Related
After the recent article on apps that are sharing our personal information, it occurred to me that this should be an easy problem to fix. All we need is a good personal firewall app. Heck, iptables would be a great start, but it can be hard to implement that on an app by app basis. It will be hard to set up for apps that have legitimate needs to connect over port 80 for legitimate needs, but also uses that same port for less than legitimate needs. So I guess it will also take some blacklisting of certain servers, perhaps along the lines of the ad blockers apps that modify the hosts file.
Or does such an app already exist?
Skip
Here you go:
http://www.appbrain.com/app/droidwall-android-firewall/com.googlecode.droidwall.free
MrGibbage said:
After the recent article on apps that are sharing our personal information, it occurred to me that this should be an easy problem to fix. All we need is a good personal firewall app. Heck, iptables would be a great start, but it can be hard to implement that on an app by app basis. It will be hard to set up for apps that have legitimate needs to connect over port 80 for legitimate needs, but also uses that same port for less than legitimate needs. So I guess it will also take some blacklisting of certain servers, perhaps along the lines of the ad blockers apps that modify the hosts file.
Or does such an app already exist?
Skip
Click to expand...
Click to collapse
1. There's already a couple adblock apps like Adfree which block a lot of stuff.
2. If you read the permissions for the apps you CHOOSE to download, then you'll know exactly what access to data they'll have. If you don't like that PaperToss wants access to your device ID, then just don't install PaperToss.
And of course, such an app would undoubtedly cause more issues than the perception of "security" it would provide, since you'd probably not be able to use half the apps anymore. Or they'd stop being ad-supported, and would begin to charge instead.
From the article:
Google requires Android apps to notify users, before they download the app, of the data sources the app intends to access. Possible sources include the phone's camera, memory, contact list, and more than 100 others. If users don't like what a particular app wants to access, they can choose not to install the app, Google says.
Click to expand...
Click to collapse
Just read the app permissions. That tells you almost everything you need to know.
The problem is, the app permissions don't tell you what you need to know. Here are the permissions for Paper Toss by Backflip Studios:
Your Location (coarse network-based location)
Network communication-full internet access
Phone Calls - read phone state
While the Location permission would be suspect, and would cause me to question whether or not I should download this app, the other two permissions are not so immediately obvious that they are "bad". Network communications is a permission needed by every app that has in-game ads such as AdMob. And I don't know why this app needs the Phone Calls permission, but almost every single app in the market uses that permission. At least it isn't asking for access to the address book or anything like that.
What I would like is for the app to tell us what it needs internet access for, and to tell us what information it is sending to third parties.
MrGibbage said:
The problem is, the app permissions don't tell you what you need to know. Here are the permissions for Paper Toss by Backflip Studios:
Your Location (coarse network-based location)
Network communication-full internet access
Phone Calls - read phone state
While the Location permission would be suspect, and would cause me to question whether or not I should download this app, the other two permissions are not so immediately obvious that they are "bad". Network communications is a permission needed by every app that has in-game ads such as AdMob. And I don't know why this app needs the Phone Calls permission, but almost every single app in the market uses that permission. At least it isn't asking for access to the address book or anything like that.
What I would like is for the app to tell us what it needs internet access for, and to tell us what information it is sending to third parties.
Click to expand...
Click to collapse
Maybe to detect a phone call and pause the game.
Sent from my SGH-T959 using XDA App
MrGibbage said:
The problem is, the app permissions don't tell you what you need to know. Here are the permissions for Paper Toss by Backflip Studios:
Your Location (coarse network-based location)
Network communication-full internet access
Phone Calls - read phone state
While the Location permission would be suspect, and would cause me to question whether or not I should download this app, the other two permissions are not so immediately obvious that they are "bad". Network communications is a permission needed by every app that has in-game ads such as AdMob. And I don't know why this app needs the Phone Calls permission, but almost every single app in the market uses that permission. At least it isn't asking for access to the address book or anything like that.
What I would like is for the app to tell us what it needs internet access for, and to tell us what information it is sending to third parties.
Click to expand...
Click to collapse
All free apps will collect some information .... so they know what ads to aim your way ..... so they can make money ... Every one does this .... on your computer its the same as your cookies .... and only the really paranoid will set their browser cookies settings to "ultimate :block all cookies "...
Here's the difference, android openness will allow others to research and publish their findings, un like others that are closed and will not allow research, and if anyway is found to get the research. done the publication will be deleted from the web ......
The openness is why you see soooooo many articles on this issue over n over, none of them mentioning that the paid versions of these apps don't collect any thing .....
How much personal information are you planning on storing in the paper toss game?
Consider this in your answer, android system runs apps in sand box mode meaning, one app cannot access another without YOUR permission, or if an app is infected with malware, that malware will only operate in that app, unlike your windows machine where it would have a free for all .....
ferhanmm said:
Maybe to detect a phone call and pause the game.
Sent from my SGH-T959 using XDA App
Click to expand...
Click to collapse
That's my point. That would be a legitimate need for access to the phone state. However, granting that permission also gives the app permission to make phone phone calls. I still think the apps need to be more specific about the permissions they need.
The bottom line is, these phones are great, they can run all kinds of awesome software, but the people writing the software need to make a living too. If someone really wants to prevent their phone from sending out personal information, then they should not install any software, and maybe shouldn't even be using the phone at all. But I still see a need for a firewall app (possibly DroidWall, as mentioned above) to help us prevent this type of thing from happening.
A permissions firewall would be much more interesting and useful in my opinion.
Being able to block a certain thing like "read contact data" for all apps and only permit access with a white list would be very useful to me.
lgmdp 1.5
http://sharemobile.ro/file/616562
lg united mobile drivers
http://
www.lgforum.com/resources
a very important sdk tool
http://
developer.android.com/sdk/index.html
Android
Development Tools (ADT)
[The ADT plugin
includes a variety of powerful
extensions that make creating,
running, and debugging Android
applications faster and easier.]
http://www.softpedia.com/get/Programming/Components-Libraries/Android-Development-Tools.shtml
Super one click [tool for rooting gb ]
http://shortfuse.org/?page_id=2
gingerbreak [tool for rooting froyo]
http://forum.xda-developers.com/showthread.php?t=1044765
Android kitchen [a great tool for ROM customization]
http://forum.xda-developers.com/showthread.php?t=633246
terminal emulator [A great tool for linux commands]
http://www.papktop.com/android-terminal-emulator-1-0-32.html
z4root [tool for rooting 2.2.1 and 2.1]
http://forum.xda-developers.com/
showthread.php?t=833953
(by ibub)
kdz updator
http://www.2shared.com/file/QcnRcyua/KDZ_Updater.html
java development kit
http://software-files-a.cnet.com/u/test/jdk-7u10-windows-i586.exe
fastboot.exe
http://www.2shared.com/file/4l7HKE3O/fastboot.html
flash_image [if u use terminal emulator]
http://www.mediafire.com/?7pkcte8gcyn9pet
########################
below tools are taken from lycan thread all credit goes to him for the below ones
apktool : http://forum.xda-
developers.com/showthread.php?
t=640592
APK Multi Tool : http://forum.xda-developers.com/showthread.php?t=1310151
StudioAndroid : http://forum.xda-developers.com/showthread.php?t=1541372
adb pusher : http://www.xda-developers.com/android/push-files-to-your-device-with-quick-adb-pusher/
Bootanimation Creator :
http://forum.xda-developers.com/showthread.php?t=1234611
#####################
ROOT APPLICATION (tAKEN FROM I CLICK ROOT) (I WIlL ADD MINE SOON AND NEVER GONNA INCLUDE ROM MANAGER)
10) ShootMe – Screenshot app
Android has a lot of advantages over its
main competitor, Apple’s iOS. However,
unlike iOS, Android doesn’t give users the
ability to take screenshots of their
phones. Thanks to the ShootMe app
available on rooted phones, that problem
is a thing of the past. This app allows you
to set up a trigger for when the phone
should take a screenshot. For example, if
you want to take a screenshot every
time you shake your phone, you can easily
set that up.
9) Titanium Backup – Automatic backup
and recovery app
No electronic device is immune to
failures. If you’re like most people, you
keep some valuable information on your
Android device. From phone numbers to
pictures and everything in between,
losing access to that data could be
devastating. That’s why you need
Titanium Backup, an app which allows
rooted Android users to set automatic
backup options. All apps and other data
is saved, so if you screw up your phone
while trying to install a custom ROM, you
can easily restore it with the click of a
button.
8) Metamorph – Customize every single
aspect of your phone
After rooting an Android phone, one of
the first things that many users do is
customize their device. Thanks to the
Metamorph app, phone customization is
as easy as possible. Simply download the
app, then browse through a selection of
custom themes. If you want, you can
even make your own theme. Using
Metamorph, you can personalize your lock
screen, menus, app screens, and all
other aspects of your Android phone.
7) Adfree – Instant advertisement
blocking
Sick of seeing advertisements on your
phone? Aren’t we all! With the Adfree
app, you’ll never have to see another
advertisement again. The Adfree app
works in a unique way: instead of
actively scanning each app and webpage
for advertisements (which slows down
Android performance), Adfree simply
blocks the IP addresses of common
advertising agencies. This means that
advertisements will refuse to pop up
while using apps, browsing the internet,
or performing any other types of tasks
on your phone.
6) Busybox – Use Linux commands
Busybox might not appeal to the average
Android user, but it will certainly appeal
to tech geeks and Linux users. Busybox is
an app that adds Linux commands to your
Android device. To make the app as easy
as possible to use, Busybox even lists the
commands, making it easy to perform a
wide variety of functions that are
normally unavailable to users of non-
rooted Android devices.
5) Wireless Tether – Wireless hotspot app
Share your Android phone’s data
connection with any other wireless
device using the Wireless Tether app.
This is an ideal way to use your phone
data on your laptop while you’re in an
area with no internet connection,
although tethering can be used for a
wide variety of purposes. With the
Wireless Tether app, tethering can be
performed on any carrier and any
Android phone. Since some companies like
AT&T charge an additional $20 per
month for tethering, this makes the
Wireless Tether app an extremely
valuable tool.
4) Tasker – Automatic task app
Tasker is a smart app that will automate
all sorts of tasks on your phone. For
example, you can set a task to run every
day at 5pm, or perform plenty of other
useful functions. Although Tasker is
available from the Google Play store, it
won’t have root access on non-rooted
Android phones. When you give Tasker
root access, expect to see some
phenomenal results.
3) SSH Tunnel – Safeguard your internet
usage
Instead of letting anyone see what
you’re doing on the internet, the SSH
Tunnel encrypts your internet
connection using an SSH tunnel. When
you access a public Wi-Fi network
without an app like SSH Tunnel installed,
anybody with basic technical skills can
see what you’re doing over the internet,
which is most definitely a bad thing.
2) SetCPU – Overclock and monitor your
processor
The processor is at the heart of your
Android phone’s operations. On a normal
Android device, the user’s actions won’t
affect how the CPU functions. However,
thanks to the SetCPU app, that is no
longer a problem. SetCPU allows users to
customize the CPU to run at different
frequencies according to what the user
is currently doing. For example, you can
instantly reduce the CPU’s clock speed
when the screen is turned off, which
saves an enormous amount of battery
life. Ultimately, SetCPU allows you to
save battery power, speed up your
Android device, and monitor its
temperature.
1) Superuser – The first app to install on
a rooted Android device
MINE ROOTED APS
Hide my Root
Sure, CyanogenMod may be getting
more granular root settings, but
can you password protect them?
This app can.
--
Hide my Root lets you temporarily
hide the superuser binary and app
so that no applications or users can
get root access. You can even set a
password so that only you can
restore root access. On some roms
(usually rooted stock roms), Hide
my Root will allow you to use
Google Videos and similar apps on a
rooted phone. On custom roms
such as CyanogenMod, it will not
allow you to use Google Videos and
similar apps on a rooted phone.
Root Logger by Stericson
Root Logger is the only application
that can log all shell commands
that are sent to your phone,
including those from other rooted
applications. Root Logger can also
tell you who executed the
command, when it was executed,
and whether or not the command
was executed with root access. This
application will help you keep an
eye on what's being sent to the
shell on your phone and what those
applications are doing on your
phone. This Application requires
root access, busybox, and these
commands, which are usually
provided by Busybox, chmod, ln, ls,
cp, chattr, and rm.
Root Explorer
This is by far one of the most
comprehensive file managers out there.
This app gives you access to the whole of
android's file system and includes
features like an SQLite database viewer,
Text Editor, the ability to create and
extract zip or tar/gzip files, extract rar
archives, multi-select, execute scripts,
search, remount, permissions,
bookmarks, and lots more. There’s a free
version as well for you to try out.
Call Master
This advanced call and SMS blocker
gives you unique privacy features for
rooted users. With the app running
silently in the background, you can block
an MMS before it downloads, filter SMSs
by content and lots more.
MarketEnabler
You’ll notice that certain apps are
country specific and won’t show up in
the Play Store on your phone.
MarketEnabler helps you get around this
by tricking the Play Store into thinking
you are actually in that country or region
and allowing you to download the app.
You obviously won’t find this on the Play
Store, but a quick Google search will
help.
SD Maid
SD Maid will automatically clean up
unwanted files left behind when you
uninstall apps. Just like Windows,
sometimes certain files are not deleted
when you uninstall them and they can
clutter your file system over time. This
app helps remove those unwanted files.
StickMount
This app was designed to enable USB
On-the-go access on the Galaxy Nexus,
but there’s no reason why it shouldn’t
work on other handsets running ICS and
above. All you need is the cable and then
you can access data from your pen drives
easily, thus expanding your storage
Call Master
This advanced call and SMS blocker gives
you unique privacy features for rooted
users. With the app running silently in the
background, you can block an MMS
before it downloads, filter SMSs by
content and lots more.
Great Thread!!
Sent from my LG-P509 using Tapatalk 2
jerry7389 said:
Great Thread!!
Sent from my LG-P509 using Tapatalk 2
Click to expand...
Click to collapse
thanks
i have contacted one of the moderators to keep the thread on the first page waiting for their reply
and if u have more tell me i will add them as soon as possible
Honestly and no offense to you but this already exist as a sticky, a pretty well written thread by sweetnsour
Sent from my LG-P500 using Tapatalk 2
Jrhodes85 said:
Honestly and no offense to you but this already exist as a sticky, a pretty well written thread by sweetnsour
Sent from my LG-P500 using Tapatalk 2
Click to expand...
Click to collapse
if u can give me the thread link
Jrhodes85 said:
Honestly and no offense to you but this already exist as a sticky, a pretty well written thread by sweetnsour
Sent from my LG-P500 using Tapatalk 2
Click to expand...
Click to collapse
androidisfuture said:
if u can give me the thread link
Click to expand...
Click to collapse
I think he is talking about this
http://forum.xda-developers.com/showthread.php?t=1256048
Sent from my LG-P500 using Tapatalk 2
Christian Nothing said:
I think he is talking about this
http://forum.xda-developers.com/showthread.php?t=1256048
Sent from my LG-P500 using Tapatalk 2
Click to expand...
Click to collapse
if he is talking abt this then my thread is not similar to sweetnsour as i am giving tools and i can only find android kitchen similar tell me if u agree
i have added 4 more :victory:
as sdk contains a varirty of tools like Dalvik Debug Monitor Server (ddms);dmtracedump etc my list is getting to an end but still no answer from the moderators
Jrhodes85 said:
Honestly and no offense to you but this already exist as a sticky, a pretty well written thread by sweetnsour
Sent from my LG-P500 using Tapatalk 2
Click to expand...
Click to collapse
To be honest, I feel that this kind of exists in Lycan's sticky:
http://forum.xda-developers.com/showthread.php?t=901247
specifically this post:
http://forum.xda-developers.com/showpost.php?p=25489058&postcount=177
sweetnsour said:
To be honest, I feel that this kind of exists in Lycan's sticky:
http://forum.xda-developers.com/showthread.php?t=901247
specifically this post:
http://forum.xda-developers.com/showpost.php?p=25489058&postcount=177
Click to expand...
Click to collapse
now i feel that this is similar but i am trying to add more and more if u have some tell me
Could lycan be asked to link to this as an additional resource? The main difference that I see is that lycan's sticky is categorized and a lot of the tools are somewhat scattered in different branches . Yes, I know you specified the post for kernels, mods tweaks and TOOLS. But not all that is listed here, is listed there. Maybe a compromise is in order?
Sent from my LG-P500 using xda app-developers app
ibub said:
Could lycan be asked to link to this as an additional resource? The main difference that I see is that lycan's sticky is categorized and a lot of the tools are somewhat scattered. Yes, I know you specified the post for kernels, mods tweaks and TOOLS. But not all that is listed here, is listed there. Maybe a compromise is in order?
Sent from my LG-P500 using xda app-developers app
Click to expand...
Click to collapse
i have pm lykan but no response i think he missed my pm
ibub said:
Could lycan be asked to link to this as an additional resource? The main difference that I see is that lycan's sticky is categorized and a lot of the tools are somewhat scattered in different branches . Yes, I know you specified the post for kernels, mods tweaks and TOOLS. But not all that is listed here, is listed there. Maybe a compromise is in order?
Sent from my LG-P500 using xda app-developers app
Click to expand...
Click to collapse
androidisfuture said:
i have pm lykan but no response i think he missed my pm
Click to expand...
Click to collapse
I am not sure if a compromise is possible. By looking at Lycan's last post, it looks like he hasn't been on for several months now. The thing is, that thread was first started by Bytecode, who handed the thread over to Lycan, so if Lycan was still active on XDA, I would've requested ownership of the thread. But since he has been inactive, I think it would be alright to copy the tools from his thread to yours (since his thread is not just about tools and such while this thread is), and in the event that he does come back online and asks for the tools to be removed from this thread, maybe there can be some sort of a compromise then.
sweetnsour said:
I am not sure if a compromise is possible. By looking at Lycan's last post, it looks like he hasn't been on for several months now. The thing is, that thread was first started by Bytecode, who handed the thread over to Lycan, so if Lycan was still active on XDA, I would've requested ownership of the thread. But since he has been inactive, I think it would be alright to copy the tools from his thread to yours (since his thread is not just about tools and such while this thread is), and in the event that he does come back online and asks for the tools to be removed from this thread, maybe there can be some sort of a compromise then.
Click to expand...
Click to collapse
ok i will see to it
if i can copy i will give credit to him
i have 5 more they are of lycan
the thread is now a sticky
Thanks !!!
Hey,
When I turned on my phone the RAM it was taking was 300 MB, after a days use it is now 500MB (even after pressing 'clear RAM' button).
I've entered Settings->apps->running and it shows only two small things (the keyboard and some weather widget) which combined take only 20 MB.
So what is the rest of the memory is beign allocated for?
Thank you.
Does your rom have Usage Manager in the app drawer?
Sent from my SAMSUNG-SGH-I747 using xda app-developers app
Here is the path to all your applications.
Settings -> Apps --> Swipe left until the menu Running --> On top you see the description "Show cached processes", klick on it --> now you see the rest of the running applications
pc103 said:
Does your rom have Usage Manager in the app drawer?
Sent from my SAMSUNG-SGH-I747 using xda app-developers app
Click to expand...
Click to collapse
No, the closest I have is "Task Manager".
lenovoOwner said:
Here is the path to all your applications.
Settings -> Apps --> Swipe left until the menu Running --> On top you see the description "Show cached processes", klick on it --> now you see the rest of the running applications
Click to expand...
Click to collapse
Thank you, indeed I see some more RAM guzzlers, but It seems like they make up most of the addition but not all of it ... plus funny thing, when I try to close everything (in 'running' and 'cache) and I reenter- here it is there again...
1) Can I see all of the elements that take up my ram (the system as well)?
2) Can I close them properly?
Thank you very much.
PS. Is there some comfortable way to jump between apps? Like in the Iphone where by pressing the 'Home' button will show you a bar with a row of icons of the currently active processes....
For your PS question, it's a long press on the Home button (below the GS3 screen).
Sent from my SAMSUNG-SGH-I747 using xda app-developers app
---------- Post added at 10:14 PM ---------- Previous post was at 09:45 PM ----------
The closest app I'm running to that option is Android Tuner Free. I got it for its storage optimization functions.
The busy interface has a learning curve, but it is a comprehensive & poweful app. I recommend Advanced mode & the One Click home screen.
For what you want, see both the Tasks & Kill All tiles. The first is a Task Mgr., the second is a quick 1 click. The app can teach a lot about what runs & why. It also offers a lot of fine control.
I also use the root app Startup Manager which is self explanatory & efficient.
Sent from my SAMSUNG-SGH-I747 using xda app-developers app
pc103 said:
For your PS question, it's a long press on the Home button (below the GS3 screen).
Sent from my SAMSUNG-SGH-I747 using xda app-developers app
Click to expand...
Click to collapse
LOL {hit myself on the head}, didn't occur me to try...
pc103 said:
---------- Post added at 10:14 PM ---------- Previous post was at 09:45 PM ----------
Click to expand...
Click to collapse
pc103 said:
The closest app I'm running to that option is Android Tuner Free. I got it for its storage optimization functions.
The busy interface has a learning curve, but it is a comprehensive & poweful app. I recommend Advanced mode & the One Click home screen.
For what you want, see both the Tasks & Kill All tiles. The first is a Task Mgr., the second is a quick 1 click. The app can teach a lot about what runs & why. It also offers a lot of fine control.
I also use the root app Startup Manager which is self explanatory & efficient.
Sent from my SAMSUNG-SGH-I747 using xda app-developers app
Click to expand...
Click to collapse
I was hoping there is a way to avoid using apps...
Ok, I suppose it opens another question which I thought about creating a new thread for, but if the opportunity already arose...
How do you actually know if you can trust an app?
I'm kinda new to android and I'm much more used to the opennes of windows, also I'm pretty paranoid (a cellphone contains information 100 times more sensitive than a PC (At least my PC is like that)). I look at the permissions every app want to have and I'm simply aghast, I know of the logic behind those requests (at least for most of those I've seen) but I have zero transparency over what actions the app takes.
That really stress me a great deal...
oy-ster said:
How do you actually know if you can trust an app?. . . (a cellphone contains information 100 times more sensitive than a PC (At least my PC is like that)). I look at the permissions every app want to have and I'm simply aghast, I know of the logic behind those requests (at least for most of those I've seen) but I have zero transparency over what actions the app takes.
That really stress me a great deal...
Click to expand...
Click to collapse
Digital Privacy
Well it certainly stresses the last remaining fiber of your privacy. I just watched the latest "60 Minutes Overtime" piece on data brokers framing this as a lifestyle issue. Step back from the small screen & consider that your actions on board the PC have a ripple effect on your smartphone. "NAI Opt out" & "Disconnect software" are useful PC search words.
Where it Went
I rarely hear from a tech guru or even a lawyer who can decipher a EULA, TOS or Privacy agreement they didn't author themselves; yet online, we are steeped in the cumulative concessions we have accepted from them and the affiliates and partners they enable for.
The Biggest Brother?
Google is a data harvester, not a broker. They are the custodians of much of our imprint online across all platforms. check your settings accordingly; within each Google service / app/ platform you use and adjust them to taste. Know, for example, that persistent login to Gmail will append any collocated G-Search activity to your G profile if Web Data | Web History remains on. I read recently that simply joining Plus has a similar but more comprehensive effect by default, by unifying the G tracking across your entire electronic imprint.
Android Permissions
Yes. The most invasive part of Android is its permissions free for all. They are demands, not requests that each app poses. The logic is sometimes one sided and self serving to the developers at our disadvantage. What can we do?
1. Know something about your developer. XDA membership in an app developer helps define their role in a community. Check their website, reviews, accessibility, postings etc.
2. Consider lower permission alternative apps listed in the play store.
3. For each app you review in the Play Store, (have you checked play store settings yet?) assess its longevity in the marketplace to decide if you are willing to be an early adopter.
4. Resist resorting to apps to broker built-in functions your system already has. Learn your OS.
5. Weigh the logic of each permission demanded, based on risk / reward and your intended uses. Example: On my phone Google search leads the field with 59 permissions. App Permisssions by FSecure is in the low end group with zero. How do I know? App Permissions. What can I do? More on that later.
6. Debloat. I have frozen over 60 apps/services/processes using a combination of tools ranging from built in (no root) Application Management to Startup Manager and the App Quarantine app.
7. Don't be lazy about toggling settings as needed. One stock default has the GPS always enabled which may not be necessary for you.
8. Learn about the types of location services in your OS. Check location settings in affected apps and consider toggling location services as needed. Apps will prompt if the needed service is off when you use them.
9. Review your synch settings. Mine are off on the OS. I use a 3rd party mail app and manually back up contacts using Super Backup when needed.
10. Review background data settings. they are visible in Settings / Data usage, by selecting Mobile Data, and scrolling to the list of apps to tap through each and set Restrict background data if appropriate. It saves battery by reducing tower hunting and focuses you on which apps pose the highest demands.
I promised more. Learn about App Ops if you haven't. I have the luxury of running a 4.3 version that supports it so I can use a client app to filter and toggle various permissions on a per app basis. There are other, and perhaps more thorough approaches to this but I'm staying with this one for now.
pc103 said:
Digital Privacy
Well it certainly stresses the last remaining fiber of your privacy. I just watched the latest "60 Minutes Overtime" piece on data brokers framing this as a lifestyle issue. Step back from the small screen & consider that your actions on board the PC have a ripple effect on your smartphone. "NAI Opt out" & "Disconnect software" are useful PC search words.
Where it Went
I rarely hear from a tech guru or even a lawyer who can decipher a EULA, TOS or Privacy agreement they didn't author themselves; yet online, we are steeped in the cumulative concessions we have accepted from them and the affiliates and partners they enable for.
The Biggest Brother?
Google is a data harvester, not a broker. They are the custodians of much of our imprint online across all platforms. check your settings accordingly; within each Google service / app/ platform you use and adjust them to taste. Know, for example, that persistent login to Gmail will append any collocated G-Search activity to your G profile if Web Data | Web History remains on. I read recently that simply joining Plus has a similar but more comprehensive effect by default, by unifying the G tracking across your entire electronic imprint.
Android Permissions
Yes. The most invasive part of Android is its permissions free for all. They are demands, not requests that each app poses. The logic is sometimes one sided and self serving to the developers at our disadvantage. What can we do?
1. Know something about your developer. XDA membership in an app developer helps define their role in a community. Check their website, reviews, accessibility, postings etc.
2. Consider lower permission alternative apps listed in the play store.
3. For each app you review in the Play Store, (have you checked play store settings yet?) assess its longevity in the marketplace to decide if you are willing to be an early adopter.
4. Resist resorting to apps to broker built-in functions your system already has. Learn your OS.
5. Weigh the logic of each permission demanded, based on risk / reward and your intended uses. Example: On my phone Google search leads the field with 59 permissions. App Permisssions by FSecure is in the low end group with zero. How do I know? App Permissions. What can I do? More on that later.
6. Debloat. I have frozen over 60 apps/services/processes using a combination of tools ranging from built in (no root) Application Management to Startup Manager and the App Quarantine app.
7. Don't be lazy about toggling settings as needed. One stock default has the GPS always enabled which may not be necessary for you.
8. Learn about the types of location services in your OS. Check location settings in affected apps and consider toggling location services as needed. Apps will prompt if the needed service is off when you use them.
9. Review your synch settings. Mine are off on the OS. I use a 3rd party mail app and manually back up contacts using Super Backup when needed.
10. Review background data settings. they are visible in Settings / Data usage, by selecting Mobile Data, and scrolling to the list of apps to tap through each and set Restrict background data if appropriate. It saves battery by reducing tower hunting and focuses you on which apps pose the highest demands.
I promised more. Learn about App Ops if you haven't. I have the luxury of running a 4.3 version that supports it so I can use a client app to filter and toggle various permissions on a per app basis. There are other, and perhaps more thorough approaches to this but I'm staying with this one for now.
Click to expand...
Click to collapse
Thank you very much for the comprehensive reply!
Indeed some of the things here are common sense but some were fairly new to me, like the close contact you are suggesting with the developer.
I have to ask though, what reviews are you reffering to? the ones in the app market or the ones on here? Also, from what I have seen in the play market, all of the reviews are about functionality but no one actualy checks the veracity of the code.
Like for instance some song recognition&download software that requires internet access permission (makes sense) and SD card access permission (also makes sense), but besides doing what it does (in a splendid manner, leaving tons of happy customers) it also steals your Whatsapp chat logs (just read an article about that breach 10 mins ago)...
How can people catch on that (otherwise the app will linger for 2 years, giving you the impression you're not an early adopter)?
Hrmph, you have given some very sound advice which I obviously intend to follow through and for that I thank you. However it seems to me like the underlying foundation is still trust in the publisher (not to abuse the permissions you had to enable for functionality sake), and the trust should stem from how well the author presents itself to the community. I suppose it is the nature of the beast, it is just that if I were to sneakily attack someone I would make sure to present myself in th best way possible .
thx.
PS. my version is 4.1 but I'll see what I can do about Appops.
P.P.S I just searched for "Tasks" on google market and all I see is an organizer. Did you mean "Task Killer"?
oy-ster said:
Thank you very much for the comprehensive reply!
Indeed some of the things here are common sense but some were fairly new to me, like the close contact you are suggesting with the developer.
I have to ask though, what reviews are you reffering to? the ones in the app market or the ones on here? Also, from what I have seen in the play market, all of the reviews are about functionality but no one actualy checks the veracity of the code.
Both sources really. There's no hard & fast divide as to what aspect reviewers might respond to at either venue. More often, Play Store reviews have alerted me when my device or my Android version gets poor results from an app. Granted code integrity issues are raised more frequently at XDA.
Like for instance some song recognition&download software that requires internet access permission (makes sense) and SD card access permission (also makes sense), but besides doing what it does (in a splendid manner, leaving tons of happy customers) it also steals your Whatsapp chat logs (just read an article about that breach 10 mins ago)...
How can people catch on that (otherwise the app will linger for 2 years, giving you the impression you're not an early adopter)?
Interesting example. I will look for the article. I wonder if the app declared that permission in their Play Store disclosure. If not, it challenged Google's policing system. I read somewhere that SELinux in newer ROMs, set to "Enforcing" brokers applicable policies from each host domain and also restricts apps from exceeding their declared permissions. (See also my note on 4.3+ below)
Hrmph, you have given some very sound advice which I obviously intend to follow through and for that I thank you. However it seems to me like the underlying foundation is still trust in the publisher (not to abuse the permissions you had to enable for functionality sake), and the trust should stem from how well the author presents itself to the community. I suppose it is the nature of the beast, it is just that if I were to sneakily attack someone I would make sure to present myself in th best way possible .
You're welcome! Placing that trust is ultimately a leap of faith, so we ask ourselves:
Does my configuration already offer this function at the OS or existing app level?
Can I justify each declared permission here?
Is there a less invasive equivalent to this app?
Have I gone over the settings thoroughly once installed?
What does my installed anti-virus say about this?
Do I need this to auto launch or only on demand?
Is it using excessive data or uptime as I monitor?
Am I getting all the Android security I could be with my current rom image?
You get the picture. Common sense, best practices & due diligence can go a long way toward closing the security gap.
PS. my version is 4.1 but I'll see what I can do about Appops.
Google only exposed it (to client apps like App Ops Starter) in 4.3 & 4.4.0, before & after that I believe an Xposed Framework module is the main alternative.
P.P.S I just searched for "Tasks" on google market and all I see is an organizer. Did you mean "Task Killer"?
Click to expand...
Click to collapse
The "Tasks & Kill All tiles" I referred to appear on Android Tuner Free's One Click advanced mode home screen. BTW certain apps on my phone are "frozen" when not in use.
I forgot to mention. 4.3 I'm running is on the 4.1.2 bootloader, completely avoiding lopsided knox security. I hope I didn't appear to recommend the OTA update. That's a personal choice.
Sent from my SAMSUNG-SGH-I747 using xda app-developers app
pc103 said:
Quote:
Both sources really. There's no hard & fast divide as to what aspect reviewers might respond to at either venue. More often, Play Store reviews have alerted me when my device or my Android version gets poor results from an app. Granted code integrity issues are raised more frequently at XDA.
Interesting example. I will look for the article. I wonder if the app declared that permission in their Play Store disclosure. If not, it challenged Google's policing system. I read somewhere that SELinux in newer ROMs, set to "Enforcing" brokers applicable policies from each host domain and also restricts apps from exceeding their declared permissions. (See also my note on 4.3+ below)
You're welcome! Placing that trust is ultimately a leap of faith, so we ask ourselves:
Does my configuration already offer this function at the OS or existing app level?
Can I justify each declared permission here?
Is there a less invasive equivalent to this app?
Have I gone over the settings thoroughly once installed?
What does my installed anti-virus say about this?
Do I need this to auto launch or only on demand?
Is it using excessive data or uptime as I monitor?
Am I getting all the Android security I could be with my current rom image?
You get the picture. Common sense, best practices & due diligence can go a long way toward closing the security gap.
Google only exposed it (to client apps like App Ops Starter) in 4.3 & 4.4.0, before & after that I believe an Xposed Framework module is the main alternative.
Click to expand...
Click to collapse
Thanks again!
I just wanted to note that after spending some time here in the forum( http://forum.xda-developers.com/android/apps-games/ ) looking for some intresting picks, I haven't actually encountered much comments from people that actually went over the code... so I'm a bit bummed out. :silly: :laugh:
pc103 said:
The "Tasks & Kill All tiles" I referred to appear on Android Tuner Free's One Click advanced mode home screen. BTW certain apps on my phone are "frozen" when not in use.
Click to expand...
Click to collapse
Oh. Got it.
Anyway, Thank you!!!
oy-ster said:
Thanks again!
I just wanted to note that after spending some time here in the forum( http://forum.xda-developers.com/android/apps-games/ ) looking for some intresting picks, I haven't actually encountered much comments from people that actually went over the code... so I'm a bit bummed out. :silly: :laugh:
...Anyway, Thank you!!!
Click to expand...
Click to collapse
You're welcome. To be fair, most times I've seen postings by people who background checked code it was in rom threads, or over root exploits or security apps. In most other cases due diligence is our best defense.
I originally posted a summary of these thoughts on my Play Store review of Greenify. But, since comments there soon get lost in the traffic, I thought I'd rewrite here.
Greenify seems to get a free pass from pretty much every Android-focussed site as a "must have app". I even saw an article on one site that said all RAM/Battery optimiser apps were a waste of time except for Greenify.
My own findings are a bit less uncritical.
My findings are that Greenify is constantly trying to make internet connections behind your back. I have the excellent AFWall+ installed on all my gadgets and, after I installed Greenify and blocked it from making internet connections, I was having AFWall+ alert me that Greenify was trying to make connections, almost constantly.
I would be doing something on my phone and the alerts from AFWall+ would be popping up continually, telling me that Greenify was trying to connect to one IP address after another. This would literally go on for two or three minutes at a time. It got so distracting that I eventually turned off AFWall+'s alerts for Greenify, just so I could use my phone in peace!
Digging further into AFWall+'s logs I found that, in the couple of months I'd had Greenify installed, it had attempted to make over ten thousand internet connections!
To put that into perspective; during the same time period, the second most tenacious app on my phone, Google's Gboard keyboard [which you'd expect to be spying on you], had made around two thousand attempts to phone home – and the connection figures for all the other apps I'd blocked with AFWall+ were way down in the couple of hundreds.
So, what is Greenify doing, trying to connect to these myriad servers all the time?
Even if you believe it's benign [although I can't see any legitimate reason it should be making ANY online connections at all] you've got to wonder how much the app is saving your battery by shutting down other background processes, when it's pretty much constantly trying to make internet connections itself.
I realise this is just my unverified opinion. I've since uninstalled Greenify from all my devices and so no longer have the AFWall+ logs to back up what I'm saying. And you've got no reason to trust me on this. But, if you've any doubts, feel free to install AFWall+ and try it yourself. You might just get a nasty shock.
@xxxmadraxxx I'm a long time user of Greenify in its donation version running on all of our devices and I confirm all of your observations. As you could see by my other own threads, I'm very heavily privacy minded but I continue to use Greenify despite its permanent attempts to "call home" (actually the 1e100.net i.e. Google) because I'm able to fight it. From my perspective, reason are the implemented Google analytics tracker. Certainly, I'd prefer if first no trackers at all were implemented and second no attempts to connect to the internet were made at all. Grenify doesn't require an internet connections for its functionality.
However, as I said I'm able to fight it and I don't want to miss Greenify as it certainly enhances the duration of my battery.
All of our devices still run on custom Nougat ROMs for specific reasons. As far as I see if you're already using Oreo or Pie you wouldn't require Greenify any longer to achieve a better battery duration.
Remark: Malware? Not from my point of view. Spyware? As much as every application that contains trackers or analytics tools but there are a few I trust for the benefit of the developer and the development. As an example: SD Maid and Piwik (now Matomo) (the SD Maid Privacy Statement).
If interested: https://forum.xda-developers.com/android/general/how-enhance-battery-duration-sgs-3-lte-t3478287
Oswald Boelcke said:
...I don't want to miss Greenify as it certainly enhances the duration of my battery...
...As far as I see if you're already using Oreo or Pie you wouldn't require Greenify any longer to achieve a better battery duration....
Remark: Malware? Not from my point of view. Spyware? As much as every application that contains trackers or analytics tools....
Click to expand...
Click to collapse
My problem isn't so much with the fact Greenify phones home per se. I know that most apps do so, or at least try to. My problem with Greenify is the tenacity and persistence with which it tries to phone home. As I said in my previous post, it made over TEN THOUSAND! attempts to phone home in the space of the couple of weeks I had it installed.
With the vast majority of other apps, they'll try a couple of times to phone home, maybe using a couple of different IP addresses and then give up. With Greenify, I would sit there and watch the AFWall+ alerts pop up on screen, one after the other, with a succession of different IP addresses, literally for 2 or 3 minutes continually. Also, as I said previously the only other app I had installed that came anywhere near this level of persistence was Google's GBoard which would regularly try and phone home as I was typing stuff on my phone [you can draw your own conclusions as to what that entails for your privacy!]. But, even then, Gboard only [relatively speaking] made about a fifth of the attempts to connect to the internet that Greenify did.
I uninstalled it because I really couldn't see how whatever small savings in battery juice that Greenify was purportedly giving me by sleeping apps which aren't doing anything much anyway wouldn't be being more than cancelled out by the drain on my battery caused by Greenify spending countless minutes every day, trying to make hundreds of internet connections behind my back.
I haven't noticed any difference whatsoever in battery life, since uninstalling Greenify.
xxxmadraxxx said:
My problem isn't so much with the fact Greenify phones home per se. I know that most apps do so, or at least try to. My problem with Greenify is the tenacity and persistence with which it tries to phone home. As I said in my previous post, it made over TEN THOUSAND! attempts to phone home in the space of the couple of weeks I had it installed.
With the vast majority of other apps, they'll try a couple of times to phone home, maybe using a couple of different IP addresses and then give up. With Greenify, I would sit there and watch the AFWall+ alerts pop up on screen, one after the other, with a succession of different IP addresses, literally for 2 or 3 minutes continually. Also, as I said previously the only other app I had installed that came anywhere near this level of persistence was Google's GBoard which would regularly try and phone home as I was typing stuff on my phone [you can draw your own conclusions as to what that entails for your privacy!]. But, even then, Gboard only [relatively speaking] made about a fifth of the attempts to connect to the internet that Greenify did.
I uninstalled it because I really couldn't see how whatever small savings in battery juice that Greenify was purportedly giving me by sleeping apps which aren't doing anything much anyway wouldn't be being more than cancelled out by the drain on my battery caused by Greenify spending countless minutes every day, trying to make hundreds of internet connections behind my back.
I haven't noticed any difference whatsoever in battery life, since uninstalling Greenify.
Click to expand...
Click to collapse
It's amazing the conclusions one draws when given a tool. Perhaps Greenify behaves differently on your device than the huge universe of other long time users, some of which share your concerns over excessive outreach. I do not see the aggressive characteristics you and a few others describe - perhaps because I permit *most* analytics to flow unimpeded.
The power saving potential of Greenify and similar tools has depreciated over time given native doze and more aggressive enforcement of app background behaviors via Google policy. That said, Greenify remains an essential tool in my arsenal for performing selective tasks without manual intervention. It certainly is not malware/spyware as your click-bait thread title suggests.
Oswald Boelcke said:
@xxxmadraxxx I'm a long time user of Greenify in its donation version running on all of our devices and I confirm all of your observations. As you could see by my other own threads, I'm very heavily privacy minded but I continue to use Greenify despite its permanent attempts to "call home" (actually the 1e100.net i.e. Google) because I'm able to fight it. From my perspective, reason are the implemented Google analytics tracker. Certainly, I'd prefer if first no trackers at all were implemented and second no attempts to connect to the internet were made at all. Grenify doesn't require an internet connections for its functionality.
However, as I said I'm able to fight it and I don't want to miss Greenify as it certainly enhances the duration of my battery.
All of our devices still run on custom Nougat ROMs for specific reasons. As far as I see if you're already using Oreo or Pie you wouldn't require Greenify any longer to achieve a better battery duration.
Remark: Malware? Not from my point of view. Spyware? As much as every application that contains trackers or analytics tools but there are a few I trust for the benefit of the developer and the development. As an example: SD Maid and Piwik (now Matomo) (the SD Maid Privacy Statement).
If interested: https://forum.xda-developers.com/android/general/how-enhance-battery-duration-sgs-3-lte-t3478287
Click to expand...
Click to collapse
There are a couple of ways around Greenify's nearly constant call-outs to Crashlytics.
First, set up your hosts file.
Second, use MyAndroidTools and XPrivacyLua to lock Greenify down.
In MyAndroidTools, disable:
Content Provider > Greenify > com.crashlytics.android.CrashlyticsInitProvider
In XPrivacyLua, disable everything for Greenify except:
Determine activity
Get applications
Read identifiers
In Settings > Apps > Gear Icon > App permissions, go through and ensure Greenify isn't enabled for anything.
Greenify, being root, will still try to connect, but it won't be able to because of the hosts file.
---------- Post added at 06:25 AM ---------- Previous post was at 06:15 AM ----------
xxxmadraxxx said:
My problem isn't so much with the fact Greenify phones home per se. I know that most apps do so, or at least try to. My problem with Greenify is the tenacity and persistence with which it tries to phone home. As I said in my previous post, it made over TEN THOUSAND! attempts to phone home in the space of the couple of weeks I had it installed.
With the vast majority of other apps, they'll try a couple of times to phone home, maybe using a couple of different IP addresses and then give up. With Greenify, I would sit there and watch the AFWall+ alerts pop up on screen, one after the other, with a succession of different IP addresses, literally for 2 or 3 minutes continually. Also, as I said previously the only other app I had installed that came anywhere near this level of persistence was Google's GBoard which would regularly try and phone home as I was typing stuff on my phone [you can draw your own conclusions as to what that entails for your privacy!]. But, even then, Gboard only [relatively speaking] made about a fifth of the attempts to connect to the internet that Greenify did.
Click to expand...
Click to collapse
Google Keyboard is, by Google's own admission, a keystroke logger... it's in their privacy policy for GBoard. I've removed it from my phone, along with nearly every other Google app (16 Google apps removed, 3 disabled in case I need them in the future)... and what remains is so locked down that the only thing that works is Google Play Store... for the rest of Google Play Services and Google Services Framework functionality, I've used MyAndroidTools and .xml file hacks to disable. I have no location tracking from Google, no logging from any Google components, no aGPS phone-homes to anywhere (aGPS is completely disabled)... in fact, Google can't even see when I'm online unless I change to my 'Google Enabled' AFWall+ profile to visit Google Play Store. In fact, I've recently disabled all Google Ads functionality... I found out that Google is presenting to the user a fake_adid_key that the user could change but which otherwise did nothing, yet they also have an adid_key which never changes, which they use as a GUID to track users.
Try Hacker's Keyboard... no ads, I've never seen any connection attempts from it, and it's a very nice keyboard once you configure it to suit you.
For me, I set Portrait keyboard height to 45%, landscape keyboard height to 55%, Keyboard mode in portrait and landscape as 'Full 5-row layout', Gingerbread keyboard theme, Auto-capitalization, Double-tap Shift mode, Apply Shift Lock to modifier keys, no Ctrl-A override, no Ctrl key code, no Alt key code, no Meta key code and ignore slide-typing.
It does everything I need, I can type pretty quickly, and it doesn't log keystrokes. I especially like the little arrow keys which let me navigate around in a text file, and the fact that I can Ctrl-A (select all), Ctrl-C (copy) and Ctrl-V (paste) just like a regular keyboard.
Pro-tip: If you want to select a few lines of text, hold the shift key, and tap the down arrow key, just as you'd do on a regular keyboard.
Lusty Rugnuts said:
There are a couple of ways around Greenify's nearly constant call-outs to Crashlytics...
Google Keyboard is, by Google's own admission, a keystroke logger... it's in their privacy policy for GBoard. I've removed it from my phone....
Try Hacker's Keyboard... no ads, I've never seen any connection attempts from it, and it's a very nice keyboard once you configure it to suit you....
Click to expand...
Click to collapse
I found the simplest way of reining in Greenify was to uninstall it. As I said, I've not noticed any detriment to battery life whatsoever –although that may be partly because I'm using an Oreo based ROM now. When I had Greenify installed I was on Marshmallow.
I do use Hacker's Keyboard for apps like Termux and JuiceSSH when I need access to all those extra keys, but it doesn't have swipe-to-type [or didn't last time I looked] so it's no good for my day-to-tay messaging/email/texting etc. where I swipe-to-type all the time.
After uninstalling Gboard and having a brief foray through Samsung's built-in keyboard, I've ended up using SwiftKey on all my devices.
Don't laugh! –I know it's owned by Microsoft which is a huge red flag. But if you set it up without creating a SwiftKey account and switch off any of the "cloudy" options [such as backup, dictionary sync, downloading themes, etc.], it does all its word-prediction processing locally on your device and [according to AFWall+] has never tried to make a single online connection.
Lusty Rugnuts said:
There are a couple of ways around Greenify's nearly constant call-outs to Crashlytics.
...
Click to expand...
Click to collapse
I'm glad to see that we both have nearly the same setup to protect our privacy.:good:
xxxmadraxxx said:
I found the simplest way of reining in Greenify was to uninstall it. As I said, I've not noticed any detriment to battery life whatsoever –although that may be partly because I'm using an Oreo based ROM now. When I had Greenify installed I was on Marshmallow.
I do use Hacker's Keyboard for apps like Termux and JuiceSSH when I need access to all those extra keys, but it doesn't have swipe-to-type [or didn't last time I looked] so it's no good for my day-to-tay messaging/email/texting etc. where I swipe-to-type all the time.
After uninstalling Gboard and having a brief foray through Samsung's built-in keyboard, I've ended up using SwiftKey on all my devices.
Don't laugh! –I know it's owned by Microsoft which is a huge red flag. But if you set it up without creating a SwiftKey account and switch off any of the "cloudy" options [such as backup, dictionary sync, downloading themes, etc.], it does all its word-prediction processing locally on your device and [according to AFWall+] has never tried to make a single online connection.
Click to expand...
Click to collapse
I'm surprised that you quoted me but with statements in the quotation, which I've never made. As far as I see they are by @Lusty Rugnuts. If you click the quotation you're referred to post #2 with a totally different content. May I politely ask you to edit your post in regard to the quotation.
Sorry about that. The multiple nested quotes, when replying, gets a bit unweildy. I deleted the wrong bit when trimming then.
xxxmadraxxx said:
I found the simplest way of reining in Greenify was to uninstall it. As I said, I've not noticed any detriment to battery life whatsoever –although that may be partly because I'm using an Oreo based ROM now. When I had Greenify installed I was on Marshmallow.
Click to expand...
Click to collapse
I wish there were a way to do away with it on Nougat... I take the Lotus approach, add speed by taking away. The less installed, the better. The stock ROM backup I took when the phone was brand-new is 4.74 GB in size. My latest backup is 2.29 GB. Yeah, I've stripped out a lot of Google-stuff.
xxxmadraxxx said:
I do use Hacker's Keyboard for apps like Termux and JuiceSSH when I need access to all those extra keys, but it doesn't have swipe-to-type [or didn't last time I looked] so it's no good for my day-to-tay messaging/email/texting etc. where I swipe-to-type all the time.
Click to expand...
Click to collapse
The Hacker's Keyboard options does have an "ignore slide-typing" option, so I'm assuming it supports slide-typing / glide-typing / swipe-to-type. I've never tried it... I'm a creature of habit, and regular typing suits me. I watched my sister-in-law doing slide-typing, and it seems like one would need very good word correction to get readable text. Besides, I'm a mechanical engineer, I use my hands as hammers, pliers, etc. all day... they're not exactly "tuned" for the finesse I think slide-typing would require.
I came across this thread because in the past year, three times I have been notified by Xposed that a module has been updated. SuperSU also asks me to grant root access again so I'm wondering what the app is doing self updating?
Version 4.5.1 (donate)
Never ever had a "self-update" of Greenify.
Currently on Greenify v4.6.3 (Google beta programme) & Greenify (Donation Package) v2.3
Oswald Boelcke said:
Never ever had a "self-update" of Greenify.
Currently on Greenify v4.6.3 (Google beta programme) & Greenify (Donation Package) v2.3
Click to expand...
Click to collapse
Same. This FUD about Greenify being evil by design is disinformation the net craves. I expect this to be a top trending thread in no time that trashes the reputation of an otherwise fine product. Shesh.
Davey126 said:
Same. This FUD about Greenify being evil by design is disinformation the net craves. I expect this to be a top trending thread in no time that trashes the reputation of an otherwise fine product. Shesh.
Click to expand...
Click to collapse
Absolutely concur. I'm going to refrain from bumping this thread any longer; this is the last time. BTW: Congrats to well deserved 9,000+ thanks. And what does "shesh" means? Never heard it. Just for me to learn.
Davey126 said:
Same. This FUD about Greenify being evil by design is disinformation the net craves. I expect this to be a top trending thread in no time that trashes the reputation of an otherwise fine product. Shesh.
Click to expand...
Click to collapse
I don't see how stating a fact and questioning why it happens is spreading "FUD". And it's certainly not "disinformation". Surprised you didn't also call it "Fake News", since that seems to be the millennial way to deal with anything you read which doesn't align to your own personal viewpoint.
10,000+ attempted internet connections by Greenify in the space of a couple of months is a statement of fact that I observed on my own device. But, as I said in the first post in the thread:
xxxmadraxxx said:
I realise this is just my unverified opinion... And you've got no reason to trust me on this. But, if you've any doubts, feel free to install AFWall+ and try it yourself...
Click to expand...
Click to collapse
Hardly spreading FUD and disinformation. Just letting people know what I saw and telling them to check for themselves and draw their own conclusions.
If other people want to believe that Greenfy is 100% benign, because it's useful to them, then that's fine too. But I could counter your accusations of FUD with saying other people are spreading CCC [Complacency, Certainty and Confidence]. ie. you're blindly trusting an app just because it provides a useful service
[cf. Google, Facebook, et al, if you want to see where that can lead].
I also note that these questions about Greenify's surreptitious behaviour have been raised before on this forum, on other forums and also on the app's reviews on Google Play and, as far as I can see, the developer has not once responded. That may or may not seem suspicious to you but I ask myself:
* If there's an innocent explanation, why not just explain it and clear the air?
* If there's a bug in the app which is causing these attempts to phone home to be repeated endlessly, thousands upon thousands of times, why not fix it?
or, since the phoning home is not necessary for the app to function;
* Why not provide a preference to turn it off? [especially for those people who have paid for the donation version]
Defensive wall of text speaks for itself. Moving on.
(several generations removed from "millennial")
xxxmadraxxx said:
I don't see how stating a fact and questioning why it happens is spreading "FUD". And it's certainly not "disinformation". Surprised you didn't also call it "Fake News", since that seems to be the millennial way to deal with anything you read which doesn't align to your own personal viewpoint.
10,000+ attempted internet connections by Greenify in the space of a couple of months is a statement of fact that I observed on my own device. But, as I said in the first post in the thread:
Hardly spreading FUD and disinformation. Just letting people know what I saw and telling them to check for themselves and draw their own conclusions.
If other people want to believe that Greenfy is 100% benign, because it's useful to them, then that's fine too. But I could counter your accusations of FUD with saying other people are spreading CCC [Complacency, Certainty and Confidence]. ie. you're blindly trusting an app just because it provides a useful service
[cf. Google, Facebook, et al, if you want to see where that can lead].
I also note that these questions about Greenify's surreptitious behaviour have been raised before on this forum, on other forums and also on the app's reviews on Google Play and, as far as I can see, the developer has not once responded. That may or may not seem suspicious to you but I ask myself:
* If there's an innocent explanation, why not just explain it and clear the air?
* If there's a bug in the app which is causing these attempts to phone home to be repeated endlessly, thousands upon thousands of times, why not fix it?
or, since the phoning home is not necessary for the app to function;
* Why not provide a preference to turn it off? [especially for those people who have paid for the donation version]
Click to expand...
Click to collapse
---------- Post added at 09:59 AM ---------- Previous post was at 09:47 AM ----------
Oswald Boelcke said:
Absolutely concur. I'm going to refrain from bumping this thread any longer; this is the last time. BTW: Congrats to well deserved 9,000+ thanks. And what does "shesh" means? Never heard it. Just for me to learn.
Click to expand...
Click to collapse
"Sheesh" (forgot the second ''e') is a mild expression of exasperation generally uttered as a final remark. Not entirely dismissive but leaning in that direction. Akin to 'geez'.
As for the other, any and all acknowledgements go back to the XDA community who support each other like a well designed house of cards. Each depends on the other for support but removing one (or many) does not lead to collapse but the subtle shifting of another 'card' to share the load.
Davey126 said:
Defensive wall of text speaks for itself. Moving on.
(several generations removed from "millennial")
Click to expand...
Click to collapse
In other words:
I'm not a millennial and just to show how mature I am –because I disagree with what you're saying, I'm going to stick my fingers in my ears and go "Na! Na!Na! I can't hear you!"
M'lud. The defence rests its case.
Davey126 said:
Same. This FUD about Greenify being evil by design is disinformation the net craves. I expect this to be a top trending thread in no time that trashes the reputation of an otherwise fine product. Shesh.
Click to expand...
Click to collapse
I have to disagree with you, and I applaud the original poster for making this thread. No closed source project should be immune from scrutiny.
I of course have been using the app for many years and trust the developer but still don't have an answer as to why Xposed and SuperSU were telling me that Greenify has been updated - I think it would be fair to question what's going on.
Though OP could have probably not used such a click-baity and sensational title. Even if it's not malware, the bug would mean that Greenify is not getting root access unless I manually grant it again.
htr5 said:
Though OP could have probably not used such a click-baity and sensational title...
Click to expand...
Click to collapse
The title wasn't intended to be either click-baity or sensational but, with hindsight, I can see how it might read it that way. Mea culpa.
However, given that no third party has been able to offer any justifiable reason as to why Greenify behaves as it does and the developer has never responded to the oft-expressed concerns of users –I don't think it unreasonable to infer that Greenify may be behaving; at best, irresponsibly and at worst, nefariously.
In which case, maybe the headline wasn't that click-baity, after all.
htr5 said:
I of course have been using the app for many years and trust the developer but still don't have an answer as to why Xposed and SuperSU were telling me that Greenify has been updated - I think it would be fair to question what's going on.
Click to expand...
Click to collapse
Yes, that would be a fair question (sans other baggage).
xxxmadraxxx said:
10,000+ attempted internet connections by Greenify in the space of a couple of months is a statement of fact that I observed on my own device.
Click to expand...
Click to collapse
I've quieted Greenify. I used MyAndroidTools to disable the following for Greenify:
Content Provider:
com.crashlytics.android.CrashlyticsInitProvider
com.google.firebase.provider.FirebaseInitProvider
Activity:
com.google.android.gms.common.api.GoogleApiActivity
com.google.android.gms.tagmanager.TagManagerPreviewActivity
Broadcast Receiver:
com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver
com.google.android.gms.measurement.AppMeasurementReceiver
com.google.firebase.iid.FirebaseInstanceIdReceiver
Service:
com.google.android.gms.measurement.AppMeasurementJobService
com.google.android.gms.measurement.AppMeasurementService
com.google.firebase.components.ComponentDiscoveryService
com.google.firebase.iid.FirebaseInstanceIdService
com.google.android.gms.tagmanager.TagManagerService
That Tag Manager Service and Tag Manager Preview Activity are worrisome...
https://support.google.com/tagmanager/answer/6102821?hl=en
Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app. Once the small segment of Tag Manager code has been added to your project, you can safely and easily deploy analytics and measurement tag configurations from a web-based user interface.
When Tag Manager is installed, your website or app will be able to communicate with the Tag Manager servers. You can then use Tag Manager's web-based user interface to set up tags, establish triggers that cause your tag to fire when certain events occur, and create variables that can be used to simplify and automate your tag configurations.
Click to expand...
Click to collapse
https://blog.hubspot.com/marketing/google-tag-manager-guide
Collecting data using tools like Google Analytics is critical for expanding your business’s online reach, converting leads into customers, and optimizing a digital marketing strategy to create stronger relationships with your audience.
However, collecting data is easier said than done. Google Analytics and other similar analytics tools aid the process, but they work more effectively with the addition of tags.
Tags, in a general sense, are bits of code you embed in your website’s javascript or HTML to extract certain information.
Click to expand...
Click to collapse
So Tag Manager is yet another way for Google to track your every move... in apps and on web pages. It's almost a backdoor to your device, since Tag Manager can be used to remotely change what it tracks and when. Google is getting awfully malware-y, which is why I've worked so hard to make it so I can completely kill all Google components on my phone and the phone still works... and the Google components stay killed until I start them (without the necessary modifications, Google Persistence kicks in and restarts the Google components, which is also very malware-y... Google is a service provider, they shouldn't run unless the user wants to use their services, and there should be an interface to disable (or uninstall) any functionality the user doesn't want.). Further, the user shouldn't have to rely upon changing settings on Google's servers, while leaving the Google components running on their phone... that means we have to trust that Google is abiding by those settings... does anyone believe they are?
I've uncovered instances on this very phone where Google is less than honest in abiding by settings... another is their GoogleOtaBinder, which disregards the Developer Options setting to disable Automatic System Updates... the only way to turn off Google pushing a new ROM (without consent, without notification) and rebooting the phone (at midnight each night, without consent, without notification) is to edit a file such that GoogleOtaBinder can't authenticate with Google's servers.
You'll probably also find an app in Settings > Apps called 'Tag Manager'... I got rid of it long ago.
Google Tag Manager / Tracking Pixels and Tags
package:/system/priv-app/TagGoogle/TagGoogle.apk=com.google.android.tag
To get a list of packages installed on your system, in an Administrator-privilege command prompt on your computer, with your phone plugged into your computer via USB and set to 'File Transfer' USB mode, type:
adb shell pm list packages -f
Here's the list of packages I've removed.
{UPDATE}
I've also found the following:
The file:
/data/user/0/com.oasisfeng.greenify/app_google_tagmanager/resource_GTM-KN73P2
contains the following:
Component Display Name:
com.xiaomi.mipush.sdk.PushMessageHandler
alibaba.sdk.android.push.AliyunPushIntentService
com.igexin.sdk.PushService
com.tencent.android.tpush.service.XGPushServiceV3
org.android.agoo.client.MessageRecieverService
com.baidu.sapi2.share.ShareService
"MessageReceiverService"? PushMessageHandler? What is being pushed to our phones?
Further down, because I've completely neutered Google Analytics, it reads:
.analytics.disabled.exception.NoSuchMethodError true
{/UPDATE}
Greenify is also using the real 'adid_key' content in /data/data/com.google.android.gms/shared_prefs/adid_settings.xml, although I doubt they're in on Google's nefarious scheme to trick users into thinking they can reset their Advertising ID, while tracking them with a non-changing GUID (Globally Unique ID).
There are two keys in adid_settings.xml... 'adid_key' and 'fake_adid_key'... pushing the "Reset Advertising ID" button in Settings > Google > Ads changes 'fake_adid_key', but 'adid_key' never changes and is propagated to many other apps.
https://forum.xda-developers.com/showpost.php?p=79521903
Further, I tried to uninstall Greenify (I'll manually set up device_idle_constants to mimic what Greenify did)... it's never had Device Administrator privileges, I disabled Usage Access, uninstalled the XPosed Framework 'Greenify Experimental Features', then went into Greenify's settings and disabled all that was there... but when I went into Settings > Apps > Greenify, there isn't an "uninstall" button, just "Force Stop" and "Disable" buttons. There's no way to uninstall it from within Greenify itself, either.
I booted into TWRP Recovery Mode, went to /data/adb/modules, deleted the module for Greenify, and when I rebooted, Greenify was gone. All that remained was to wipe it from the Dalvik cache.
I'm a long time developer but brand new to Android, with my having past experience developing in Unix systems as well as a lot using Cygwin in Windows. I have a newly-installed App that seems popular called 'C Locker'. So far, I've just got the Free version because I'm trying it out to see if it does what I need. Unfortunately, it's now crashing with the Settings that I've enabled, and as a general developer, I'm interested in seeing if I can glean information from the Bugreport (or whatever else I can use...perhaps even gdb on the device itself?) to help me know what specific Settings might be the problem being that there are so many of them and I would prefer to gain some type of help from my phone in figuring out what the bad settings might be that I've enabled that are causing the problem rather than to spend all day flipping them around. I've already scanned through the Bugreport after uploading it to my computer, examining all of the references it makes in there to "com.ccs.lockscreen" with this apparently being the process name for the C-Locker program. I've seen indications in there where it indeed shows that it has crashed, but I couldn't yet discern if it is able to give me pointers as to what the cause of the crashes might have been. Is that possible to gain such information out of these Bugreport files? Or is there a way to run it directly in gdb on my device to perhaps see the stack at the time that it crashes, for which the names provided might help to discern what specifically it was trying but failing to do at the time? If it helps, as an intended future Android developer, I've already gotten Android SDK set up on my computer, although I haven't yet really used it much to speak of for anything. I also have adb working from my computer to the smartphone and even have rooted it using a rare method being that I have an older phone purchased years ago via Amazon that I didn't activate until about a month ago. (It's an LG G4 VS986 version 13B so I couldn't use the popular rooting method for version 11A but instead had to use the "Injection" method which took me FOREVER although I finally got it to work!) And just in case it helps perhaps even to bypass a direct answer to this question (although it will still of course be appreciated), my Settings within C Locker involve having set it to be a Device Admin and to bring it up as the first App upon Reboot as well as I've selected within the Root category to make it a System App as well as my then having Disabled ALL things that typically show on the screen (such as 9-1-1, camera, Etc). I had left it set to the default "Gesture" Unlock method, but whenever I bring up the App again and go into "Unlock Methods", it now immediately crashes each time (as well as upon Restarting the phone!). So this covers the majority of the most significant of the Settings that I've made on it so far to the best of my recollection. And I feel that if I could get some indications from the system as to what the specific errors may be when its crashing (or from a stack trace or whatever else), then it might help me to discern what specific Settings are creating the problem being that perhaps I just have an odd (rare) combination of Settings on it that I can tweak to get it working. My goal is to ultimately get a lockscreen App that I can use a Pattern type Unlock with that allows an UNLIMITED number of Failed Attempts (so that it won't ever Factory Reset my phone after the 10th or ANY number of failures!!!). I also--as mentioned above--don't want ANY shortcuts whatsoever being accessible BEFORE the phone is unlocked...not even 9-1-1. Anyway, so if there's a way to glean information from the Bugreport (or from whatever other methods available) to find the specific cause (involved errors) of this or any other App that's crashing that I do NOT have the source code for (being that I of course am not its developer) then it will be greatly appreciated to know how to best find this information. (And I promise that I've already searched extensively on Google but couldn't filter out its replies all being based on the idea that I'm the developer of the App that's crashing, with my even trying adding phrases such as "not my app" and "not the developer of" Etc to no avail...lol). Thanks.
By the way, if I shouldn't have combined the 'C Locker' Settings details into this post, then please just let me know because I'm new to posting here. Also, unfortunately, if I don't receive any help with this right away, then I'll be forced to start testing different Setting combinations anyway, which would then of course solve this problem but without knowing truly what exactly was causing the issue. Even if so, it will still be helpful in the long run with other potential App crashes to get the answer to this general question.
Unless not disabled by user, all runtime activities in Android are logged, so app crashes and their reason also. You can view this log by means of Android's logcat command-line tool or by means of a LogCat Viewer app. My POV: logcat is essential for determining what an app and the Android OS are doing while the app is running on a device.
BTW: Android's log can be filtered per package, too.
Thanks!
jwoegerbauer said:
Unless not disabled by user, all runtime activities in Android are logged, so app crashes and their reason also. You can view this log by means of Android's logcat command-line tool or by means of a LogCat Viewer app. My POV: logcat is essential for determining what an app and the Android OS are doing while the app is running on a device.
BTW: Android's log can be filtered per package, too.
Click to expand...
Click to collapse
Thank you, and since posting this, I've been learning more about Android Studio and have used it to actually see the stack trace within the "Android Monitor" pane there in order to find the instant reason why the/ANY (meaning 3rd party as well) App is crashing at the time! Thanks again for the help!