Database Develop

Ad sponsered free apps increasing, Any type of firewall?

Well been doing alot of study lately and it seems ALOT of apps on the market that are full versions and are "free" seem to have ad sponsored elements in them. Sending your GPS data to whoever or other various things. Now while if the dev mentions on the description that their "Paid" version is ad free. Least its up front and honest about it. However alot of Apps I found out hide this info it seems. Is this going to be the new "Kazaa" on the G1? Back when Kazaa came out, is when the influx of "Spyware" was increasing. Im worried is this happening to the G1 now? While I can understand devs choosing this to make their app free and gain from it a lil. Whats to say other devs wont use this for other intentions that may have some negative impact?
Just wondering tho.. for modded G1s. Is there some sorta firewall app or so yet that might be useful? Anyways just thought I would post for discussion case I am worried over nothing.

Install AdFree from the Market.

Cool ill try that. Still tho some discussion would be good. Cause I don't know if this should be something to start getting concerned on. Apps running in background draining battery, and reporting info possibly and so. Or am I getting concerned over nothing?

Mysticales said:
Cool ill try that. Still tho some discussion would be good. Cause I don't know if this should be something to start getting concerned on. Apps running in background draining battery, and reporting info possibly and so. Or am I getting concerned over nothing?
Click to expand...
Click to collapse
A little paranoia is a healthy thing, too much is bad, but these ads collect all sorts of location information to profile you and provide relevent advertising, but who knows what else happens with the data etc etc etc
PS you need root access on your phone to use AdFree

Yea Im fully rooted, No worries there. =) Thanks for this heads up. I use host files as well on my PC.. since then never had a issue with spyware again. Any news on if he would let us update the host file ourselves? Id love to use the file I have on my PC. Heh.
Anyways as for discussion goes. Can these ads know your G1 email, or linked email account? Next off, is there a ability that these ads could read your personal data as text msgs, contacts (to spam phone calls) or anything like that? Android being a new OS.. not sure what devs and ads can do with access to a phone. Its like a new gateway has been opened.
Kinda wish a dev could comment if the G1 would even have this ability and if it could be a bad thing.
Edit: Good question, this Ad Free, is it like if you add a hosts file in a router? Like if I use the G1 to tether, is it blocking the ad banners even on tethered connections? Would be interesting to know for sure since imagine a built in firewall that protects tethered PCs too.

Mysticales said:
Yea Im fully rooted, No worries there. =) Thanks for this heads up. I use host files as well on my PC.. since then never had a issue with spyware again. Any news on if he would let us update the host file ourselves? Id love to use the file I have on my PC. Heh.
Click to expand...
Click to collapse
You can use your own hosts file on your own phone, AdFree just automates the process, if you look at this thread it started off describing how to do things manually.
Anyways as for discussion goes. Can these ads know your G1 email, or linked email account?
Click to expand...
Click to collapse
Possibly, I haven't looked into accessing the google credentials from the android APIs so I don't know for certain, might be a private API google only shares with it's own apps, that doesn't mean someone won't figure out how to access them however.
Next off, is there a ability that these ads could read your personal data as text msgs, contacts (to spam phone calls) or anything like that? Android being a new OS..
Click to expand...
Click to collapse
When you install an app there is a screen displayed of the permissions the apps ask for, read/write contacts, calendars etc will all be displayed, you should be able to see the permissions an app will have access to after it's installed as well from memory.
not sure what devs and ads can do with access to a phone. Its like a new gateway has been opened.
Click to expand...
Click to collapse
You should be more worried what google will do with all the info it collects to be honest, but that's another issue altogether.
Kinda wish a dev could comment if the G1 would even have this ability and if it could be a bad thing.
Click to expand...
Click to collapse
You are prompted during install as to what the app will be able to access, google leaves it up to you to accept it or not.
Edit: Good question, this Ad Free, is it like if you add a hosts file in a router? Like if I use the G1 to tether, is it blocking the ad banners even on tethered connections? Would be interesting to know for sure since imagine a built in firewall that protects tethered PCs too.
Click to expand...
Click to collapse
Depends how the tethered setup gets DNS info, if it uses the information from the hosts file then yes, but this is dependent on what the tether setup does.

Mysticales said:
Its like a new gateway has been opened.
Click to expand...
Click to collapse
Only if you never bothered reading the permissions requests when installing an app. They clearly describe what permissions an app wants to use and you can cancel the installation if you feel you don't want to give an app the right to access your personal info. So if you install a game that says it wants access to your Google Account info (which would include your email and thus all your associated google services) then you have only yourself to blame if the dev sends you a ton of spam or sells your email address.
Bottom line is read the permissions requested carefully and decide whether you trust the company/entity that created the app before installing it. Also, i'd be very wary installing any root apps, since root apps by their very nature can operate outside of dalvik sandbox and do practically anything they want to your system. I'm only running two root apps right now: Market Enabler and Wifi Tether. They are both open source.

Well of course I read the permissions thing. However still I would still wonder about things.

Mysticales said:
Well of course I read the permissions thing. However still I would still wonder about things.
Click to expand...
Click to collapse
Google actually closed up some of the loop holes that apps were using on Android 1.0/1.1 to enable wifi etc.

jashsu said:
They are both open source.
Click to expand...
Click to collapse
Unless you audit the code and compile it yourself, you have no idea what the binary is actually doing.

Location data is only used for serving the right banners and calculate the profits the banner view/click has depending on the location (country) of the viewer.
Its not anything malicious and you can easily see the permissions when installing.
People all like free apps instead of paying a few dollars, but when an ad is added people try to get rid of it... Havent you all ever wondered why the ads are there? Just like on a forum as the one you are on right now? Right they generate at least a little bit of money for a dev that doesnt want to charge the users directly by letting them pay, but spends almost all his free time to keep apps updated, write new once and answering questions.
As soon as there is virtually no way too make money on a market, the market will die as developers/companies will move over to an other platform of development.

delta_foxtrot2 said:
Unless you audit the code and compile it yourself, you have no idea what the binary is actually doing.
Click to expand...
Click to collapse
It's not difficult to get the code from svn and compile it. Pretty effortless.

rogro82 said:
As soon as there is virtually no way too make money on a market, the market will die as developers/companies will move over to an other platform of development.
Click to expand...
Click to collapse
Many people don't like to view ads on their computers, let alone their mobile phone. Thus if people can block the ads easily, they will. Content producers and software developers will simply have to find a new business model to pursue. Maybe that's a free/premium differentiation model or maybe its microtransactions. That or they will have to deal with a percentage of their userbase blocking ads.

Well I am sure most devs Block ads too, either on their mobile or pc.. no one wants any type of issue.
Now again, I said I understand why they are there for free apps. Its just that as a user myself.. I like to know Im protected from potential hazards. Also alot of devs like to make something hot to use on later resumes and projects. Ive worked with alot of devs in my time start with nothing and grow to get bigger jobs in RL cause of the project. =)

jashsu said:
It's not difficult to get the code from svn and compile it. Pretty effortless.
Click to expand...
Click to collapse
I didn't say it was hard to get or compile it, but auditing the code to make sure nothing malicious is going on can be very difficult at times. There is a code obfustication competition each year and it's extrodinary what some can do and you'd never know unless it was pointed out to you.

Mysticales said:
Well I am sure most devs Block ads too, either on their mobile or pc.. no one wants any type of issue.
Click to expand...
Click to collapse
It's not just "issues" too many ads tick a certain segment of the population off to the point that they go to these lengths to get rid of them.
This is of course before you factor in this segment of the population are usually the least to click on ads, usually for ethical/moral reasons, so them getting rid of ads is usually no big loss.
Last time I checked AdFree was downloaded less than 5,000 times, now compare this to a speedometer app I made which anyone can run and it's been downloaded over 10,000 times I highly doubt any dev relying on ads will actually loose out by the people that can and are blocking them.

rogro82 said:
Location data is only used for serving the right banners and calculate the profits the banner view/click has depending on the location (country) of the viewer.
Click to expand...
Click to collapse
The meta data that can be gleened from this sort of advertising can have all sorts of flow on effects and unintended consequences.
I see the world and potential pitfalls in things differently than others, I don't know why, but the more data collected the worst things can be.
If you are interested in what country they are from/in just pull the country code from the SIM card, why narrow it down to within a few metres?

Well since I have been using Adfree. Let me say this. My G1 seems to be running faster! I dont get as many force close/wait errors. Certain apps like atrackdog for one RUN faster. I mean without the ads running, it seems my apps speed through their task and do what they are supposed to. Kinda interesting note oddly.
Also lets say a app you know would be using GPS to locate you on a map. Thus triggering "Give app permission to use your GPS" which you know why it needs it. But does the app also tell you that it uses the GPS for Ads? So I dont always trust what it says when it comes to permissions as it doesnt mean in the underline that its not using the same permission to do other things. Would be nice if the G1 had a notice that the app uses Ad support.

Linux is a wonderful and powerful operating system that can do just about anything you can possibly dream of.
First, the hosts file hack is a piece of crap since all it does is it points potentially malicious domain names back to self. It doesn't take into account connections that are ip address based... those will still go through and there is nothing that can be put in the hosts file to stop that.
iptables on the other hand.... included in 1.0 and 1.1, and several custom 1.5's, can do many strong things; block by ip address (including if it tries to lookup by dns), block by port, *BLOCK BY USER ID*.
The latter is particularly interesting since each program installed on android is assigned its own userid. That means that with the correct iptables rule, you can block all network traffic for THAT PARTICULAR PROGRAM. Or you can blacklist/whitelist servers for that program, etc.
http://www.cyberciti.biz/tips/block...ingle-user-from-my-server-using-iptables.html
http://www.cyberciti.biz/tips/linux...ng-access-to-selectedspecific-ip-address.html
For example, when I issue this command:
iptables -A OUTPUT -o tiwlan0 -m owner --uid-owner 10017 -j DROP
My browser is no longer able to connect (since it is uid=10017) using wifi (tiwlan0 is wifi). Note: leave out the entire "-o tiwlan0" argument and it should block all outgoing on all devices for that userid.
To find the userid for a particular program, do "ls -l /data/data/program'sdatadirectory"

So on JF 1.51 is this ability already there? Yea I know Linux is great for iptables. Always is, even in routers hehe.
If its not in there already, Debian, how well does that work on the G1?

[Q] Password protect certain applications?

Is there an application that can password protect certain apps that I choose?
And please do not say Kids Corner as it does not do what I am asking.

It's probably possible (though far from easy), but I'd actually be more inclined to help if you hadn't opened a duplicate thread about this.

Only made second thread about this to attract some attention, 7 months passed since that guy opened his thread and nobody could give a good answer.
To me it's weird that nobody tried to make an app like this still, it would be very popular and help users very much.
Anyways, thank you for replying.

Really, just bumping the other thread was enough, but since we're here anyhow... my idea for how to approach it (and this would take a *lot* of hacking) goes something like this:
1. Create an app (call it X) that has the capability to launch other apps, and filesystem write access.
2. Have X take another app (call it Y) and encrypt its binaries. This prevents anybody from launching it by any means.
3. Tweak the app database to make it so that when you try to launch Y, it instead launches X and passes the id of Y as a parameter to the launcher.
4. X prompts the user for a password to Y. On getting the right one, it decrypts Y's binaries and writes them back to the correct location, then launches Y.
5. When the user (or OS) closes Y, a background process of X notes that Y is closed and re-encrypts it.
Currently we know how to do... well, some of #1, and we think the rest is possible. Given that, #2 isn't too hard. #3 is something I don't have the least notion how to do *right now* but I'm sure it's possible. #4 shouldn't be too hard given #1 and #2. #5 will be a trick - currently, apps have no way to know what other apps are running - but I'm sure it can be done.
It's a large engineering problem blocked by an even bigger research and hacking problem, though. Nothing we'll have soon. You'd never be able to publish it in the store, either, and it would only work for people with hacked phones. It's exactly the kind of *useful* thing that would be possible if Microsoft were willing to let up the restrictions on third-party developers a bit, of course, But for the time being, there are *reasons* nobody has done it yet.

Well the word that I actually was thinking after reading your post was "crap".
It seems only with time (and a whole [email protected]#$ing lot of it) will wp become a true competitor to android, but to be honest I don't think it will come to that.
Thanks for replying GoodDayToDie, I'm freakin' sad that there is no app that can suit my needs, I even tried with kids corner but the screen still needs the password entered like the normal one. Nothing really can make up for what I have in mind.
Cheers mate.

as soon as we can interop unlock all WP devices, it will be pretty easy... if you're able to provide the XAP (uncrypted of course )
i'll be able to "mod" this in for you... which app are we talking about?
@GoodDayToDie: i do'nt think he is looking for real data security here, so encrypting the whole thing shouldnt be required... i think it's more about preventing his gf to read his private messages or something like that
oh btw.: you would need a dev-unlock to deploy the modified XAP then...

tfBullet said:
as soon as we can interop unlock all WP devices, it will be pretty easy... if you're able to provide the XAP (uncrypted of course )
i'll be able to "mod" this in for you... which app are we talking about?
@GoodDayToDie: i do'nt think he is looking for real data security here, so encrypting the whole thing shouldnt be required... i think it's more about preventing his gf to read his private messages or something like that
oh btw.: you would need a dev-unlock to deploy the modified XAP then...
Click to expand...
Click to collapse
You're right tfBullet! I need it for whatsapp, photos, message and games app, mostly to prevent from friends but gf too.
I was thinking it might be possible to mod an app and add password before it can be accessed, although I have no experience in this domain. Many apps in store have this function, like wallet or prive photo apps.
My phone is dev-unlocked as I started a few days ago to study and try to create a simple app for me and my friends.

Modding an app like that would actually be quite hard, because it would break the signature and prevent the app from running. The encryption thing really isn't too hard, although you could skip it anyhow too.

If there was a way to run a program in the background that monitors when certain apps are selected and then prompts when its activated would work, but it would need an unlocked phone. And even under home brew I don't know if its possible to run apps in the background. Yet.
Sent from my Nokia 521 using XDA Windows Phone 8 App

The encryption thing really isn't too hard

Yea, but that's a little extreme. If you can create that password program that runs in the background you could probably have it watch files, apps or pretty much anything. You'd have to password protect the cofig file. And maybe if you can't remember the password after so many attempts you can have the program email the passwords to your email. Just some ideas.
Sent from my Nokia 521 using XDA Windows Phone 8 App

Running software in the background is actually shockingly easy. The trick is getting it to run with better-than-app-sandbox privileges. We're still working on that one. In the meantime, apps can't even read, much less write, to the install location of other apps.

GoodDayToDie said:
Modding an app like that would actually be quite hard, because it would break the signature and prevent the app from running.
Click to expand...
Click to collapse
@GoodDayToDie: actually these .NET apps are pretty easy to decompile, if you're willing to fix the bugs that the decompiler leaves you with...
so there is not really a need for a valid signature, if you're able to compile & sideload the app yourself
the only thing is: you need the decrypted XAP, as far as i know these get decrypted while installation and can be pulled from a interop unlocked device?!
It would be nice to get my fingers on some OEM (Nokia etc..) XAPs, to see if we can find any exploit in them

I know better than probably 95% of this forum what it takes to decompile managed code; I have reverse engineered huge numbers of apps. However, you are missing several important points.
1) Modifications like you suggest are very complicated to automate. It's certainly possible, but it's not simple.
2) Re-installing the app would be a pain. You would really want to do this as an in-place modification, and that means (for store apps) that it would still be signature-checked.
3) Not all apps are managed code; WP8 supports purely native code.
4) Even with managed code, obfuscation can make tinkering with the binary nigh-impossible.

It's just so incredibly stupid that WP is so limited. I know it's under Android big time, but I think even iOS more customizable, right?
Also, is there a message app in the store that has pass option? I searched but found nothing...

I don't believe iOS is any more customizable, no. It has some feature that WP lacks (it ought to; it's been out for years longer and Apple completely controls the hardware it runs on) but it's also missing some features that WP8 offers. In any case, this isn't the thread to have that discussion in.

GoodDayToDie said:
I don't believe iOS is any more customizable, no. It has some feature that WP lacks (it ought to; it's been out for years longer and Apple completely controls the hardware it runs on) but it's also missing some features that WP8 offers. In any case, this isn't the thread to have that discussion in.
Click to expand...
Click to collapse
But with the jailbreak and MobileSubstrate, iOS is extremely customizable, and there are tons of tweaks, that's where Apple gets its new features from
Back to topic, I think the OP would be happy with a solution that locks the "normal" user of his phone out of some apps, so it wouldn't be necessary to modify anything of it, just making the standard launcher (I don't know how it's called, but I mean when you launch the app via home screen or with a toast) ask for a password should be enough.

Alternative to xprivacy if I go to 5.0 LP ROM

Hi,
As Xposed apparently won't be ported soon to LP if ever, I was wondering if I update to LP (Galaxy S4 got GE LP), what options I have to protect my privacy and manage those permissions? I am too much spoiled by Xprivacy I doubt if there is anything as good as Xprivacy but need at least something that can do a minimum job to block and deny some permissions.
Thanks for all your suggestions
P.S I was also thinking of making a post to list all alternatives to different xposed module, what do you guy say ? I can keep the OP uptodate if you share your alternative Mods/Apps to xposed modules
Alternative solution I am personally using right know which serve me quite well till we have some real privacy mod/tool :
You will need 2 apps :
- AFWall+ (open source firewall) : https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall
- App Ops : https://play.google.com/store/apps/details?id=com.findsdk.apppermission
Ideally to prevent leaks, install them before installing or restoring any data after flashing your ROM
1- In AFWall+
- Enable the Firewall by pressing 3 dot menu and Enable firewall,
- Then for apps which you want to grant access Check the Icons First is for LAN Network acces, 2nd is for Wifi Internet, 3rd is your Mobile Data (some system apps like Media server, download etc.. must have internet access other wise Youtube, or downloading in browsers wont work, read the FAQ question for more info.)
- Once all app you want to grant access are checked, click on 3 dot menu and click Apply. (each time you change permission don't forget to apply).
2- App Ops : This one is very easy all Apps installed are organized by Type of permissions you go in and then uncheck the permission to to Block it, once ou are in App you will see all blockable Permissions that this app is asking not only of that category and that is handy
Please Note that App Ops don't list and block each and every permissions, but most essentials are there. Combined with AFWall you are good to go to protect your privacy till some good Mod or Xposed for LP come out.
Now instead of being fully naked without Xprivacy on LP, now we are at least in Bikini

App ops? https://play.google.com/store/apps/details?id=droidmate.appopsinstaller

Nothing as good as Xprivacy. I'm still on KK and I'll stay on this version for a while I guess.
FYI: http://www.xda-developers.com/android/protecting-your-privacy-app-ops-privacy-guard-and-xprivacy/

not as good as xprivacy
frigidazzi said:
App ops? https://play.google.com/store/apps/details?id=droidmate.appopsinstaller
Click to expand...
Click to collapse
App ops deny permission per app basis, but sometimes denying permission break the app, xprivacy instead send fake data to the app, so you can still use the app without giving your real info

Xposed and Xprivacy are just the single best privacy guards

I know but how long can we stay on KK at one point we need to update or when we buy future devices there won't be any choices. So we need to find alternatives to all those xposed modules

Netuser said:
I know but how long can we stay on KK at one point we need to update or when we buy future devices there won't be any choices. So we need to find alternatives to all those xposed modules
Click to expand...
Click to collapse
From what I can see, devs are more interested in custom roms/kernels rather than in security/privacy purposes.
Marcel (M66B) is almost ready for Lollipop. We 'just' need Xposed. He is also working on another project which could have the same goal (no available information).
I really hope that rovo89 have enough motivation and will be successful in developing Xposed for Lollipop.
I don't want to loose control because of Google updates. Future devices is another subject and I think there is still a long way to go before not being able to use a KK device.

i really think that a moderator should open a thread for indexing all of the 'Alternative to xposed mod *name* for LP 5.0.*'
just until we will have xposed or something else for android L...

There is "privacy guard" by cyanogenmod in cm12, I think it sends fake data too instead of just block the permission. But you have to install custom rom for this.

haimn said:
There is "privacy guard" by cyanogenmod in cm12, I think it sends fake data too instead of just block the permission. But you have to install custom rom for this.
Click to expand...
Click to collapse
This does not offer the same level of protection. I would not call Privacy Guard an alternative of Xprivacy.

There is no real alternative for Xprivacy, but at least it is something

I won't stay on a old version of Android only because one developer is going like "i'm god, don't ask me questions" ... we will never see xposed for LP, get used to it and move on.

I have moved to LP as I couldn't just leave my self open to all privacy leak, I came up with a solution while waiting for Xposed or any other other Mod to come out.
I have updated the OP with my solution . here is what i am doing :
Alternative solution I am personally using right know which serve me quite well till we have some real privacy mod/tool :
You will need 2 apps :
- AFWall+ (open source firewall) : https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall
- App Ops : https://play.google.com/store/apps/details?id=com.findsdk.apppermission
Ideally to prevent leaks, install them before installing or restoring any data after flashing your ROM
1- In AFWall+
- Enable the Firewall by pressing 3 dot menu and Enable firewall,
- Then for apps which you want to grant access Check the Icons First is for LAN Network acces, 2nd is for Wifi Internet, 3rd is your Mobile Data (some system apps like Media server, download etc.. must have internet access other wise Youtube, or downloading in browsers wont work, read the FAQ question for more info.)
- Once all app you want to grant access are checked, click on 3 dot menu and click Apply. (each time you change permission don't forget to apply).
2- App Ops : This one is very easy all Apps installed are organized by Type of permissions you go in and then uncheck the permission to to Block it, once ou are in App you will see all blockable Permissions that this app is asking not only of that category and that is handy
Please Note that App Ops don't list and block each and every permissions, but most essentials are there. Combined with AFWall you are good to go to protect your privacy till some good Mod or Xposed for LP come out.
Now instead of being fully naked without Xprivacy on LP, now we are at least in Bikini

Thanks pal, I'll give it a try later
Sent from Tapatalk 4 Android

I've installed LBE Security Master, which finally has Lollipop support. Search xda for translated version.

CptChaosNL said:
I've installed LBE Security Master, which finally has Lollipop support. Search xda for translated version.
Click to expand...
Click to collapse
Yes! the bootloop problem is finally solved hahaha

nEUTRon666 said:
I won't stay on a old version of Android only because one developer is going like "i'm god, don't ask me questions" ... we will never see xposed for LP, get used to it and move on.
Click to expand...
Click to collapse
Well, the saying goes "Do Not Feed The Trolls", yet here I am, feeding one: He does not play "god". He has a valid point by saying that it is his hobby, and should stay his hobby. If he feels like it, he could leave XDA and the whole Android-platform completely, and I would be fine with this decision and others should be, too! It is and has to be his choice, and if he does not find the time, muse, etc., then it is how it is.
You clearly have no idea how coding works, how Lollipop works, how the xposed framework works, else you would shut up and be patient.
If you are so much better than him, do it yourself. Everything you need is just a few clicks and downloads away. All his work is on github, and Anrdoid itself is open source. Go understand how xposed works, go understand how Dalvik works/worked, go understand how ART works, and then write it yourself.
Unless you really are better, and can do this, just wait silently. Don't be yet another huso cancerous forum member. There are enough of them as it is. Don't be ungrateful. Especially now!
For f* sake, I shouldn't even have to "defend" his choices.

Netuser said:
I have moved to LP as I couldn't just leave my self open to all privacy leak, I came up with a solution while waiting for Xposed or any other other Mod to come out.
I have updated the OP with my solution . here is what i am doing :
Alternative solution I am personally using right know which serve me quite well till we have some real privacy mod/tool :
You will need 2 apps :
- AFWall+ (open source firewall) : https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall
- App Ops : https://play.google.com/store/apps/details?id=com.findsdk.apppermission
Ideally to prevent leaks, install them before installing or restoring any data after flashing your ROM
1- In AFWall+
- Enable the Firewall by pressing 3 dot menu and Enable firewall,
- Then for apps which you want to grant access Check the Icons First is for LAN Network acces, 2nd is for Wifi Internet, 3rd is your Mobile Data (some system apps like Media server, download etc.. must have internet access other wise Youtube, or downloading in browsers wont work, read the FAQ question for more info.)
- Once all app you want to grant access are checked, click on 3 dot menu and click Apply. (each time you change permission don't forget to apply).
2- App Ops : This one is very easy all Apps installed are organized by Type of permissions you go in and then uncheck the permission to to Block it, once ou are in App you will see all blockable Permissions that this app is asking not only of that category and that is handy
Please Note that App Ops don't list and block each and every permissions, but most essentials are there. Combined with AFWall you are good to go to protect your privacy till some good Mod or Xposed for LP come out.
Now instead of being fully naked without Xprivacy on LP, now we are at least in Bikini
Click to expand...
Click to collapse
Can you fake your IMEI with one of those?

Here's the link to LBE Privacy Guard (english):
http://forum.xda-developers.com/showthread.php?p=46695347#post46695347
And yes, you can block IMEI, I'm not sure if you can fake it.
Grinface

I'm also awaiting an updated version of Xposed and Xprivacy for my incoming M9, but it seems a 64bit version is a long way off.
What do you guys know about this? Looks to be developed by faculty and students at Carnegie Mellon University.
Protect My Privacy (PMP)
http://www.appbrain.com/app/protect-my-privacy(pmp)/com.synergylabs.pmpandroid#descriptionsection
In the Google Play store here:
https://play.google.com/store/apps/details?id=com.synergylabs.pmpandroid

[ROM][N8000] Una ROM, Private, Fast, And Good Looking:)

After weeks of hard work we (uncle Fab and Setmov) proudly present you the first Una ROM for the Galaxy Note 10.1 N8000, based on 4.1.2 XXCML2.
DISCLAIMER​
As usual, your phone your responsability, we won't take any responsability if it flies out of the window or if your girlfriend/boyfriend runs away with it.
PLEASE, DO READ OP COMPLETELY AND CAREFULLY BEFORE ASKING ANY QUESTIONS, ANSWERS TO MOST PROBLEMS ARE HERE​
WHAT IS UNA?​
Una is a new concept that takes security to a new level.
Are you tired of seeing so much blatant, outrageous and shameless invasion of your privacy and data mining hidden behind nice sentences like "enhanced use experience" or "complete integration with the system"? We decided to develop secure ROMs where privacy means just that – Private!.
It’s free of charge, we are a non profit structure and we are not here to make big bucks
WHAT UNA ISN'T​
UNA isn't a way to help you to stealthily buy massive destruction weapons to foment a coup d'etat in your favorite banana republic or to prepare the third world war.
UNA secures what leaves from your phone (ie your personal data doesn't leak and no app can look over your shoulder to spy your activities), but it can't completely secure what comes into your phone.
Why is that?
Because it's just not possible to fully secure a phone from what comes into it, and anyone claiming to be able to do it is either a liar, or an ignorant, or both.
There are too many attacks, some not well documented, if documented at all, and some unknown to the public, and there are too many ways to hack a phone, especially if the user doesn't use his/her common sense.
If you are the type of person that installs apps from shaddy source and/or warez web sites (sites offering cracked paid apps) chances are that at some point you will unknowingly install a malware or a spyware. The same applies if you click on any link, specially on SMS' and emails, if you let any pop out window appear or if you don't protect your lockscreen with a password/pin/pattern and let anyone get physical access to your phone.
A bit of judgment and common sense can save you a lot of trouble, but there's unfortunately nothing UNA can do about it.
Then, if you use your phone to call through GSM your provider will know where you are. If he didn't you wouldn't be able to make any call, the signal has to find you and there's nothing UNA or anyone can do about it.
The only way to prevent that is to disable the phone functions (but then your phone will turn into a wifi only device) and reenable them when needed, head to the scripts section to learn how to do it.
Last but not least, bear in mind that the agencies have armies of tech savvy henchmen and 10 storeys computers, and tricks we can't even imagine, so think twice and use your brain before you attempt to outsmart them...
UNA IS FOR YOU IF:​
. You are willing to learn how to use an unconventional ROM and generally speaking to understand how things work, even if it sometimes requires a little effort to fix this or that little problem (bear in mind that it took us a lot of work to develop Una to where it is now),
. You don't mind a few little occasional bugs here and there that come from all the restrictions the ROM contains,
. You want to take back ownership of your phone from google’s claws.
UNA IS NOT FOR YOU IF:​
. All that you care about is the latest gimmick in the latest OS,
. You can't live without the google’s apps,
. You are the kind of person that never reads through the OP and only scroll down to the download section, and then complain that things don't work and/or ask stupid questions that have already been answered in OP.
An example? One guy makes a mod and writes clearly in OP that it's specifically for 4.2.2. Then some people complain: "it doesn't work on 4.4.2"...
ARE WE PARANOID TIN FOIL HATS? OR TERRORISTS? OR CARTEL BOSSES?​
Nope, we only are people that don't see why we shouldn't be in control of our phones. Or why our phones can be wiped remotely, why apps or updates or who knows what can be downloaded and installed without asking for our consent, why SMS' can be sent without us to know, why we should pay for the bandwidth used for data mining and unwanted downloads, and why all those activities should deplete our battery and kill our RAM.
You think we are overreacting here?
You don't have to take our word for it, just download and install Network Log from here:
https://f-droid.org/repository/browse/?fdfilter=network+log&fdid=com.googlecode.networklog
Give it root permission, start logging and open some web pages. Come back to Network Log after a few minutes and see for yourself, you'll be surprised (or maybe horrified?) to find out that your android system, your settings, your kernel etc. connect to all sorts of funny IPs, including and foremost google’s.
Now you see what we mean?
It's time to go for Una
UNA'S FEATURES​
. Rooted.
. Deodexed.
. Zipaligned.
. Busybox and sqlite installed.
. Init.d support and scripts.
. Auto start disabled for most apps.
. About 100 system apps and 40 framework jars removed, plus files here and there.
. Very low RAM and CPU consumption.
. Heavily and extensively modified system, in order to make it secure and prevent it from leaking your data.
. App Settings, Firewall and Xprivacy built-in, and already applied out of the box to make sure you are well protected.
. Xprivacy is a fantastic tool but it has one big limitation, it can't restrict the Android System from accessing your serial numbers and leaking it. For that reason these IDs have been edited as follows:
ro.serialno is set to "1",
build.serial has been scrambled so that the system can't read it anymore and shows an empty value instead,
android id is set to "android".
. Serial_number, model_number, model_name, manufacturer and device_name in wpa_supplicant.conf all show an empty value (check the screenshots).
These fields normally show values that identify you and the system sends them home everytime you connect to the internet, Xprivacy can't do anything about it but Una can.
. USB ID (iSerial) set to 1.
. Vulnerabilities patched thanks to Master Key Multi Fix and Fake ID Fix.
. ADB disabled (can be re-enabled, see below).
. By default ADB and all google access (including youtube, blogspot and google search) are disabled. You can re-enable some or all of them, instructions are in the "HOW TO USE THE ROM" section.
. Plenty of under the hood modifications to make the ROM fast and fluid.
. Call button in contacts.
. Lollipop HD wallpapers.
. All apps can be opened in floating or static multiwindows mode.
. Heaps of hand picked and carefully scrutinized open source apps.
There are 2 non open source apps (Greenify and Quick Pic) but they are safe, believe me, I have thoroughly examined them. Still, you can always uninstall them if you feel like it.
In time we will develop our own apps, but first we want to see how people respond to the Una concept...
INSTALLED APPS/TOOLS​
. 920 Editor, to create and edit scripts or text files.
. AF+ Firewall.
. Alarm clock.
. APG, to encrypt messages.
. App Settings, to restrict apps' permissions, change DPI on a per app basis and more.
. Arity, a calcultor.
. Conversations, a secure and encrypted chat, modded by uncle Fab for increased security.
. Fdroid, an alternative to the Play Store, and all the apps are open source!
. Floating stickies, to make small notes on the fly.
. FTP Server, to copy files to/from your phone wirelessly.
. Ghost Commander, a very powerful dual panel root file manager.
. Gravity Box, a theming engine.
. Greenify, to make apps behave by hibernating them when not in use.
. K9 Mail, an email client.
. Kernel Adiutor, if you feel like playing with kernel tweaks (but you have to know what you are doing).
. Lightning, a fast and light weight browser.
. Master Key Multi Fix, a patch to some vulnerabilities.
. Network Log, to check where your apps connect and chase unwanted connections.
. Open Camera.
. Tor (Orbot) for Android, modded by uncle Fab for increased security.
. Orweb, a browser designed to work along with Tor.
. OS Monitor, to monitor and kill your phone's processes, and more.
. Pale Moon, based on Firefox for Android, for a full desktop experience with Mozilla add-ons preinstalled for enhanced security.
. PDF Reader.
. Preferences Manager, to edit the otherwise difficult to read shared_prefs files in data/data.
. Quick Dic, a good selection of free dictionaries.
. Quick Pic, a Gallery app.
. Rmaps, a maps app where you can download maps from various sources for offline use.
. Terminal Emulator, fire up your commands and show your phone who is the boss!
. Text Secure, a secure and encrypted SMS app, modded by uncle Fab for increased security.
. Tint Browser, another fast web browser.
. Urecord, to record sounds with different sample rates.
. USB Mass Storage Enabler, to connect your phone to any computer (note that it only mounts the external SD).
. Viper4Android FX, a powerful sound enhancer.
. Viper4Android XHiFi, some more sound enhancements.
. VLC, a video and music player favourite.
. WI-Fi Privacy Police, to secure your connections even better than they already are.
. Xposed Installer, a great framework that enables apps like App Settings or Xprivacy to work.
. Xprivacy, last but not least, the best privacy app.
INSTALLATION​
As usual, make a backup first!
Do backup your contacts and whatever is important because all your apps and data will be erased (your sd card contents won't be deleted though).
Do backup your /system/csc folder, in case you need it for later.
Do backup your efs folder (VERY IMPORTANT).
Open the android terminal on your phone and type:
su
enter, then type:
busybox dd if=/dev/block/mmcblk0p3 of=/sdcard/efs.img
enter, this will create an efs backup called efs.img in your sd card.
To restore it, first make sure the efs.img is in your internal sd card, then type:
su
enter, then type:
busybox dd if=/sdcard/efs.img of=/dev/block/mmcblk0p3
enter, your efs will be restored in no time.
If that sounds like too much work you can use the scripts provided to backup/restore your efs, instructions are in the scripts section.
To install the ROM you need a Custom Recovery and Philz' comes highly recommended.
We chose Philz since AFAIK it's the only one that allows you to lock you recovery with a password (if your recovery is not password protected it wouldn't take more than 2 minutes for someone to disable your pattern or pin protected lockscreen and access all your personal data on the phone).
Alas, we didn't find any working Philz recovery for the N8000 so for now we'll use High On Android (based on CWM).
Get it from here (credits @Koush and @zedomax):
http://forum.xda-developers.com/showthread.php?t=1831173
Now, download Una for N8000 from here:
http://unaos.com/
Head to the DOWNLOAD section and chose the N8000 model.
After the download, unzip the file and copy the folder that's inside into your sd card.
Boot into recovery.
Go to restore from sdcard, and go for it!
Once it's done reboot, congratulations, you have installed Una ROM on your phone!
HOW TO USE THE ROM​
. Swipe down to access the applications drawer.
. Swipe up to open notifications.
. Press on the home button to turn off the screen
. Go to settings and set a stong password/pin/pattern protected lockscreen (recommended).
. Go in recovery and set a recovery password (recommended).
. Long pressing the back key brings you back to the last application (convenient to switch from one app to another).
. Press the reboot menu in the home screen to reboot/shutdown/boot into recovery or bootloader (note that there's an option to take screenshots in the reboot menu).
. Go to /system/etc/security/cacerts, check the certificates that are there (you'll find the certificate's name approximately by the middle of the file), and erase the ones you don't need/like.
When you want to transfer files to/from your phone open the USB Mass Storage Enabler app and enable mass storage, that's it. When you are done, don't forget to eject your phone from the computer and to reenable MTP from the app.
. When you install a new application, by default it will be fully restricted in both Xprivacy and the Firewall.
Before you open the newly installed app wait until the Xprivacy icon appears in the status bar, then and only then can you open it.
Most likely the app will crash.
Go to Xprivacy, open its settings and then usage data, you will see what restrictions caused the crash. Re enable some, provided that they are not too invasive.
Many apps require "load.Library" to be allowed in the shell section, that's ok.
Others may need to access the sd card, that's in the storage section and it's ok to allow it for apps that really need to access the storage, like players, cameras or file managers (for other apps try to keep it restricted).
Root apps obviously need "su" and/or 'sh", and sometimes "exec", in the shell section.
Always try to enable as few fields as possible, and bear in mind that data requested by an app is not necessarily needed for that app to work (especially true for identification, internet and mcc/mmc access).
Lastly, give the app internet access in the Firewall if, and only if, it needs it, and restrict some more permissions in App Settings.
If you can't tame the app consider uninstalling it and look for a similar one that has less built-in spyware.
SCRIPTS​
. As said above, by default ADB and all google access (including youtube, blogspot and google search) are disabled.
If you want to re-enable some or all of them, open the script folder located in system/etc.
Click on the desired script and choose edit.
Copy the whole text and paste it into the Android Terminal, voila, the script is automagically executed.
. You will see more scripts to disable/enable the Bluetooth, the Media Storage/Provider, the MTP Application and the Phone.
If you disable the Phone and later want to re-enable it do as follows:
untick App Settings in Xposed's modules section, re-enable Phone, reboot, then enable App Settings again.
. I forgot to put the scripts to backup/restore your efs partition, let me know if you need them and I'll add them.
. Other scripts can enable/disable am and pm, but don't play with it unless you know what you're doing.
. You can uninstall the Wallpaper Chooser and the Media Storage/Provider if you want, or keep them disabled and resurrect them when needed.
. If you are very privacy concerned you should consider using the "uncle's phone lite" mod because it enables you to call with only the Phone and the Telephony Provider apps (CSC, Contacts, Contacts Storage, Logs Provider and STK are completely de-activated). That's the method I use to make calls, but you have to know that the dialler forces close after you complete the call (not a big deal in my opinion but still, I may look into it one of these days). You'll find the mod in the add-ons section.
ENCRYPTION​
If encryption is your thing we have you covered with the following installed apps:
APG, Conversations, K9 Mail and Text Secure.
BUGS​. Quick Dic won't download any dictionary, it's actually not a bug but a Una restriction since the app downloads from a google owned web site.
If you need to download dictionaries, temporarly enable google by running the "enable_google" script (don't forget to disable it again when you're done). After you've run the script go to the firewall, open its settings, go to "Set custom script" and click "OK" (do the same if you decide to disable again google's stuff).
. You can't download anything from Lightning and Tint Browser, that's because the Download Manager and the Download UI have been uninstalled. If you need to download something, copy the link and paste it in Pale Moon, it has its own download engine.
. I haven't been able to test properly the Phone/3G Features because the tab I used to make this ROM was in a rather poor shape and had its SIM card slot broken. I set restrictions the best I could by taking examples from other ROMs I made, but you may have to fine tune the Phone and Telephony Provider apps in Xprivacy, sorry about that .
. All the installed apps work, but other apps you install may crash. I call that kind of apps "google’s henchmen", they only work if the play store services or the bla bla app are installed and of course they won't on Una since all that garbage has been removed.
If I install your app, why do you want to force me to install your boss' app too? Forget about those apps and search Fdroid, you'll find what you need...
. Depending the way you use your phone you may have to fine tune Xprivacy and reenable some permissions, I'm sorry for the inconvenience but it's impossible to set Xprivacy for all users since we all have different ways to use our phone.
ADD-ONS​
. Sony Xperia Keyboard, flash it in recovery.
Credits KristianCarl for porting it, and unclefab for theming it in green.
It's not open source and that's why it's not included in the rom by default, but it's my every day keyboard because it works fine and because I themed it to make it look nice.
Don't give it internet access in the Firewall.
In Xprivacy, only allow "loadLibrary" in the shell section. You may have to enable a few fields in the contacts section depending your phone's configuration.
In App Settings, restrict "Read_Phone_State" and "Record_Audio".
I removed the Chinese Keyboard, tell me if you want it and I'll readd it.
. HD Wallpapers
. Universe Wallpapers
http://romcook.com/?d=550FEB5C16
If there are enough users' requests then I'll upload the following:
. Uncle's phone lite (with clipboard and dialer) for hardcore users. It's safer than using the regular phone configuration, but the dialer forces close when you hang up the call. Flash it in recovery, wipe dalvik-cache, reboot.
. Completely disable internet access for the Android System. Lightning and Tint Browser won't connect anymore since they use the same web engine as the Android System, but Pale Moon still works thanks to its build-in web engine. Flash it in recovery, wipe dalvik-cache, reboot.
RECOMMENDED NON OPEN SOURCE APPS​
. Pri-fy, from chainfire the root master:
http://forum.xda-developers.com/showthread.php?t=2631512
. Logging Test:
http://androidsecuritytest.com/
UPDATES?​
I'm working on some improvements on kernel and system level to make Una even more secure, but I will release them for the N8000 if, and only if, there are enough users' feedback for the current version, because it's a lot of work to implement such stuff in a ROM moreover that I don't own this tab.
No ETA though, you'll have to be patient because now we have to design and release Una for many other phones.
Still, any suggestions/comments/bug reports are welcome, help us to improve Una!
FEATURE REQUESTS​
Yeah, sure, we'll see what we can do but we don't promise anything
That's all for now, enjoy the ROM!!!
The Una team
CREDITS​
Big thanks to:
F-Droid
M66B (Xprivacy)
Rovo89 (Xposed)
Tungstwenty (App Settings, Master Key Multi Fix, Fake ID Fix)
Ukanth (AF+Firewall)
Jecelyin (920 Editor)
Kraigsandroid (Alarm Klock)
Thialfihar (APG)
Arity (Arity calculator)
Siacs (Conversations)
Ppareit (FTP)
Ghost Squared (Ghost Commander File manager)
Mohammad Adib (Floating Stickies)
C3C076(Gravity Box)
Oasisfeng (Greenify)
K-9 Dog Walkers (K9 Mail)
Grarak (Kernel Adiutor)
Anthonycr (Lightning)
Xperiacle (Multiwindows Manager)
Pragmatic Software (Network Log)
Mdwh2(Open Camera)
The Guardian Project (Orbot and Orweb)
Eolwral (OS Monitor)
Moon Child and Cyansmoker (Pale Moon)
Droidapps (PDF Reader)
Simon Marquis (Preferences Manager)
Thad Hughes (Quick Dic)
Q-Supreme team (Quick Pic)
Robert.Developer (Rmaps)
Search Light (Search Light)
Jackpal (Terminal Emulator)
Anasthase (Tint Browser And Tint Browser Adblock Addon)
Thomasebell (Urecord)
Mohammad Abu-Garbeyyeh (USB Mass Storage Enabler)
Zhuhang (Viper4Android FX and Viper4Android XHiFi)
Videolan.org (VLC)
Brambonne (Wi-Fi Privacy Police)
NOTE:​Screenshots:
We don't owe the device so we didn't have the time to make screenshots. The rom is very similar to the UnaOs ROM for the Galaxy Tab 7, so if you want to see how it looks like, please head to our website http://unaos.com and check the gallery section.

I dont suppose this might work on the wifi only version n8013?
If this were art, una would be a masterpiece
Just the right kinda of attitude and work towards privacy and security, ......having xprivacy preinstalled and pre-configured is one of those little things i like to call, "ahead of the game"
All the right ingredients here, you have my tip of the hat sirs........

banderos101 said:
I dont suppose this might work on the wifi only version n8013?
If this were art, una would be a masterpiece
Just the right kinda of attitude and work towards privacy and security, ......having xprivacy preinstalled and pre-configured is one of those little things i like to call, "ahead of the game"
All the right ingredients here, you have my tip of the hat sirs........
Click to expand...
Click to collapse
@banderos101 thank you for your support. We truly appreciate it.
On another thread for the SM-T111 (3G and Wifi) rom HERE, it seems someone has managed to install our rom on the SM-T110 (Wifi only) model. So, since your tab (the N8013) has (or it should have) the same hardware of the N8000 except for the 3G, you can always give it a try. Of course, if you do, make a full backup of your current system, so in case of failure you can go back and restore it. If you are going to give it a try, please let us know.
Thank you

Thanks for this amazing rom
any hope that you guys could make this available for the note 2 as well
specially for the LTE GT-N7105 Note 2

How to install when I installed kit kat 4.4.2 Greetings

So I installed it on my n8013, but there was an error when restoring the data and whatever else comes after that. It booted fine though and WiFi worked out of the box. The lack of a terminal app made it hard to do anything right off the bat. I'll check out some more of it later on and report back. Just wish I could have experienced this how it was intended.
Sent from my GT-N8013 using Tapatalk

electrikjesus said:
So I installed it on my n8013, but there was an error when restoring the data and whatever else comes after that. It booted fine though and WiFi worked out of the box. The lack of a terminal app made it hard to do anything right off the bat. I'll check out some more of it later on and report back. Just wish I could have experienced this how it was intended.
Sent from my GT-N8013 using Tapatalk
Click to expand...
Click to collapse
There s a terminal app in the Rom, or maybe it has been wiped away with the rest of the data?
If you want to try again what you can do is downloading aroma fm from here:
http://forum.xda-developers.com/showthread.php?t=1646108
Put it somewhere on your internal sd.
Now, reflash una rom.
Do not boot but flash aroma fm.
Once aroma is opened go to system/apps and delete the following apps:
contacts, contacts provider, csc, logsprovider, phone, telephony manager.
Clear cache and dalvik cache, reboot.
Hopefully this time the data will restore properly
@theonepharaoh:
unfortunately we don t have any Note II at hand, so we can t make a Una rom for that model

unclefab said:
@theonepharaoh:
unfortunately we don t have any Note II at hand, so we can t make a Una rom for that model
Click to expand...
Click to collapse
well I happen to have one
I can test the rom for you
plus it has the same chip that is in the note 10.1 and the S3

Is stagefright Vulnerable with this rom?
If not
Assuming theirs no flashable zip or installable app in the future, will you guys be patching your roms against stagefright if a method comes out?
Android security is surely lacking, the ratio of devices that have a chance of getting a HINT of a patch, and those that wont is kinda staggering........i find myself hoping for the next competitor to come along already, that actually implements from the ground up, a RESPECTABLE security and privacy implementation
or, somesort of fork of android or maybe even another OS......something that either has really strong security/privacy from the get go, or has good devs maintaining very well, for patching the new stuff i.e. stagefright...........one of the missing ingredients.......one of the few things that has had me keep my current device for the best part of 4 years, and no plans to change.........i am keeping an eye out for ara though........interested to see how that plays out.......imagine any propriety components being switched out for open source componants with driver/kernel/i.e support..........the fact that someone doesnt have to spend the time and resources to create a WHOLE phone to replace the gpu/cpu/storage/camera/mic, assuming one can.........very interested to see how ara plays out
Sorry for the off topic'ish

We want it on 8010 too!

Can this encrypt the external sd card too like Samnsungs vanilla rom?

Can I install this on the N8010?

The description is good, but then I head to the site... Which relies on javascript and several third-party requests (including google and vimeo), and doesn't contain any download links anywhere in sight. Well, thanks.

I wouldn't be in such a hurry for "Q"

https://www.xda-developers.com/android-q-storage-access-framework-scoped-storage/
... Looks like porting old pie roms to new phones is going to become a thing

According to what I've read, it would be very easy to build a workaround for it, especially considering Google already has a workaround in place until Q apps are enforced in Google Play.

Also looks like it might be a pain in the ass

I cannot believe what I just read. I wasn't aware this was coming and I couldn't despise the decision more.
Proper access to the file system was for me one of the main advantages Android offered over iOS.
Way to go, Google...

I think this is the best move Google made for security thus far. Too many apps ask for full unfettered access to my storage. I will be happy when apps get a little bit more locked down in this aspect.

Scott said:
I think this is the best move Google made for security thus far. Too many apps ask for full unfettered access to my storage. I will be happy when apps get a little bit more locked down in this aspect.
Click to expand...
Click to collapse
It's not even just storage, it's to everything these days. Why does the app for my Apex Fusion interface on my reef tank need access to contacts and text messages?
On topic, I agree 100% with you.

Those tears in my eyes... yeah not because of the blue light in the middle of the night here... because of what I read... agree +1

I personally think it's a good move. I don't use a lot of apps because of their required permissions.

Well if you can disable Q's "scooped storage" on per app basis with adb shell then it's easy to write a script that enables general storage for every app.
Sent from my OnePlus 6T through Tapatalk

hank81 said:
Well if you can disable Q's "scooped storage" on per app basis with adb shell then it's easy to write a script that enables general storage for every app.
Click to expand...
Click to collapse
True, but I'm sure eventually, just like with most every other special permission these days, you will wind up having to enable it on every boot.
Yes, the entire bug report is atrocious, but let's not get our pitchforks just yet. Google effectively punted on this for Android Q, by making it possible to contribute business as usual. It's quite possible that these issues will be resolved by Android P, or even that the whole idea will be scrapped in favor of something else.
The fact of the matter is that storage permissions in Android are terrible, Trying to address that is not in and of itself a bad thing, in fact I would argue that part alone is a good thing.
Attempting to read the tea leaves a little, this whole project reeks of "new hotshot product manager with poor (at best) understanding of the technical complexities at play forces bad decision into product because he needs to make 'highly visible' changes to the product to demonstrate his worth or get himself promoted". Especially given that the general idea at play isn't the part people are complaining about, just the fact that it's currently technically unusable as a posix api replacement, but the fact that the current one they have is terrible/slow/etc I find the above scenario to be highly likely

partcyborg said:
Attempting to read the tea leaves a little, this whole project reeks of "new hotshot product manager with poor (at best) understanding of the technical complexities at play forces bad decision into product because he needs to make 'highly visible' changes to the product to demonstrate his worth or get himself promoted". Especially given that the general idea at play isn't the part people are complaining about, just the fact that it's currently technically unusable as a posix api replacement, but the fact that the current one they have is terrible/slow/etc I find the above scenario to be highly likely
Click to expand...
Click to collapse
Thats deep!

Scott said:
Thats deep!
Click to expand...
Click to collapse
Lots of adult beverages to come up with this ?

Ayahuasca ?

Scott said:
I think this is the best move Google made for security thus far. Too many apps ask for full unfettered access to my storage. I will be happy when apps get a little bit more locked down in this aspect.
Click to expand...
Click to collapse
I don't get this. Correct me if I'm wrong, but can't you already disable specific permission for every app through system settings? Unless something like a wallpaper app refuses to work without access to your phone's contacts or something. Do you get what I'm saying?

roaduardo said:
I don't get this. Correct me if I'm wrong, but can't you already disable specific permission for every app through system settings? Unless something like a wallpaper app refuses to work without access to your phone's contacts or something. Do you get what I'm saying?
Click to expand...
Click to collapse
Not exactly. Storage access in the current world is a binary yes/no decision (well, 2 binary yes/no decisions if your device has a SD card slot), either "yes here is access to all of /sdcard" or "no you can't read or write to anything outside your specific app data folder". Using something like the API gives you the ability to do much more fine grained access like "give Poweramp access to my normal music collection in /sdcard/Music, but not my keepassxc password file.", Or "let photos index all the pics it finds on my machine, except for the ones in a 'certain' telegram folder".
The cause for pitchforks in the bug report isn't that people are in love with the posix apis for file access, just that the current Android API implementation is something like 50x slower in Android Q, making it essentially useless for file manager apps that need to do things like directory listings and maintain indexes of all shared storage, etc.