Some apps ask for more permissions than I want to give them.
With DroidWall I can take internet permissions away from individual apps, which is great for all those app that demand internet access even though they work fine without it. But what if I want to remove other permissions, such as access to my location or my contacts?
There is a manual way to edit unwanted permissions out of .apk files, but this method is not meant for human consumption.
Q: Is there an app that lets me allow/deny permissions per app?
It is not possible and is a very bad idea to do by modifying the APK.
I agree it'd be cool if Android was implemented to allow optional permissions. I hate adding permissions to my apps because I know some users don't want to give them. But Android is not designed this way.
Here's how I and just about every other developer would do something like make use of the READ_PHONE_STATE permissions to read your IMEI:
Code:
TelephonyManager tm = (TelephonyManager) context.getSystemService(Context.TELEPHONY_SERVICE);
String deviceId = tm.getDeviceId();
Without the READ_PHONE_STATE permission, the above could would do this:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
It's possible for developers to write their code to handle not having a permission they expect to have:
Code:
String deviceId;
try { TelephonyManager tm = (TelephonyManager) context.getSystemService(Context.TELEPHONY_SERVICE);
deviceId = tm.getDeviceId();
} catch (SecurityException ex) {
deviceId = "1234";
}
However no app dev does this. And unless a future version of Android itself were to allow this, it's unlikely app devs would take the time to test and update their apps to gracefully degrade when the user has used some hacky method to restrict the app. (I wouldn't. I have to do enough testing already just supporting all the manufacture skins and custom roms.)
If you question a permission you should ask the dev. And if you don't like the answer, or don't trust the dev, you should avoid the app.
(DroidWall doesn't remove the INTERNET permission, it just firewalls off the app from using the internet. Looks like a network connection issue to the app, which already has to be handle gracefully.)
DroidWall tells the apps it blocks that there is no live internet connection, even though the connection is alive and kicking for every other app. AdBlock works in a similar way: it doesn't deny apps from calling their banner farm, it just keeps it out of reach by redirecting the request to 127.0.0.1.
There are many ways to make apps believe they've got permissions that they don't really have.
For example, a permissions manager could spoof an empty contacts list for apps that want to read your phone book. Apps that want to know where you are for no good reason would only have to be fed some random coordinates instead of getting your real location.
Maybe Android was not designed that way, but one of the advantages of an open system is that you can make it do things beyond the original specs. If we root our phones and install custom ROMs to get rid of unwanted bloatware, why not apply similar techniques to get rid of unwanted app permissions?
Of course you could simply avoid apps that ask for too many permissions (but only if suitable alternative apps are available), but such a sledgehammer approach wouldn't be necessary with a permissions manager that gives you more subtle tools to tame your apps. This way you can have the best of both worlds: remove undesired permissions without throwing out the entire app.
It's been done in the lab, hopefully they release source. The paper is a pretty good read, and not overly verbose.
Can't post links, don't want to spam 8 posts for it, so Google for "Taming Information-Stealing Smartphone Applications". The paper is from NCSU.
Exactly what I'm looking for. Let's hope it hits the market soon!
The long version (in pdf format): http://www.csc.ncsu.edu/faculty/jiang/pubs/TRUST11.pdf
The short version: http://insciences.org/article.php?article_id=10052
Even shorter: http://apps.findingthis.com/utilities/android/taming-information-stealing-smartphone-applications/
Screenshot:
Permissions manager for rooted phones from the author of Busybox: Permissions Denied.
Unfortunately, it looks like Permissions Denied actually denies permissions rather than spoofing them, so I would expect most apps to crash as mentioned by kevin. The spoofing approach in the NCSU papers seems like the more robust approach unless and until Google implements optional permissions, at which point app developers would hopefully start adding graceful permission exception handlers.
Sent from my Dinc via XDA app.
This is really the worst "feature" of Android. Someone should fix it really fast even creating a "shadow" distro with patched permission manager (if it cannot be done as an add-on).
Is anything new in this topic around?
Please use the Q&A Forum for questions Thanks
Moving to Q&A
rogier666 said:
Some apps ask for more permissions than I want to give them.
Q: Is there an app that lets me allow/deny permissions per app?
Click to expand...
Click to collapse
Did they ever release the TISSA app? I can't find anything about the app since last April.
It doesn't matter anymore, 'cos now we have LBE, PDroid, and the built-in permissions manager of CyanogenMod.
i've been using lbe and it's been useful. it doesn't block every permission of an app but some things as internet (as droidwall), contacts, gps and sms/phone call it blocks. If you're looking for a real permission blocker, you may want to take a look at some cyanogen 7 rom. the app blocking is enabled on it, pretty handy for me.
Unfortunately LBE crashes my phone (black screen as soon as the background service starts) and Cyanogen Mod doesn't include this feature anymore. Are there any other permission manager apps? Since PDroid seams hard to setup.
white-gecko said:
Unfortunately LBE crashes my phone (black screen as soon as the background service starts) and Cyanogen Mod doesn't include this feature anymore. Are there any other permission manager apps? Since PDroid seams hard to setup.
Click to expand...
Click to collapse
There's a new app called LBE Security Manager, but it's Google-translated from chinese to english so it may be hard to use.
http://forum.xda-developers.com/showthread.php?t=1422479
Looks like the makers of LBE are focussing on their home market (population 1.35 billion) and ignoring the rest of the world.
Hi!
I have just got myself an android phone and I am lookign for a good permissions manager app - would be grateful for any solutions.
I've had a look at LBE, but it requires access to all your phone's functions!!! Seems silly to produce a security app that can MAKE CALLS and SEND MESSAGES from your phone!!
Are there any other alternatives for android JB?
Thank you!
PS I'm absolutely shocked by android's permissions policy - seems like a massive threat to me. maybe I'm paranoid =) I'd be grateful for any links to info about securing the phone.
Also I can't seem to set a root password but that's a different story 0_0
Mr.Chavez said:
Hi!
I have just got myself an android phone and I am lookign for a good permissions manager app - would be grateful for any solutions.
I've had a look at LBE, but it requires access to all your phone's functions!!! Seems silly to produce a security app that can MAKE CALLS and SEND MESSAGES from your phone!!
Are there any other alternatives for android JB?
Thank you!
PS I'm absolutely shocked by android's permissions policy - seems like a massive threat to me. maybe I'm paranoid =) I'd be grateful for any links to info about securing the phone.
Also I can't seem to set a root password but that's a different story 0_0
Click to expand...
Click to collapse
With the way Android is set up all permissions managers need a truckload of permissions to do their job. Once you give your security app root access the other permissions don't matter anymore. Whether it's LBE, Permissions Denied, or the built-in permissions manager of CyanogenMod makes no difference. Once you give 'em root access they can do whatever they want.
rogier666 said:
With the way Android is set up all permissions managers need a truckload of permissions to do their job. Once you give your security app root access the other permissions don't matter anymore. Whether it's LBE, Permissions Denied, or the built-in permissions manager of CyanogenMod makes no difference. Once you give 'em root access they can do whatever they want.
Click to expand...
Click to collapse
Thank you.
Can LBE from XDA be trusted?..
In my understanding Google does not provide any guarantees on apps downloaded from Google Play store (i.e. i've been warned about permissions when installing an app so it's at my own risk - is that right?
What is the general public view on android security then? Is it better to let one app take over the phone (eg lbe or permission denied)?
Thank you for helping an android newbie!
Mr.Chavez said:
Thank you.
Can LBE from XDA be trusted?..
In my understanding Google does not provide any guarantees on apps downloaded from Google Play store (i.e. i've been warned about permissions when installing an app so it's at my own risk - is that right?
What is the general public view on android security then? Is it better to let one app take over the phone (eg lbe or permission denied)?
Thank you for helping an android newbie!
Click to expand...
Click to collapse
I have used various versions of LBE without problems in the past (am not using it at the moment). You need to trust someone or something eventually.
Firewall can help.
ROM Toolbox has an advanced freeze option in app manager which can disable a number of intents, including start on boot, ad engines, analytics, etc. Of course, disabling things can at times have undesirable results but if you take notes of your changes they can easily be turned back on later.
---
Duct tape is like the force. It has a light side and a dark side and it holds the universe together. (via Tapatalk)
I've switched off everything in LBE Privacy Guard (Play Store version) that needs internet, blocked it with DroidWall (and later with AFWall+), and checked my router logs and packet sniffer. I never caught LBE going online when it wasn't supposed to.
PDroid is safe too, but very hard to build into your ROM.
How about permission managera under Android 4.3? No root needed...
Is it possible to unlock APP ops without an third party APP? Just editing some file? I have got root
Related
Hello!
My colleague has pulled of the amazing achievement of installing some sort of malware on his phone, i have no idea of how he did it or what .apk he installed to get it.
It shows itself by randomly showing a notice in the pull down bar, saying something about improving battery life, when the notice is clicked it opens a website:
hxxp://get.batteryoptimizer.net/lp6.b/index.html?utm_source=cb&utm_campaign=2012-01-13.c.pro&utm_term=sweden&custom_tag=en-minasmstips-Sweden
(disabled the automatic BB-code link, site contains mentioned malware use with caution )
View of the website in the phone:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
I can not find any suspicious app anywhere on the phone, and the phone is not rooted so i can not open a ADB shell to find it either.
Anyone have any idea of what this is? How can it be removed?
I cant find any information about this when googling it either.
He had the same thing on his old phone, Nexus One, so i dont know if he got the virus when it re-synced installed apps through gmail account when installing the new phone or if he succeeded to install the same malware .apk manually on both phones.
Ill be happy for any hints at all about this.
check all .apk's in /system/apps/ and try to remove those u dont know via titanium... also try avast! internet security from market... its free and imho the best anti-malware out there for android
PS: w/o rooting forget the titanium method...
Sent with my Galaxy Nexus running the AOKP milestone 2 by almighty RomanBB
I have seen people mention it on twitter
And from what I recall it was another app they have installed already that's spamming them with ads
this is only from what I recall from my twitter stream however, ask you friend what apps he has installed lately and check the market comments on those to see if other people have had the same issue
Uninstall all recent Market apps.. It may have been hidden inside another app, so just uninstall some apps. If you get forced to, you might have to clear data in recovery.
Its an ad nor.ally by airpush. Developers have been using this as these ads pay more. Look for an airpush locator app from the market. It will tell you what app has it built into it.
Great stuff! Quite helpful for me.
Thanks for the help everyone.
I found the app, some spanish learning app. link
Found it using theese two apps:
Addons Detector
AirPush Detector
Thanks everyone
is useless app
Received a notification of this batterycrap already 2-3 times. I will now use airpush detector to find out which damn app is the root cause for that stuff.
App removed
Hi Guys
Thanks for the advice on this piece of malware. I installed airpush locator app, and it identified my humble 'notepad' app (that was recently updated itself)
Notepad link
https://market.android.com/details?...1bGwsMSwxLDEsIm1lLmxhb3llLmZyZWUubm90ZXBhZCJd
Phew!
Hmmmmmmmm nasty indeed !!!!!!!
But everyone needs to stop calling junk like this "MALWARE",
It is "ADWARE" a well known form of spam essentially.
Where as "malware" is an application that either degrades system performance or is involved in malign activities.
It being hidden installed on your phones, against your will doesn't make it malware
The reason it matters is the rather rapidly growing assumption amongst the general public that Android is a malware troubled flatform. Which it is not.
Guru Zeb said:
Hmmmmmmmm nasty indeed !!!!!!!
But everyone needs to stop calling junk like this "MALWARE",
It is "ADWARE" a well known form of spam essentially.
Where as "malware" is an application that either degrades system performance or is involved in malign activities.
It being hidden installed on your phones, against your will doesn't make it malware
The reason it matters is the rather rapidly growing assumption amongst the general public that Android is a malware troubled flatform. Which it is not.
Click to expand...
Click to collapse
Hey Guru
Good point about the naming of the problem! Although on this occasion, whether it's 'malware', 'adware', or even 'underware' the name is less relevant. I think the point is that someone has infiltrated our phones and we needed to find the culprit
Personally, if it's 'pushing' stuff to my phone without me knowing, then in my book, that's 'malign activity'.
Glad I got rid of it though
stevep said:
Personally, if it's 'pushing' stuff to my phone without me knowing, then in my book, that's 'malign activity'.
Click to expand...
Click to collapse
You installed the app therefore giving it the permissions it requests
Sent from my ice cream powered Nexus S
DarkhShadow said:
You installed the app therefore giving it the permissions it requests
Sent from my ice cream powered Nexus S
Click to expand...
Click to collapse
Well said! Yeah..and that's the point. The original app - Notepad - was a 'safe' one.. so I let it install when it said that an update was available. The latest version introduced 'extra' permissions that I didn't look out for because I assumed it was still essentially the same app and therefore it would NOT allow ads/apps to be pushed.
I'd say that was 'less-than-honest-behaviour' - Maybe it should be called 'ReadTheSmallPrintWare'
stevep said:
Well said! Yeah..and that's the point. The original app - Notepad - was a 'safe' one.. so I let it install when it said that an update was available. The latest version introduced 'extra' permissions that I didn't look out for because I assumed it was still essentially the same app and therefore it would NOT allow ads/apps to be pushed.
I'd say that was 'less-than-honest-behaviour' - Maybe it should be called 'ReadTheSmallPrintWare'
Click to expand...
Click to collapse
If you install via market and an apps permissions change later it does highlight them in bold to bring them to your attention.
But they should say "can push notifications to your phone".
Dave
Sent from my LG P920 using Tapatalk
I have succses
Hi,
i have the same problem.
I find in my install apps two apps without peculiar icon (only universal system icon). This apps have in name too samsung. I don't remember when this apps I install. I uninstall it. And now I without batteryoptimizer malware message.
(Sorry my english is bad)
Same problem. Used the airpush and addons detector and found the culprit. Pin to Pinterest.
Thanks guys.
Good news, Droidwall development has been picked up by a new dev. It's now called Android Firewall, and yes it works on 4.0 and higher--something Droidwall did not support.
It's open source and worth checking out.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
https://play.google.com/store/apps/details?id=com.jtschohl.androidfirewall
Sent from my DROID X2 using xda app-developers app
LaserChicken said:
Good news, Droidwall development has been picked up by a new dev. It's now called Android Firewall, and yes it works on 4.0 and higher--something Droidwall did not support.
It's open source and worth checking out.
View attachment 1535338
https://play.google.com/store/apps/details?id=com.jtschohl.androidfirewall
Sent from my DROID X2 using xda app-developers app
Click to expand...
Click to collapse
Will this app allow you to block certain apps from accessing phone data, etc.. when they have nothing to do with phone data or network?
Is there a solution for earlier android versions?
hydeah said:
Will this app allow you to block certain apps from accessing phone data, etc.. when they have nothing to do with phone data or network?
Is there a solution for earlier android versions?
Click to expand...
Click to collapse
No, this is just a firewall/iptables. For further protection, like blocking certain apps from getting specific permissions, there are apps like pdroid, LBE, etc.
Sent from my MB870 using xda app-developers app
LaserChicken said:
No, this is just a firewall/iptables. For further protection, like blocking certain apps from getting specific permissions, there are apps like pdroid, LBE, etc.
Sent from my MB870 using xda app-developers app
Click to expand...
Click to collapse
Thanks, I have been looking for one like that but I kept getting firewalls. I noticed firewall is simply blocking/allowing wifi/3g-4g data access. I iwll check those apps you mentioned, there is no reason why angry birds should have access to phone data.. I wonder if any one of those apps actually replace the phone data so the app/game itself does not FC when it cannot access the data it needs (my caller ID data.. )
Rom toolbox has an auto start function that tells you how many receivers an app has at startup and lets you disable them not sure if that's what your looking for or not
don't be scared it's only a phone
ogd x d2g x2 sg3
old ladies ^
Hi, I use normal home wifi, and mobile wifi with DATA PLAN when I'm out, is there a way to setup different access restriction for each one???
That is different settings for: DATA / WIFI xxx / WIFI yyy, or just treats certain WIFI Hotspots as Mobile Data like in some new JellyBean Data restriction
hydeah said:
Thanks, I have been looking for one like that but I kept getting firewalls. I noticed firewall is simply blocking/allowing wifi/3g-4g data access. I iwll check those apps you mentioned, there is no reason why angry birds should have access to phone data.. I wonder if any one of those apps actually replace the phone data so the app/game itself does not FC when it cannot access the data it needs (my caller ID data.. )
Click to expand...
Click to collapse
LBE Privacy Guard is great. I think it's exactly what you're looking for
Anybody else having the problem that settings aren't sticking on latest version from play store?
Sent from my Evo 3D GSM using Tapatalk 4 Beta
Have you tried flushing the rules and clearing the cache?
will give this a try
Isn't this now a stock feature of 4.4, ability to block apps from accessing certain phone information and functions?
I believe it was introduced in 4.3.
Sent from my LG-D800
I would suggest using xprivacy and the xposed framework. They weren't available when I made this thread, they work great. Make sure you use the 2.3 port of xposed.
hydeah said:
Isn't this now a stock feature of 4.4, ability to block apps from accessing certain phone information and functions?
I believe it was introduced in 4.3.
Sent from my LG-D800
Click to expand...
Click to collapse
I don't believe the stock feature allows for as much control as xprivacy does. And if I understand, the stock 4.4 feature won't block system apps.
LaserChicken said:
I don't believe the stock feature allows for as much control as xprivacy does. And if I understand, the stock 4.4 feature won't block system apps.
Click to expand...
Click to collapse
Xposed is getting a lot of attention, are they on the track to be the next CM of Android community? Possibly.
I am curious, does it actually stop these apps from trying to get data or just deny access but they keep trying. And if they keep trying when they don't get what they want, will that have any impact on battery life?
Sent from my LG-D800
Is Android Firewall still supported? I don't see it on Google Play anymore, and even though I have it enabled it has stopped working on my KitKat phone.
EEngineer said:
Is Android Firewall still supported? I don't see it on Google Play anymore, and even though I have it enabled it has stopped working on my KitKat phone.
Click to expand...
Click to collapse
Yea I was just looking for it today and it's gone. What's the next best thing?
Flyview said:
EEngineer said:
Is Android Firewall still supported? I don't see it on Google Play anymore, and even though I have it enabled it has stopped working on my KitKat phone.
Click to expand...
Click to collapse
Yea I was just looking for it today and it's gone. What's the next best thing?
Click to expand...
Click to collapse
It seems to be working but it doesn't block ads any more..
First I had DroidWall and that was abandoned, now I have Android Firewall and that is abandoned. I think I'll look for a firewall that has been around for a long time, it has less chance of turning into abandonware.
Seriously you guys are not aware of AFWall+ ?
http://forum.xda-developers.com/showthread.php?t=1957231
ukanth said:
Seriously you guys are not aware of AFWall+ ?
Click to expand...
Click to collapse
Seriously, have you not read this thread?
First, there was DroidWall, which was unceremoniously discontinued and not fit for use for any Android OS past Gingerbread.
Next, the same developer launched Android Firewall. Not only did the developer also discontinue this firewall and drop it from Google Play without notice, but it appears Android Firewall now lets ads through! Note that this does not happen if you block Android Firewall in Android Firewall, so it might be that the developer deliberately modified the firewall to let ads through - someone with more knowledge would have to verify this.
Now, the same developer has released AFWall+. I'm sorry but I can't trust a firewall from a developer that has a history of abandoning their apps, especially a security app.
In each case, the developer went dark.
So now many are looking for a firewall that has been supported for a long time, and we are willing to pay for it. I don't think we are being unreasonable here, I appreciate the work that developers have done for the community but would be respectful of users if the app was discontinued with some notice and explanation, rather than leaving users vulnerable.
EEngineer said:
Seriously, have you not read this thread?
First, there was DroidWall, which was unceremoniously discontinued and not fit for use for any Android OS past Gingerbread.
Next, the same developer launched Android Firewall. Not only did the developer also discontinue this firewall and drop it from Google Play without notice, but it appears Android Firewall now lets ads through! Note that this does not happen if you block Android Firewall in Android Firewall, so it might be that the developer deliberately modified the firewall to let ads through - someone with more knowledge would have to verify this.
Now, the same developer has released AFWall+. I'm sorry but I can't trust a firewall from a developer that has a history of abandoning their apps, especially a security app.
In each case, the developer went dark.
So now many are looking for a firewall that has been supported for a long time, and we are willing to pay for it. I don't think we are being unreasonable here, I appreciate the work that developers have done for the community but would be respectful of users if the app was discontinued with some notice and explanation, rather than leaving users vulnerable.
Click to expand...
Click to collapse
Same developer ? get you stats right. DroidWall was developed by Rodrigo and sold it to Avast
There were two forks of Droidwall after that.
1. AFWall+ by me
2. Android Firewall by "Jason Tschohl"
AFWall+ is still active and currently in BETA to support Lollipop. You can see that in http://forum.xda-developers.com/showthread.php?t=1957231
There's apps I want to use but I don't see why they need to have access to read my records and have network access.
Is there something that I can control the permissions of apps so I can install what I want and not let it have the permissions it wants?
I thought I had found something before I replace my phone but I can't remember... When I first got the Rezound it was my first smartphone and I installed a lot of apps and didn't pay too much attention to permissions, but this time, on my replacement I'm being more careful and it's interesting to see how many apps ask for permission that they definitely do not need.
Avast! will let you firewall apps, preventing them from getting network access.
PDroid allows you to invidually control each individual permission for every app. However it needs to be baked into the rom.
More info on PDroid 2.0: http://forum.xda-developers.com/showthread.php?t=1923576
Info on Auto-Patching PDroid into a ROM: http://forum.xda-developers.com/showthread.php?t=1719408
Windows tool to patch PDroid into a ROM: http://forum.xda-developers.com/showpost.php?p=31648393&postcount=690
LBE Privacy Guard is what you're thinking of I think
https://play.google.com/store/apps/details?id=com.lbe.security.lite&feature=search_result
CharliesTheMan said:
LBE Privacy Guard is what you're thinking of I think
https://play.google.com/store/apps/details?id=com.lbe.security.lite&feature=search_result
Click to expand...
Click to collapse
Thanks, that's the sort of thing I need. That particular one is getting a lot of bad reviews but they seem to be due to it not working with Jelly Bean. Might give it a go or try one of the other suggestions that come up.
avast! is good as well for blocking network connections, I like that. But there was an app I was looking at that wanted to read my personal stuff and I couldn't see why it should do that so I need something that I can set that sort of thing with.
Being a Noob to Android I thought I'd install some location based profile software which is one of the things that Android owners always say they can do which is lacking from the iPhone.(where I come from)
Lamma seems to be recommended but the permissions it asks for include:
"Add or modify calendar events and send email to guests without owners' knowledge. read calendar events plus confidential information"
clicking on the detail is even more scary.
Android tells you what it's going to do - but do users actually allow this? Most apps seem to want permissions that you would have to be mad to accept.
Can I not install any useful app without agreeing to terms that are unacceptable?
What am i missing? Do people just allow unrestricted access? Not install any app? or is there a way of installing apps but not giving them stupid access?
I can't believe people allow that sort of access - I must be missing something.
Some custom after market ROMs allow to drop any permission by user but it may render app useless.
Most of the time apps are not malware, but sometimes they may be. You can contact developer of the app requesting for reasons of these permissions and he may reply better.
you can always use auto start manager app within the rom toolbox to control the permissions of the apps..
Confucious said:
Being a Noob to Android I thought I'd install some location based profile software which is one of the things that Android owners always say they can do which is lacking from the iPhone.(where I come from)
Lamma seems to be recommended but the permissions it asks for include:
"Add or modify calendar events and send email to guests without owners' knowledge. read calendar events plus confidential information"
clicking on the detail is even more scary.
Android tells you what it's going to do - but do users actually allow this? Most apps seem to want permissions that you would have to be mad to accept.
Can I not install any useful app without agreeing to terms that are unacceptable?
What am i missing? Do people just allow unrestricted access? Not install any app? or is there a way of installing apps but not giving them stupid access?
I can't believe people allow that sort of access - I must be missing something.
Click to expand...
Click to collapse
You really have to think about what the app could be using the permission for, for example something like tasker pretty much needs every permission going because it allows you to set anything up as a profile etc.
The rule of thumb is to look at the app reviews, look at the permissions and just think about what the app could be using it for.
Sure a soundboard style app shouldnt need to make phone calls but many apps do need permissions that at first glance you might not think are needed.
And if your really in doubt email the developer and ask them to explain why they need this permission.
Surprise :laugh:
http://www.xda-developers.com/android/manage-individual-app-permissions-with-xprivacy/
XPrivacyLua
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Really simple to use privacy manager for Android 6.0 Marshmallow and later (successor of XPrivacy).
Revoking Android permissions from apps often let apps crash or malfunction. XPrivacyLua solves this by feeding apps fake data instead of real data.
Features:
Simple to use
Manage any user or system app
Extensible
Multi-user support
Free and open source
See here for all details, including installation instructions and download link.
Please read the frequently asked questions before asking a question.
This XDA thread is about using the latest version of XPrivacyLua. Off topic comments are allowed as long they are related to XPrivacyLua and are in the general interest of the followers of this thread, but anything not related to privacy is not allowed.
If XPrivacyLua doesn't work and/or when "module not running or updated" is shown, this is almost always caused by an Xposed problem.
Discussions about purchases are not allowed here, please contact me via here instead.
XPrivacyLua is being maintained and community supported, but new features won't be added anymore.
Custom hook definitions will always be part of XPrivacyLua, but there will be community support only. This means that I won't respond to questions about defining custom hooks anymore. See this thread for the reasons.
If you value your privacy, please consider to support this project with a donation or by purchasing pro features.
M66B said:
XPrivacyLua is not a permission manager, but a privacy manager. XPrivacyLua doesn't block things and doesn't revoke permissions, but does replace real data by fake data. This means you can grant Android permissions to an app and still let XPrivacyLua prevent the app from seeing privacy sensitive data. Revoking permissions can result in an app refusing to work and/or to crash. However, replacing real by fake data generally doesn't let an app crash.
Currently restrictions are quite crude because they mostly replace real data by no data. For example restricting the contacts app from getting contacts will result in an empty contact list. In the near future it might be made possible to select the data an app may see, for example just one group of contacts.
Click to expand...
Click to collapse
About feature requests and bug reports:
M66B said:
The goal is to have a tool that can properly protect the privacy of many in the near future. However, it isn't paid work, so I do whatever I like whenever I like it.
You can request features in this XDA forum. I will read them, but I will not respond to them and they might or might not be implemented. If I know for sure something will not be implemented, I will let you know.
You can report any problem you have here. There will be no issue tracker on GitHub.
Click to expand...
Click to collapse
M66B said:
For now I have decided to not implement restrictions that are useful to prevent tracking only. There are simply too many data items that can be used for tracking and it would take too much time to develop restrictions for all these data items.
The basic idea is to restrict only things that 'define' you, so which contacts you have, where you are, which apps you use, etc.
Click to expand...
Click to collapse
Namnodorel said:
Maybe we can widen the definition of things that the core of XPL covers to "What defines you, and what can be used to spie on you"? This would include camera/audio, but not tracking.
Click to expand...
Click to collapse
M66B said:
XPrivacyLua is pretty feature complete and will be maintained and supported and when there is a need new hook definitions will be added to better protect your privacy. For the rest this FAQ applies:
https://github.com/M66B/XPrivacyLua/blob/master/FAQ.md#FAQ4
As said before, development will also depend on Xposed development, which is just minimal unfortunately.
Click to expand...
Click to collapse
XDA thanks and donations are appreciated.
XPrivacyLua is supported with Xposed only. There is no support for VirtualXposed and TaiChi.
Even if old Xprivacy isn't supported on nougat, is it possible to keep it with new Lua too until Lua grow up? Or it is not recommended ?
Thank you
Orphee said:
Even if old Xprivacy isn't supported on nougat, is it possible to keep it with new Lua too until Lua grow up? Or it is not recommended ?
Thank you
Click to expand...
Click to collapse
Noooo! First post and it is asking about using Xprivacy on Nougat? That must be demotivating to the dev! It has been told too many times in the xprivacy thread that it is not recommended to use it on Nougat and above all IT IS NOT SUPPORTED!
Sorry for using capitals but let's hope everyone sees it and this thread stays on new Lua topic.
Greetings.
Wow, I was just scrolling through some stuff, stumbled into your repo for XPrivacy/Lua and couldn't believe what I saw! M66B is developing a new app as a replacement for XPrivacy... Thank you so much, you've totally made my day and pobably quite some time into the future as well! I'll definetely also buy/donate for this version as soon as I get to use it.
Just some technical questions:
Looks like you are going more modular with this new app, and you mentioned something about downloading additional (user-made) hooks. You also said you'd keep it much more simple this time to avoid high maintenance etc. Could these external hooks then allow to get the complexity back? I totally understand your motivation, but in-depth restricting of app permissions was something I really liked about the old XPrivacy, and if some user-made hooks would make that possible I'd use them. But they'd also need the ability to add new UI elements, and not just "This hook is about the method XY, execute this code before/after to block it and this code to enable it" for that to be possible.
Orphee said:
Even if old Xprivacy isn't supported on nougat, is it possible to keep it with new Lua too until Lua grow up? Or it is not recommended ?
Click to expand...
Click to collapse
I have just added a FAQ that answers this question:
https://github.com/M66B/XPrivacyLua/blob/master/FAQ.md
m66b said:
i have just added a faq that answers this question:
https://github.com/m66b/xprivacylua/blob/master/faq.md
Click to expand...
Click to collapse
5vp4096549363413x
Namnodorel said:
Wow, I was just scrolling through some stuff, stumbled into your repo for XPrivacy/Lua and couldn't believe what I saw! M66B is developing a new app as a replacement for XPrivacy... Thank you so much, you've totally made my day and pobably quite some time into the future as well! I'll definetely also buy/donate for this version as soon as I get to use it.
Just some technical questions:
Looks like you are going more modular with this new app, and you mentioned something about downloading additional (user-made) hooks. You also said you'd keep it much more simple this time to avoid high maintenance etc. Could these external hooks then allow to get the complexity back? I totally understand your motivation, but in-depth restricting of app permissions was something I really liked about the old XPrivacy, and if some user-made hooks would make that possible I'd use them. But they'd also need the ability to add new UI elements, and not just "This hook is about the method XY, execute this code before/after to block it and this code to enable it" for that to be possible.
Click to expand...
Click to collapse
For now I will concentrate on fixing bugs and building restrictions, which is of course the most important of all. Restrictions are indeed defined and written in Lua. Currently all restrictions are built-in, but later I might add a manager, so you can manage your own definitions. There might even be a repository, which could even contain definition for things not privacy related.
You can find the current definitions here (hooks.json contains the definitions).
Just donated. More to follow along the way. Thank you!!
blackhawk_LA said:
Noooo! First post and it is asking about using Xprivacy on Nougat? That must be demotivating to the dev! It has been told too many times in the xprivacy thread that it is not recommended to use it on Nougat and above all IT IS NOT SUPPORTED!
Sorry for using capitals but let's hope everyone sees it and this thread stays on new Lua topic.
Greetings.
Click to expand...
Click to collapse
"XPrivacyLua is supported on Android 6 Marshmallow and later" you're either lying or it's a misstatement on the repo.
Also can somehow explain to me (I just switched to Android), what Lua is (if not a programming language)?
OgreTactic said:
"XPrivacyLua is supported on Android 6 Marshmallow and later" you're either lying or it's a misstatement on the repo.
Click to expand...
Click to collapse
I don't see why that is a lie or misstatement, so, could you please explain why you think it is?
Edit: I have changed the wording of the opening post a bit, so it is clearer that "Android 6 Marshmallow and later" applies to XPrivacyLua and not to XPrivacy, assuming this is what you meant.
OgreTactic said:
Also can somehow explain to me (I just switched to Android), what Lua is (if not a programming language)?
Click to expand...
Click to collapse
See this comment.
OgreTactic said:
"XPrivacyLua is supported on Android 6 Marshmallow and later" you're either lying or it's a misstatement on the repo.
Also can somehow explain to me (I just switched to Android), what Lua is (if not a programming language)?
Click to expand...
Click to collapse
Some people...
Glad to see Xposed Module development is still alive!
Thx a lot for building and developing this app.
After I've selected some apps I get an error:
XLua.Main:android.os.DeadObjectException:Transaction failed on small parcel; remote process probably died
Things that I would appreciate in future releases:
- More restriction-types like: Network connection, Telephone number/sim-operator, Serialnumber, installed apps/services, accounts
- Is it possible to hide disabled apps from the list?
- Is it possible to decide when an app will request for example the location to allow or deny the request?
th4_c0r3 said:
Thx a lot for building and developing this app.
After I've selected some apps I get an error:
XLua.Main:android.os.DeadObjectException:Transaction failed on small parcel; remote process probably died
Click to expand...
Click to collapse
Can you please capture a logcat? If not, the problem might be visible in the Xposed log as well.
Edit: where exactly do you see this error?
th4_c0r3 said:
Things that I would appreciate in future releases:
- More restriction-types like: Network connection, Telephone number/sim-operator, Serialnumber, installed apps/services, accounts
- Is it possible to hide disabled apps from the list?
- Is it possible to decide when an app will request for example the location to allow or deny the request?
Click to expand...
Click to collapse
Disabled apps are hidden from the list by default.
First: thanks for the release and minimal UI of this app.
Just one request if it is possible. Would it be possible when you start ironing out the features to include a randomisation to some privacy information. Like my main coordinates for GPS are 33N 112W. If the app could randomise the rest so the app knows my general location but not accurately as 1m?
Edit: a good reason for this is for apps like speedtest.net. it grabs GPS to find a close server. When I restrict, closes server is in NY. I don't mind if it knows I live in AZ, heck, XDA knows I live here, but knowing my exact location is bothering.
M66B said:
Can you please capture a logcat? If not, the problem might be visible in the Xposed log as well.
Edit: where exactly do you see this error?
Click to expand...
Click to collapse
The error occurs every second time I open the app and it's shown in the bottom of the app. In the Xposed log there isn't a XLua-Error.
I've sent you the logcat via email.
M66B said:
For now I will concentrate on fixing bugs and building restrictions, which is of course the most important of all. Restrictions are indeed defined and written in Lua. Currently all restrictions are built-in, but later I might add a manager, so you can manage your own definitions. There might even be a repository, which could even contain definition for things not privacy related.
Click to expand...
Click to collapse
Thank you for your answer, but I'm still kinda missing what I wanted to know: Could hooks potentially add custom UI and/or save data? I'd imagine something like saving a list of contacts and when an app requests the contact list selecting this specific list to be returned.
Namnodorel said:
Thank you for your answer, but I'm still kinda missing what I wanted to know: Could hooks potentially add custom UI and/or save data? I'd imagine something like saving a list of contacts and when an app requests the contact list selecting this specific list to be returned.
Click to expand...
Click to collapse
Yes, that would be possible. When there is a need, I will add APIs that can be used in Lua to save data in a structured way into the XPrivacyLua database, so anyone wanting to develop a new hook definition doesn't have to worry about how to do this. In fact this has already been prepared.
M66B said:
I don't see why that is a lie or misstatement, so, could you please explain why you think it is?
Edit: I have changed the wording of the opening post a bit, so it is clearer that "Android 6 Marshmallow and later" applies to XPrivacyLua and not to XPrivacy, assuming this is what you meant.
See this comment.
Click to expand...
Click to collapse
Oh okay, thanks. So I can't use the current XPrivacy (on the PlayStore) on Nougat S8? I hope I can if not, I'll wait for the XPrivacy L.
It's crazy that Android forces privacy breaching (violation is an accurate word use) "services", processes and apps at it's core. If I were to learn to use Android enough is it possible to prevent it, like it's the case on iPhone, well in appareances because when you jailbreak it you can see all the processes, but it's clearly not in completely forcing this violation of your data, be it just with the permission management that NO apps can require or force on you to run, which to me absolutely crazy that it's the case on Android.
OgreTactic said:
Oh okay, thanks. So I can't use the current XPrivacy (on the PlayStore) on Nougat S8? I hope I can if not, I'll wait for the XPrivacy L.
It's crazy that Android forces privacy breaching (violation is an accurate word use) "services", processes and apps at it's core. If I were to learn to use Android enough is it possible to prevent it, like it's the case on iPhone, well in appareances because when you jailbreak it you can see all the processes, but it's clearly not in completely forcing this violation of your data, be it just with the permission management that NO apps can require or force on you to run, which to me absolutely crazy that it's the case on Android.
Click to expand...
Click to collapse
As M66B said in the Xprivacy Thread:
M66B said:
An absolute privacy fix is turning your device off. XPrivacy is an best effort attempt to fix the most important privacy problems, like exposing your location and contacts.
Click to expand...
Click to collapse
What you could do, at least that's what I do, is to disable services (look for DisableService in PlayStore) and/or restrict as much as possible via the privacy settings (depending on ROM). For example I deny Google services the location rights and only switch them on when needed.
Also there are possibilities to run your phone without any Google services at all. Search for MicroG.
But you have to understand, that using an Android device is going to violate privacy in one form or another. Same goes with Windows and Apple devices...
I don't like it at all but that's just what the world has become. If you want to use Google Services you kinda have to accept that you can't (at least not with simple fixes) protect your whole privacy. It sucks, but that's just what it is...