Related
Hi All,
I have my device SGS2 synchronized with our corporate network. Our corp uses Zenprise for MDM solution which has me running this ****ty app zenprise for employees always running on my device.
Also, when I configured the inbuilt email app - it asked me all sort of privileges and became an admin for my device.
now the question - when I rooted my device, somehow corporate admins knew about it and I got an email from them that it has been detected that I am running rooted device and I should remove the root or take it to the service station.
How do they find THIS out? Is it zenprice MDM that reports rooted device or is it Exchange Security policies???
Now this time - after a flash I did install the zenprise MDM but I have not configured email . I simply used Touchdown and now I dont have to use PIN on my device lock and I doubt how many exchange SPs are enforced anyways. But I really do not know if I should try rooting again.
So, is it the exchange or is it the MDM which detected if the device is rooted? Any ideas?
Check out the web page for Zenprice: http://www.zenprise.com/solutions/android-management
It says "Block jailbroken or rooted devices".
And,
"Maintain hardware inventory, including asset details; report on device statistics"
"Report on service details such as roaming, location, user inactivity, and expenses"
If you own the device, you should hit them up about monitoring this information about your private phone, if it's not in your corporate mobile usage policy.
awojtas said:
Check out the web page for Zenprice: http://www.zenprise.com/solutions/android-management
It says "Block jailbroken or rooted devices".
And,
"Maintain hardware inventory, including asset details; report on device statistics"
"Report on service details such as roaming, location, user inactivity, and expenses"
If you own the device, you should hit them up about monitoring this information about your private phone, if it's not in your corporate mobile usage policy.
Click to expand...
Click to collapse
I know this is an old post but I wanted to add to it.
I'm an MDM administrator and I run Zenprise for MDM. Yes it is the Zenprise agent that detects whether or not a device is rooted. While the device belongs to you, you are connecting it to company resources which requires certain levels of security. In this case they block rooted devices. They can also record your screen and more. By connecting your phone to your company resources you are agreeing to their security policy. Ignorance of the policy is your fault and not theirs.
Hope this helps those of you who hate Zenprise. Being on the other side of it, I love it.
Well, but Zenprise is not differentiating between rooted and unlocked AT ALL. Unless Im misunderstanding something, this is a huge flaw in their detection mechanism which then leads to a false vilification of Android phones. In my case, I purchased a Samsung SIII aka S3 GTi9300 World Phone, so I can travel abroad and use different SIMS, so it is unlocked but NOT ROOTED. I installed the Zenprise aka Citrix Connect for Samsung app, and when it tries to login it quickly fails and reports back that "Connection failed due to a security policy". The Zenprise admins say my device is rooted, and it is not, so they dismiss it and say that well it doesnt matter from a Zenprise perspective it sees unlocked and rooted phones the same. This is so backwards I dont even know where to start. Nevermind Zenprise seems to be Apple-centric (just about every device it manages is an Apple, Androids seem despised), but getting support to care or do something about this difference in phone status (unlocked vs. rooted) is like asking a brick wall to care.
What can be done about this, what is the right setting to get Zenprise to accept a legitimate phone, or how can it be tricked into doing so. Thanks.
There's an app module called XPrivacy for the Xposed Framework, it could possibly help you guys hide your rooted and unlocked status as it is designed to feed bogus information for different permissions like for example you can spoof your mac address, imei bla bla yada yada, a little talk and contribution to the dev will possibly get you any missing features too.
P. S We can also set our desired info too for most relevant permissions or allow any specific information, and I agree with one thing privacy is too underestimated now. Orbot app can be used for connecting your device to the Tor Network thereby hiding your Internet presence to the whole world, the only thing you're admin will see is you being connected to a single IP which is random and could be anybody or anything.
Sent from my GT-I9100 using xda app-developers app
---------- Post added at 12:51 AM ---------- Previous post was at 12:37 AM ----------
goinovr said:
I know this is an old post but I wanted to add to it.
I'm an MDM administrator and I run Zenprise for MDM. Yes it is the Zenprise agent that detects whether or not a device is rooted. While the device belongs to you, you are connecting it to company resources which requires certain levels of security. In this case they block rooted devices. They can also record your screen and more. By connecting your phone to your company resources you are agreeing to their security policy. Ignorance of the policy is your fault and not theirs.
Hope this helps those of you who hate Zenprise. Being on the other side of it, I love it.
Click to expand...
Click to collapse
First of all don't easily and directly specify the root of the problem when you guy's are trying to cause the problem if a little modding and changing the apk is too difficult there will always be workarounds to virtually hide everything, lol you guy's wouldn't even understand when a security issue rises.
Sent from my GT-I9100 using xda app-developers app
We do not allow discussions regarding spoofing IMEI on xda so a few posts have been deleted.
E.Cadro said:
We do not allow discussions regarding spoofing IMEI on xda so a few posts have been deleted.
Click to expand...
Click to collapse
Understood, thanks for pointing it out, but anybody who knows a little about Xposed Framework can modify, spoof or do anything related to code level modification.
Sent from my GT-I9100 using xda app-developers app
E.Cadro said:
We do not allow discussions regarding spoofing IMEI on xda so a few posts have been deleted.
Click to expand...
Click to collapse
Yes point taken. Sorry
They check SU binaries. There are serval ways to hide it. Check for hide root on Google play.
Yours,
Amiroslo
Not any more. The new version (Worx) see su even hiden...
Sysadmins & tech support guys know everything. No hiding anything from them (except maybe the lazy ones).
So I've tested around this a good bit. The latest Citrix Worx doesn't only check for su binary. Even when you use hide root on say SuperSu it doesn't work. Even a hide my root won't work. After days of testing and tinkering I found what it does look for. It looks for both su binary AND busybox. So what I did was delete the busybox and all the symlinks to it in xbin. Then used the hide root on SuperSu and it worked. So that seems to be the fix for now. Hope that helps anyone.
Dixit
dixit said:
So I've tested around this a good bit. The latest Citrix Worx doesn't only check for su binary. Even when you use hide root on say SuperSu it doesn't work. Even a hide my root won't work. After days of testing and tinkering I found what it does look for. It looks for both su binary AND busybox. So what I did was delete the busybox and all the symlinks to it in xbin. Then used the hide root on SuperSu and it worked. So that seems to be the fix for now. Hope that helps anyone.
Dixit
Click to expand...
Click to collapse
Do you mind elaborating on this a bit? My company is running the latest version of Citrix Xenmobile (worx) and I'd like to accomplish this so I can use it but also keep root obviously.
cowman4000 said:
Do you mind elaborating on this a bit? My company is running the latest version of Citrix Xenmobile (worx) and I'd like to accomplish this so I can use it but also keep root obviously.
Click to expand...
Click to collapse
I explained it fairly well. You have to delete Busybox, the app itself. Then using file explorer like tool like maybe root explorer you need to go to Xbin and remove all the symlinks that pointed to busybox that may have been left behind. Only delete the ones that pointed to busybox.
Sorry cant be of more help on this as I don't have this device anymore, I have a Note4 which I cannot root so I cant test this further.
Dixit
Love it when old threads like this pop up. These were the good time's on Xda....shame pretty much all my Post's was removed lol.
Good time's... Great people.
Just purchased SGS3 and SGN10.1, havent downloaded any apps as of yet because I am not comfortable with the permissions issue.
I also have not rooted as I am waiting for my sandisk extreme pro sd cards, but i have some clarity i need in moving forward.
How can i best protect my phone and the info in it - mostly for the protection of my clients contact info and just the general fact that nobody needs to know my info without my knowing why.
I have been online for the last 5 days trying to understand what i need to worry about and what i dont.
I have a copy of whispercore 0.5.2 and would like to know if i can use it on my sgs3
Do i need to root my device to give optinal protection PROS/CONS
How is the avast protection
And most importantly - are these protections necessary or have i been sidewiped by chicken little?
How can i determine the best app for me - preferrably with no permissions
I really need a good mail app, document editing app, pdf app, and possibly a CAD app
I have been overwhelmed with info over the last 5 days and need some help with clarification and facts.
Thank you in advance for your help,
Confus-ed:silly:
An app with no permissions has the ability to access nothing so in essence will be of little use. Contacts are synced with Google unless you opt out that decreases security. Personally if your clients details are that sensitive use a dumb phone for work and keep your S3 for less sensitive tasks.
Sent from my GT-I9300 using Tapatalk 2
Are you trolling me?
Just running through the threads trying to increase your reply and post count?
I would appreciate that if you dont have any real information to share, dont waste my time with your non-answer.
confus-ed said:
Are you trolling me?
Just running through the threads trying to increase your reply and post count?
I would appreciate that if you dont have any real information to share, dont waste my time with your non-answer.
Click to expand...
Click to collapse
What?
He answered your question, an app that asks for no permissions can't do much, apps need to have permissions to do various tasks.
If you're that paranoid about safety don't root and just use reputable apps from Google play store.
Edit: in fact the more I read you reply to him the more I see that you have a terrible attitude.
Good luck finding help when you act like that.
Sent from my GT-I9300 using xda premium
No attitude, i thought that i had explained in my original post that i have just spent 5 days scouring the web (which included xda).
I didnt ask about permissions nor did i ask about contacts being synced with google, I understand what the permissions do, but i also have read where you have control over the permissions when you root the phone.
Not paranoid, I just know the data mining that goes on and i am sure that my clients wouldnt want some random solicitation due to an app that has no need to access my contact list. such as a document editior.
My reply may have been a little short but ghost did not address any of my questions or concerns.
confus-ed said:
No attitude, i thought that i had explained in my original post that i have just spent 5 days scouring the web (which included xda).
I didnt ask about permissions nor did i ask about contacts being synced with google, I understand what the permissions do, but i also have read where you have control over the permissions when you root the phone.
Not paranoid, I just know the data mining that goes on and i am sure that my clients wouldnt want some random solicitation due to an app that has no need to access my contact list. such as a document editior.
My reply may have been a little short but ghost did not address any of my questions or concerns.
Click to expand...
Click to collapse
Yes you do have control permission when you root, but rooting is a double edged sword because root apps actually have more "power" when it comes to your system and if there is malicious code in them it will also have superuser permissions if you give the main app superuser permissions.
The safest option is not to root, if you root you are opening your system up to exploitation.
I have rooted every android phone I have ever had and never had any problems but that choice is yours.
Sent from my GT-I9300 using xda premium
nodstuff said:
Yes you do have control permission when you root, but rooting is a double edged sword because root apps actually have more "power" when it comes to your system and if there is malicious code in them it will also have superuser permissions if you give the main app superuser permissions.
The safest option is not to root, if you root you are opening your system up to exploitation.
I have rooted every android phone I have ever had and never had any problems but that choice is yours.
Click to expand...
Click to collapse
From the perspective of data mining, you're basically just as vulnerable with a non-root app, then only difference being that the non-root app will specifically ask for permissions to use your contacts.
At the end of the day, if you want decent integration between your personal data and your apps, you're going to need to accept some risk and allow someone elses code to run through your data. If you have sensitive client data, you'll most likely be safe if you stick to mainstream, popular apps, and keep a close eye on comments to make sure no one else has had issues with security. If you're really paranoid though, I would recommend you don't keep sensitive information on any device with internet access.
I would recommend LBE privacy guard it will prompt when an app is trying to access something and you decide to allow it or not, you can manage wich permissions you allow for each app, even cut it from any Internet access.
The app does require root to work
Sent from my GT-I9300 using xda app-developers app
Thank you
Well, I’m sure that it isn’t a secret for anyone, CM7 has been and still is my favorite rom for my Defy(s). I’ve been using it since the day Quarx’s brought IP Tables support to it – hence allowing me to use Droidwall as an Android firewall. I could then selectively allow/deny internet access to any installed app [having internet access permission that is…]. This is a first and important security step, but like anything, this has limitations; apps that do ‘really’ need internet access are then free to send (and receive) whatever their Android permissions allow them to get a hand on. For that, CM7 has a neet feature called ‘permissions management’ that allows you to control each app’s permissions individually. This option works fine BUT the problem is that the apps that you control that way often lose functionalities, stop working altogether or even throw you an error message telling you that the app’s permissions have been altered and that you will not be able to use it unless you reset them.
So how to solve this potentially very critical security flaw without losing apps functionality? ==> PDroid.
Thanks to xda user measel, I’ve just recently discovered this wonderful piece of software and I don’t think that my Defy will ever live without it from now on. The app itself is not really a new one and I’ve decided to create this thread to spread to word around and in the hope that it will be helpful to other Defy owners conscious about their data privacy.
WHAT IT DOES:
• More than just blocking apps Android permissions, it lets you control each individual app’s access to private information (user + system);
• It allows you to block and, in some cases, let you either use random or custom private data;
• It will also (if desired) warn you on any root or privacy info access, all that with an easy to figure out and use user interface [see pics];
• And best of all, applications will not crash when their access to private data is blocked unlike with Permission Denied (using LBE Privacy or alike or with CM7).
Disclaimer: I’m only the messenger and I take no credit or responsibility for anything that you’ll do with your phone from here on.
HOW TO:
Original thread by the dev [go have a read and give your thanks to svyat]
Pre-requisites:
- Make sure that you did not use Titanium Backup to integrate sys Dalvik into the rom [if you don’t know what that means, chances are that you didn’t; ignore it];
- a PC running Windows;
- a CM7-jordan/Jordan-plus build;
- PDroid patcher v1.31 (v1.27 also work but the latest version (v1.32) from the link above doesn’t work for the Defy. So I’m attaching v1.31 here which I’ve found with a little digging through that thread;
- the PDroid.apk itself [Market link] or [Dropbox link from the dev];
=> If you don’t have access to a PC running Windows or just don’t want to go through the trouble of patching process described below, you can head over to measel’s CM7 nightlys | info collection thread and locate the build you are using; he was kind enough to provide us with patches for most of recent Jordan builds. So go and grab your applicable patches and give thanks to him.
=> If you’re running CM9 or CM10, this patcher will not work for you, but there are alternatives - namely: the ‘auto-patcher’ or even the PDroid v2 [I’ll give links to those later]. Just go read the last few pages of the original thread, there are quite a few mentions/redirections to those over there. [please don’t ask me about questions about those as I did not try them just yet]
Note: PDroid is an ongoing but currently ‘on hold’ project [because, like someone said before: devs sometimes have a life outside Android...] which works perfectly fine as it is if you follow the next few steps below.
Zero off: Make a nandroid backup of your current phone setup.
First off: Create the patch for your rom:
To work, PDroid first needs you to mod 3 framework files and push them onto your phone. To do so, all you need to do is to execute the PDroidPatcher.exe. file [extract it from the zip attached] and point it to the CM7 build you are using. Let it do its thing and it will create a CWM recovery flashable zip and an undo (RESTORE) one.
Second: Flash the patch:
Just boot into recovery, wipe cache and dalvik and install the patch and boot up.
Third: Install the apk
That’s it!, you’re now ready to go your list of installed apps and start controlling your privacy accesses.
Warning: again, go read the original thread for a how to on how to backup your PDroid settings and/or use TB to do so.
HOW TO USE:
Well, it’s all pretty obvious and with a bit of common sense, you will easily figure out how and what to set up. By default, nothing is blocked and apps are free to access data. So you’ll have to go through your list of installed apps and set up each individual data access and then try them out. For example, logic would tell us not to block the ‘GPS/Network Location’ data to maps related apps nor block ‘Accounts credentials’ to apps dealing with user IDs and passwords like Email or social apps.
I can’t give you detailed instructions here (it’s not the point of this thread anyway), but if like me you already use Droidwall, you can first leave alone all the apps that you’ve black listed for internet access [pic 2] since they won’t do anything with your private data if they can’t send it back home… There is also an option within the app to ‘hide all the safe apps’ [which do not have an internet permission]; check it to reduce the size of your list of apps to configure.
From experience, I’d also suggest you to keep an eye on the apps requiring a password to run since blocking Device or Subscriber ID might mean that you’ll have to always enter passwords each time you run the app that would otherwise be remembered by those apps. As a rule of thumb, I pretty much choose the ‘use random’ option whenever it is available (just to minimize problems with the app on blocking completely – I’m not even sure this is a valid argument here…) or block everything else when it’s not and finally, I leave ‘Network Info’ allowed since it basically only lets apps know if you connected to internet or not [who cares if they get your wifi’s SSID or not…].
But again, you’ll have to fine tune the whole thing for each and every app and run them to check for full functionalities – but at least they won’t crash on you… Finally, you can pinpoint potential problems/solutions by turning off the general PDroid notifications option and by turning on a specific app’s ones [pic 3].
Happy privacy enhancement!
/AL
As usual!
Quality guides from lovely []AL[]
I don't want a tapatalk sig!
nogoodusername said:
As usual!
Quality guides for lovely []AL[]
Why not move to Android Apps forums?
I don't want a tapatalk sig!
Click to expand...
Click to collapse
"lovely AL" wow! you surely are the first person to tell me anything like this here on xda.
..not sure if I should be flattered or run away by homophobia - hehehe! :laugh:
Well, I didn't mean to make it a guide when I started writing it, but like always I had things
to say and the post got longer and longer.. so I guess that we can call it a sort of guide...
But I truly like the app and believe that along with Droidwall, that should be installed on every phone.
In fact, Google should look at this and incorporate something similar into Android.
OK, I'll go reply to your PM now... cheers!
Edit for your question: because like I wrote in the OP, I'm just the messenger and not the dev of the app.
The app also works mostly for on phones running CM7 and even not all the phones support it either.
So I wouldn't publish this widely without at least asking permission to the dev. But here for Defy owners fellows,
I know it works fine and again, I think that it is pretty much an essential app to have.
9 downloads/1 thank;
Leeches, I see leeches everywhere!
Shhhiiiiii- You got me excited! I thought I'd find a patch for the Quarx rom! So far auto-patcher can't patch Quarx's CM10 roms. Nor do I understand why that's so but that's why I'm not a dev.
Excellent app
Arch Linux User ..
KicknGuitar said:
Shhhiiiiii- You got me excited! I thought I'd find a patch for the Quarx rom! So far auto-patcher can't patch Quarx's CM10 roms. Nor do I understand why that's so but that's why I'm not a dev.
Click to expand...
Click to collapse
Well... sorry to hear that; I had no clue that it doesn't work with Quarx CM10. It seems to work for some other JB builds/phones... But like I wrote on the OP, I haven't tried any of this on CM9/JB yet. So again, too bad that this thing is a no go for now. I hear that Quarx is very busy outside Android's world as of lately so it might not be a good time to ask him about this - might also be low on his priority...but who knows, someone might read this and find an answer for you.
ps: quite an avatar you got there :silly:
an thanks for the link to the auto-patcher thread; it might be useful to others and it'll save me the search when I update the OP with it and your comment eventually...
juan296 said:
Excellent app
Click to expand...
Click to collapse
Well thanks but again, just I'm just a messenger here and not the dev... :highfive:
Actually, I use DroidWall , so.. can uninstall this app? And right now, JUST USE pdroid! Right?
Arch Linux User ..
juan296 said:
Actually, I use DroidWall , so.. can uninstall this app? And right now, JUST USE pdroid! Right?
Click to expand...
Click to collapse
I still use both...they are quite different apps and don't do the same at all. Droidwall is a firewall that let you control if an app has access to internet or not; PDroid controls what private information each app can access.
Like I wrote on the OP, any app that is blocked by Droidwall doesn't need a PDroid setup, but apps that need internet connection could be free to get private information from your phone if you don't use PDroid...
Basically, PDroid has no way of blocking all internet access; it only blocks apps from reading private info (or scrambles it by returning info like random network location or sim ID#...)
XPrivacyLua
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Really simple to use privacy manager for Android 6.0 Marshmallow and later (successor of XPrivacy).
Revoking Android permissions from apps often let apps crash or malfunction. XPrivacyLua solves this by feeding apps fake data instead of real data.
Features:
Simple to use
Manage any user or system app
Extensible
Multi-user support
Free and open source
See here for all details, including installation instructions and download link.
Please read the frequently asked questions before asking a question.
This XDA thread is about using the latest version of XPrivacyLua. Off topic comments are allowed as long they are related to XPrivacyLua and are in the general interest of the followers of this thread, but anything not related to privacy is not allowed.
If XPrivacyLua doesn't work and/or when "module not running or updated" is shown, this is almost always caused by an Xposed problem.
Discussions about purchases are not allowed here, please contact me via here instead.
XPrivacyLua is being maintained and community supported, but new features won't be added anymore.
Custom hook definitions will always be part of XPrivacyLua, but there will be community support only. This means that I won't respond to questions about defining custom hooks anymore. See this thread for the reasons.
If you value your privacy, please consider to support this project with a donation or by purchasing pro features.
M66B said:
XPrivacyLua is not a permission manager, but a privacy manager. XPrivacyLua doesn't block things and doesn't revoke permissions, but does replace real data by fake data. This means you can grant Android permissions to an app and still let XPrivacyLua prevent the app from seeing privacy sensitive data. Revoking permissions can result in an app refusing to work and/or to crash. However, replacing real by fake data generally doesn't let an app crash.
Currently restrictions are quite crude because they mostly replace real data by no data. For example restricting the contacts app from getting contacts will result in an empty contact list. In the near future it might be made possible to select the data an app may see, for example just one group of contacts.
Click to expand...
Click to collapse
About feature requests and bug reports:
M66B said:
The goal is to have a tool that can properly protect the privacy of many in the near future. However, it isn't paid work, so I do whatever I like whenever I like it.
You can request features in this XDA forum. I will read them, but I will not respond to them and they might or might not be implemented. If I know for sure something will not be implemented, I will let you know.
You can report any problem you have here. There will be no issue tracker on GitHub.
Click to expand...
Click to collapse
M66B said:
For now I have decided to not implement restrictions that are useful to prevent tracking only. There are simply too many data items that can be used for tracking and it would take too much time to develop restrictions for all these data items.
The basic idea is to restrict only things that 'define' you, so which contacts you have, where you are, which apps you use, etc.
Click to expand...
Click to collapse
Namnodorel said:
Maybe we can widen the definition of things that the core of XPL covers to "What defines you, and what can be used to spie on you"? This would include camera/audio, but not tracking.
Click to expand...
Click to collapse
M66B said:
XPrivacyLua is pretty feature complete and will be maintained and supported and when there is a need new hook definitions will be added to better protect your privacy. For the rest this FAQ applies:
https://github.com/M66B/XPrivacyLua/blob/master/FAQ.md#FAQ4
As said before, development will also depend on Xposed development, which is just minimal unfortunately.
Click to expand...
Click to collapse
XDA thanks and donations are appreciated.
XPrivacyLua is supported with Xposed only. There is no support for VirtualXposed and TaiChi.
Even if old Xprivacy isn't supported on nougat, is it possible to keep it with new Lua too until Lua grow up? Or it is not recommended ?
Thank you
Orphee said:
Even if old Xprivacy isn't supported on nougat, is it possible to keep it with new Lua too until Lua grow up? Or it is not recommended ?
Thank you
Click to expand...
Click to collapse
Noooo! First post and it is asking about using Xprivacy on Nougat? That must be demotivating to the dev! It has been told too many times in the xprivacy thread that it is not recommended to use it on Nougat and above all IT IS NOT SUPPORTED!
Sorry for using capitals but let's hope everyone sees it and this thread stays on new Lua topic.
Greetings.
Wow, I was just scrolling through some stuff, stumbled into your repo for XPrivacy/Lua and couldn't believe what I saw! M66B is developing a new app as a replacement for XPrivacy... Thank you so much, you've totally made my day and pobably quite some time into the future as well! I'll definetely also buy/donate for this version as soon as I get to use it.
Just some technical questions:
Looks like you are going more modular with this new app, and you mentioned something about downloading additional (user-made) hooks. You also said you'd keep it much more simple this time to avoid high maintenance etc. Could these external hooks then allow to get the complexity back? I totally understand your motivation, but in-depth restricting of app permissions was something I really liked about the old XPrivacy, and if some user-made hooks would make that possible I'd use them. But they'd also need the ability to add new UI elements, and not just "This hook is about the method XY, execute this code before/after to block it and this code to enable it" for that to be possible.
Orphee said:
Even if old Xprivacy isn't supported on nougat, is it possible to keep it with new Lua too until Lua grow up? Or it is not recommended ?
Click to expand...
Click to collapse
I have just added a FAQ that answers this question:
https://github.com/M66B/XPrivacyLua/blob/master/FAQ.md
m66b said:
i have just added a faq that answers this question:
https://github.com/m66b/xprivacylua/blob/master/faq.md
Click to expand...
Click to collapse
5vp4096549363413x
Namnodorel said:
Wow, I was just scrolling through some stuff, stumbled into your repo for XPrivacy/Lua and couldn't believe what I saw! M66B is developing a new app as a replacement for XPrivacy... Thank you so much, you've totally made my day and pobably quite some time into the future as well! I'll definetely also buy/donate for this version as soon as I get to use it.
Just some technical questions:
Looks like you are going more modular with this new app, and you mentioned something about downloading additional (user-made) hooks. You also said you'd keep it much more simple this time to avoid high maintenance etc. Could these external hooks then allow to get the complexity back? I totally understand your motivation, but in-depth restricting of app permissions was something I really liked about the old XPrivacy, and if some user-made hooks would make that possible I'd use them. But they'd also need the ability to add new UI elements, and not just "This hook is about the method XY, execute this code before/after to block it and this code to enable it" for that to be possible.
Click to expand...
Click to collapse
For now I will concentrate on fixing bugs and building restrictions, which is of course the most important of all. Restrictions are indeed defined and written in Lua. Currently all restrictions are built-in, but later I might add a manager, so you can manage your own definitions. There might even be a repository, which could even contain definition for things not privacy related.
You can find the current definitions here (hooks.json contains the definitions).
Just donated. More to follow along the way. Thank you!!
blackhawk_LA said:
Noooo! First post and it is asking about using Xprivacy on Nougat? That must be demotivating to the dev! It has been told too many times in the xprivacy thread that it is not recommended to use it on Nougat and above all IT IS NOT SUPPORTED!
Sorry for using capitals but let's hope everyone sees it and this thread stays on new Lua topic.
Greetings.
Click to expand...
Click to collapse
"XPrivacyLua is supported on Android 6 Marshmallow and later" you're either lying or it's a misstatement on the repo.
Also can somehow explain to me (I just switched to Android), what Lua is (if not a programming language)?
OgreTactic said:
"XPrivacyLua is supported on Android 6 Marshmallow and later" you're either lying or it's a misstatement on the repo.
Click to expand...
Click to collapse
I don't see why that is a lie or misstatement, so, could you please explain why you think it is?
Edit: I have changed the wording of the opening post a bit, so it is clearer that "Android 6 Marshmallow and later" applies to XPrivacyLua and not to XPrivacy, assuming this is what you meant.
OgreTactic said:
Also can somehow explain to me (I just switched to Android), what Lua is (if not a programming language)?
Click to expand...
Click to collapse
See this comment.
OgreTactic said:
"XPrivacyLua is supported on Android 6 Marshmallow and later" you're either lying or it's a misstatement on the repo.
Also can somehow explain to me (I just switched to Android), what Lua is (if not a programming language)?
Click to expand...
Click to collapse
Some people...
Glad to see Xposed Module development is still alive!
Thx a lot for building and developing this app.
After I've selected some apps I get an error:
XLua.Main:android.os.DeadObjectException:Transaction failed on small parcel; remote process probably died
Things that I would appreciate in future releases:
- More restriction-types like: Network connection, Telephone number/sim-operator, Serialnumber, installed apps/services, accounts
- Is it possible to hide disabled apps from the list?
- Is it possible to decide when an app will request for example the location to allow or deny the request?
th4_c0r3 said:
Thx a lot for building and developing this app.
After I've selected some apps I get an error:
XLua.Main:android.os.DeadObjectException:Transaction failed on small parcel; remote process probably died
Click to expand...
Click to collapse
Can you please capture a logcat? If not, the problem might be visible in the Xposed log as well.
Edit: where exactly do you see this error?
th4_c0r3 said:
Things that I would appreciate in future releases:
- More restriction-types like: Network connection, Telephone number/sim-operator, Serialnumber, installed apps/services, accounts
- Is it possible to hide disabled apps from the list?
- Is it possible to decide when an app will request for example the location to allow or deny the request?
Click to expand...
Click to collapse
Disabled apps are hidden from the list by default.
First: thanks for the release and minimal UI of this app.
Just one request if it is possible. Would it be possible when you start ironing out the features to include a randomisation to some privacy information. Like my main coordinates for GPS are 33N 112W. If the app could randomise the rest so the app knows my general location but not accurately as 1m?
Edit: a good reason for this is for apps like speedtest.net. it grabs GPS to find a close server. When I restrict, closes server is in NY. I don't mind if it knows I live in AZ, heck, XDA knows I live here, but knowing my exact location is bothering.
M66B said:
Can you please capture a logcat? If not, the problem might be visible in the Xposed log as well.
Edit: where exactly do you see this error?
Click to expand...
Click to collapse
The error occurs every second time I open the app and it's shown in the bottom of the app. In the Xposed log there isn't a XLua-Error.
I've sent you the logcat via email.
M66B said:
For now I will concentrate on fixing bugs and building restrictions, which is of course the most important of all. Restrictions are indeed defined and written in Lua. Currently all restrictions are built-in, but later I might add a manager, so you can manage your own definitions. There might even be a repository, which could even contain definition for things not privacy related.
Click to expand...
Click to collapse
Thank you for your answer, but I'm still kinda missing what I wanted to know: Could hooks potentially add custom UI and/or save data? I'd imagine something like saving a list of contacts and when an app requests the contact list selecting this specific list to be returned.
Namnodorel said:
Thank you for your answer, but I'm still kinda missing what I wanted to know: Could hooks potentially add custom UI and/or save data? I'd imagine something like saving a list of contacts and when an app requests the contact list selecting this specific list to be returned.
Click to expand...
Click to collapse
Yes, that would be possible. When there is a need, I will add APIs that can be used in Lua to save data in a structured way into the XPrivacyLua database, so anyone wanting to develop a new hook definition doesn't have to worry about how to do this. In fact this has already been prepared.
M66B said:
I don't see why that is a lie or misstatement, so, could you please explain why you think it is?
Edit: I have changed the wording of the opening post a bit, so it is clearer that "Android 6 Marshmallow and later" applies to XPrivacyLua and not to XPrivacy, assuming this is what you meant.
See this comment.
Click to expand...
Click to collapse
Oh okay, thanks. So I can't use the current XPrivacy (on the PlayStore) on Nougat S8? I hope I can if not, I'll wait for the XPrivacy L.
It's crazy that Android forces privacy breaching (violation is an accurate word use) "services", processes and apps at it's core. If I were to learn to use Android enough is it possible to prevent it, like it's the case on iPhone, well in appareances because when you jailbreak it you can see all the processes, but it's clearly not in completely forcing this violation of your data, be it just with the permission management that NO apps can require or force on you to run, which to me absolutely crazy that it's the case on Android.
OgreTactic said:
Oh okay, thanks. So I can't use the current XPrivacy (on the PlayStore) on Nougat S8? I hope I can if not, I'll wait for the XPrivacy L.
It's crazy that Android forces privacy breaching (violation is an accurate word use) "services", processes and apps at it's core. If I were to learn to use Android enough is it possible to prevent it, like it's the case on iPhone, well in appareances because when you jailbreak it you can see all the processes, but it's clearly not in completely forcing this violation of your data, be it just with the permission management that NO apps can require or force on you to run, which to me absolutely crazy that it's the case on Android.
Click to expand...
Click to collapse
As M66B said in the Xprivacy Thread:
M66B said:
An absolute privacy fix is turning your device off. XPrivacy is an best effort attempt to fix the most important privacy problems, like exposing your location and contacts.
Click to expand...
Click to collapse
What you could do, at least that's what I do, is to disable services (look for DisableService in PlayStore) and/or restrict as much as possible via the privacy settings (depending on ROM). For example I deny Google services the location rights and only switch them on when needed.
Also there are possibilities to run your phone without any Google services at all. Search for MicroG.
But you have to understand, that using an Android device is going to violate privacy in one form or another. Same goes with Windows and Apple devices...
I don't like it at all but that's just what the world has become. If you want to use Google Services you kinda have to accept that you can't (at least not with simple fixes) protect your whole privacy. It sucks, but that's just what it is...
Is there a phone/android version that allows someone whos not an Android expert to actually have control over what their phones doing? Or is it just not possible nowadays for a regular person to fully control the info their phone sends?
Sorry if this sounds cynical, it really is a genuine question.
Thank you.
Hi Steve, it sounds like what you need is a rooted phone. Forgive me if you're already familiar with the term, but rooting basically gives you administrator rights over just about everything on your phone, with only a few exceptions depending on which Android version the phone is running. This allows you to do stuff like revoke permissions for apps, block ads, and change how Android looks and behaves.
Do you have a phone in mind already? If not, what's your budget?
questions should be posted in q/a Thread moved please review the rules ( located below)
rhythm_dx said:
Hi Steve, it sounds like what you need is a rooted phone. Forgive me if you're already familiar with the term, but rooting basically gives you administrator rights over just about everything on your phone, with only a few exceptions depending on which Android version the phone is running. This allows you to do stuff like revoke permissions for apps, block ads, and change how Android looks and behaves.
Do you have a phone in mind already? If not, what's your budget?
Click to expand...
Click to collapse
Thank you for your help. I had a rooted phone, but a friend did it for me. Now I have a S8 active on Pie and from my research the bootloader I have (V5) is not rootable. I'm definitely not well versed in Android though and could be wrong. That's why I was wondering if there was a device that offered full control without the need and rick of rooting. If there's not, could you suggest one that is perhaps the simplest and least risky to root? I don't need top of the line, I don't game or anything and would be fine with getting something used. thanks again!
Luckily, there is a way in stock Android to control permissions! I forgot about it when I was typing my previous response. Here's an overview: https://www.howtogeek.com/355257/can-you-control-specific-permissions-on-android/ Hope that does what you're looking for.
If you want to do more with a rooted phone like block ads, there are some that are easily rootable, like the Google Pixel series. Here are a few options: https://www.androidcentral.com/best-phone-rooting-and-modding I liked the Pixel 2XL I used through my previous job, and I've heard good things about the other Pixels, for what that's worth. I haven't tried the other phones in that link, but the OnePlus phones have an excellent reputation.
There are many other phones that have varying degrees of difficulty for rooting, but I'm not aware of any relatively recent ones not on that list that I'd consider easy to root. I've found that the best approach to finding a new phone is going to GSM Arena's Phone Finder to put on my criteria, then coming back to XDA and searching through the forums to find out whether my prospective phone of choice has root yet. As you've discovered with your S8, some phones just never get there, which is pretty frustrating.
I hope that helps! Holler if you have any other questions.
Well, that's my main issue, you can only control certain permissions there. When I click "all permissions" I can see them all, but not turn them off. It's just a bummer that one has to go thru all this rigmarole to control a device they supposedly own. I was hoping maybe someone made a device that you could control stock, but I guess that was wishful thinking. Thanks again.
SteveJustSteve said:
Is there a phone/android version that allows someone whos not an Android expert to actually have control over what their phones doing? Or is it just not possible nowadays for a regular person to fully control the info their phone sends?
Sorry if this sounds cynical, it really is a genuine question.
Thank you.
Click to expand...
Click to collapse
You must distinguish between Android OS itself and the apps that run on it: Android OS has no permissions you can invoke/revoke, only hardware/OS specific settings can be made there, but permissions can be granted/withdrawn from an app - if its developer has allowed the latter. To change the permissions of an app basically no rooted Android is required, this is done either via Android->Settings or via a 3rd-party APK editor.
BTW: It exist 3rd-party apps that can show you what apps are sending/receiving data over Internet.
Hint: Use your Android phone without Google.
Is root required to disable hardware?
SteveJustSteve said:
Is root required to disable hardware?
Click to expand...
Click to collapse
No, only a hammer. :laugh: