Database Develop

Artfulbits Anti Piracy Database to ban people that pirate apps from using stealing

http://www.artfulbits.com/Android/antipiracy.aspx
If your a Dev please support them, if you need assistance msg me i can send u code that will allow your app to automatically send a message to this company with a users information that has stolen your app or tried to steal it.

pentace said:
http://www.artfulbits.com/Android/antipiracy.aspx
If your a Dev please support them, if you need assistance msg me i can send u code that will allow your app to automatically send a message to this company with a users information that has stolen your app or tried to steal it.
Click to expand...
Click to collapse
I'm all for cracking down hard on piracy, but there are three big flaws with this solution:
1) How would Artfulbits verify that an app reporting a device is a "dark" device is making that report in good faith? If a bunch of pirates wanted to render this service pointless, they could just create apps that flood the service with false positives.
2) It is possible (although difficult) to link IMEI to a user/owner. This makes a publicly accessible database of "dark" IMEIs somewhat shady in terms of being a breach of privacy.
3) Finally, if this service is to be useful, apps have to have some way of acting on the information in the database. That is just going to lead to folks "cracking" apks to remove the IMEI-checking routines, or simply using leakproof firewalls to prevent the app from accessin the IMEI database.
Thoughts?

There is not going to be a way to completely stop piracy. Google just needs to step up the way the market works to prevent some of the piracy.
I understand devs deserve money for their hard work (and the log of my google checkout shows I support them) but I personally dont want any app reporting any information about myself or my phone. If there is a list of which apps do I will find an alternative for better or worse and not use the app. Not to knock on those who support this method, I just personally dont like it.

rondey- said:
There is not going to be a way to completely stop piracy. Google just needs to step up the way the market works to prevent some of the piracy.
I understand devs deserve money for their hard work (and the log of my google checkout shows I support them) but I personally dont want any app reporting any information about myself or my phone. If there is a list of which apps do I will find an alternative for better or worse and not use the app. Not to knock on those who support this method, I just personally dont like it.
Click to expand...
Click to collapse
Well considering my app has been pirated 3x as much as it has been downloaded legally i would be willing to let go of the few that are not comfortable with their imei being registered on a website which only happens if u are stealing an app, most apps out there gather more information from you than that without you even knowing.

I don't get why people would install this program. If it detects pirated software on your phone then who the hell are you letting you use your phone? Lets say you know you have pirated software well then of course you wont install this program. If you know your running a clean rom and have no reason to suspect pirated software your giving up a lot of information for a false sense of security. So unless this is forcibly installed on everyone's phone I don't see what's the point.

psychoace said:
I don't get why people would install this program. If it detects pirated software on your phone then who the hell are you letting you use your phone? Lets say you know you have pirated software well then of course you wont install this program. If you know your running a clean rom and have no reason to suspect pirated software your giving up a lot of information for a false sense of security. So unless this is forcibly installed on everyone's phone I don't see what's the point.
Click to expand...
Click to collapse
It's not a program you install. It is a database. App developers write routines into their programs which access the database. If an application suspects that it was illegally pirated, then it will send the user's IMEI to the database.

This is stupid idea. Go to the source of piracy if you want to fight it.
Give people access to paid apps on market and they won't download illegal copies form rapidshare...

su27 said:
Give people access to paid apps on market and they won't download illegal copies form rapidshare...
Click to expand...
Click to collapse
Riiiight... because if you give pirates the option to pay they'll definitely all pay right?

This database thing bothers me.
Not because I might be stealing programs..
but because I might find one and not know its "dark"
Suddenly I'm on some blacklist because I thought an app was cool?
I just did a search on one of the torrent sites, and found a file to DL.
It has 231 apk files and 2 .bak files. (I'm assuming the bak files are for a cracked version of the paid apk) but many of these files are a)old versions or b) free already.
Normally I would say SCORE! I don't have to DL to the g1, then back up, uninstall, transfer to the pc, and store.
Last time I tried a file like that, more than half were for cupcake, and would not work on my donut. Recycle bin.
With this Database I would get tagged as a cheater the first time I tried to install any of those files that were marked. But I have no idea they are "dark" before hand.
While I thank the Dev's for the work they do.
{Seriously, Thank you Developers!}
I'm a student, and I'm poor, which means I'm cheap.
I have several free apks stored away. Hell, I still used youtube downloader 1.2...until it quit working last week. Why, because I don't want to spend money just to have a cool phone.
If you really want to make it hard on the thieves... someone make a program that cripples another program, until the user requests the full version. Then it reads the Imei number from the phone and sends an upgrade request to a server. The server requests payment. Server verifies payment. The server issues a hashed password based on the Imei, which is then sent back to the phone as a password. Customer never sees the password.
This is what Doc to go appears to do. I could be wrong.
Now make it so that program can be imbedded in any other program.
Now thieves need a whole crap load of hacking to find enough hashed passwords to find the hash.
If the hash is added to at random intervals, or a different hash is used based on the Imei number, they might never find the hash.
Besides that, how the heck does a program know if it has been stolen?
How can it tell between a stolen program and a wiped phone that is getting reinstalled with backed up apk's?

jashsu said:
I'm all for cracking down hard on piracy, but there are three big flaws with this solution:
1) How would Artfulbits verify that an app reporting a device is a "dark" device is making that report in good faith? If a bunch of pirates wanted to render this service pointless, they could just create apps that flood the service with false positives.
Click to expand...
Click to collapse
Exists several strategies, for example the most popular is "honey pot" strategy. When vendor especially making leak of software or prepare specially application to track piracy.
jashsu said:
2) It is possible (although difficult) to link IMEI to a user/owner. This makes a publicly accessible database of "dark" IMEIs somewhat shady in terms of being a breach of privacy.
Click to expand...
Click to collapse
For example in our country sufficient IMEI of the phone to find it owner and it location, of course if you have police under your shelders. That is why I am thinking that IMEI is a good identifier.
jashsu said:
3) Finally, if this service is to be useful, apps have to have some way of acting on the information in the database. That is just going to lead to folks "cracking" apks to remove the IMEI-checking routines, or simply using leakproof firewalls to prevent the app from accessin the IMEI database.
Thoughts?
Click to expand...
Click to collapse
Solution is not perfect, but can be easily enhanced. HTTPS protocol with certificate checks will make firewalls and redirections useless.
What functionality exactly you have in mind?

[email protected] said:
While I thank the Dev's for the work they do.
{Seriously, Thank you Developers!}
I'm a student, and I'm poor, which means I'm cheap.
I have several free apks stored away. Hell, I still used youtube downloader 1.2...until it quit working last week. Why, because I don't want to spend money just to have a cool phone.
Click to expand...
Click to collapse
Leave according to your money. what can I say... spend less, work more.

[email protected] said:
Besides that, how the heck does a program know if it has been stolen?
How can it tell between a stolen program and a wiped phone that is getting reinstalled with backed up apk's?
Click to expand...
Click to collapse
Several simple steps:
- install software only from well known web sites, Android Market, Handagoo, SlideMe, etc.
- try to use trials and if it does not exists but you want to try, contact with developers. In most cases developer will provide you version for testing.
- if your phone is placed into black list, then you can contact "blacklist" vendor for explanation and fixing.

jashsu said:
Riiiight... because if you give pirates the option to pay they'll definitely all pay right?
Click to expand...
Click to collapse
You see - that's your problem - you want to fight the enemy instead of prevent war.
In my country there are many people who would pay for android programs because they are quite cheap. But we have no access to paid market. That is why we download apps illegaly.
Now, what do you think will faster stop us from stealing apps:
A. Calling us pirates and thieves
B. Giving us access to paid apps

su27 said:
Now, what do you think will faster stop us from stealing apps:
A. Calling us pirates and thieves
B. Giving us access to paid apps
Click to expand...
Click to collapse
You are making the incredibly flawed assumption that piracy only happens because people have no access to the paid market. Are some people put in this situation? Yes, probably. But the majority of pirates likely DO have access to the paid market and simply don't want to pay.

I am a bit confused, what does this ban people from? The market in it's entirety?
If that is the case, I would think you'd see an outburst of pirating once people couldn't access the market anymore. And that would also prevent people who may not feel like dishing out $100 for a navigation solution from purchasing numerous $1-10 programs that they would actually use on a daily basis. I think this methodology is flawed.
Piracy will never be completely stopped. However, making it harder for people to pirate your software is the best prevention. Instead of saying "Oh, you might have installed a pirated copy of XXX on your device, so now you can't purchase any more programs legitimately, so keep on stealing!". Due diligence falls on the hands of the software creators. If piracy is something you want to prevent (or at least inhibit) for your software, create an IMEI checking device key required to be granted after receipt (and clearance) of payment. Similar to CoPilot, granted it still gets cracked - it is much harder and much less widespread, and a simple update renders it useless to those who used the cracked version (check all over these forums for people complaining about it).
Also, implement trials that don't require the user to pay for them, giving them only 24 hours to try something out before they decide they need their money back. Even Microsoft lets users go 30 days without activation (last I checked) to try out Windows. They do not (to the best of my knowledge) make great attempts to prevent their software from being copied, but instead make it harder on those who do pirate it. Blocking system updates (of course everything has a workaround or crack, but making it harder on someone is oftentimes a great deterrent), preventing new feature installation, etc.
I am not condoning piracy, nor am I condemning software publishers. Just trying to make a point, which is this:
If you take someone who has stolen a program (for whatever reason/justification they may think of) and punish them by revoking their access to purchase said program (or any other program), you have thus reinforced their reason/justification to not purchase any programs.

Now, i may be wrong here, but looking at their source code to integrate into applications, there seem to be 2 things: 1) the device has to have a data connection, otherwise the code doesnt know whether the device is blacklisted or not, at which point it defaults to assuming it isnt, which overall is a good thing for users who have paid but for whatever reason dont have network at that time, however it is easy enough to stop an application from accessing the network, or even a specific site (ie the site for your imei number on their page).
secondly, is this meant to run on the first run of an app, or every run? if it is every run then i can see people getting annoyed by the unnecessary data usage, whereas if it is only on the first run then someone still has access to all their pirated apps from before they were on the database.
please note the only coding i have done is some fairly simple C, so i could be wrong, but anyone can check this if they want: http://www.artfulbits.com/Articles/Samples/Piracy/Integration.aspx

I think that by now most people know that I don't honeycoat things, so I'll just say it... this idea is RETARDED.
1) The application needs to use the API to get the IMEI. If you start using the IMEI to blacklist phones, a minor modification to the API causes the application to always read a string of 0's. Defeated.
2) The application needs PERMISSION to read the IMEI (android.permission.READ_PHONE_STATE). If you start requiring programs to have this permission, people will simply DENY it this permission (yes, it IS possible to block a permission)... this is ESPECIALLY the case when the application has *no good reason* to read the phone state.
3) As has been mentioned before in this thread, HOW DO YOU KNOW that an application you are downloading is pirated? Many applications are FREE to download, and virtually NONE of the pirated apps are labeled as "THIS IS PIRATED".
4) Connection to the internet can be EASILY blocked. Lots of ways... firewall, hosts, permissions, etc. Again, defeated.
Oh, and to those saying crap like access to paid market won't stop piracy, NOBODY SAID IT WOULD!!! It *WILL* reduce it though, since there ARE people out there who WOULD buy apps *IF THEY COULD*.

daveid said:
I am a bit confused, what does this ban people from? The market in it's entirety?
Click to expand...
Click to collapse
Read the description again more carefully. This does not impact a user's ability to access the Market, as it is not a Google product. In case your comprehension is lacking, i'll explain it very simply:
1. A developer decides to use the Artfulbits Anti Piracy Database (shortened AAPD) with its app.
2. A user downloads this AAPD-enabled app from the market.
3. When said app is run, it sends the IMEI of the device to the Artfulbits server. The server returns a color code corresponding to the number of times that IMEI has been reported by other AAPD-enabled apps for piracy. The app can then do whatever it wants with that information. This can be anything from deleting itself to crippling its own functionality.
4. App can also detect if has been pirated (by checking to see if the app has an entry in the user's personal Market account or some other method). If the app detects it is pirated, it will send a report to AAPD.

Another point Artfulbits failed to consider is that not all Android devices will have IMEIs to report.

Is piracy really that much of a problem? I mean most apps cost <3€ and I don't think I am the only one who values his time higher than saving 3€. I rather pay once and get updates via Market than check warez-sites for updates, and I think that most think that way?
There are just two apps that I ever considered to pirate. One was a dictionary for 20$ but I ended up buying it. The other is CoPilot which I would never buy since I don't own a car, but since it is not cracked anyway, I was not forced to really think about it.
I don't see anything good coming from that database. I.e. if my phone would be entered by mistake, you can imagine what problems that would cause for devs whose apps I bought, which I assume would suddenly stop working then.
You really need to think about whether the negative side-effects of such measures like this database are worth the (presumably very small) benefit.

[Q] Security - Apps permition and personnal data

Hi guys, my first post here.
The permission some apps "demand" on installation, is a lack of user control over app access to their personal data from photographs, list of contacts, call duration, call events, even the possibility of the application take pictures or movies without user's approval.
Because they require, from what I understand, there is no possibility to refuse permission to a app access personal data.
Some app more intrusive than others, but overall, the security problems associated with allowing access to certain personal data is not guaranteed at all, quite the contrary.
Take the example of permissions "required" by FB even with permissions to film or photograph at any time without requiring approval by the user!?!
This is not a security breach, this software deliberately designed with intrusive access to personal data, which should be prohibited by law, or at least, request everytime for user approval.
The truth is that if we are very strict in selection of these apps in regard to permission acess, I think there is a dozen of app's with interest out there.
So what ca we do about it?
Do new ROM coming out with any OpenDroid code in it?
There's any efort from developers to find ways to bring security decision, regardings personnal data permission, to the user?

babuja said:
Hi guys, my first post here.
The permission some app's "demand" on installation, is a lack of user control over app access to their personal data from photographs, list of contacts, call duration, call events, even the possibility of the application take pictures or movies without user's approval.
*
Because they require, it is given me to know, there is no possibility to refuse permission for a date app, access to certain personal data.
*
One app more intrusive than others, but overall the android platform, the security problems associated with allowing access to certain personal data is not guaranteed at all, quite the contrary.
*
Take the example of permissions "required" by FB even with permissions to film or photograph at any time without requiring approval by the user?!
*
This is not a security breach, this software is deliberately designed with intrusive access to personal data, which should be prohibited by law.
*
The truth is that if we are very strict in selection of these app's in regards to permissions, I think there is a handful of app's with interest out there.
So what ca we do about it?
Do new ROM coming out with any OpenDroid code in it?
There's any efort from developers to find ways to bring security decision, regardings personnal data permission, to the user?
Click to expand...
Click to collapse
Really cannot do anything except trust to app developers
One of another example is keyboards app that can access to all ur private data
Sent via my Sony Xperia Z | C6602

There is a level of trust between you and the publisher to not break any trusts that may warrant legal action and to use any data obtained only for the purpose for which it was granted.
For instance I work at a major insurance company, I get customers credit card numbers, SSN's, Full names, DOB and everything else under the sun on a regular occasion to do my job. As the guy on the other end of the phone what would stop me from jotting this down on a notepad or into my phone? But you as the customer have a level of trust that I am doing my part to use this information only for which it was granted...
The same principle applies with app developers. If you are weary about an app or developer then just don't use it. Otherwise you have to just trust them a little.
Sent from my Nexus 10 using Tapatalk HD

altimax98 said:
Really cannot do anything except trust to app developers
Click to expand...
Click to collapse
Why is that the only option? There's availabe code out there regarding data protection...why not to use it??
http://forum.xda-developers.com/showthread.php?t=2098156
altimax98 said:
....I get customers credit card numbers, SSN's, Full names, DOB and everything else under the sun on a regular occasion to do my job. As the guy on the other end of the phone what would stop me from jotting this down on a notepad or into my phone? But you as the customer have a level of trust that I am doing my part to use this information only for which it was granted...
The same principle applies with app developers. If you are weary about an app or developer then just don't use it. Otherwise you have to just trust them a little.
Click to expand...
Click to collapse
Not exactly the same, as I believe you don't take pictures and make movies of your clients without proper auttorizathion, correct?
What bothers me is why don't do developers introduce some lines of code to garante user protection, or at least the option to accept or not some personal data acess. I believe not that dificult as already exist code availabe only need to be compiled into new ROM's.
Instead of requesting user to believe in developers best intention, why not to transfer that as a option to user? That's what intrigues me about developers best intention regarding personal data acess.

babuja said:
Why is that the only option? There's availabe code out there regarding data protection...why not to use it??
http://forum.xda-developers.com/showthread.php?t=2098156
Not exactly the same, as I believe you don't take pictures and make movies of your clients without proper auttorizathion, correct?
no but what's stopping me? And how do you know I don't? You've given me all your information and I can do whatever I want without your permission or authorization...
What bothers me is why don't do developers introduce some lines of code to garante user protection, or at least the option to accept or not some personal data acess. I believe not that dificult as already exist code availabe only need to be compiled into new ROM's.
Instead of requesting user to believe in developers best intention, why not to transfer that as a option to user? That's what intrigues me about developers best intention regarding personal data acess.
they do transfer the permission to you as an option... that's why it pops up before you install the app
Click to expand...
Click to collapse
For instance the generic camera permission states: "may use the camera at any time without permission". Having camera access means this may occur, why? Well maybe you have a shortcut set to open the app from a button. That button is indirectly launching the app with your permission. How is the app supposed to decipher between direct and indirect permission, you didn't personally launch the activity it was launched from another source.
The moment you allow users to decide what permissions are granted to an app is the moment user ratings plummet and issues and errors abound. Most apps are dependent on these permissions when they first start. There was a framework modification that allowed this on custom roms but couldn't be widely accepted because of widespread issues... I believe there were some CM test roms back in the CM7 days that ran this and had more complaints of apps not working then anything.
The fact of the matter is the Descriptions have to advise of the worst case scenario and users an never be allowed to decide what and what not to grant unless they have a fundamental knowledge of how the access is used and how the app works... for every single app.
Sent from my Nexus 10 using Tapatalk HD

altimax98 said:
Otherwise you have to just trust them a little.
Click to expand...
Click to collapse
I would prefer to have some control over my personal data...or at least have an a option of My choice to choose to accept or not, to share, for example, my 1 month yearsold son photo.
altimax98 said:
no but what's stopping me? And how do you know I don't? You've given me all your information and I can do whatever I want without your permission or authorization...
Click to expand...
Click to collapse
Of course you can say that programmer can always bypass My choice (for example not to share some personal photo)...ok, but that ilegal action.
Quite diferent than accepting all crapy permissions of almost all apps at install...or don't use them. And there's any app out there with acceptable personal data permission request?
altimax98 said:
I believe there were some CM test roms back in the CM7 days that ran this and had more complaints of apps not working then anything.
Click to expand...
Click to collapse
There are some guys doing some CM10 OpenPDroid testing...just start readit (are almost 38 pages).
http://forum.xda-developers.com/showthread.php?t=2098156

babuja said:
There are some guys doing some CM10 OpenPDroid testing...just start readit (are almost 38 pages).
http://forum.xda-developers.com/showthread.php?t=2098156
Click to expand...
Click to collapse
Have anyone tried this CM10? Are they stable?
Tnks

I've been using the Permission Denied app with some success. Found it on the play store.

Privacy Agreement Grants Board Access

I received my much anticipated OnePlus 6T yesterday. Unboxed it, tapped "Start" button. Scanned through both "Agreements," turned it off, boxed it up, got an RMA and shipped it back. I'm no attorney, I'm a broadcast engineer, but in my job I have to navigate the whole alphabet soup of government agencies red tape so I've learned some "legalese." I' returned the 6T because of the language in the "Agreements". When you tap "I agree" to both, then activate and use the device, your granting OnePlus access to anything on the device or networks on which it connects (condensed Reader's Digest version). Like everybody in the broadcast business I have "a lot of irons in the fire," I make notes about projects and ideas on my phone. There's no way I'm giving anyone permission to cherry pick my creativity or access to my company & networks proprietary information. I'm offering this as my personal observation on this forum and suggest anyone who is just receiving theirs new, read the legalese very carefully before you tap "I Agree."

Who the **** reads those? ?

Still why I don't buy any device that doesn't have Lineage support... However what are you going to replace it with? Going to go buy another flagship? Have you glanced through other's privacy policies? This stuff is pretty boiler plate at this point, it's CYA. Not that I'm defending it, because it shouldn't be like that, but in today's "sue happy world", and "everything needs to be connected", guess what? The solution would be just to remove this these services, there are tons of posts of which OnePlus services to remove if you want to stay on OOS and protect your privacy.
So back to the replacement, lets take a Samsung, those are popular....., have you glanced at their privacy policy, because it's similar link
I didn't go over entirely, and I'm sure there's more details, but I'm guessing OnePlus's blurb, looked something similar to this (From Samsung's Website):
In addition to the information you provide, we may collect information about your use of our Services through software on your device and other means. For example, we may collect:
Device information - such as your hardware model, IMEI number and other unique device identifiers, MAC address, IP address, operating system versions, and settings of the device you use to access the Services.
Log information - such as the time and duration of your use of the Service, search query terms you enter through the Services, and any information stored in cookies that we have set on your device.
Location information - such as your device’s GPS signal or information about nearby WiFi access points and cell towers that may be transmitted to us when you use certain Services.
Voice information - such as recordings of your voice that we make (and may store on our servers) when you use voice commands to control a Service. (Note that if we work with a third-party service provider that provides speech-to-text conversion services on our behalf. This provider may receive and store certain voice commands.)
Other information about your use of the Services, such as the apps you use, the websites you visit, and how you interact with content offered through a Service.
Information from third-party sources
We may receive information about you from publicly and commercially available sources (as permitted by law), which we may combine with other information we receive from or about you. We also may receive information about you from third-party social networking services when you choose to connect with those services.

I'm not new to android or privacy by any means.
This kind of obscure language is no mistake or ctrl c/v standard.
All of these are poored over by lawyers on mass.
.
It is for this reason I exclusively run custom rims & mods and a majority of my devices are root/xposed with multiple layers of privacy in mind.
.
There used to be a much bigger crowd of developers and possibilities...
But we seem to be a dying breed.
.
I'm deeply saddened at the lack of true device level privacy or the concern for it.
And no
You'll not catch me trusting Google or an oem.
I barely trust open source.
.
Any links to further improve safety security and privacy on an Android device would be appreciated

If you think what the 6T collects is bad wait till you hear about Google.. Android is just a glorified data collection OS.. All they care about is profiling from us and learning everything to target ads and sell to 3rd parties after all Google is an Ad company.. If you want privacy compile AOSP and use MicroG avoid all Google services and use as much FOSS apps as possible.
---------- Post added at 10:35 PM ---------- Previous post was at 10:32 PM ----------
OhioYJ said:
Still why I don't buy any device that doesn't have Lineage support... However what are you going to replace it with? Going to go buy another flagship? Have you glanced through other's privacy policies? This stuff is pretty boiler plate at this point, it's CYA. Not that I'm defending it, because it shouldn't be like that, but in today's "sue happy world", and "everything needs to be connected", guess what? The solution would be just to remove this these services, there are tons of posts of which OnePlus services to remove if you want to stay on OOS and protect your privacy.
So back to the replacement, lets take a Samsung, those are popular....., have you glanced at their privacy policy, because it's similar link
I didn't go over entirely, and I'm sure there's more details, but I'm guessing OnePlus's blurb, looked something similar to this (From Samsung's Website):
In addition to the information you provide, we may collect information about your use of our Services through software on your device and other means. For example, we may collect:
Device information - such as your hardware model, IMEI number and other unique device identifiers, MAC address, IP address, operating system versions, and settings of the device you use to access the Services.
Log information - such as the time and duration of your use of the Service, search query terms you enter through the Services, and any information stored in cookies that we have set on your device.
Location information - such as your device’s GPS signal or information about nearby WiFi access points and cell towers that may be transmitted to us when you use certain Services.
Voice information - such as recordings of your voice that we make (and may store on our servers) when you use voice commands to control a Service. (Note that if we work with a third-party service provider that provides speech-to-text conversion services on our behalf. This provider may receive and store certain voice commands.)
Other information about your use of the Services, such as the apps you use, the websites you visit, and how you interact with content offered through a Service.
Information from third-party sources
We may receive information about you from publicly and commercially available sources (as permitted by law), which we may combine with other information we receive from or about you. We also may receive information about you from third-party social networking services when you choose to connect with those services.
Click to expand...
Click to collapse
Lineage also collects weird data like what device you installed on, Carrier etc.. Not sure why it needs this but I don't run it for that reason.

nima0003 said:
Who the **** reads those?
Click to expand...
Click to collapse
people who can read

Lebrun213 said:
people who can read
Click to expand...
Click to collapse
Did you return yours?

liam_davenport said:
If you think what the 6T collects is bad wait till you hear about Google.. Android is just a glorified data collection OS.. All they care about is profiling from us and learning everything to target ads and sell to 3rd parties after all Google is an Ad company.. If you want privacy compile AOSP and use MicroG avoid all Google services and use as much FOSS apps as possible.
---------- Post added at 10:35 PM ---------- Previous post was at 10:32 PM ----------
Lineage also collects weird data like what device you installed on, Carrier etc.. Not sure why it needs this but I don't run it for that reason.
Click to expand...
Click to collapse
So they can get an idea of which devices to develop for and their user base.

liam_davenport said:
Lineage also collects weird data like what device you installed on, Carrier etc.. Not sure why it needs this but I don't run it for that reason.
Click to expand...
Click to collapse
As soon as you install Lineage it asks if you want to share / participate in this program? You don't have to share this information. If you overlooked it the user can disable this sharing in the settings. They don't try and hide it at all.
I also don't know of any Lineage builds / trees that are hidden unlike other ROMs that are popular. So everything is out in the open.
Lineage has always been my first choice, so maybe I'm biased?

Caltinpla said:
Did you return yours?
Click to expand...
Click to collapse
custom OS and MicroG
got rid of oneplus & google spyware without loosing fonctionality (except fingerprint reader obviously)

Lebrun213 said:
custom OS and MicroG
got rid of oneplus & google spyware without loosing fonctionality (except fingerprint reader obviously)
Click to expand...
Click to collapse
So, you really believe custom roms and other phone makers don't spy on you? Good luck with that!!!

Caltinpla said:
So, you really believe custom roms and other phone makers don't spy on you? Good luck with that!!!
Click to expand...
Click to collapse
If you think custom roms (AOSP) are spying on you you're on the wrong website

Intrusive TOS suck big time, but, unfortunately, if you have a email address or cell phone, use the internet in any way shape or form, forget about any sense of privacy..
I make sure I dont do anything "iffy" on my cell phone; never use it for banking or bill paying, so I feel a little less paranoid, but there is really NO WAY, aside from not having an email address/cell phone/internet connection to keep your life from some prying eyes..

Lebrun213 said:
custom OS and MicroG
got rid of oneplus & google spyware without loosing fonctionality (except fingerprint reader obviously)
Click to expand...
Click to collapse
Root and block everything.

Caltinpla said:
So, you really believe custom roms and other phone makers don't spy on you? Good luck with that!!!
Click to expand...
Click to collapse
i trust open source, if there is a doubt with the code, anyone can check (not saying everyone does that).
Google service, oneplus, etc ... on the other hand are completely locked and you have no way to see what it really does.
Btw, i switched because of the much better battery and performance i get without these spyware constantly running, not much about privacy... Still use google.com everyday so they aren't missing anything :laugh:

The only one you have to agree to is the first one. The rest you can decline and still setup your phone. I agree with Micro G but, if go a step further and install NanoDroid. It comes with replacement Google apps and GPS and all sorts of things to disconnect you from Google but have a functioning phone.
Sent from my OnePlus6T using XDA Labs

liam_davenport said:
If you think what the 6T collects is bad wait till you hear about Google.. Android is just a glorified data collection OS.. All they care about is profiling from us and learning everything to target ads and sell to 3rd parties after all Google is an Ad company.. If you want privacy compile AOSP and use MicroG avoid all Google services and use as much FOSS apps as possible.
---------- Post added at 10:35 PM ---------- Previous post was at 10:32 PM ----------
Lineage also collects weird data like what device you installed on, Carrier etc.. Not sure why it needs this but I don't run it for that reason.
Click to expand...
Click to collapse
False. Google does not sell user data to third parties, or to anyone. It's never even been considered. Unfortunately due to a mix of people not understanding how technology works and assuming that every "tech company" operates in exactly the same way this particular piece of fake news just won't die. There are plenty of terrible things they actually do nowadays, better to focus on those anyway

tech_head said:
Root and block everything.
Click to expand...
Click to collapse
so much this
every manufacturer has some sort of logging / reading data.
root, and monitor everything that leaves your phone - block apk's that shouldnt be running - or create firewall rules in the iptables to block applications from accessing certain sites / internet.

partcyborg said:
False. Google does not sell user data to third parties, or to anyone. It's never even been considered. Unfortunately due to a mix of people not understanding how technology works and assuming that every "tech company" operates in exactly the same way this particular piece of fake news just won't die. There are plenty of terrible things they actually do nowadays, better to focus on those anyway
Click to expand...
Click to collapse
This argument would make Kellyanne Conway proud. Yes, Google does not sell user data directly. But it does so indirectly every day it is in business. By allowing advertisers to target ever smaller slices of the population and track them across websites they ARE providing advertisers with user data.

GroovyGeek said:
This argument would make Kellyanne Conway proud. Yes, Google does not sell user data directly. But it does so indirectly every day it is in business. By allowing advertisers to target ever smaller slices of the population and track them across websites they ARE providing advertisers with user data.
Click to expand...
Click to collapse
A truly moronic reply that shows you have no idea what you are talking about. Have your even seen the advertising interface to Google's ad products? Obviously not because you just described Facebook's, not Google's! ?????

Configure privacy settings equivalent to IOS?

Assuming I was an expert user who knew every single Note 9 device option, samsung account setting, and google account setting.... If I were to configure EVERY single one of them to limit the data it collects, set every app permission to be in its most restricted state, disable every usage access setting, and configured my google and samsung accounts to be the most limited data collection accounts as possible, .... it is even possible to get to IOS level privacy on my Note 9? Is Android just sending everything it can back to google's servers as possible, such as when i turn the phone on, when i walk, move, open an app, browse the web, or whatever? I know some have already setup network analyzers to see the traffic going out, but I can never tell what configuration they do that with. I want to know if getting the privacy to IOS levels is impossible, or is it just a matter of very careful configuration....?

It's impossible. I'm not a fan of Apple devices, but I applaud them from a business perspective and that trickles down from the fundamental ideals of Steve Jobs.
Numerous studies show that Google sucks up information 10x as much as Apple which relies in differential data that doesn't exactly pinpoint the person, but more so the general interests of the person. Google identifies the person and their location. Unless you're walking around with your phone off or granting no permissions to every app, you can't match the security of an Apple device. The doesn't only include Google. Remember we have to deal with our specific manufacturers that are collecting data on us as well since Android is open source. So we just have to hope Googles intentions are good or move to an Apple device.

brainysmurf said:
Assuming I was an expert user who knew every single Note 9 device option, samsung account setting, and google account setting.... If I were to configure EVERY single one of them to limit the data it collects, set every app permission to be in its most restricted state, disable every usage access setting, and configured my google and samsung accounts to be the most limited data collection accounts as possible, .... it is even possible to get to IOS level privacy on my Note 9? Is Android just sending everything it can back to google's servers as possible, such as when i turn the phone on, when i walk, move, open an app, browse the web, or whatever? I know some have already setup network analyzers to see the traffic going out, but I can never tell what configuration they do that with. I want to know if getting the privacy to IOS levels is impossible, or is it just a matter of very careful configuration....?
Click to expand...
Click to collapse
No fanboi of any company/mfg/OS,but,they all do virtually the same thing with your personal information/usage habits.
The differences are mere semantics & they collect/sell user information.
The following is a 2yr old article,but,I'm guessing the points they make still hold true:
https://decentralize.today/apple-vs...company-handles-your-data-better-a7022bd452b1
Arguably,Android users can control their sharing of personal data usage,but,that has its caveats,such as limited functionality on some apps/etc...
Best advice I can give is the following:
1) Carefully comb through every setting on the phone,most are self-explanatory.
2) Go to every apps internal settings & the phone's setting under SETTINGS > APPLICATIONS & fine tune as best as possible.
Even after all of that,Google/Samsung (or most other mfgs) have settings that are inaccessible or cannot change (greyed-out),so,you're still not in the clear as far as total control/privacy.
This is one of the major attractions to rooting/ROMs for your Android device.
A rooted &/or ROM'd Samsung device is the ideal for gaining control of privacy/permission control,but,it breaks KNOX & Samsung Pay,no going back once rooted,even if restored to a stock state.
You gain more granular control of such permissions & if you want to go all-in on privacy, a ROM such as Lineage gives you the best you can hope for in personal security/privacy. A brief summary,but,that's the gist.
Outside of root/ROMs,If privacy/security is of utmost importance,I'd dare say a Blackberry would be a decent choice. I myself only briefly owned a Blackberry (Android device),so,I can't attest to how private/secure you personal usage/data is,but,I've rarely,if ever,heard of any major concerns in the matter w/Blackberry.
@brainysmurf
Another step you can take to regain some control of your Samsung device is using a package disabler app & the nice thing about these is no root access is required (AppFreeze/Package Disabler Pro/Adhell3).
https://play.google.com/store/apps/details?id=com.wakasoftware.appfreezer&hl=en_US
https://play.google.com/store/apps/details?id=com.powermanager.batteryaddon&hl=en
https://amp.reddit.com/r/GalaxyS8/comments/8nmrfq/how_to_install_adhell_3_a_video_guide/
Use the XDA site search feature or Google for more info on the above mentioned disabler apps.
You can also use ADB Commands to disable apps as well,but,please read the following link carefully before proceeding:
https://www.xda-developers.com/uninstall-carrier-oem-bloatware-without-root-access/

I have never had an apple device, But I would like to say that android as a system is opensource and the google apps that are put on top are non opensource and are probably where you lose your privacy but as a system it is transparent which attracts devs and rooting (i.e. getting access to the system partitions) is what makes android so customizable. Versus apple which you have to blind trust ios and trust that these options are 100% do what they say..
Yes it is more secure because it is closed source but at the same time For actual privacy you never know. Saying that how do you get your privacy with android needs some setup which koliosis did good explaining. But the difference between the two OSs I believe is because of (opensource)ness of android the amout of customizablity with android is really deep. To which I believe if you invest good time researching, you can get a way better state than iOS. Again not an expert but putting my opinion
For the rest
Koliosis said it all.

that_same_guy said:
Yes it is more secure because it is closed source.
Click to expand...
Click to collapse
Have to correct that one. That is a myth spread by some big companies in order try to gain some customers over from the cheaper/free competition. In reality, open vs. closed source has no other effect on how secure the result is than with open source there can be more eyes looking at the code (for both good and bad intentions). As an example, simply compare a decent linux distro (from which only similar applications are installed that would come with corresponding Windows installation) to M$ Windows. Open source (and free at that) wins many times over in overall security (while neither is free from issues).
The biggest effect on the code quality (thus often also how secure it is) is on how many (real) experts work on it, and this in turn depends on popularity (open source) and/or money (company's/organization's income and policies/ideals). For the last part 'policies/ideals' just compare M$ and Apple, both have the money to throw at development if they choose to do so; former makes mostly insecure crap, latter makes half-decent stuff. (And note, I'm not a fanboy of either, or pretty much of any company, except one little local camera shop, so do read the previous with some weight on that "half-" before the "decent".)
As for small input on the privacy squeezing on Samsung devices:
I have so far managed to avoid to use a samsung-account, and that might help a tiny bit, although some features of the phone are then not working, but mostly useless features. Though there are some seemingly useful features that require Samsung-account for some weird reason, but I've manage to live without them. Like the "protected folder" (or whatever it is in English), why on earth would that need an account or anything external for that matter?!?
(Well, technically, I do have a Samsung-account, as that was required to get the phone cheaper, but after that order, I've not used that account anywhere.)

ErebusRaze said:
It's impossible. I'm not a fan of Apple devices, but I applaud them from a business perspective and that trickles down from the fundamental ideals of Steve Jobs.
Numerous studies show that Google sucks up information 10x as much as Apple which relies in differential data that doesn't exactly pinpoint the person, but more so the general interests of the person. Google identifies the person and their location. Unless you're walking around with your phone off or granting no permissions to every app, you can't match the security of an Apple device. The doesn't only include Google. Remember we have to deal with our specific manufacturers that are collecting data on us as well since Android is open source. So we just have to hope Googles intentions are good or move to an Apple device.
Click to expand...
Click to collapse
This actually goes to my point... If indeed I did remove all permissions from all apps, does this mean Android tracking would be completely disabled? Or if I removed google play services, or disabled it, or removed all permissions from it? Technically, would that give it an IOS level of privacy? I'm just wondering if the OS itself is prone to just phoning home and letting it know everything I'm doing, or if it's possible at all to tame it....
Thanks for your repsonse.

ErebusRaze said:
It's impossible. I'm not a fan of Apple devices, but I applaud them from a business perspective and that trickles down from the fundamental ideals of Steve Jobs.
Numerous studies show that Google sucks up information 10x as much as Apple which relies in differential data that doesn't exactly pinpoint the person, but more so the general interests of the person. Google identifies the person and their location. Unless you're walking around with your phone off or granting no permissions to every app, you can't match the security of an Apple device. The doesn't only include Google. Remember we have to deal with our specific manufacturers that are collecting data on us as well since Android is open source. So we just have to hope Googles intentions are good or move to an Apple device.
Click to expand...
Click to collapse
Yeah I saw those same studies. And they never seem to provide specific configuration data. For instance, the study showing that android gathers as much as 10x more data specifically mentioned that Chrome was constantly phoning home sending data. However, what if the user didn't log into their chrome account? I think it's much more limited in that case... Or what if the user disabled chrome, and perhaps all google apps? Is it android doing the privacy damage, or google apps/play services? If I disabled those, or removed all permissions from those, would it be equivalent to IOS? I'm an engineer in the business working at a major silicon valley company, and even with high expertise in the design of these things I'm finding it impossible to get basic understanding of what it actually going on. It is either trying to read through legalize of privacy agreements, or reading blogs and studies with claims such as 10x more data, while not providing specifics...

Privacy/"Conspiracy" thread [Discussion] (Re: Backdoors/security risks)

Not quite sure what to title this and its not specific to the note 9 but i recently seen an article saying that google admits they are able to track phone's location data even when location data is set to off. https://www.theverge.com/2017/11/21...g-cell-tower-data-android-os-firebase-privacy
My question is if there is and way for Dev's to create a custom rom that disables all these backdoors that google, The NSA etc. have access to? Sort of like some of the different linux distributions out there. Im not a terrorist or some sh*t but as a person who values their privacy, I dont like the idea of any corporation, governement or anyone being able to acces any of my data without my knowledge or permission. In an age where alexa records everything you say and alphabet agencies and corporations can access my phone mic even while the phone is off, i would like to have some protection and security against that unwarranted nonsense.

You should check out the Black Phone from Silent Circle:
https://www.silentcircle.com/products-and-solutions/blackphone2/
It runs on their own custom version of Android:
https://www.silentcircle.com/products-and-solutions/silent-os/
Not sure of all the details, but it's the only privacy focused smartphone I'm aware of - however some reviewers say that most of what they're doing can be replicated by installing a custom ROM and special apps on other phones.

This is what "Secret Mode" is for!
Coupled with a good VPN it's the best you can get right now.
Photo's[emoji2398] by Sully using SM-N960U or SM-870A

Kinsman-UK said:
You should check out the Black Phone from Silent Circle:
https://www.silentcircle.com/products-and-solutions/blackphone2/
It runs on their own custom version of Android:
https://www.silentcircle.com/products-and-solutions/silent-os/
Not sure of all the details, but it's the only privacy focused smartphone I'm aware of - however some reviewers say that most of what they're doing can be replicated by installing a custom ROM and special apps on other phones.
Click to expand...
Click to collapse
Okay, cool. Seems like the phones arent available anymore though. Do you think any devs may be interested in trying to develop a custom rom (preferably based on One UI v1.0) that focuses on privacy and trying to eliminate these backdoors google, the nsa and samsung may have access to? And if not in this area (referring to note 9 discussion), then where might i find some people whp may be interested here on xda?

Do you really think that you can scape from tracking of google and stuff? Maybe you could but they know everything about you... if you access from a pc they know it, if you use your credit card they know where you are, etc etc etc, if you pay taxes they know.... in my country when you update your ID on the gvermebt service they brings to you a little paper you all your data, and at the bottom of the paper says,,,, doing this you allow to the goverment tp share your identification information (phtos, finger pribts, etc) to another goverment departaments and third companies and blah blah blah... now is coming the blockchain tecnology and finally the mark of the beast.... maybe you can say that im crazy but just think about it.... soon or later you couldnt buy or sell if you dont have that chip, mark, serial, phone, id, or whatever it could be,,,, my bestregards
What im trying to say is: enjoy the top of technology until it be a curse or something like that to you.

Wow

Conito11 said:
Do you really think that you can scape from tracking of google and stuff? Maybe you could but they know everything about you... if you access from a pc they know it, if you use your credit card they know where you are, etc etc etc, if you pay taxes they know.... in my country when you update your ID on the gvermebt service they brings to you a little paper you all your data, and at the bottom of the paper says,,,, doing this you allow to the goverment tp share your identification information (phtos, finger pribts, etc) to another goverment departaments and third companies and blah blah blah... now is coming the blockchain tecnology and finally the mark of the beast.... maybe you can say that im crazy but just think about it.... soon or later you couldnt buy or sell if you dont have that chip, mark, serial, phone, id, or whatever it could be,,,, my bestregards
What im trying to say is: enjoy the top of technology until it be a curse or something like that to you.
Click to expand...
Click to collapse
Im on the same relative page as you, technocracy is a B*tch. my hope is that if we have some dedicated enough developers, we might be able to limit the amount of information they can recieve or attempt to access.

my only move: is to install only apps that I need, disable and uninstall the rest ( adb remove bloatware) , revoke permissions, switch privacy buttons in your OS settings. USE DUCKDUCKGO,
Never store nudity or secret things that can be used to harass you on a machine that is connected to internet.