Related
I'm just getting started with CM7 and the Nook Color, but I have some general security concerns that perhaps you could help me with?
1. Viruses. I understand that these are real in Android. I've temporarily disabled non-Market apps, but I believe viruses and/or spyware have shown up in Market Apps too. Are there decent AntiVirus apps and what do you recommend?
2. Firewall. What services are open by default? Are there good software firewalls available?
3. Adware. Is it always clear which Market apps are ad-supported? Have apps crossed the line into malicious or near-malicious spyware? (Taking over browsers, redirecting home pages or searches, infecting other apps, etc.)
4. Apparently Google does not require password-confirmation for Market purchases, and no real solution exists, since available apps complicate things and don't address the root issue. Do they have any plans to change that?
5. Where are application and web site passwords, WiFi keys, and the like stored, and are they encrypted?
6. Is there a multi-user / multi-profile facility to allow different users to log in to different desktops and/or applications? (Or is that best accomplished with dual booting.)
7. What major applications are known to "phone home" or otherwise divulge more information than might be expected? I was quite surprised that CM7 itself phones home to CyanogenMod by default, and even with that turned off the ROM Manager still reports usage statistics to Google?
8. Is anyone independently reviewing CyanogenMod itself for privacy and security implications? Right now many of us are relying on a hodgepodge of hacker contributions and the good will of those creating them. I'm sure that anything malicious would eventually come to light, but is anyone proactively checking out the release CM7 distribution, the GApps distribution, and the various installers and packagers? Right now the only verifiable "web of trust" that seems to exist is the good intentions of every contributor, and the general availability of the source code (which should make the review possible, if not particularly easy!).
9. Are there any "best practices" as a user? For example, I've set up a new GMail ID for use with the NC, and haven't yet linked any credit card or payment data. Meanwhile, for the B&N side I've had to submit a credit card number to get access to their market (even to get their "Free" offerings).
10. Any implications for configuring e-mail and/or contacts, etc.? Mass remailing trojans certainly exist on the Windows side.
11. Do the application specific permission settings compare favorably to those of the BlackBerry, and are they easily adjustable after you've already granted permissions to an app?
12. Is there any concept of sandboxing a new app to prevent it from possibly adversely affecting other applications or files?
13. Is there a best practice for how to manage files on both the eMMC and SD card storage, particularly when booting between the two? Can one be locked out from the other?
Okay, that's a baker's dozen. I'll stop now.
Thanks much for any input.
Really? Nobody has an opinion to share on this?
rooting /cm7 / and the purpose behind it may just not be for you. I don't think your going to get an answer your looking for. Also not trying to be rude, but you pretty much wrote a book in your first post. Just ask a question dude.
Thanks for the response, but I asked roughly 13 questions -- would you prefer I "just asked a question" by starting 13 different threads? I certainly wouldn't.
And your first sentence makes it sound as if there's no one here who gives a damn about their own data and that everyone views the Nook Color as a toy -- and I seriously doubt that.
xdabr said:
I'm just getting started with CM7 and the Nook Color, but I have some general security concerns that perhaps you could help me with?
1. Viruses. I understand that these are real in Android. I've temporarily disabled non-Market apps, but I believe viruses and/or spyware have shown up in Market Apps too. Are there decent AntiVirus apps and what do you recommend?
2. Firewall. What services are open by default? Are there good software firewalls available?
3. Adware. Is it always clear which Market apps are ad-supported? Have apps crossed the line into malicious or near-malicious spyware? (Taking over browsers, redirecting home pages or searches, infecting other apps, etc.)
4. Apparently Google does not require password-confirmation for Market purchases, and no real solution exists, since available apps complicate things and don't address the root issue. Do they have any plans to change that?
5. Where are application and web site passwords, WiFi keys, and the like stored, and are they encrypted?
6. Is there a multi-user / multi-profile facility to allow different users to log in to different desktops and/or applications? (Or is that best accomplished with dual booting.)
7. What major applications are known to "phone home" or otherwise divulge more information than might be expected? I was quite surprised that CM7 itself phones home to CyanogenMod by default, and even with that turned off the ROM Manager still reports usage statistics to Google?
8. Is anyone independently reviewing CyanogenMod itself for privacy and security implications? Right now many of us are relying on a hodgepodge of hacker contributions and the good will of those creating them. I'm sure that anything malicious would eventually come to light, but is anyone proactively checking out the release CM7 distribution, the GApps distribution, and the various installers and packagers? Right now the only verifiable "web of trust" that seems to exist is the good intentions of every contributor, and the general availability of the source code (which should make the review possible, if not particularly easy!).
9. Are there any "best practices" as a user? For example, I've set up a new GMail ID for use with the NC, and haven't yet linked any credit card or payment data. Meanwhile, for the B&N side I've had to submit a credit card number to get access to their market (even to get their "Free" offerings).
10. Any implications for configuring e-mail and/or contacts, etc.? Mass remailing trojans certainly exist on the Windows side.
11. Do the application specific permission settings compare favorably to those of the BlackBerry, and are they easily adjustable after you've already granted permissions to an app?
12. Is there any concept of sandboxing a new app to prevent it from possibly adversely affecting other applications or files?
13. Is there a best practice for how to manage files on both the eMMC and SD card storage, particularly when booting between the two? Can one be locked out from the other?
Okay, that's a baker's dozen. I'll stop now.
Thanks much for any input.
Click to expand...
Click to collapse
I have to admit, you come off as rather paranoid, and i am not sure why you are so.
Yes, there have been a couple of problem apps recently, but Google took care of them, and i would not worry. The best security you can have, is looking at what you are installing. The application cannot hide what permissions it needs, so if you have something asking for way more than you think it should need, take that as your first red flag.
Currently, Virus Scans on Android are a joke, and simply unneeded. Don't even waste you time. Firewalls are just about the same, and again, not worth the effort. One thing to keep in mind, that this is a linux system, and is not as prone to the Windows based attacks that you are used to. Things like email spam bots and such are not a problem.
As for Cyannogen - no code is added to the repository without being peer reviewed; and every code submission is available in public records. Frankly, they did not make it to CM7 by stealing people's data, nor is it simply a hodge podge of devs.
Frankly, I think right now more research is in order for ya. Most of what you ask is already discussed in many places, or is never discussed, because it simply isn't a worry...
Thank you, Divine_Madcat, for the advice and explanation. By hodgepodge I was more referring to the multiple installer methods and packages that newbies like me are relying upon to get everything installed easily. There are a lot of them, from a lot of nice people, from preconfigured SD card images to installation methods with modified boot loaders to interface and performance hacks. Even if Cyanogen itself is well maintained it would be pretty easy for someone to include a little trojan in one of those third-party "distributions".
It's not exactly paranoia, I've just seen this happen so often. Trojan horses are certainly not limited to Windows. Worms and other compromises have affected thousands of Unix and Linux machines in the past. Web sites and PHP and Perl scripts and databases and web frameworks regularly see vulnerabilities discovered and/or exploited. So since this device will be used in part by children with access to my credit card, I wanted to know what we're dealing with.
No, I was not familiar with Cyanogen's review practice (which is one reason I asked), so thanks for that reassurance! I will try to learn more as I go.
I do apologize for the length of the OP though -- I was trying to brainstorm and get everything down in one place that related to possible security concerns. It's not as if I'm worried sick about every little point.
One of the apps I install on all my installs is 'Lookout'. This app scans all my programs I install and update and I have heard very good reviews of it.
I did see that Eric Lundcrest did an article today:
http://web.eweek.com/t?r=2&c=38783&l=64&ctl=11B38843F5D4C728CF30E9F23F9E91BB51617&
You can check them out. I haven't tried them all myself and I noticed that he didn't include the app that I recommended above (and I use it on both my Nook and my HTC EVO)
You Should Also be Aware..
that one of the joys of Android (and of course Unix/Linux) is that everything is "sandboxed" unlike Windoze - there are not many apps that interfere with others - that's why it's so easy to install and uninstall from Android. Compare the uninstalling of even a large Android app with that of uninstalling from Windows.
I would not worry about interfering apps
Thanks, doc. I'm moderately familiar with the Unix security model, but not so much with Android. Is sandboxing really accurate? In Linux processes run with particular user rights, much as in Windows but more flexible -- that is, it's just much more common to have different daemons running as different users. Still, I don't think they're really isolated from one another as they might be with a "chroot jails" kind of function...
I don't think electronics are for you, I suggest books and a cabin in the woods.
No virus really exist yet, a few flaws in the code have been found but they are patched quick.
No real firewall, doesn't work quit that way with android.
Yes, it will say in the permissions of the app in the market.
You sign into the market when you first use it, making sure your devise has a lockscreen PW is how you keep it safe.
/data
no
Some apps phone home, check permissions before you install.
All CM code can be seen in the github, you can compile it yourself if you wish.
Use smart internet credit card practices such as only attaching a low limit card to accounts etc.
If the google email server was hacked maybe but all that stuff is stored encrypted on googles end.
Permissions need to be approved of by you if they change.
Android sandboxes all apps.
Dono, I have CM7 on internal and books etc stored on the SD card.
Nanan00, your actual answers were great, but "I don't think electronics are for you, I suggest books and a cabin in the woods." and the similar dismissive post above are exactly the kind of BS condescension that gives some open source communities a bad name. Stop it. Little by little it devalues the entire community and its projects.
Thanks for the substance of your response.
Truthfully... My parents practice pretty much all of the stuff you have said, they're very careful with credit cards and anything that could be used as personal information.
And yet... Someone got ahold of their credit card numbers and bought something for almost 3k last year...
I have no virus software or even firewall software on this computer, it has not received a virus in over 5 years (I know... it needs an upgrade) and I'm running Windows XP SP2.
If you're prone to viruses then go ahead and install some antivirus software. If you're scared about your kids + your credit card + the nook, then have them make all transactions on the computer.
The reason no one is taking this seriously is because Android is to new for there really to be anything worthwhile on the market. People are just now learning how to develop and code for it. So there aren't a bajillion(give or take one or two) viruses or trojans running around the google market.
On top of that, so long as your legally buying your apps from the google market, you have even less to worry about. As google has shown in the past that they'll go ahead and delete it the second they find it.
As far as permissions go, don't get to hung up on it. Everybody trust Pandora and yet it requires more permissions then some of googles own apps. =\
Thank you, Gin1212. I don't use an AntiVirus on my own Windows machines either -- it's more trouble than it's worth when you know what you're doing. (On Android I don't know what I'm doing, yet.)
And yeah, I already made sure to use a disposable credit card number ("ShopSafe") with a limit when setting up the Nook for the young'un. Google Market, thankfully, doesn't require a credit card unless you buy something, so I'll be checking out the free apps for a while (so that's part of why I asked about adware/spyware).
I was approaching the thing as I would any new (to me) full fledged operating system and computer, fully aware it's not the "safe" and dictatorially controlled little world of iOS or, to some extent, BlackBerry OS.
So thanks for the real world advice!
xdabr said:
Nanan00, your actual answers were great, but "I don't think electronics are for you, I suggest books and a cabin in the woods." and the similar dismissive post above are exactly the kind of BS condescension that gives some open source communities a bad name. Stop it. Little by little it devalues the entire community and its projects.
Thanks for the substance of your response.
Click to expand...
Click to collapse
Suffice it to say that Android's and Microsoft's, and even Linux's app model is vastly different. Google does not just act as a repository, as in Linux. From my understanding, Google is rather guarded about it's app market and if anything heretofor is found, the app is yanked from the market immediately.
I agree that website security is more an issue that needs to be looked at, but the lion's share of websites that have virii and adware are aimed at infecting windows machines, but your concerns are noted.
As to the intent of the Devs here, I think you need to understand that these roms, mods and apps are their children, and their passion of the moment. No one goes through all the crap they do just to foment adware. This is their meat and drink and trust me, if there were a dev whose morality came into question, they would police themselves and it would be all here for us to read. There are no secrets here. These aren't script kiddies looking to wreak havoc.
I agree that security is a good thing, but the twin natures of Android are openness and isolation. Each app, at least from my understanding is an island unto itself with rare exception. So I think that while your concerns in themselves are noble, they are unwarranted, and at some points even seem absurd. No offense intended here.
We aren't just drinking the kool-aid here, everyone knows the risks of adopting an unknown and untested ROM, everyone takes the responsibility to themselves when they violate their warranty in search of a better tablet experience. The average person who roots their nook is not your average idiot windows user. We are here because we want more and better than our legacy alientation by microsoft and those who can't think outside of their security model.
Well, there is my Android manifesto. Sorry for rambling.
migrax
No, I appreciate the manifesto -- thanks. Again, I tried to brainstorm and throw the kitchen sink into the original post so as to get everything down in one place. I was hoping it could serve as a general security discussion thread. Not everything there is a huge concern of mine, and sorry if it made things seem absurd.
I appreciate your points about the intentions of the developers and the operation of Google's market (although of course a big selling point is we are NOT limited to that market... conversely, I suppose anything I chose off-market would be something I had by definition come to trust independently).
xdabr said:
Nanan00... "I don't think electronics are for you, I suggest books and a cabin in the woods." and the similar dismissive post above are exactly the kind of BS condescension that gives some open source communities a bad name. Stop it. Little by little it devalues the entire community and its projects.
.
Click to expand...
Click to collapse
I think your overreacting a wee bit too much. I can't speak for Nanan00 but the first sentence of his post feels like a joke. He took the time to write out the answers of OP's question...
Also since you were referring to my post at the top..... I was just being candid with OP.
I read his post, I could see that he was a bit paranoid (IMO) and told him my honest opinion. Which is: Hacking your nook, or any device for that matter, may not be for you. The reasons being that when you hack your device, you inevitably increase its chances of being exposed (even if the increase is small, its there.) I don't feel that I am being arrogant, and I didn't catch that drift from Nanan00. But I wanted to address this since you obviously feel strong that this type of behavior is "devaluing the entire community and its projects."
Anyways to the OP:
Sorry if my post came off rude. I should of taken the time to give you my explanation.
colbur87 said:
I think your overreacting a wee bit too much. I can't speak for Nanan00 but the first sentence of his post feels like a joke. He took the time to write out the answers of OP's question...
Also since you were referring to my post at the top..... I was just being candid with OP.
I read his post, I could see that he was a bit paranoid (IMO) and told him my honest opinion. Which is: Hacking your nook, or any device for that matter, may not be for you. The reasons being that when you hack your device, you inevitably increase its chances of being exposed (even if the increase is small, its there.) I don't feel that I am being arrogant, and I didn't catch that drift from Nanan00. But I wanted to address this since you obviously feel strong that this type of behavior is "devaluing the entire community and its projects."
Anyways to the OP:
Sorry if my post came off rude. I should of taken the time to give you my explanation.
Click to expand...
Click to collapse
Um, colbur87, "OP" and I are the same person.
Asking questions is one way we learn. As an Android newbie many of my questions would apply to any Android device, hacked/rooted or not. If they're not appropriate for this forum, or if no one here thinks they're valid or worth a response, that would be okay. But to say in effect "your concerns are stupid and you don't belong here" is not only insulting, but factually wrong. Just because some people are content to not consider security implications doesn't mean they're not real.
Blithe unquestioning acceptance and faith is more of an Apple iFanboy trait, I would have thought.
And much as with Linux as a whole, positioning "hacked" Android as something not amenable to ordinary consumers is counterproductive.
(By the way, I'm not an ordinary consumer.)
Anyway, I do appreciate the answers people have given.
Wasn't lookig at the names so my bad on the mix up.
Anyways if you still think im being rude even after my previous post then so be it.
im out
Sent from my Desire HD using XDA Premium App
Divine_Madcat said:
The application cannot hide what permissions it needs, so if you have something asking for way more than you think it should need, take that as your first red flag.
Click to expand...
Click to collapse
Actually, that isn't true. There are holes in Android Market, so if app makers really wanted to, they can hide certain permissions even if your app calls out that permission through androidmanifest, which is how the permission is given in the first place. It was shown that even big name developers had exploited this one time or another. Of course this has nothing to do with CM7. Even stock Android phones are vulnerable to this. However, in general, if you download a popular app, you should be able to trust the permissions listed. Unless your the first person to download an app, you'll usually hear back from initial users if there's something funky going on.
Me and my friend, (who is a budding app developer for android) ran into discussion about "Android JB vs WP8", and after many aspects, we came to "developer benefits", there I said that Android is not good for developers bcoz people SIDELOAD app and nothing can detect a pirated app. That's the sad truth.
But on WP8 there's no way to SIDELOAD app, so No piracy of apps on WP8.
My friend said there are WP8 custom ROMS available and WP8 can also be rooted. So there maybe ways when people use Pirated apps on WP8 also.
So who is correct Me or my friend? Are there ways on WP8.
Sent from my GT-S5570 using xda app-developers app
Apourv said:
Me and my friend, (who is a budding app developer for android) ran into discussion about "Android JB vs WP8", and after many aspects, we came to "developer benefits", there I said that Android is not good for developers bcoz people SIDELOAD app and nothing can detect a pirated app. That's the sad truth.
But on WP8 there's no way to SIDELOAD app, so No piracy of apps on WP8.
My friend said there are WP8 custom ROMS available and WP8 can also be rooted. So there maybe ways when people use Pirated apps on WP8 also.
So who is correct Me or my friend? Are there ways on WP8.
Sent from my GT-S5570 using xda app-developers app
Click to expand...
Click to collapse
You're correct, can't root and you can only sideload apps if you're a developer. No custom roms, no root, your friend's a fandroid who's insecure about their OS.
I think disabling Sideloading is better. Because Wallet services are coming to mobile so chances are high that someone might make app which will hack mobile payment passwords and accounts, using app which people sideload. This might make android insecure, when making NFC payments.
Sent from my GT-S5570 using xda app-developers app
Disable sideloading? And then how are dev supposed to test their apps on their phones ? - the emulator is not a good choice in some cases.
Also, there are no custom roms YET, but I am pretty sure there will be. There's nothing in this world that can be protected from hacking
timotei21 said:
Disable sideloading? And then how are dev supposed to test their apps on their phones ? - the emulator is not a good choice in some cases.
Also, there are no custom roms YET, but I am pretty sure there will be. There's nothing in this world that can be protected from hacking
Click to expand...
Click to collapse
Developers can unlock their phones. Others can't.
Apourv said:
Me and my friend, (who is a budding app developer for android) ran into discussion about "Android JB vs WP8", and after many aspects, we came to "developer benefits", there I said that Android is not good for developers bcoz people SIDELOAD app and nothing can detect a pirated app. That's the sad truth.
But on WP8 there's no way to SIDELOAD app, so No piracy of apps on WP8.
My friend said there are WP8 custom ROMS available and WP8 can also be rooted. So there maybe ways when people use Pirated apps on WP8 also.
So who is correct Me or my friend? Are there ways on WP8.
Sent from my GT-S5570 using xda app-developers app
Click to expand...
Click to collapse
Blocking load of apps is a huge OVERKILL.
Say I wand to write an app, and distribute it freely, and do not want to put it on the market ?
What then ?
Besides that - if the IPhone with all it's locks and vaults can be set to load apps outside the Apple market,
it is safe to say that WinPhone will have the same crack.
Locking the device and limiting the user is a bad thing, and besides alienating your user base it will not do much.
Alienating your user base is never a good tactic, they will leave.
(People who plan to get WinPhone are most likely people who used WinMo - that was totally open to customization and apps from wherever)
Some developers looked into breaking the security on Nokia's WP7 phones and decided it would be to hard but of course there might be ways to do it anyway and allow custom ROMs. Aside from that Marketplace XAPs originally could be modified to be sideloaded on WP7 but this has changed several months ago, when Microsoft started to encrypt the XAP files.
As for modified firmware Microsoft is using Secure Boot to tackle the problem at a much lower level than Android and iOS devices do. Due to that it might be quite some time before anyone figures out a way to do it. And even phones like the HTC One X have not yet been broken (at least the versions that use Nvidias Tegra 3). It was similar with several Sony devices.
But in the end to enable this on a WP8 device it would mean HSPL, CustomROM and modified XAP-Files to allow for pirated Apps. Comparing this to Android where you only modify the APK and allow sideloading using a Checkbox I believe we will a lot more pirated Apps on Android than on WP.
As for: I want to provide my App for free without using the Marketplace - ähm... what would be the benefit to the user? Aside from Hacks they benefit from the fact that Apps are tested for stability, to be Malware-Free and that you can discover them without too much effort right from your phone.
The only thing I believe you're right is that actually lots of people will go for an OS where they can pirate Apps easily. There are enough threads around here were people tell you upfront that they believe that having paid several 100 $ for a device entitles them to get the software for free.
StevieBallz said:
....
As for: I want to provide my App for free without using the Marketplace - ähm... what would be the benefit to the user? Aside from Hacks they benefit from the fact that Apps are tested for stability, to be Malware-Free and that you can discover them without too much effort right from your phone.
....
Click to expand...
Click to collapse
Yeah, right.
Like we saw on apple store, and the android market.
(you must be either kidding, or naive)
And as for users thinking paying few 100$ for a device and thinking it entitles them for free apps - well -
people became used to having free programs, and there are many good free programs.
Besides that - I do not support software piracy, but I do believe that you should have the freedom to do whatever you want with the device you payed a lot of good money for, and that the manufacturer should not put you behind bars and in chains, just so they can make more profit from you.
And dont think otherwise - they lock the device for the sole reason of taking some percentage of the money you pay for the apps,
and no other reason.
So every app would have to pass through their, and only their checkout point, and bring them more money.
Android market has no certification process while Apple's and Microsoft's does.
I didn't try to imply that you would want it for the reason of pirating Apps but for most people this is the reason they desire that feature.
But in the end we're talking about the rationale for developers and that is where your (paid) Apps are a lot better protected on WP or iOS than on Android. If this actually benefits you in the case of WP is a different discussion due to the fact that your potential market is smaller. But given that even though Android has a much bigger marketshare than iOS by now developers make a lot more money on iOS it seems the closed marketplaces actually benefit developers in that regard.
StevieBallz said:
Android market has no certification process while Apple's and Microsoft's does.
I didn't try to imply that you would want it for the reason of pirating Apps but for most people this is the reason they desire that feature.
But in the end we're talking about the rationale for developers and that is where your (paid) Apps are a lot better protected on WP or iOS than on Android. If this actually benefits you in the case of WP is a different discussion due to the fact that your potential market is smaller. But given that even though Android has a much bigger marketshare than iOS by now developers make a lot more money on iOS it seems the closed marketplaces actually benefit developers in that regard.
Click to expand...
Click to collapse
The same goes for PC apps.
And people still develop apps for PCs.
This is, in my opinion, some kind of propaganda (not to say brainwash) from the manufacturers,
who's only intent is to make more profit for themselves, and want to recruit the developers for their own goal.
Software piracy have been here since forever, and the software industry has always been growing.
I still hold my opinion that the manufacturer must not have me in chains and behind bars.
I believe the manufacturer must let me do whatever I want with my device.
Let me load whatever apps i want, from any source, and not limit me or force me to pay them more and more money over the life of the device.
I'm not saying that it is not a valid desire to be able to do those things - I said it benefits developers if they are not possible. They don't have to care about piracy that much. And instead of putting together a sophisticated scheme to protect their applications (like they have been doing on the PC for more then a decade) they can concentrate on the actual content.
Do you believe PC games that came on floppy discs asked you about keys from the manual just for fun or to avoid copies? Do you believe the industry moved to CDs only because of the additional space or because they could not be easily copied for quite some time? Does Diablo 3 require an online connection because they could not implement a game that could run on the PC only?
Providing those protections in the OS itself takes a big burden off most developers. The 30 % cut Apple or Microsoft take is a big part of what big companies would earn with their software, given that they already have payment solutions in place and might be able to provide storage and bandwidth cheaper. For Indie developers it would be a lot harder to organize all this.
But instead of answering the question on pirac that thread was about y you're completely missing the point and going on a crusade (and your points from a users perspective definitely are valid).
Apourv said:
Me and my friend, (who is a budding app developer for android) ran into discussion about "Android JB vs WP8", and after many aspects, we came to "developer benefits", there I said that Android is not good for developers bcoz people SIDELOAD app and nothing can detect a pirated app. That's the sad truth.
But on WP8 there's no way to SIDELOAD app, so No piracy of apps on WP8.
My friend said there are WP8 custom ROMS available and WP8 can also be rooted. So there maybe ways when people use Pirated apps on WP8 also.
So who is correct Me or my friend? Are there ways on WP8.
Sent from my GT-S5570 using xda app-developers app
Click to expand...
Click to collapse
There are no WP8 custom ROMs, only WP7, and only for select devices. As far as I know, app piracy was effectively killed off even for a fully "rooted" WP7 device now that the apps come in an encrypted package. WP8 devices with an SD card can sideload apps, but it's a feature, not an illegal act. You get the encrypted package straight from windowsphone.com, and when you sideload it via SD card, it checks with the marketplace to see if you already own this app and if you have purchased it- otherwise you get the trial.
So android is significantly less secure in this area, your friend is wrong.
StevieBallz said:
I'm not saying that it is not a valid desire to be able to do those things - I said it benefits developers if they are not possible. They don't have to care about piracy that much. And instead of putting together a sophisticated scheme to protect their applications (like they have been doing on the PC for more then a decade) they can concentrate on the actual content.
Do you believe PC games that came on floppy discs asked you about keys from the manual just for fun or to avoid copies? Do you believe the industry moved to CDs only because of the additional space or because they could not be easily copied for quite some time? Does Diablo 3 require an online connection because they could not implement a game that could run on the PC only?
Providing those protections in the OS itself takes a big burden off most developers. The 30 % cut Apple or Microsoft take is a big part of what big companies would earn with their software, given that they already have payment solutions in place and might be able to provide storage and bandwidth cheaper. For Indie developers it would be a lot harder to organize all this.
But instead of answering the question on pirac that thread was about y you're completely missing the point and going on a crusade (and your points from a users perspective definitely are valid).
Click to expand...
Click to collapse
Pretty much this.
As a developer, I love the fact that the WP marketplace protects my app from almost anything a hacker can throw at it, because it protects several aspects I invested in the app:
1) Time. A lot of time. I don't like it when people use what I invested months of research and coding for free, just because they are too lazy to search the marketplace, but are devious enough to google the app and download it from some obscure location (the irony).
2) My intellectual property: I've made the app, therefore I should have complete control over who can download it. How would you feel if you invested a lot in a car, and some random people of the street simply gets in and drives your car away?
3)Coding and researching is certainly not an easy task. If it were, then everyone would be a developer. Pirating my app is like asking me to give away my talents for nothing in return.
Although it is extremely easy for outsiders to judge my app and say it is not worth the money, they really have no idea how much time and effort was put into it. It is a service I provide for you, and as with any service you need to pay for it...upfront or by staring at adds.
Considering that without the OEM I would not be able to create the app at all, and you would not be able to use it either, it is only natural for them to ask a percentage of the profit from the app. It is how business works.
mcosmin222 said:
Pretty much this.
As a developer, I love the fact that the WP marketplace protects my app from almost anything a hacker can throw at it, because it protects several aspects I invested in the app:
1) Time. A lot of time. I don't like it when people use what I invested months of research and coding for free, just because they are too lazy to search the marketplace, but are devious enough to google the app and download it from some obscure location (the irony).
2) My intellectual property: I've made the app, therefore I should have complete control over who can download it. How would you feel if you invested a lot in a car, and some random people of the street simply gets in and drives your car away?
3)Coding and researching is certainly not an easy task. If it were, then everyone would be a developer. Pirating my app is like asking me to give away my talents for nothing in return.
Although it is extremely easy for outsiders to judge my app and say it is not worth the money, they really have no idea how much time and effort was put into it. It is a service I provide for you, and as with any service you need to pay for it...upfront or by staring at adds.
Considering that without the OEM I would not be able to create the app at all, and you would not be able to use it either, it is only natural for them to ask a percentage of the profit from the app. It is how business works.
Click to expand...
Click to collapse
Comparing an App to a car is totally inappropriate.
If someone drove away in your car, you do not have this car anymore.
If someone installed an app you wrote - well, you still have another copy, and can produce a million more copies.
Som30ne said:
Comparing an App to a car is totally inappropriate.
If someone drove away in your car, you do not have this car anymore.
If someone installed an app you wrote - well, you still have another copy, and can produce a million more copies.
Click to expand...
Click to collapse
He has a very simplistic view on piracy, which is what most people who think they're losing something have. It's hard for them to wrap their heads around new concepts like "pirated does not equal lost sales". It's mostly the RIAA's fault that the practice of sharing is deemed amoral and gave it the misnomer: "piracy". Actual sales lost because of piracy are negligible. I'm not saying it's ok for people to just take without paying, I'm saying you need to realize what is actually happening. Most "pirates" are poor students with no money to spare, kids who have no money of their own, and the most numerous "pirate" of all: those who cannot access a store to legally buy the product.
Sent from my Windows 8 device using Board Express Pro
Som30ne said:
The same goes for PC apps.
And people still develop apps for PCs.
This is, in my opinion, some kind of propaganda (not to say brainwash) from the manufacturers,
who's only intent is to make more profit for themselves, and want to recruit the developers for their own goal.
Software piracy have been here since forever, and the software industry has always been growing.
I still hold my opinion that the manufacturer must not have me in chains and behind bars.
I believe the manufacturer must let me do whatever I want with my device.
Let me load whatever apps i want, from any source, and not limit me or force me to pay them more and more money over the life of the device.
Click to expand...
Click to collapse
This. And Also, Poecifer, your just the Fandroid, since the discussion was brought ou with no intention to accuse each other party and start a flame war as usual, so just stfu if you don't have anything useful to say.
As a wp developer, i'd like to say that not beeing able to sideload apps freely at times is just a pain in the a**...personally I own a Sony Xperia J and a Lumia 710...my friend is an Android Dev and doesn't have all this kind of limitation...
Forgive me if this thread is out of place. I mean everything I say with the greatest respect for omnirom's devs and users.
I found out about omnirom recently. I was struck by its motto: "Omni isn’t better, just different." There has to be a better reason to go to the trouble of building a rom that's only going to be slightly different from AOSP or Cyanogenmod.
I want to make a suggestion. As a new android rom, why not fill a need in the community instead of saying, we've got nothing better to offer you, only something different. Novelty wears off and people want more than just "different" from their operating systems.
Can I suggest a huge glaring need in the Android rom space that no major mod is filling? Security and Privacy.
The NSA and other intelligence agencies and corporations are launching attacks on people. Even Google is doing that. Months after I got my new android device, I was shocked when I found that Android was uploading all my contacts and other data to google's servers without asking me.
Read this article (Ars Technica: Google’s iron grip on Android: Controlling open source by any means necessary) to see how Google is making a walled garden with Android.
With 4.4, Google seems to be going even further. They won't stop. Google is using android as a trojan horse to collect information from people and sell it. Facebook is also doing it. The NSA is doing it.
Is there anybody out there who respects people and their privacy any more? I can't think of any major rom that does it.
Omnirom has xplodwild, Dees_Troy and Chainfire and many other talented developers, but why is the only thing they offer us a slightly different rom?!
We techsavvy people want more from our roms than that. Our pressing need in this day and age is not split screen apps. We're being constantly spied on by everybody and being monetised by everyone. What about end-to-end email security via Mailpile and the Dark Mail alliance? What about the Freedombox project?
Omnirom's description says, "Omni is what custom ROMs used to be about – innovation, new features, transparency, community, and freedom." Every android rom innovates new features and they're all open source because Android is open source. Most of them have a community focus. How is Omnirom any different?
Every project needs a reason to exist. I can't see omnirom's reason for existence.
There is a lack of respect for people by governments and corporations. They seek to use us or buy and sell us. Omnirom has the chance to fill a need in FOSS android world: A rom that respects and protects the data and the individual from legalized spying.
Let me respectfully ask this question. Wouldn't it be more reasonable to put all your talents to something useful and filling a need in the android world instead of being another flavour of stock Android?
Hoodahottie said:
Forgive me if this thread is out of place. I mean everything I say with the greatest respect for omnirom's devs and users.
I found out about omnirom recently. I was struck by its motto: "Omni isn’t better, just different." There has to be a better reason to go to the trouble of building a rom that's only going to be slightly different from AOSP or Cyanogenmod.
I want to make a suggestion. As a new android rom, why not fill a need in the community instead of saying, we've got nothing better to offer you, only something different. Novelty wears off and people want more than just "different" from their operating systems.
Can I suggest a huge glaring need in the Android rom space that no major mod is filling? Security and Privacy.
The NSA and other intelligence agencies and corporations are launching attacks on people. Even Google is doing that. Months after I got my new android device, I was shocked when I found that Android was uploading all my contacts and other data to google's servers without asking me.
Read this article (Ars Technica: Google’s iron grip on Android: Controlling open source by any means necessary) to see how Google is making a walled garden with Android.
With 4.4, Google seems to be going even further. They won't stop. Google is using android as a trojan horse to collect information from people and sell it. Facebook is also doing it. The NSA is doing it.
Is there anybody out there who respects people and their privacy any more? I can't think of any major rom that does it.
Omnirom has xplodwild, Dees_Troy and Chainfire and many other talented developers, but why is the only thing they offer us a slightly different rom?!
We techsavvy people want more from our roms than that. Our pressing need in this day and age is not split screen apps. We're being constantly spied on by everybody and being monetised by everyone. What about end-to-end email security via Mailpile and the Dark Mail alliance? What about the Freedombox project?
Omnirom's description says, "Omni is what custom ROMs used to be about – innovation, new features, transparency, community, and freedom." Every android rom innovates new features and they're all open source because Android is open source. Most of them have a community focus. How is Omnirom any different?
Every project needs a reason to exist. I can't see omnirom's reason for existence.
There is a lack of respect for people by governments and corporations. They seek to use us or buy and sell us. Omnirom has the chance to fill a need in FOSS android world: A rom that respects and protects the data and the individual from legalized spying.
Let me respectfully ask this question. Wouldn't it be more reasonable to put all your talents to something useful and filling a need in the android world instead of being another flavour of stock Android?
Click to expand...
Click to collapse
Something that perhaps doesn't come across when reading about Omni is about our thoughts on security and privacy. I'm one of the loudest complainers about the actions of a few companies (Google being the main one), who are using Android as a platform to spy on people.
Make no mistake, Omni will seek to address that. One issue the community faces though is that it is currently at the ebb and whim of Google. If Google decide to do X, pretty much every custom ROM has no real choice other than to follow. The aim of Omni is to offer an alternative "upstream" to look towards, when you find out that Google has started to call home every inbound phone number that it doesn't "recognise", in order to find out if it's a company from Google Maps/Local... And presumably log that forever more with your account...
This is a timely question with a very reassuring response. There is F-Droid instead of PlayStore (but it tends to be a few months behind) and OsmAnd instead of Maps (which is better in some ways). I would like to see more in this direction too.
IMO unless your a spy or a criminal I don't see why someone would care about all that NSA stuff.
Sent from my Nexus 7 using xda app-developers app
pulser_g2 said:
Something that perhaps doesn't come across when reading about Omni is about our thoughts on security and privacy. I'm one of the loudest complainers about the actions of a few companies (Google being the main one), who are using Android as a platform to spy on people.
Make no mistake, Omni will seek to address that. One issue the community faces though is that it is currently at the ebb and whim of Google. If Google decide to do X, pretty much every custom ROM has no real choice other than to follow. The aim of Omni is to offer an alternative "upstream" to look towards, when you find out that Google has started to call home every inbound phone number that it doesn't "recognise", in order to find out if it's a company from Google Maps/Local... And presumably log that forever more with your account...
Click to expand...
Click to collapse
Are you thinking of implementing off the shelf carddav / caldav syncing? Instead of syncing with Google for calendar and contacts, you can sync with any other source (like ownCloud).
Something that Davdroid does.
I am using this setup on my own private Linux server the last few days and seems to work well.
Sent from my TF300T using Tapatalk 4
jonathanxx1 said:
IMO unless your a spy or a criminal I don't see why someone would care about all that NSA stuff.
Sent from my Nexus 7 using xda app-developers app
Click to expand...
Click to collapse
Unfortunately, this is the biggest problem that the security industry (ie. people like me) face, in trying to explain the issues here.
Here's a small example, to show you the problems, not specifically with the NSA, but with anything "cloud". Let's imagine a malicious attacker is going after you...
Let's look at your gmail account. It's likely that you signed up for it with your old Hotmail account (the previously most common type of email service). Most people did. It's also likely that you protect your Gmail account fairly well, but have likely not changed your Hotmail password in a while. That's likely the best way in for an attacker.
Now, before you say "OK, but what's the risk", let's take a look at what information is accessible to someone getting into your Google account.
Firstly, they know the details of all your android devices (IMEI etc) - they know what tablets you have, what phones you have, and their serial numbers and identifiers. They can also carry out a remote wipe on any of your devices via Mobile Device Manager. Let's come back to this later though
From Google Mail, they have a fair idea of what you're up to, based on your communications to other people. They can access your location history, and data-mine that, to figure out where you are. They can also look at your communications with other people via Hangouts and G+, and attempt to work out where you are (or simply use the GPS location). They can access the location sharing features of google's services, and see where you and your family are. They can see you're not at home (getting your address from an email), and go to your house, aware your kids are home alone, and rob the place, abducting them.
When you return home, you meet a scene of devastation. You take out your phone and call the cops. You call 911/999/112/whatever, but the call was intercepted and passed to the attackers, via software that was installed onto your phone remotely (via the play store's remote push system).
At this point, the attacker takes your phone, and puts you in the back of the van. He uses Google Device Manager, and removes the lockscreen password from your phone (via the forgot lockscreen code feature). This also resets your device encryption password to a known one. At this point, all the devices are turned off, and their SIMs removed, and you are driven to a remote location.
The attackers then call your partner (having got their number from your Google contacts), and demand $1 million, while telling your partner that you know they are currently in <name of place from their google shared location feature>. The same remote access toolkit is installed onto their phone (given they had used your email as a recovery email for their Google account), and this permits monitoring of their phone to check if they call 911 etc.
OK, that all sounds far-fetched, but that is all entirely possible. The sheer amount of data being held about you, by google and other cloud providers, is insane. I didn't even go into the possibility of financial theft here. Cellphones are a very important thing to people, and they often take them for granted. Would you consider that when you called 911 in a moment of need, that someone had remote-installed a piece of malicious software, which exploits an android security hole, to replace the dialer app, and route the call to a rogue attacker, pretending to be the emergency services?
The amount of control that "other people" have over a phone running "Google Apps" is immense. Don't just think about the "NSA" aspects of this - consider how devastating it would be if someone had access to your Google account. And now remember that anyone on the technical team of Google could (in theory) issue an access token to your account to a well-paying attacker...
Oh, and one of the best ways an attacker can get into your Google account is simply to steal a phone or tablet, and extract the Google authentication token. Sure, they might not be able to change your password, but they are now "into" the chain, and will be able to start the attack.
If this don't bother you, I don't know what will...
scanno said:
Are you thinking of implementing off the shelf carddav / caldav syncing? Instead of syncing with Google for calendar and contacts, you can sync with any other source (like ownCloud).
Something that Davdroid does.
I am using this setup on my own private Linux server the last few days and seems to work well.
Sent from my TF300T using Tapatalk 4
Click to expand...
Click to collapse
I currently use {Card,Cal}dav syncing via my OwnCloud server. Thanks for the link to DavDroid, I'd not seen it before!
jonathanxx1 said:
IMO unless your a spy or a criminal I don't see why someone would care about all that NSA stuff.
Sent from my Nexus 7 using xda app-developers app
Click to expand...
Click to collapse
It's shocking that so many people don't (want to?) see the actual problem. The whole spying system is not just about tracking down terrorists.
Google, Facebook, etc and even governmental institutions collect our data to predict and influence our future actions.
So please devs, give us the option to be more independent from the big companies.
Gesendet von meinem Find 5 mit Tapatalk
I
pulser_g2 said:
I currently use {Card,Cal}dav syncing via my OwnCloud server. Thanks for the link to DavDroid, I'd not seen it before!
Click to expand...
Click to collapse
DavDroid is a pretty nice solution and you can set it up for multiple accounts.
I am still looking for a good note taking app (using Evernote now) to sync with my OwnCloud server.
Do you have any suggestions for a sort of Evernote replacement that can sync with OwnCloud?
Sent from my Xperia T using Tapatalk
---------- Post added at 03:57 PM ---------- Previous post was at 03:53 PM ----------
boernie said:
It's shocking that so many people don't (want to?) see the actual problem. The whole spying system is not just about tracking down terrorists.
Google, Facebook, etc and even governmental institutions collect our data to predict and influence our future actions.
So please devs, give us the option to be more independent from the big companies.
Gesendet von meinem Find 5 mit Tapatalk
Click to expand...
Click to collapse
For your calendar and contacts there are solutions already. Main problem is where so you store your data. You will need your own server or trusted third party.
Sent from my Xperia T using Tapatalk
I'm trying to set up my own infrastructure
But I was surprised that there was not out-of-the-box solution to use CardDav and CalDav.
Maybe you could include the apps mentioned above as they are/will become open source.
Gesendet von meinem Find 5 mit Tapatalk
scanno said:
I
DavDroid is a pretty nice solution and you can set it up for multiple accounts.
I am still looking for a good note taking app (using Evernote now) to sync with my OwnCloud server.
Do you have any suggestions for a sort of Evernote replacement that can sync with OwnCloud?
Sent from my Xperia T using Tapatalk
---------- Post added at 03:57 PM ---------- Previous post was at 03:53 PM ----------
For your calendar and contacts there are solutions already. Main problem is where so you store your data. You will need your own server or trusted third party.
Sent from my Xperia T using Tapatalk
Click to expand...
Click to collapse
I've found a nice notepad app, but none yet that use OwnCloud sync.
I was thinking about looking into https://github.com/spacecowboy/NotePad and trying to get it working with the API. It would be fairly easy to remove the "closed" bits like Dropbox sync etc, and use the OwnCloud backend. It would also be nice to add proper encryption of notes later on.
Anyone else interested? (I hate android app coding, I can't even get the dependencies to resolve for it to build... Thus contributing to my dislike for ANYTHING java based)
pulser_g2 said:
Something that perhaps doesn't come across when reading about Omni is about our thoughts on security and privacy. I'm one of the loudest complainers about the actions of a few companies (Google being the main one), who are using Android as a platform to spy on people.
Make no mistake, Omni will seek to address that. One issue the community faces though is that it is currently at the ebb and whim of Google. If Google decide to do X, pretty much every custom ROM has no real choice other than to follow. The aim of Omni is to offer an alternative "upstream" to look towards, when you find out that Google has started to call home every inbound phone number that it doesn't "recognise", in order to find out if it's a company from Google Maps/Local... And presumably log that forever more with your account...
Click to expand...
Click to collapse
I'm thrilled to hear this! Do other omnirom devs share your opinion?
I know it's early, but does the omnirom team have specific security/privacy ideas they want to implement?
In the long run, I don't see the Android ecosystem remaining in one piece. It's going to fragment. Amazon has already done it. Samsung may make this move. And people who want privacy and secure communications need a rom (and perhaps it's own app ecosystem) to which they can turn.
Please think about changing your why omnirom page. Right now, its pitch is very weak. Add a section about privacy and security and people will flock to this rom.
boernie said:
It's shocking that so many people don't (want to?) see the actual problem. The whole spying system is not just about tracking down terrorists.
Google, Facebook, etc and even governmental institutions collect our data to predict and influence our future actions.
So please devs, give us the option to be more independent from the big companies.
Gesendet von meinem Find 5 mit Tapatalk
Click to expand...
Click to collapse
I'm absolutely shocked every time I hear people say this. So many people just dismiss the NSA spying because they're not terrorists. They don't have the imagination it takes to understand that today's citizen is tomorrow's terrorist. Every country that spied on it's citizens has oppressed them.
I'm not a spy or terrorist, but I don't want my every thought and action logged away to be used against me later.
boernie said:
I'm trying to set up my own infrastructure
But I was surprised that there was not out-of-the-box solution to use CardDav and CalDav.
Maybe you could include the apps mentioned above as they are/will become open source.
Gesendet von meinem Find 5 mit Tapatalk
Click to expand...
Click to collapse
I can't post links, but if you want your own secure cloud, look at the Freedombox project. It's Debian based and it has some radical ideas. Eben Moglen and Bdale garbee have worked on it since 2010. Eben Moglen's talk about countries spying on citizens came long before the NSA story came to light.
The website is kind of dead, but in August Bdale gave a talk where he said Freedombox 1.0 should come before 2014. It's on youtube.
boernie said:
It's shocking that so many people don't (want to?) see the actual problem. The whole spying system is not just about tracking down terrorists.
Google, Facebook, etc and even governmental institutions collect our data to predict and influence our future actions.
Click to expand...
Click to collapse
There is a pretty simple solution to this!
Don't behave like expected.
Sent from my Find 5 using Tapatalk
Hoodahottie said:
Even Google is doing that. Months after I got my new android device, I was shocked when I found that Android was uploading all my contacts and other data to google's servers without asking me.
We techsavvy people want more
Click to expand...
Click to collapse
With all due respect to the OP, the above is the major problem. While many of us are "tech savvy" to one degree or another, I think we forget how to read sometimes.
When you're given that stack of papers to sign for your mortgage, car loan, credit card or bank account, how many blindly sign where we are told to be the agent of that company? Do you read what you are signing? If you answer yes, why is setting up your phone any different? We are told that such and such information is going to be collected when we sign up for our Google accounts. We are told that additional information is going to be collected when we set up our phone. Every time we start up GPS services, we are told Google is going to use this data they collect.
This causes me to wonder why it takes people by surprise when they learn that Google isn't a computer hardware and software company, but a marketing company. And even more wonder happens when they mention it's without their knowledge. Reading terms of service is important. They spell out exactly what they are going to do and give you the option not to participate. When I worked for IBM in the 80's, I had to sign away any rights to technology I developed while working there (with the exception of anything I started before employment and listed on their agreement). If I didn't want to do that I was my choice to not work there. The same thing happened with Tricord, Wang, Computer Associates, MAI, Excactium, Pivotal, etc
The other response about the NSA is troubling as well. We elect our representatives in this country every two four or six years. How many of those people that you voted into office voted yes to the Patriot Act? You want some scary reading, research the rights we gave up allowing that to happen.
We are innocent until proven guilty. The NSA "spying" doesn't just ensnare terrorist, but easily the whole population of the USA. Their model of two, three and more levels of contact captures everyone. The real question isn't I'm not a terrorist so why does it matter, it is I'm not a terrorist so why are you doing it?
We setup up these phones with the knowledge we would be tracked. We walk down the street and see security cameras watching. Then we complain about it? We allowed it to happen to have a whiz bang new phone or to feel safer.
" Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety." Benjamin Franklin
I work in retail. Every year I hear people complain that we set Christmas stuff too early. Those same people are buying their lights, cards and trees in the same visit. If they didn't buy early, we wouldn't set early. If we truly cared about not being used as marketing data, we wouldn't be using these phones. We wouldn't use Google.com to search. We wouldn't re-elect many of those in office at the local state and federal levels.
Sorry for the rant, I'll step of the soapbox and allow this discussion to get back on track.
Sent from my Nexus 4 using Tapatalk
With no disrespect, I wonder if people who ask me to take full responsibility understand life and power.
I understand that I have to take some responsibility for signing on for services and programs, but I blame the government and corporations more because they are many times richer and more powerful than me.
And they take advantage of that.
How many Terms of service agreements have I had to sign to use internet services? If I really read all of their ToS, I wouldn't have time for anything else. I'll bet that the ceos of these companies haven't read the ToS of their own products. They don't have to because they have the money to hire 50 of the best lawyers and ask them to craft a bullet-proof ToS.
They probably spent tens of thousands of dollars on the ToS. And I stand against all of that money and power, with limited time and resources and no law degree. Am I the one to be blamed? They know I'm tired from work, that I don't have a legal background and my attention span is limited and I need this product, and there is no other choice unless I'm willing to suffer a lot.
Often these multinational corporations control the whole market and I don't really have any choice. Look at the phone OS market now. I can choose between Android, iOS or Windows Phone. My choices are an open source OS built to facilitate spying, an overpriced, closed source, simplistic OS built by a company that co-operates with the NSA or a closed source, proprietary phone from an industry giant accused of anti-competitive behaviour and also collaborating with the NSA.
There's no real choice. Not just in the phone industry, but in most places in life. Powerful people don't become powerful by giving everyone else choices and freedom. They take freedom away. You ask me to take responsibility as if I had another, better choice. Apple, Google and Microsoft ToS will be mostly similar and it'll always protect their interests. There are no other real choices. It's always been that way, and why I blame the government, corporations and powerful people more than myself.
To really win, I'd have to devote my life to fighting all these powerful forces and even if I win, I'll have to spend the rest of my life defending against other crooks who'd try to do the same thing. I wouldn't have any time left for a life.
"You ask me to take responsibility as if I had another, better choice."
Who else is responsible for your actions?
"Apple, Google and Microsoft ToS will be mostly similar and it'll always protect their interests. There are no other real choices."
Yes, these companies are in business to make money. That is no different than you having a job to make money.
But do not tell me you or Bill or Steve or Larry do not have à choice. Ever heard of CP/M? An Altair? AltaVista? If you haven't, here is some history.
CP/M was a dominant operating system before DOS. Bill Gates made a choice to create Altair Basic for the Altair microcomputer being sold mail-order. That was the start of Micro-Soft (now Microsoft). He made another choice to create MS-DOS to compete against CP/M for the IBM PC and clones. He made another choice to start work on Windows to compete against Apple's graphical interfaces and IBM's TopView.
Before Steve Jobs made the choice to sell Woz's garage built microcomputer (later named the Apple) there was the Altair mentioned above. They made a choice to build an alternative.
Larry Page and Sergey Brin made the choice to start Google, thinking they could do search better than AltaVista, Yahoo, Excite, HotBot, MetaCrawler, etc.
Powerful people become powerful many times by giving others alternatives. The above mentioned powerful people are examples.
We can make the choice to use prepaid basic phones and not worry about anyone watching us because you don't use personal information to activate.
"To really win, I'd have to devote my life to fighting all these powerful forces"
You should. Doing so makes you powerful. Recently two women changed how one of the world's largest food brands makes their products. One of them eventually dropped out of the spot light and it became the crusade of ONE woman. Kraft Foods is changing how they make some of their Mac and Cheese products due to the efforts of one individual. No more Yellow #5 in their Mac and Cheese products specifically marketed at children. That was a choice she made. A fight that became part of her life.
We all have choices. We are all responsible for our own actions. We can't blame government as a whole because they are largely elected by us. We work to make money to live the life we choose. Corporations (started by individuals) do the same thing.
Sorry again for diverting off topic, but I have a difficult time with responsibility shifting to account for mistakes. We all make them (this reply is probably one of mine). A wise person once said, the man who makes no mistake, usually doesn't make anything worthwhile.
This particular set of threads, all the Omni threads, are what make communities like this work. We can voice opinions, state facts, help with commands to build a repository, compile a kernel, even agree to disagree.
This is how XDA started, while maybe some sections have stayed from the roots, Omni has brought it back full circle.
Sent from my Nexus 4 using Tapatalk
jonathanxx1 said:
IMO unless your a spy or a criminal I don't see why someone would care about all that NSA stuff.
Sent from my Nexus 7 using xda app-developers app
Click to expand...
Click to collapse
You may want to skim through this: http://online.wsj.com/news/articles/SB10001424052748704471504574438900830760842
Some laws (in many? all? countries) are so loosely worded that you're probably breaking some of them right now. Now remember that the government/google/facebook/whoever is watching everything you do. If you ever become "a problem" you're not going to be too difficult to "deal with". Just a potential look at one of the many problems with complete surveillance.
You guys talk about this as if Google, Facebook and all these companies willingly gave up this information.
But the reality is this: the government (NSA) asks for the data. If the companies deny them this, the NSA then goes to obtain a generalized warrant from the FISA courts, secret courts with a 99.7% warrant approval rate, and then obtain the data regardless of what these companies want.
And for those of you who STILL think it's the companies, read this: http://www.washingtonpost.com/world...1d661e-4166-11e3-8b74-d89d714ca4dd_story.html
---------- Post added at 10:38 AM ---------- Previous post was at 10:31 AM ----------
And yes, these companies DO own your data. As soon as you click "I accept these terms" on the registration page, they are now the owners of everything that goes through their online services.
But, here's the catch. Companies are individuals too, as established in Citizens United v. FCC, and are protected under the same rights as any other individual. And it logically follows that because of this, it is a breach on each company's 4th amendment rights for the NSA to obtain generalized warrants, that list NO goal for the investigation, and use these in order to force each company to fork over account details among other things.
frustration pure
one of the most common arguments of those who don't care or don't want to face the
risks of others knowing anything or almost everything of us is:
i have nothing to hide so what !
now to make a point i would like to come up with a very simple and for many
perhaps a bit strange example but i think most will understand what i mean.
ALBEIT I'M ALLOWED TO MAKE LOVE TO MY WIFE AND IT'S TOTALLY LEGAL
AND RIGHT, I DO NOT WANT ANYONE TO LISTEN OR WATCH :laugh:
UNDERSTOOD ?
regards
+1
I've been lurking and decided to give my opinion. First though, let me give a little background. Two years ago I bought my first Nexus and I rooted it right away. I left the bootloader unlocked, the CWM recovery installed, and USB debugging left on. Any app that could log me in automatically I allowed...Ebay, Amazon, Gmail, etc. I thought I was doing a good job protecting my privacy by using a strong password lock and installing Lookout.
I had no idea how easy it was to gain access to all of my data. My ignorance would not have protected me. Now to today. I have a rooted phone, but the bootloader is locked with the stock recovery installed. I will install a custom rom when a good one is available, but the stock recovery will be re-flashed and the bootloader locked when I'm done. I still use Lookout. I'm using LastPass to manage unique strong passwords now...no more saving passwords. I'm waiting for ADB Toggle to be fixed for Kitkat and USB Debugging will be turned off when my phone plugs into a computer. I am constantly looking for ways to protect my data.
To have total convenience, you must give up privacy and security. To have total privacy and security, you must give up convenience. I know that google has access to EVERYTHING I do with my phone and am not happy about it. I try to be informed and balance convenience, privacy, and security.
:good: I second the suggestion that OmniROM should attempt to become the ROM for people who want to protect their privacy and security. :good: There is a lot that can be done at the operating system level that cannot be performed by individual apps. Sure, I love all the features that custom ROMs offer and look forward to see what can be done, but privacy and security are #1 for me.
If you agree, then +1 this post.
i guess this is a general subject, but fits in this forum because we're (nexus users) probably more affected than the rest of the android world. In short, i'm not liking Google's thirst for collecting info in order to sell us ads, tailor and filter information that gets to us, or even sell our info to other companies (android police had an article a while back about a company who was doing this). But let's go back in time a bit first...
My first android device was back in 2010, and i've been through a few htc and samsung devices, galaxy nexus, nexus 4 and of course nexus 5. Now, whoever had a galaxy nexus might remember how android was back then, ICS just came out, it was the first version that could actually compete with it's rival OS's, and the official builds on the galaxy nexus were very close to AOSP.
On the nexus 4 we started to see some changes, Chrome replaced AOSP's browser (Browser) even though it was still not ready for that role yet and despite it coming a long way to where it is now, IMO it's still not as good as the stock browser was. Google Play Music also replaced Music as the default music player and so on..
On the nexus 5 Hangouts replaced stock Messaging (in my opinion it also is not ready for that role yet) and last but not least we're witnessing how G+'s Photos is going to replace Gallery (which is simple and fast, works great, and has a mighty lil photo editor).
Let's add to that Photosphere, a feature exclusive to nexus devices, and the Google Experience launcher (exclusive to nexus 5). So we've reached quite a big divergence from AOSP.
Another thing is how Google is forcing it's social network, either through binding playstore/youtube comments with it, photos, G+ sign in, Game hub (Play Games) etc.. Basically, you have to have G+ to be able to do simple stuff.
Also, we all know that one of the reasons they killed microSD support was to get people to use their cloud services, Keep, Drive, GMusic, G+ autobackup photos...
Other than forcing it's services, Google likes to tailor things for us. A simple example is the Youtube app, it's default opening screen is "What to watch" instead of subscriptions.
Also, Google Now is a cool concept, and it can be very helpful, but it kind of adopts the concept of offering you the info (it thinks) you need, according to certain algorithms. And that's the way Google's search engine has been functioning for years. And it's not only a Google thing, everybody does it, facebook, yahoo etc..
If you've read this far, and this subject interests you, watch this TED talk http://www.youtube.com/watch?v=B8ofWFx525s
I've been thinking about this subject for a while, and honestly, i have mixed thoughts about it. I use Google's services and i actually like Google as a company -despite the lil rant above- but i try my best to control what info i share with them, and i'm definitely not liking the route Google is taking with android, causing fragmentation even between nexus devices, closing down a lot of open source services and forcing it's own, and tailoring stuff for me. I don't need someone to think or make decisions on behalf of me, i want to be able to decide what i want to see/read/know about/use. I also want android to stay as open sourced and available to everyone as it can be.
So what's your take on this subject? do you have any concerns about your privacy and the info you share with Google's servers? and how about the android -or should i say Google- experience on the N5 compared to AOSP or past experiences you had with previous nexus devices, do you see any difference?
Google uses your data to build out great services. They also get a lot of money for advertising, and that's just the way it is. Do you think they should give Maps and Gmail away for free to people without getting something in return? Everyone who buys a Nexus device or uses Google's services understands this. You said in your post that Google forces their services on us, but you aren't being forced to use a Nexus device, or use Maps and Gmail. You made that decision yourself, so I don't understand why you're complaining.
Oh no, Google can't do nothing bad. It's Apple's fault.
Sent from my Nexus 5 using Tapatalk
I don't really understand what you are getting at. If you don't like all of the Google services then why not install cyanogen mod? The sole purpose of a business is to make money for it shareholders and Google is a business. They provide amazing apps and services for "free". I put free in quotes because you are indirectly paying for it. No one is forcing you to use Google phones or Google services.
Edit* okay I do understand what you are getting at but I don't feel that Google is hiding it from its users. It's no secret that Google sells ads. That is their business. They can become a more successful business if they gather more information about its users. I am aware of what Google does when I use its services and I accept it because I use the services they provide and don't have to pull out my credit card.
It's not that hard to understand; why are we all flaming this dude? He was just asking for everyone's opinions.
I agree with you 100%. Especially as I initially made the switch from CM9 to CM10, I was really wary about Google Now. It seemed like it was collecting waaaayyyyy too much info. The G+ integration in Google Play and Youtube also ticked me off.
However, the more I think about it, Google is still being sensible. Google Now can't be compared to Siri because Siri can't do crap; Siri just takes what you say and searches it up. Google Now can be turned off, and if you don't want it always tracking your location, just turn off location and it'll turn off all the location-based cards.
I'm also intrigued (not concerned) by Google's recent actions, especially with the acquisition of Moto, the release of Moto X and Moto G, and the introduction of so many GPe devices. Perhaps Google feels threatened by Samsung and feels the need to tighten its grip? The Nexus/GPe community used to be solely dominated by Samsung, but now it's seen entrances by HTC, LG, Asus and Sony. It seems to me that everything Google has done in the past few months has been forced by Scamsung and Crapple, and that we shouldn't really feel concerned in any way...yet.
The whole world runs on information and EVERYONE is trying to collect as much as possible. You might as well let it benefit you. Imagine if you had to pay for an email client, gps, countless news subscriptions, data hosting, and on top of that, had to pay for every new software version as it was made available. Even paid services are focused primarily on learning as much about you as possible. At least they are trying to learn what interests you to offer you something you might actually want!
I for one am very sad to see Google's Android deviate so far from pure Android. I am not a fan of the Google Experience launcher and I miss the beautifully simple AOSP experience. Even when I do run stock android, I fill it up with Google services. I think the point here is that you should choose what you want... ESPECIALLY with a Nexus device. The Nexus has become too commercial with the N5.
Sent from my Nexus 5 using xda app-developers app
I dont want anyone selling my data. I do appreciate that I use many Google services for free so I'm happy for their bots to analyse my data to sell tailored advertising to support these services.
-----------------------
Sent via tapatalk.
I do NOT reply to support queries over PM. Please keep support queries to the Q&A section, so that others may benefit
rootSU said:
I dont want anyone selling my data. I do appreciate that I use many Google services for free so I'm happy for their bots to analyse my data to sell tailored advertising to support these services.
-----------------------
Sent via tapatalk.
I do NOT reply to support queries over PM. Please keep support queries to the Q&A section, so that others may benefit
Click to expand...
Click to collapse
Long as i dont get junk in my email or mailing address, besides what do you got to hide huh? unless you're al qaeda right? or some terrorist..
Google doesn't sell your info to other people, and nor does it "read" your inbox or someone is "reading" it, it looks for certain keywords then deliver ads based on that... test it your self on your phone email your self with any subject and just make a random sentence containing the word viagra, you will now receive ads that have to do with "Male enhancement pills".. google does this to provide cheap devices such as the chromecast and nexus line they want you to buy it in return for your interests then deliver ads based on that then google gets paid by the advertiser or the marketing campain, so lets just call this instead of google stalking you or like mining your information like gold think of it as google trying to see what you're interested into and deliver that to you!
oh also inb4 someone says punctuation is your friend
I've always been very bugged about this that's why I try to download privacy apps to control what permissions they are asking for
Sent from my Nexus 5 using Tapatalk
Google is just a modern day netzero (from back in the days). The sooner you realize that, the better you'll be able to set your expectations.
That being said everything you find worrisome, you can substitute with a different service. It's not being forced to you.
The reality is, you made a calculation that the benefits outweighs the costs. You just may not be conscious of it.
Lastly, the nexus line is pure Google, it's not pure asop. It's Google flavored android, just as htc one is htc flavored android.
Sent from my Nexus 5 using Tapatalk
---------- Post added at 12:08 AM ---------- Previous post was at 12:04 AM ----------
nohcho said:
Oh no, Google can't do nothing bad. It's Apple's fault.
Sent from my Nexus 5 using Tapatalk
Click to expand...
Click to collapse
Stawman
Sent from my Nexus 5 using Tapatalk
markdapimp said:
Long as i dont get junk in my email or mailing address, besides what do you got to hide huh? unless you're al qaeda right? or some terrorist..
Google doesn't sell your info to other people, and nor does it "read" your inbox or someone is "reading" it, it looks for certain keywords then deliver ads based on that...
Click to expand...
Click to collapse
This is exactly my point. You seem to be arguing my point back to me, which makes no sense. Perhaps you misread my post
Nothing online belongs to you.. there are many ways to stay frosty on android.
Sent from my AOSP on HammerHead using Tapatalk
i guess some people didn't get my point, maybe since English is not my native language.
Anyways, as i mentioned in my previous post i do use Google services, and i'm grateful that most of them are free. But it's getting harder and harder to control your privacy. Look at the new location concept in kitkat, you can't switch location OFF completely from the power widget, you have to take additional steps and go into settings. Furthermore, on previous versions, you could use GPS, let's say for sport tracking apps, but deny location from all Google apps. Now you can't do it anymore, even if you use "device only" Google's apps (and facebook and others) are able to ask for your location.
Same goes to the Photos app, if you log in your G+ account, and choose photos from the slide menu, you'll see all your photos, even if they are still only on your device (autobackup OFF), something like the GMusic concept with on-device/cloud music. Honestly, i don't want my photos on G+, and i have a feeling i'll be forced soon to upload them whether i like it or not, just like the location thing.
Also i want to be able to choose what G services i want to use. AOSP still gives that freedom, but no one can deny that Google progressively is stopping to develop AOSP apps, and it's forcing it's own. I think some around here take stuff that Cyanogenmod or the Paranoid team (and others) do for granted. I think people should be thankful for things like 8Sms , Focal and so on, and recognize the effort put in them, and help (test/report bugs) and donate to those devs to encourage them to polish these apps and make them even better. Honestly, i think we were lucky to get to choose what sms client we want as default, if it was up to Google, we wouldn't have that option available.
And lastly, look at what happened to App Ops, it would've been a nice tool to give back control to the end users, but it was killed in the last update with a statement that it was never meant to go public. If they are afraid some people will misuse it and break app-functionality (then whine about it) , well they could've put it in Developer Options right beside ART and the rest of the stuff that can potentially break things on your device.
So as a conclusion, i do like and use Google services, but i also don't want to be forced to share my private data, i just want to be able to do it in the range that i'm comfortable with, and putting everything on Google's servers does not make me feel comfortable :good:
You're never forced to share your data... You don't even have to use your real name on an account!
Sheesh.
Sent from my Nexus 5 using Tapatalk
Cirkustanz said:
You're never forced to share your data... You don't even have to use your real name on an account!
Sheesh.
Sent from my Nexus 5 using Tapatalk
Click to expand...
Click to collapse
That's cool, can I use your name when buying my next phone.... how about my Google store/wallet account, oh yeah and PayPal
makes you wonder why so many laws in the past prohibited such practises... they must of been real stooooopid!! haha
also if it was a bad thing lots of literature would have been written about it, warning us
meangreenie said:
That's cool, can I use your name when buying my next phone.... how about my Google store/wallet account, oh yeah and PayPal
makes you wonder why so many laws in the past prohibited such practises... they must of been real stooooopid!! haha
also if it was a bad thing lots of literature would have been written about it, warning us
Click to expand...
Click to collapse
Don't be silly.
You can pay cash for an Android phone. You can even pay cash for a Nexus 5.
You have the option of paying for mobile purchases with your carrier account, and have you never heard of a pre-paid visa card? There are all kinds of ways to get one without providing any personally identifiable information of any kind. The point of google store purchases being an invasion of your personal information is also entirely moot as you can very easily use an Android phone without making a single purchase on the play store.
You don't even have to use wallet, in fact most Android users CANNOT even use wallet to its fullest since they don't have NFC in their phones.
For real now, if you think your personal data is so valuable and sacred, have fun not having a checking account, loan, a real job, or a real place to live.
You don't even have to have google services running on your phone. This is XDA...install a custom rom and just don't load gapps. Or be even more lazy about it and just disable those apps in settings and they don't run.
That's me being silly. See how that works?
Here's my theory on the issue...
The way I see it is that a person has three choices:
1. Go completely off-the-grid, paying (limited) bills in cash, never engaging with the internet, and forgoing many modern technological conveniences.
2. Allow some personal information here and there, trying to maintain control by engaging with services that can be discontinued when they "cross the line".
3. Allowing access to all personal information online, engaging with anything and everything.
The third is simply not an option for me. I have no desire to have for-profit corporations spamming me with offers for crap I don't want and selling my private, personally identifiable information to anyone and everyone.
The first is really not an option, either. I don't want to be completely cut off from friends or have contacting them be excessively difficult. It is convenient to pay my rent, utilities, and other bills online. Frankly, I'm not good enough with any type of work that allows one to go off the grid to make a living.
So, that leaves me with the second option. I monitor changes to privacy and terms of service policies for the services that I use. I try to limit the services that I use. Obviously, I have a bank account and that comes with the need to provide some information to the bank, but also the ability to monitor my money and immediately flag appropriate people if anything suspicious happens. I have a Google account and a Nexus 5, ergo I use Google's services. And here's what's important to me: I can delete my Google account any time I want. With something like Facebook, it was a lot more difficult to do that once I became uncomfortable with my of the changes Facebook was making. Also, with Google, I can opt-out of many of the services that make me uncomfortable, such as targeted advertising or using my +1's as endorsements. If that ever goes away, I will absolutely reconsider my position. I maintain multiple Google accounts, actually, as a means of limiting who can see what information about me. I have a personal account, which has the most information about me and which is as locked down vis-a-vis Google as I can make it, but which allows my friends and family the best means of interacting with me. I have a professional account, which has only information relevant to my work. I have an "partial-incognito" account, which does not have explicitly identifiable information about me. I have a few completely incognito accounts, which I only ever access through very restricted circumstances, like a proxy server, and have absolutely no information that could be tied back to me. Frankly, that's about the best I can do.
I have chosen to make a tradeoff, information for convenience. The line where I am willing / unwilling to make that tradeoff is a massive grey area and I constantly reevaluate it. Sure, it's annoying to have to stay on top of it, but it's a fact of modern life. As long as Google gives me the option to delete my account whenever I want, I give them the benefit of the doubt and continue providing (limited) information about myself in exchange for some extremely useful services (unfortunately, this isn't the same deal I can make with the NSA).
Lokitez said:
Here's my theory on the issue...
The way I see it is that a person has three choices:
1. Go completely off-the-grid, paying (limited) bills in cash, never engaging with the internet, and forgoing many modern technological conveniences.
2. Allow some personal information here and there, trying to maintain control by engaging with services that can be discontinued when they "cross the line".
3. Allowing access to all personal information online, engaging with anything and everything.
The third is simply not an option for me. I have no desire to have for-profit corporations spamming me with offers for crap I don't want and selling my private, personally identifiable information to anyone and everyone.
The first is really not an option, either. I don't want to be completely cut off from friends or have contacting them be excessively difficult. It is convenient to pay my rent, utilities, and other bills online. Frankly, I'm not good enough with any type of work that allows one to go off the grid to make a living.
So, that leaves me with the second option. I monitor changes to privacy and terms of service policies for the services that I use. I try to limit the services that I use. Obviously, I have a bank account and that comes with the need to provide some information to the bank, but also the ability to monitor my money and immediately flag appropriate people if anything suspicious happens. I have a Google account and a Nexus 5, ergo I use Google's services. And here's what's important to me: I can delete my Google account any time I want. With something like Facebook, it was a lot more difficult to do that once I became uncomfortable with my of the changes Facebook was making. Also, with Google, I can opt-out of many of the services that make me uncomfortable, such as targeted advertising or using my +1's as endorsements. If that ever goes away, I will absolutely reconsider my position. I maintain multiple Google accounts, actually, as a means of limiting who can see what information about me. I have a personal account, which has the most information about me and which is as locked down vis-a-vis Google as I can make it, but which allows my friends and family the best means of interacting with me. I have a professional account, which has only information relevant to my work. I have an "partial-incognito" account, which does not have explicitly identifiable information about me. I have a few completely incognito accounts, which I only ever access through very restricted circumstances, like a proxy server, and have absolutely no information that could be tied back to me. Frankly, that's about the best I can do.
I have chosen to make a tradeoff, information for convenience. The line where I am willing / unwilling to make that tradeoff is a massive grey area and I constantly reevaluate it. Sure, it's annoying to have to stay on top of it, but it's a fact of modern life. As long as Google gives me the option to delete my account whenever I want, I give them the benefit of the doubt and continue providing (limited) information about myself in exchange for some extremely useful services (unfortunately, this isn't the same deal I can make with the NSA).
Click to expand...
Click to collapse
That's the type of answer i was looking for, thank you for this :good:
i can recognize myself in most of the things you wrote, basically that's how i feel about it too. i hope we won't get to the part where we'll have to "reconsider our position", but all the closing down and limitations are an indication that we're heading that way (i hope i'm wrong).
I started this thread to hear what others think about this subject, and to see if maybe i'm being excessively paranoid
Cirkustanz said:
Don't be silly.
You can pay cash for an Android phone. You can even pay cash for a Nexus 5.
You have the option of paying for mobile purchases with your carrier account, and have you never heard of a pre-paid visa card? There are all kinds of ways to get one without providing any personally identifiable information of any kind. The point of google store purchases being an invasion of your personal information is also entirely moot as you can very easily use an Android phone without making a single purchase on the play store.
You don't even have to use wallet, in fact most Android users CANNOT even use wallet to its fullest since they don't have NFC in their phones.
For real now, if you think your personal data is so valuable and sacred, have fun not having a checking account, loan, a real job, or a real place to live.
You don't even have to have google services running on your phone. This is XDA...install a custom rom and just don't load gapps. Or be even more lazy about it and just disable those apps in settings and they don't run.
That's me being silly. See how that works?
Click to expand...
Click to collapse
well none of that was my point, but don't worry about it. your willing to give my and my children's freedom away.. no argument will ever be good enough for you to stop you doing that.
Personally i don't care what Google knows about me (i'm not that interesting and i got nothing to hide - heck let the NSA spy on me too. don't care). I love their services and don't see anything wrong with them using my info to make $$. They are providing me with a service that makes my life a lot easier/better. I also really like the consolidation of Google aps and services and the synergy it creates. Google may force you to use one service to access part of another, but they do not force you to use anything you choose not to. If you don't like G+ integration, don't use Google's suite. I'm not trying to flame the OP, but i just don't get the point of this post. If you don't like something the best way is the speak with your wallet. If enough people do that maybe Google will pay attention.
---------- Post added at 12:58 PM ---------- Previous post was at 12:49 PM ----------
rayiskon said:
That's the type of answer i was looking for, thank you for this :good:
i can recognize myself in most of the things you wrote, basically that's how i feel about it too. i hope we won't get to the part where we'll have to "reconsider our position", but all the closing down and limitations are an indication that we're heading that way (i hope i'm wrong).
I started this thread to hear what others think about this subject, and to see if maybe i'm being excessively paranoid
Click to expand...
Click to collapse
this is why you started the thread? to hear opinions that validate your own? i thought it was to spark discussion?
Hello boys and gurls, this is just a way from me to "scream" one frustration I've got since I've started to try custom ROMs on my OP 6T device I own since February this year.
I'm an Android fan and user since back in the 2.3 era, you know, the days when Android names had a "tasty" name that could made you "swallow" one way or another. I remember that on my 1st device, Galaxy one plus, I've encountered 1st time this frustration I'm trying to point now, and that was a semi-bricked device camed from a "bad flash"... Those days are long gone and isn't good to live nostalgic way, because that will stop progress, they say...
About progress, here is where I really wanted to get... In my opinion, with this A/B partition system, Google messed up things so bad that could even get to the point that developing will go down so bad that even "he" will feel it. Sorry to say this Google, but this ain't really a progress regarding development of an Open Source you actually benefit from... I'm a bit frustrated regarding of what this system brings when flashing/testing ROMs for the fine people developers are. Because I can imagine this messed up way of do things by bringing up A/B up in development will lower the testers and beta testers to a point where only a few users will have the guts and most important time to actually test a custom ROM... And that's just because of this "idiotic" thing you bought up with latest Android versions...
Like I've said in title, this manifest is made for all the ones who feel the same about wasted time testing and failing when comes about something that you, Google, benefit.
Regarding anyone who wants to add anything about this or maybe just to make the required number of posts so he can use the forum as he wants (hello to all this new Android newcomers BTW), feel free to discuss the subject, or point finger at me, at me a person who thinks that this new system (not a flawless one as Google intended to be) is pure crap that will make lots of devs or testers to just quit be part of this awesome life that Android brings ...
I agree and disagree. I think the A/B partitions are good for non-root users and those are the 99.5% of people with a smart phone.
For root users it is a pain in the ass however, I never really had any major problems with A/B layout because you can always flash back to stock.
I dont like it but not enough to make a big deal over.
Scott said:
I agree and disagree. I think the A/B partitions are good for non-root users and those are the 99.5% of people with a smart phone.
For root users it is a pain in the ass however, I never really had any major problems with A/B layout because you can always flash back to stock.
I dont like it but not enough to make a big deal over.
Click to expand...
Click to collapse
Well as I've said, it kills the mood to test/use/flash customs because you can end up with a soft brick (or worse) more easily than before.
chasemyass said:
Well as I've said, it kills the mood to test/use/flash customs because you can end up with a soft brick (or worse) more easily than before.
Click to expand...
Click to collapse
Yes, this is true but if you are careful you can avoid 99% of the issues. Im not saying your point is not valid but I am asking that you look at it from OEM / GOOGLE side.
They used to have updates, if bad, brick phones. Now the phone can roll back to the last known good operating system without issue if OTA corrupts boot.
Its a tough pill to swallow because it benefits and hurts different people in different ways.
Scott said:
Yes, this is true but if you are careful you can avoid 99% of the issues. Im not saying your point is not valid but I am asking that you look at it from OEM / GOOGLE side.
They used to have updates, if bad, brick phones. Now the phone can roll back to the last known good operating system without issue if OTA corrupts boot.
Its a tough pill to swallow because it benefits and hurts different people in different ways.
Click to expand...
Click to collapse
Well maybe you can get to a back point where all was good during a flash, but not if you are rooted. At least I never managed to do it and ended up with using msm, unlocking bl, flash twrp, etc. That's a waste of time tbh beside the fact that if you want to actually test ROMs is better (safer) to play on a smartphone you don't use day by day... This is where it hurts on some "flash'ohoolics" that wants to test more than one cooked ROM to see what's best for him, like I always did.
Google doesn't care of custom roms. Even if Android is allegedly open source, the reality is that the Android environment (certification process, filesystem design, even bootloader security and access) is meant to make custom roms and above all root access more and more difficult to implement.
That explain all changes made to Android and future ones. Google stated several times that simple root access is not legit and is dangerous for the user. Especially now that phones are more and more used for very critical usage as banking, payment, car opening and starting and so on. The chain of identification and legal responsibility will lead more and more to tight closed phones even on Android.
Striatum_bdr said:
Google doesn't care of custom roms. Even if Android is allegedly open source
Click to expand...
Click to collapse
Android isn't open source, AOSP is. Android = AOSP + proprietary closed source blobs.
grt67DFqyu said:
Android isn't open source, AOSP is. Android = AOSP + proprietary closed source blobs.
Click to expand...
Click to collapse
That only proves my point, proprietary is badly compatible with custom rom, and needs many Dev effort... Until time when those efforts won't be enough or too heavy to be done.
This belongs in some Google Android dev forum regarding the architecture. Or, feel free to get hired by them and influence them anyway you please.
Striatum_bdr said:
Google doesn't care of custom roms.....The chain of identification and legal responsibility will lead more and more to tight closed phones even on Android.
Click to expand...
Click to collapse
I can partially agree with you about Google, because the good thing about an open source is that you can "borrow" some modifications made by others, so closing up or limiting the development isn't such a bright ideea, but that is just my humble opinion.
Regarding the closed phones you mention, well that brings me back to the point where jailbreak was an intense way to do things and I did once on one of my old iPhone 4, and that just because I wanted to customize it a bit more, as I was getting bored of it.
Beside that, I really think that if we manage to read, pay attention to details and act like a conscious person, we all know what unlocking BL and rooting can do regarding our precious smartphones. But if you know that and still use your rooted smartphone to save delicate things and/or credentials regarding your bank account and so on, can't really blame anyone else for it... This ain't about security, because I can think that we most users agree that's something beyond us, but more like annoying adds, customize more the look of your gadged and last, but not least, trying to squeeze as much as it can be done from it when comes to whatever you do with it...
I still stick with the point I've started this discussion thread, that A/B partition sucks, even if Google hides it behind a safer window towards using the gadget... Sometime I think that all this pushing forward with all modifications made by Google, behind any reason, is just a road to make it difficult to use it without a ROM agreed by them...