Database Develop

[Q] Security App / Encryption / Locking?

I will be using my GTab as my primary travel "laptop" since it's much easier to tug on a plane and the battery lasts 4 times longer.
This means I may very well have sensitive information, including my contact list, on it at any given time. I'm concerned that if I do this and it's stolen in an Airport or left in a cab that I could have a data breach.
What security options have people used? I'm concerned first about locking the device to keep out the average joe, but I also would like to have an encrypted section on the SDCard for sensitive file storage. I assume there's no way to encrypt contacts or email on the device, but other documents and spreadsheets would be good.
There's still a LOT of things I'd never put on a mobile device, but at times I might need to travel with sensitive information.

My suggestion for sensitive data would be a seperate Thumb drive with password protection. Just to be on the safe side. Use pin or password security on the tablet as opposed to lockscreen gesture. I use all the dots for my gesture so that my fingerprint trails can't be easily traced over.
Sent from my VEGAn G-Tab

boilock is coming

Has anyone tried the premium version of "Lookout".apk ? I have the basic virus scanner version, but the premium claims to include remoted data wipe and remote lock. Just google it for more info. The premium costs $29.99 per year

Vegan has the logon security option. I use it on mine.....
Sent from my Viewsonic G_Tab running VEGan 4.0 + Supp via Tapatalk Pro

ketty_yijun said:
boilock is coming
Click to expand...
Click to collapse
yes it is http://www.youtube.com/watch?v=8KRelvzkXdU
hope this works on the gtab think it would be pretty sweet!

Lookout
insight3fl said:
Has anyone tried the premium version of "Lookout".apk ? I have the basic virus scanner version, but the premium claims to include remoted data wipe and remote lock. Just google it for more info. The premium costs $29.99 per year
Click to expand...
Click to collapse
I use Lookout premium for my Vibrant, and am researching to see if I can apply my premium protections to an additional device. I have been very happy with Lookout. Of all the programs out there this was the one I found to be best in terms of locking my phone remotely and not giving someone an easy way to figure out how to unlock it. Not sure if it will do the same for my rooted G Tab though. I'll let you know what I find out...

biggerguy_sf said:
I use Lookout premium for my Vibrant, and am researching to see if I can apply my premium protections to an additional device. I have been very happy with Lookout. Of all the programs out there this was the one I found to be best in terms of locking my phone remotely and not giving someone an easy way to figure out how to unlock it. Not sure if it will do the same for my rooted G Tab though. I'll let you know what I find out...
Click to expand...
Click to collapse
I checked with Lookout and they said that I can have two devices on my account. The only caveat is that since my G Tablet has no number it can't take advantage of advanced features that require SMS communication with the Lookout server. But the install went fine, signing in went fine, and I am now scanned and good to go!

How would lookout "Find your phone if it is lost or stolen"??? off of the Wifi signal if it is avaliable for the tablet?

Possible Root Exploit?

Now that the "gates are open" on the Google Chromecast it *should* in some way, be possible to root it now. I have done some security researching and I was wondering if we could create a malicious streaming app to stream a shebang file (hashbang, whatever you wanna call it; same tactic used in both versions of iOS' evasi0n) to run a script to root the device. We might also be able to stream over elf binaries that use kernel exploits to root the device then use adb to execute them from there. Please comment on your suggestions/thoughts/why this will or will not work. As always, thank you for taking the time to read this.
r3pwn

r3pwn said:
Now that the "gates are open" on the Google Chromecast it *should* in some way, be possible to root it now. I have done some security researching and I was wondering if we could create a malicious streaming app to stream a shebang file (hashbang, whatever you wanna call it; same tactic used in both versions of iOS' evasi0n) to run a script to root the device. We might also be able to stream over elf binaries that use kernel exploits to root the device then use adb to execute them from there. Please comment on your suggestions/thoughts/why this will or will not work. As always, thank you for taking the time to read this.
r3pwn
Click to expand...
Click to collapse
I like your thinking.
The first order would be to get root and disable OTA updates.
As long as the whitelist exists, a malicious app would be difficult to get past Google's approval. Kind of like how iOS had the "flashlight" app that allowed tethering until Apple shut it down.
It might actually have to be two parts - a functional app that has a vulnerability, and some specific trigger that can utilize the vulnerability. A backdoor into a normal app, or a some kind of specific login that triggers a specific server-side response, for example.
AFAIK, ADB isn't enabled on stock Chromecast.
Another potential attack vector is the setup mechanism on the Chromecast-side - for example if the SSID or keyphrase strings can be overrun, but Google may have already checked that stuff.
Because stock Chromecasts auto-accept OTA updates, I fear it will be a continual cat-and-mouse game of finding exploits and having them auto-patched by Google OTAs. Still, at least it would provide an option for folks who have an updated bootloader.

bhiga said:
I like your thinking.
The first order would be to get root and disable OTA updates.
As long as the whitelist exists, a malicious app would be difficult to get past Google's approval. Kind of like how iOS had the "flashlight" app that allowed tethering until Apple shut it down.
It might actually have to be two parts - a functional app that has a vulnerability, and some specific trigger that can utilize the vulnerability. A backdoor into a normal app, or a some kind of specific login that triggers a specific server-side response, for example.
AFAIK, ADB isn't enabled on stock Chromecast.
Another potential attack vector is the setup mechanism on the Chromecast-side - for example if the SSID or keyphrase strings can be overrun, but Google may have already checked that stuff.
Because stock Chromecasts auto-accept OTA updates, I fear it will be a continual cat-and-mouse game of finding exploits and having them auto-patched by Google OTAs. Still, at least it would provide an option for folks who have an updated bootloader.
Click to expand...
Click to collapse
The whitelist still exists? I had thought they removed that with the SDK.
Sent from my Nexus 7 using Tapatalk

r3pwn said:
The whitelist still exists? I had thought they removed that with the SDK.
Click to expand...
Click to collapse
According to this in the developer's guide you still have to allow your Chromecast to send its serial number, register your app which gives you an API key, and register your device so it can receive the app.
Only "published" apps will be available without registering your device, so still sounds like Google is the gatekeeper to publicly-available apps.

Hmm... I may have to hand over the $5 for the developer fee just to fool around. Or I may find an alternative by the time I can get around to getting a Google play card. Lol.
Sent from my Nexus 7 using Tapatalk

r3pwn said:
Hmm... I may have to hand over the $5 for the developer fee just to fool around. Or I may find an alternative by the time I can get around to getting a Google play card. Lol.
Click to expand...
Click to collapse
Not sure about your neighborhood, but the WA/OR Costcos are selling a 3-pack of $20 Google Play cards for $54 (so 10% discount)

bhiga said:
Not sure about your neighborhood, but the WA/OR Costcos are selling a 3-pack of $20 Google Play cards for $54 (so 10% discount)
Click to expand...
Click to collapse
I don't think I want to spend that much. If I don't find something else by then, I could just go to GameStop in the mall (right across the street from my school) and get a $15 one.
Sent from my Nexus 7 using Tapatalk

Walmart also sells play cards!
Sent from my SPH-L710 using xda app-developers app

Not sure we will ever find a security hole in the CCast with the whitelisting in effect but perhaps the search for a vulnerability should be made on the Player Apps that are already whitelisted.
Finding some content that could be sent to (ie via aVia) to play on CCast that isn't really media but does trigger some exploit to root the device.
In fact the cast a tab feature may be the weakest point in the CCast security. Hacking that extension could be the key to exploiting the CCast.

We need to get Chainfire to do the rooting stuff.

Asphyx said:
Not sure we will ever find a security hole in the CCast with the whitelisting in effect but perhaps the search for a vulnerability should be made on the Player Apps that are already whitelisted.
Finding some content that could be sent to (ie via aVia) to play on CCast that isn't really media but does trigger some exploit to root the device.
In fact the cast a tab feature may be the weakest point in the CCast security. Hacking that extension could be the key to exploiting the CCast.
Click to expand...
Click to collapse
I was actually thinking that to myself. There has to be some sort of thing to root the device other than the 2nd stage bootloader exploit that was patched already.
Sent from my iPod touch using Tapatalk

If anyone did sneakily get an app published with a root exploit, it would certainly risk revoking their SDK permissions due to a ToS violation.
Sent from my Nexus 5 using Tapatalk

cmstlist said:
If anyone did sneakily get an app published with a root exploit, it would certainly risk revoking their SDK permissions due to a ToS violation.
Sent from my Nexus 5 using Tapatalk
Click to expand...
Click to collapse
That is true. But if we exploited an existing app, Google would just "suspend" the app from the Play Store until the bug gets fixed. If the app were free, however, we could just back up a copy of the apk before the bug fix was patched and spread it around here on XDA. I'll look into some apps to see if it's possible.
Sent from my iPod touch using Tapatalk

r3pwn said:
That is true. But if we exploited an existing app, Google would just "suspend" the app from the Play Store until the bug gets fixed. If the app were free, however, we could just back up a copy of the apk before the bug fix was patched and spread it around here on XDA. I'll look into some apps to see if it's possible.
Click to expand...
Click to collapse
Well the exploit I was referring to would not be in an APK at all...
It would be on the App server CCast loads it's player's from.
The APKs that support CCast do not have any access to the filesystem of the CCast but the Player Apps CCast loads are on the device and the exploit would attack a vulnerability of that app to do something on the unit that the player app never considered.
Sort of like the old WMV exploit to launch web pages inside a Video that if existed as a capability in a CCast loaded Player App could launch a browser operation to a page with the Exploit code.
I'm sure Google has thought about all of that in their implementations but perhaps the 3rd Party Developers have not been so diligent about it.
In fact I think that precise issue is why Google does not allow someone like the PlexDevs to allow launch of Media to CCast from the Local PlexWeb (that can easily be user manipulated since it resides on their local machine) and will only allow them to implement it from the Plex.tv site that is not accessible to user manipulation at all.

Asphyx said:
In fact I think that precise issue is why Google does not allow someone like the PlexDevs to allow launch of Media to CCast from the Local PlexWeb (that can easily be user manipulated since it resides on their local machine) and will only allow them to implement it from the Plex.tv site that is not accessible to user manipulation at all.
Click to expand...
Click to collapse
And probably why Google maintains the whitelist.
As long as there is whitelist, Google can disable an app at will.
So once an external exploit becomes known (ie, "Play this specific video"), Google could easily disable the app until the developer updates it to patch the vulnerability.
The inability to refuse OTA updates and the lack of external accessibility/sideloading makes Chromecast quite secure.

bhiga said:
And probably why Google maintains the whitelist.
As long as there is whitelist, Google can disable an app at will.
So once an external exploit becomes known (ie, "Play this specific video"), Google could easily disable the app until the developer updates it to patch the vulnerability.
The inability to refuse OTA updates and the lack of external accessibility/sideloading makes Chromecast quite secure.
Click to expand...
Click to collapse
Tying CC to google framework/Play is annoying and disappointing. It's a walled-garden Apple approach.

wideasleep1 said:
Tying CC to google framework/Play is annoying and disappointing. It's a walled-garden Apple approach.
Click to expand...
Click to collapse
It all goes hand-in-hand for making sure things work and making sure the content providers don't yank the carpet out from under them.
If the content providers leave Google, Chromecast becomes useless for all the folks who bought it for what it does, rather than what we want it to be and do.
End-of-day for a product like this, it's user experience that will make or break it. That's probably why Google's being extra-cautious here. They're treading on Apple's turf.

wideasleep1 said:
Tying CC to google framework/Play is annoying and disappointing. It's a walled-garden Apple approach.
Click to expand...
Click to collapse
I've often wondered why Google is being this way with Chromecast of all things. Not that they roll out a red carpet to allow Android to be rooted. But they aren't actively trying to prevent it. I mean they've looked the other way forever with Gapps distribution.. I love Chromecast and worth every dime though. Just strange how much they're throwing up the walls everywhere for it
Sent from my Nexus 10

bhiga said:
It all goes hand-in-hand for making sure things work and making sure the content providers don't yank the carpet out from under them.
If the content providers leave Google, Chromecast becomes useless for all the folks who bought it for what it does, rather than what we want it to be and do.
End-of-day for a product like this, it's user experience that will make or break it. That's probably why Google's being extra-cautious here. They're treading on Apple's turf.
Click to expand...
Click to collapse
Not that I don't disagree, but for the sake of argument, I think that is Google's cop-out. They haven't concerned themselves with this in prior endeavors, although I'm sure the poor showing of GoogleTV had to smart. The truth as I see it: Google wants the data (sigint, if you will) our 'casting' provides, THAT is why it's walled. They may want to couch it with 'quality, content provider compliance,etc.', but only so far as it maintains THEIR sigint. After all, the content providers will always constrain their content as they see fit...it must be on their servers/cdn networks by their own hand. CC is a protocol, and now cannot be enjoyed without their sigint (framework/Play version). Google's modus is provide convenience products for the non-free price of your sigint data, so you can be sold to advertisers.
styckx said:
I've often wondered why Google is being this way with Chromecast of all things. Not that they roll out a red carpet to allow Android to be rooted. But they aren't actively trying to prevent it. I mean they've looked the other way forever with Gapps distribution.. I love Chromecast and worth every dime though. Just strange how much they're throwing up the walls everywhere for it
Sent from my Nexus 10
Click to expand...
Click to collapse
My explanation above offers a possible reason.
edit: apologies to OP for accidentally steering into non-root discussion!

styckx said:
I've often wondered why Google is being this way with Chromecast of all things. Not that they roll out a red carpet to allow Android to be rooted. But they aren't actively trying to prevent it. I mean they've looked the other way forever with Gapps distribution.. I love Chromecast and worth every dime though. Just strange how much they're throwing up the walls everywhere for it
Sent from my Nexus 10
Click to expand...
Click to collapse
Could be a requirement from the providers due to copyright concerns.

Smart Unlock - Compatible with nexus 6?

Hello,
We have just launched Smart Unlock app and we need to know if is compatible with Nexus 6 because wwe do not have this device.
Can you please test it and let us know. Its a 7 day free trial but we can offert a full refund if someone want to buy it, we do not want to take any profit for xda members helping us to test our app.
Tha app is Smart Unlock and extends dafault smart lock functionality by adding wifi trusted devices.
Hope you like it and it works properly on nexus 6, thanks for testing.
https://play.google.com/store/apps/details?id=net.loadinghome.smartunlock

hazex said:
Hello,
We have just launched Smart Unlock app and we need to know if is compatible with Nexus 6 because wwe do not have this device.
Can you please test it and let us know. Its a 7 day free trial but we can offert a full refund if someone want to buy it, we do not want to take any profit for xda members helping us to test our app.
Tha app is Smart Unlock and extends dafault smart lock functionality by adding wifi trusted devices.
Hope you like it and it works properly on nexus 6, thanks for testing.
https://play.google.com/store/apps/details?id=net.loadinghome.smartunlock
Click to expand...
Click to collapse
You're doing it wrong. A 'free' app that you have to pay for is stupid. If you're going to charge for it, just charge for it. Making it a mandatory in-app purchase is stupid. If you want to do a 7 day trial, extend the refund windows for your customers. There's nothing worse than trialware.
FREE software! Just kidding, it's a trial, then you can pay for it! Lame.

InGeNeTiCs said:
You're doing it wrong. A 'free' app that you have to pay for is stupid. If you're going to charge for it, just charge for it. Making it a mandatory in-app purchase is stupid. If you want to do a 7 day trial, extend the refund windows for your customers. There's nothing worse than trialware.
FREE software! Just kidding, it's a trial, then you can pay for it! Lame.
Click to expand...
Click to collapse
Hey.
The app is a paid add. We offer a 7 days trial to test and check compatibility.
Im not here for selling apps, I´m here asking for testing on nexus 6. If I have to give free copies I will do it, no problems.
We are also considering a XDA version of theis app limited in number of secure devices and no in time. But is not decided yet. In this case would be completelly free.

hazex said:
Hey.
The app is a paid add. We offer a 7 days trial to test and check compatibility.
Im not here for selling apps, I´m here asking for testing on nexus 6. If I have to give free copies I will do it, no problems.
We are also considering a XDA version of theis app limited in number of secure devices and no in time. But is not decided yet. In this case would be completelly free.
Click to expand...
Click to collapse
No, you're doing exactly what I've stated. You're offering a 'free' app, with in-app purchases. However, the 'in-app purchase' is the app itself. So it's forced. You either pay for it after 7 days, or it doesn't work. If your app is going to be paid, make people pay for it up front. Don't be sneaky trying to get your app listed as free when it's really not.

InGeNeTiCs said:
No, you're doing exactly what I've stated. You're offering a 'free' app, with in-app purchases. However, the 'in-app purchase' is the app itself. So it's forced. You either pay for it after 7 days, or it doesn't work. If your app is going to be paid, make people pay for it up front. Don't be sneaky trying to get your app listed as free when it's really not.
Click to expand...
Click to collapse
Time trials is a normal practice in android to let user try the app carefully before purchase. Is stated in the first line of our description at google play. I can understand is not accepted at XDA developers forum, thats why we are creating a new exclusive version of the app, but inapp purchases (time limted) are very common on google play.
We are working on a XDA version, limited on number of secure devices (probably 2) and no limited in time. Exclusive for XDA members.
Do you thinks this would be enought?
I would like to listen your suggestions.

hazex said:
Time trials is a normal practice in android to let user try the app carefully before purchase. Is stated in the first line of our description at google play. I can understand is not accepted at XDA developers forum, thats why we are creating a new exclusive version of the app, but inapp purchases (time limted) are very common on google play.
We are working on a XDA version, limited on number of secure devices (probably 2) and no limited in time. Exclusive for XDA members.
Do you thinks this would be enought?
I would like to listen your suggestions.
Click to expand...
Click to collapse
Does your app continue to work after 7 days, or are you required to purchase the license?

InGeNeTiCs said:
Does your app continue to work after 7 days, or are you required to purchase the license?
Click to expand...
Click to collapse
He already said they are working on a version for XDA free. The version they have on the play store just a trial for 7 days then it's .99 cent.

NICEGYPT said:
He already said they are working on a version for XDA free. The version they have on the play store just a trial for 7 days then it's .99 cent.
Click to expand...
Click to collapse
I heard what he said. It's not a matter of me not understanding. I know exactly what is happening here.
I just hate the whole "free, but not really" app model. Trial or not, if you're going to make me pay for it, I want to do it up front, not through some in-app purchase. I'd rather pay for it, then have an available 7-day refund window. This is not so much a personal preference, as a marketing conception. What you're doing is giving someone something for free, then making them pay for it after they decide they like it. What you COULD be doing is making someone pay for something, then offering them a refund well past the google refund window if they decide they don't like it. While it's essentially the same thing, the perception is that you're going above and beyond what other developers are willing to do by extending their refund window.
My personal opinion is that if I'm going to have to pay for something, I want to pay for it when I get it. A trial is good, but I think the delivery needs work.

why would i want to pay for something that Google already provides built in? i wouldn't feel safe knowing that a wifi ssid can be spoofed if this app were using it to unlock (which is the exact reason why Google didn't put that into their Google Play Services). seems like nothing more than a way to separate stupid people from their money.

Lucke said:
why would i want to pay for something that Google already provides built in? i wouldn't feel safe knowing that a wifi ssid can be spoofed if this app were using it to unlock (which is the exact reason why Google didn't put that into their Google Play Services). seems like nothing more than a way to separate stupid people from their money.
Click to expand...
Click to collapse
+1
Smart Unlock is already built in to Android 5.0

Lucke said:
why would i want to pay for something that Google already provides built in? i wouldn't feel safe knowing that a wifi ssid can be spoofed if this app were using it to unlock (which is the exact reason why Google didn't put that into their Google Play Services). seems like nothing more than a way to separate stupid people from their money.
Click to expand...
Click to collapse
Many people is haveing issues with "Trusted places" in android built in smart lock.
With Smart Unlock we add WIFIs using MAC address wich is not easy to spoof (and is ilegall), specially if you dont now the AP mac that you want to spoof.
Personally I find our app more reliable than native smart lock and, instead of smart lock, this app can also be used with android 4.1+
Thanks for your time and suggestions.

InGeNeTiCs said:
I heard what he said. It's not a matter of me not understanding. I know exactly what is happening here.
I just hate the whole "free, but not really" app model. Trial or not, if you're going to make me pay for it, I want to do it up front, not through some in-app purchase. I'd rather pay for it, then have an available 7-day refund window. This is not so much a personal preference, as a marketing conception. What you're doing is giving someone something for free, then making them pay for it after they decide they like it. What you COULD be doing is making someone pay for something, then offering them a refund well past the google refund window if they decide they don't like it. While it's essentially the same thing, the perception is that you're going above and beyond what other developers are willing to do by extending their refund window.
My personal opinion is that if I'm going to have to pay for something, I want to pay for it when I get it. A trial is good, but I think the delivery needs work.
Click to expand...
Click to collapse
We have been thinking about your comment . I do not completelly agree with you, but you are right in some points. We will modify our bussiness model for this app. The app at Google Play will have 1 or 2 trusted devices, always, for free. If you want to add more trusted devices you will have to pay and get the full version for unlimited number of devices. Anyway, we will make a special version for XDA members, unlimited in time and limited with 2 or 3 trusted devices.

To get back on topic - no, it doesn't seem like Smart Unlock works with the Nexus 6. At least not the way it should.
In Lollipop, you see the regular (slide) lock screen before you see the Pattern/PIN/Password lock screen. So you swipe up, then enter your passcode.
With the stock implementation of Smart Lock, when you're connected to a trusted device, you still see the slide lock screen - you just don't get the secure lock screen. This app bypasses both the slide and the secure lock screen when enabled and connected to a trusted environment, meaning if you press the power button to wake the device, you're immediately shown your home screen. Pocket dialing and other similar accidents are almost guaranteed with this app installed.
I think it's because of the relationship between forced encryption and lock screen security on the Nexus 6. Since the N6 is encrypted by default, but no pattern PIN or password is set as the decryption method yet, everything defaults to "default-password". But when you set up a secure lock screen for the first time on the Nexus 6, this becomes your new decrpytion password. Since the Nexus 6 does not give you the option to un-encrypt your data, it will not allow you to switch back to "Slide" as your lock screen method, since that would remove the decrpytion password. It grays out the option entirely, and only a factory reset will bring it back.
Amazingly enough, I figured all of that out without having to make any in-app purchases. If this were a paid app to begin with instead of your current business model, I would have been reluctant to buy it in the first place knowing that you can't re-enable the "Slide" lock screen once you've enabled a secure one, and that ultimately, this probably wouldn't work on my device. So thanks for giving me a 7-day free trial and explicitly stating that in your app's description, which is a fair and reasonable business practice despite what other people and their half-baked, thread-derailing agendas may tell you.

harland3 said:
To get back on topic - no, it doesn't seem like Smart Unlock works with the Nexus 6. At least not the way it should.
In Lollipop, you see the regular (slide) lock screen before you see the Pattern/PIN/Password lock screen. So you swipe up, then enter your passcode.
With the stock implementation of Smart Lock, when you're connected to a trusted device, you still see the slide lock screen - you just don't get the secure lock screen. This app bypasses both the slide and the secure lock screen when enabled and connected to a trusted environment, meaning if you press the power button to wake the device, you're immediately shown your home screen. Pocket dialing and other similar accidents are almost guaranteed with this app installed.
I think it's because of the relationship between forced encryption and lock screen security on the Nexus 6. Since the N6 is encrypted by default, but no pattern PIN or password is set as the decryption method yet, everything defaults to "default-password". But when you set up a secure lock screen for the first time on the Nexus 6, this becomes your new decrpytion password. Since the Nexus 6 does not give you the option to un-encrypt your data, it will not allow you to switch back to "Slide" as your lock screen method, since that would remove the decrpytion password. It grays out the option entirely, and only a factory reset will bring it back.
Amazingly enough, I figured all of that out without having to make any in-app purchases. If this were a paid app to begin with instead of your current business model, I would have been reluctant to buy it in the first place knowing that you can't re-enable the "Slide" lock screen once you've enabled a secure one, and that ultimately, this probably wouldn't work on my device. So thanks for giving me a 7-day free trial and explicitly stating that in your app's description, which is a fair and reasonable business practice despite what other people and their half-baked, thread-derailing agendas may tell you.
Click to expand...
Click to collapse
Hi!
We can not keep slide at trusted enviroments due to technical dificulties. We may be able to do it only on rooted devices, but we prefer to keep our app simple.
I was not aware about encryption on nexus 6 after configuring secure lock, but you are right and we can not revert this proccess.
About the bussiness model , we are not sure if in the market will keep the trial as it is now, but for sure we will publish, in a couple of hours, a XDA version for testing purposes with unlimited time and up to 3 trusted devices.
Thanks for your reply, I really appreciate it

Hello, I have created an app thread with a XDA version of the app not limited in time.
If anyone is interested here is the app thread.
Thanks for your testing time!
http://forum.xda-developers.com/android/apps-games/app-smart-unlock-xda-version-skip-t2974396/post57526442#post57526442

Will test on nexus 6 and let u know... Google smart unlock does not use wifi. It uses location knowledge which can consume more battery. Anyway if this works, it will be perfect for my needs

Does this app drain the battery huh
Via my NeXus™ 7FHD on XDA Premium app

What a bunch of AssHoles !

cobyman7035 said:
Does this app drain the battery huh
Via my NeXus™ 7FHD on XDA Premium app
Click to expand...
Click to collapse
Hello,
This app is battery friendly and you can not almost notice that the app is running. You can try it and let us know your experience. Regards

aalupatti said:
Will test on nexus 6 and let u know... Google smart unlock does not use wifi. It uses location knowledge which can consume more battery. Anyway if this works, it will be perfect for my needs
Click to expand...
Click to collapse
Hello, Let us know your experience after your tests!.
Anyway by other forum member with Nexus 6 here is his report : Sway40: "Seems to work on my n6, way better then stock, since trusted places doesn't work. "
Let us know after your tests! thanks.

Browser choices

I've been using Chrome on lollipop. Any thoughts on it or suggest any other browser?

Naked Browser Pro. Try the free version first.

Right now I'm testing out Atlas browser and CM Browser. I like CM cause its real fast and on this big phone its tough to reach the top for tabs. CM has them at the bottom. Atlas is also fast but free version only allows 4 tabs. Good enough for testing. It is also very quick. It has ad blocking but sometimes is slow to load them.

I've been trying out some new ones cause Dolphin Browser started to crash a lot. Right now I'm giving Opera a run
Sent from my SM-N910T using XDA Free mobile app

Literally just switched to Opera seems to be miles better than Chrome right now...

I was using Chrome but a few sites wouldn't stick to the desktop setting even though it was checked. Went back to Dolphin and at first it was crashing a lot on a Lollipop ROM but not so much now. I tried other browsers but always go back to Dolphin.

Dolphin has had its share of issues:
http://forum.xda-developers.com/showthread.php?t=1319529
http://www.cnet.com/news/dolphin-hd-browser-snared-in-security-breach/
http://www.techrepublic.com/article/random-dolphin-browser-for-android-hijacking/

LaidBackTech said:
Dolphin has had its share of issues:
http://forum.xda-developers.com/showthread.php?t=1319529
http://www.cnet.com/news/dolphin-hd-browser-snared-in-security-breach/
http://www.techrepublic.com/article/random-dolphin-browser-for-android-hijacking/
Click to expand...
Click to collapse
WHOA
I use CM browser as my go to these days.

Amd4life said:
WHOA
I use CM browser as my go to these days.
Click to expand...
Click to collapse
This?

LaidBackTech said:
This?
Click to expand...
Click to collapse
Yes. I use that as well
Sent from my SM-N910T using XDA Free mobile app

LaidBackTech said:
Dolphin has had its share of issues:
http://forum.xda-developers.com/showthread.php?t=1319529
http://www.cnet.com/news/dolphin-hd-browser-snared-in-security-breach/
http://www.techrepublic.com/article/random-dolphin-browser-for-android-hijacking/
Click to expand...
Click to collapse
Been using Dolphin for probably the last 3 or 4 years so I'm just use to it and can deal with a few crashes here and there. I don't think I had issue with stock but do on Lollipop. Other apps are also having issues.

sweets55 said:
Been using Dolphin for probably the last 3 or 4 years so I'm just use to it and can deal with a few crashes here and there. I don't think I had issue with stock but do on Lollipop. Other apps are also having issues.
Click to expand...
Click to collapse
Something tells me you didn't read those articles.

LaidBackTech said:
Something tells me you didn't read those articles.
Click to expand...
Click to collapse
No Sur. LoL. Did you read my post? Hehe. I stopped reading CNET years ago.

sweets55 said:
Been using Dolphin for probably the last 3 or 4 years so I'm just use to it and can deal with a few crashes here and there. I don't think I had issue with stock but do on Lollipop. Other apps are also having issues.
Click to expand...
Click to collapse
sweets55 said:
No Sur. LoL. Did you read my post? Hehe. I stopped reading CNET years ago.
Click to expand...
Click to collapse
I read that 1) you've been using Dolphin for years, 2) you're used to 'it' (not sure what you were referring to - crashes?) and that you can deal with crashes and 3) other apps are also 'having issues', as opposed to 'having the same issues', if you were referring to privacy concerns and/or security breaches.
But hey, as long as you are aware that there are shady browsers out there and that, in the end, everyone will want everyone else's data. That's why I'm running @M66B's Xprivacy - it gives me the greatest peace of mind Android can offer at this point.

LaidBackTech said:
I read that 1) you've been using Dolphin for years, 2) you're used to 'it' (not sure what you were referring to - crashes?) and that you can deal with crashes and 3) other apps are also 'having issues', as opposed to 'having the same issues', if you were referring to privacy concerns and/or security breaches.
But hey, as long as you are aware that there are shady browsers out there and that, in the end, everyone will want everyone else's data. That's why I'm running @M66B's Xprivacy - it gives me the greatest peace of mind Android can offer at this point.
Click to expand...
Click to collapse
What data are you worried about just asking. I don't do any online banking on my phone. Check my health stuff but I wouldn't think anyone want that info. I'll keep it mind. Thanks

sweets55 said:
What data are you worried about just asking. I don't do any online banking on my phone. Check my health stuff but I wouldn't think anyone want that info. I'll keep it mind. Thanks
Click to expand...
Click to collapse
Your location, which - with advancements in technology - can pin point your coordinates down to several feet - I don't particularly want that data to be stored on FB's or any other server. Your cookies - these can be spoofed and later used by others as if you were on that webpage. Your passwords - if there is any sort of DNS redirection used by a browser, the risk of your passwords getting into wrong hands is substantial. That's why I don't use Opera. You don't have to be banking to be using passwords.

LaidBackTech said:
Your location, which - with advancements in technology - can pin point your coordinates down to several feet - I don't particularly want that data to be stored on FB's or any other server. Your cookies - these can be spoofed and later used by others as if you were on that webpage. Your passwords - if there is any sort of DNS redirection used by a browser, the risk of your passwords getting into wrong hands is substantial. That's why I don't use Opera. You don't have to be banking to be using passwords.
Click to expand...
Click to collapse
Chromes Ok though right? Google would never use any of my information for anything that would benefit them. I read that on the internet

Bubba Fett said:
Google would never use any of my information for anything that would benefit them. I read that on the internet
Click to expand...
Click to collapse
In Google We Trust.

LaidBackTech said:
In Google We Trust.
Click to expand...
Click to collapse
Lol. In all seriousness though(sorry OP for the subject change), since you knowledgeable on the topic, what search engine are you using if you don't mind me asking.

Bubba Fett said:
what search engine are you using if you don't mind me asking.
Click to expand...
Click to collapse
Google, but I'm never signed in.

Question Is there a way to get rid of all the Google DARK UX pushy feathures?

Im not impressed at all by my Pixel since Black Friday. I actually received a S21 at work and its WAYYYYY better.
Anyway, a lot of BS feathures are problematic. I feel like Im being spied all the time by google rather than owning a phone.
I want for example to get rid of the google lens icon and the google bar.
Is there any way to do that?

Fennec23 said:
I feel like Im being spied all the time by google rather than owning a phone.
Click to expand...
Click to collapse
Congrats on buying the Google phone then.
If you want to deactivate system apps enable developer settings, enable ADB, connect your phone to your PC and disable Google Lens and Google Search system apps / packages using Universal Android Debloater GUI and maybe other googly bloat.
Want to have more privacy? Learn about flashing your phone, unlock the bootloader, flash Graphene OS, Calyx OS, Lineage OS or something like that.
Maybe root your device and block trackers and stuff using Adaway. Or stay unrooted and use something like personalDNSfilter.

Maybe selling it is a good choice for you

Fennec23 said:
Im not impressed at all by my Pixel since Black Friday. I actually received a S21 at work and its WAYYYYY better.
Anyway, a lot of BS feathures are problematic. I feel like Im being spied all the time by google rather than owning a phone.
I want for example to get rid of the google lens icon and the google bar.
Is there any way to do that?
Click to expand...
Click to collapse
All of that spyware crap is preinstalled on ALL android phones, not just pixel. They're a bit more in your face on pixel maybe though, since gooble is showcasing it there.
My recommendation would be to switch to grapheneOS. If you absolutely MUST use proprietary gooble bits, grapheneos implements a unique compatibility layer to cause it all to run as a conventional user-installed application instead of demanding excessive permissions.