on our infrastructure including listing out all of our services, guides on making similar setups, published configurations for each of our web services, etc.
No proprietary services
Authenticated encryption for all of our services
Strong cipher configurations for all of our services (SSH, TLS, etc.) with only modern AEAD ciphers providing forward secrecy
Our web sites do not include any third party content and entirely forbid it via strict Content Security Policy rules
Our web sites disable referrer headers to maximize privacy
Our web sites fully enable cross origin isolation and disable embedding in other content
DNSSEC implemented for all of our domains to provide a root of trust for encryption and authentication for domain/server configuration
DNS Certification Authority Authorization (CAA) records for all of our domains permitting only Let's Encrypt to issue certificates with fully integrated support for the experimental accounturi and validationmethods pinning our Let's Encrypt accounts as the only ones allowed to issue certificates
DANE TLSA records for pinning keys for all our TLS services
Our mail server enforces DNSSEC/DANE to provide authenticated encryption when sending mail including alert messages from the attestation service
SSHFP across all domains for pinning SSH keys
Static key pinning for our services in apps like Auditor
Our web services use robust OCSP stapling with Must-Staple
No persistent cookies or similar client-side state for anything other than login sessions, which are set up via SameSite=strict cookies and have server-side session tracking with the ability to log out of other sessions
scrypt-based password hashing (likely Argon2 when the available implementations are more mature)
Project​Beyond the technical features of the OS:
Collaborative, open source project with a very active community and contributors
Can make your own builds and make desired changes, so you aren't stuck with the decisions made by the upstream project
Non-profit project avoiding conflicts of interest by keeping commercialization at a distance. Companies support the project rather than the project serving the needs of any particular company
Strong privacy policies across all our software and services
Proven track record of the team standing up against attempts to compromise the integrity of the project and placing it above personal gain
Click to expand...
Click to collapse
Installation Instruction and downloads
​Dwonload for pixel 5 and other Releases
https://grapheneos.org/releases
GrapheneOS has two officially supported installation methods. You can either use the WebUSB-based installer recommended for most users or the command-line installation guide aimed at more technical users.
We strongly recommend using one of the official installation methods. Third party installation guides tend to be out-of-date and often contain misguided advice and errors.
If you have trouble with the installation process, ask for help on the official GrapheneOS chat channel. There are almost always people around willing to help with it. Before asking for help, make an attempt to follow the guide on your own and then ask for help with anything you get stuck on.
The command-line approach offers a way to install GrapheneOS without trusting our server infrastructure. This requires being on an OS with proper fastboot and signify packages along with understanding the process enough to avoid blindly trusting the instructions from our site. For most users, the web-based installation approach is no less secure and avoids needing any software beyond a browser with WebUSB support.
For those who wants google play store apps please watch this video, Its not recommended but i use it myself on this rom.
GrapheneOS - Full Post Install Setup Guide - Maximize Security and Privacy On Your Android Phone
Source code
https://github.com/GrapheneOS
https://github.com/GrapheneOS/kernel_google_redbull
https://github.com/GrapheneOS/device_google_redfin-kernel
https://github.com/GrapheneOS/device_google_redfin
Credits and Thanks
We would like to give thanks to everyone in the Android community, big or small.
That said, we would like to Thank all These Teams for their contribution to the Open Source Community. Special Thanks to Daniel Micay
MOD EDIT: This is an UnOfficial thread and isn't run by the GrapheneOS team​
times out and doesn't flash "system"
jorgeccastro said:
times out and doesn't flash "system"
Click to expand...
Click to collapse
Follow the instructions properly it will flash I am using it right now.
What method did you use to flash the rom?
Use web installer it's easy.
I want to say thank you so much for all of the work on this ROM, it is awesome!
Has anybody gotten root to work on this? I tried patching the boot.img with Magisk, but after I flash the patched boot.img, the bootloader says it can't find a valid operating system?
jailbird2 said:
I want to say thank you so much for all of the work on this ROM, it is awesome!
Has anybody gotten root to work on this? I tried patching the boot.img with Magisk, but after I flash the patched boot.img, the bootloader says it can't find a valid operating system?
Click to expand...
Click to collapse
The whole point of this rom is security haha so no root only pure security and bootloader will be locked if you followed the instructions.
SyntaxError said:
The whole point of this rom is security haha so no root only pure security and bootloader will be locked if you followed the instructions.
Click to expand...
Click to collapse
Yep, I know. As the phone mainly stays connected in my vehicle, I was using a framework that allowed me to trigger actions when the charging power comes on (eg, vehicle is started) and goes away (vehicle is turned off). I was hoping to be able to keep that AND keep the extra security .
I completely understand though, thanks!
jailbird2 said:
Yep, I know. As the phone mainly stays connected in my vehicle, I was using a framework that allowed me to trigger actions when the charging power comes on (eg, vehicle is started) and goes away (vehicle is turned off). I was hoping to be able to keep that AND keep the extra security .
I completely understand though, thanks!
Click to expand...
Click to collapse
Aha well there are certain things we have to sacrifice lol for security sake.
SyntaxError said:
Follow the instructions properly it will flash I am using it right now.
What method did you use to flash the rom?
Use web installer it's easy.
Click to expand...
Click to collapse
oh ok, thanks for that info. i was using a screwdriver and hammer...
how to install google playstore
look im going to be honest with you guys i use my phone as a daily driver and with out gapps its pointless to use this rom i need gapps to download my apps and to restore my info. and i all ready try to install gapps on this rom it doesnt work
williejack619 said:
look im going to be honest with you guys i use my phone as a daily driver and with out gapps its pointless to use this rom i need gapps to download my apps and to restore my info. and i all ready try to install gapps on this rom it doesnt work
Click to expand...
Click to collapse
Sorry mate, GrapheneOS is not meant to have any Google framework stuff in it. If you need such and at the same time want more privacy you might want to have a look at CalyxOS, at least there is an option to include microG. Have fun.
williejack619 said:
look im going to be honest with you guys i use my phone as a daily driver and with out gapps its pointless to use this rom i need gapps to download my apps and to restore my info. and i all ready try to install gapps on this rom it doesnt work
Click to expand...
Click to collapse
you can install fdroid and from fdroid install https://f-droid.org/en/packages/com.aurora.store/ and you can have all play store apps without any account or you can sign in and still retain your privacy.
beggar23 said:
Sorry mate, GrapheneOS is not meant to have any Google framework stuff in it. If you need such and at the same time want more privacy you might want to have a look at CalyxOS, at least there is an option to include microG. Have fun.
Click to expand...
Click to collapse
They've documented how to install Google services:
GrapheneOS usage guide
Usage instructions for GrapheneOS, a security and privacy focused mobile OS with Android app compatibility.
grapheneos.org
williejack619 said:
how to install google playstore
Click to expand...
Click to collapse
was this a troll?
xstrifey said:
was this a troll?
Click to expand...
Click to collapse
maybe lol
SyntaxError said:
The whole point of this rom is security haha so no root only pure security and bootloader will be locked if you followed the instructions.
Click to expand...
Click to collapse
The problem I have with not having root is that google backups suck. An example is google authenticator. It loses all settings and will force the user to redo every site where it was used for 2fa. I absolutely need the ability to restore my apps properly, and I currently use TitaniumBackup for that. I'm also playing around with 'Migrate', but both need root.
adamf663b said:
The problem I have with not having root is that google backups suck. An example is google authenticator. It loses all settings and will force the user to redo every site where it was used for 2fa. I absolutely need the ability to restore my apps properly, and I currently use TitaniumBackup for that. I'm also playing around with 'Migrate', but both need root.
Click to expand...
Click to collapse
I just don't understand why no one understands the meaning of privacy?
This rom is made for privacy and security without Google as in degoogled phone so no root access because the bootloader will be locked after flashing this rom.
And yes you can install play store apps my way or the official way and there is a link to that provided by @k0rner . And yes I understand backup and restoring from Google is a pain so just do a manual restore like I did if you want privacy and if you want root and Google services then this rom is not meant for you and to be used with Google services.
Can I change the aspect ratio to 16:9 in this custom rom?
works long press power turns flashlight on this rom ?
switcher said:
works long press power turns flashlight on this rom ?
Click to expand...
Click to collapse
No. It brings up the shutdown/reboot screen as seen in the stock image.

Categories

Resources