I noticed that since 5.1.1 or (sometime around it's release) when I download an apk or an update from playstore, I am shown a list of service, broadcast receiver, activities, etc. with toggles. I am not sure if this is a result of one of the apps I have installed (like cm security, my android tools, amplify) or if it is just a new policy on google play. Anyone else see this? Is there a guideline as to what if any can be toggled and why I should/ should not mess with it. I've been reluctant to mess with anything up until now b/c I am not sure what this is. Can anyone direct me to a guideline thread or shed some light on it for me? Thanks in advance.
I've included some pictures of what I'm describing from a recent Dolphin upgrade from playstore.
tmord1 said:
I noticed that since 5.1.1 or (sometime around it's release) when I download an apk or an update from playstore, I am shown a list of service, broadcast receiver, activities, etc. with toggles. I am not sure if this is a result of one of the apps I have installed (like cm security, my android tools, amplify) or if it is just a new policy on google play. Anyone else see this? Is there a guideline as to what if any can be toggled and why I should/ should not mess with it. I've been reluctant to mess with anything up until now b/c I am not sure what this is. Can anyone direct me to a guideline thread or shed some light on it for me? Thanks in advance.
I've included some pictures of what I'm describing from a recent Dolphin upgrade from playstore.
Click to expand...
Click to collapse
someone can correct me if im wrong, but i believe i read somewhere thats some new features to help make users more aware of the permissions they agree to in more detail.
i dont recall it mentioning as in depth as the receivers, but it may have. for the most part, you really dont want to mess with those, otherwise the app could partially or completely stop working properly.
what you can and cant turn off is really going to be a case by case basis. i have tried doing some of that before, and tbh, its generally not worth the effort it takes to figure it all out. the battery gains are usually minimal to non existent. only thing some what useful is disabling the ad servers.
your really better off not touching any of those, unless you have a rogue issue you are trying to rectify.
tmord1 said:
I noticed that since 5.1.1 or (sometime around it's release) when I download an apk or an update from playstore, I am shown a list of service, broadcast receiver, activities, etc. with toggles. I am not sure if this is a result of one of the apps I have installed (like cm security, my android tools, amplify) or if it is just a new policy on google play. Anyone else see this? Is there a guideline as to what if any can be toggled and why I should/ should not mess with it. I've been reluctant to mess with anything up until now b/c I am not sure what this is. Can anyone direct me to a guideline thread or shed some light on it for me? Thanks in advance.
I've included some pictures of what I'm describing from a recent Dolphin upgrade from playstore.
Click to expand...
Click to collapse
Why not sending your screenshots to [email protected] for help? Seeking support from Dolphin is much more time saving.
surviveland said:
Why not sending your screenshots to [email protected] for help? Seeking support from Dolphin is much more time saving.
Click to expand...
Click to collapse
That was just an example, it does that for all apps downloaded from Google play. Apparently, it is to disclose permissions required by apps more thoroughly. At the time that it I posted, it was a relatively new feature and I was wondering about it.
Related
I posted this in another forum but I want to know what you guys here think about android security.
How worried are you all about security on the android platform? Don't you find it a little unnerving that anybody could upload and app to the android market and there is no verification of the app like on IOS platform. Anybody could write an app that looks legit but does devious things. All this along with there are very very few security applications and they are in the infant state. Don't you find it very dangerous? How do you try to maintain security on your android device? Don't download apps? Only download from known publishers? Or do you roll the dice and download anything? If you use a security app which one?
the_main_app said:
I posted this in another forum but I want to know what you guys here think about android security.
How worried are you all about security on the android platform? Don't you find it a little unnerving that anybody could upload and app to the android market and there is no verification of the app like on IOS platform. Anybody could write an app that looks legit but does devious things. All this along with there are very very few security applications and they are in the infant state. Don't you find it very dangerous? How do you try to maintain security on your android device? Don't download apps? Only download from known publishers? Or do you roll the dice and download anything? If you use a security app which one?
Click to expand...
Click to collapse
There are viruses for Android.....right ?
Besides , if you're smart enough you can check whether an app needs such permissions when installing , through the Mart or an .apk .
I don't like the way iOS works , they give too limited functionality .
Forever living in my Galaxy Ace using XDA App
the_main_app said:
I posted this in another forum but I want to know what you guys here think about android security.
How worried are you all about security on the android platform? Don't you find it a little unnerving that anybody could upload and app to the android market and there is no verification of the app like on IOS platform. Anybody could write an app that looks legit but does devious things. All this along with there are very very few security applications and they are in the infant state. Don't you find it very dangerous? How do you try to maintain security on your android device? Don't download apps? Only download from known publishers? Or do you roll the dice and download anything? If you use a security app which one?
Click to expand...
Click to collapse
i dont use a security app, i use common sense.
a game doesn't need access to my contacts...
notepad app doesn't need access to my private information...
this is why android phones are for the power users and shouldn't be used by soccer moms and grandmas - because they have no clue what they are doing with these phones except for when a phone call or text message comes in... let them have the iphones.
but if you are tech savvy, and want to squeeze every bit of user capability out of your phone, a high end android phone is for you.
the people that are tech savvy also have the awareness because they treat their phone like a computer, and not a phone.
just my thoughts.
I think the best thing would be if android embraced that the user can choose which permissions to give to apps. I mean, an app may want to know your location, you denies it, and the app continnues happily without using that functionality, or quits saying its essantial.
cobraboy85 said:
i dont use a security app, i use common sense.
a game doesn't need access to my contacts...
notepad app doesn't need access to my private information...
this is why android phones are for the power users and shouldn't be used by soccer moms and grandmas - because they have no clue what they are doing with these phones except for when a phone call or text message comes in... let them have the iphones.
but if you are tech savvy, and want to squeeze every bit of user capability out of your phone, a high end android phone is for you.
the people that are tech savvy also have the awareness because they treat their phone like a computer, and not a phone.
just my thoughts.
Click to expand...
Click to collapse
very well put, unfortunately most dont think like this..
It is always a good habit to check the permissions an app needs before installation.I personally think that a system should be implemented in android market where all apps are erquested to give informaation on "Why they need certain permissions?".Certain apps do that.
An antivirus program is also useful in my opinion.I use Lookout antivirus,as i find it simple to use and does not slow down my phone.I tried avg but it slowed down my phone terribly.
hiitti said:
I think the best thing would be if android embraced that the user can choose which permissions to give to apps. I mean, an app may want to know your location, you denies it, and the app continnues happily without using that functionality, or quits saying its essantial.
Click to expand...
Click to collapse
But, as a matter of degree, this just what we wish. The fact may be far beyond our imagination. Sometimes, malware still run certain functionalities even you cancel it. It's worse that some apps run secretly in system. I'm a little scared about security issue based on my PC.
cobraboy85 said:
i dont use a security app, i use common sense.
a game doesn't need access to my contacts...
notepad app doesn't need access to my private information...
this is why android phones are for the power users and shouldn't be used by soccer moms and grandmas - because they have no clue what they are doing with these phones except for when a phone call or text message comes in... let them have the iphones.
but if you are tech savvy, and want to squeeze every bit of user capability out of your phone, a high end android phone is for you.
the people that are tech savvy also have the awareness because they treat their phone like a computer, and not a phone.
just my thoughts.
Click to expand...
Click to collapse
But a game might ask for internet/network permissions which you would probably accept. How do you guard against this? How can you prevent a malicious app that asks for relavent permissions but abuses them?
I never take the time to study the permissions required when I download an app from the market.
I tend to avoid the low number of d'load apps..... partly as there is less feedback to judge.... and partly as any app thats worth the download will have high stars and many d'loads.
Works for me so far.
Netquins running in the background just in case...... but whose to say they dont upload my contacts for spamming?
Prof Peach said:
I never take the time to study the permissions required when I download an app from the market.
I tend to avoid the low number of d'load apps..... partly as there is less feedback to judge.... and partly as any app thats worth the download will have high stars and many d'loads.
Works for me so far.
Netquins running in the background just in case...... but whose to say they dont upload my contacts for spamming?
Click to expand...
Click to collapse
But what about new apps that may be legit? They won't have any reviews yet or stars. If everybody did the same as you it would never get reviews or stars? There's got to be a better way, don't you agree?
the_main_app said:
But a game might ask for internet/network permissions which you would probably accept. How do you guard against this? How can you prevent a malicious app that asks for relavent permissions but abuses them?
Click to expand...
Click to collapse
That's the only question above that can't be answered by LBE Privacy Guard.
Someone mentioned a game that wants access to your contacts. What if you really want the game? You just don't allow it access to your contacts and then play it anyway.
Most apps ask for access to your IMEI (you'd be surprised how many!) With LBE they don't get it.
Antivirus software is all well and good, but it's not the same as on a PC where pattern matching can be used. AV software on Android basically opens the apk file and has a look round to see if anything looks suspicious. Other than that, there's nothing it can do to stop a clever developer bypassing it.
Seriously, if you have concerns then get LBE and start restricting permissions access on an app-by-app basis.
johncmolyneux said:
That's the only question above that can't be answered by LBE Privacy Guard.
Someone mentioned a game that wants access to your contacts. What if you really want the game? You just don't allow it access to your contacts and then play it anyway.
Most apps ask for access to your IMEI (you'd be surprised how many!) With LBE they don't get it.
Antivirus software is all well and good, but it's not the same as on a PC where pattern matching can be used. AV software on Android basically opens the apk file and has a look round to see if anything looks suspicious. Other than that, there's nothing it can do to stop a clever developer bypassing it.
Seriously, if you have concerns then get LBE and start restricting permissions access on an app-by-app basis.
Click to expand...
Click to collapse
this.
i was JUST about to say the same thing about the android "anti-virus" scam... not really a scam, but a false sense of security. as you said, not the same at ALL. people need to get out of the PC mindset with these phones. this is not windows, it's linux.
and i'm going to give LBE a shot. seems pretty legit.
for all of those running antivirus "software" on your phone, how many of you have actually run a virus scan and had it give a detailed description of a malicious "virus"....
Liking lookout
Sent from my GT-I9100 using XDA App
ummm, anyone ever heard of antiviruses (Kapersky, maybe?)? Or at least look up the app's access to things... If it accesses something you don't want it to access (or think the app doesn't need to access it), don't install it!
I know out-of-the-box Androids aren't so vunerable to viruses, compared to rooted ones... So...?
First look up the developer of the app, then if you trust him, install, if you never heard of him, google it (or look at the comments at where you're downloading from), and if you had experience with the developer before (and if the experience is bad, like trojans, etc.), don't install!
(I don't understand half of what I'm typing XD...Don't blame me for misspellings, please )
Cant say I can rave or not when it comes to the anti virus apps.
Have used Lookout in the past and currently using netquin.... neither of which ever flagged up a virus, malware or whatever.
Its nice to think its running in the background but dont know whether it will do anything if its needed.
I was tempted to download a load of apps in a zip file but 20 secs in my Avast siad there was a virus. I'd like to think the market would have its own precautions but having searched the site, cant see any mention of its security for the apps we download.
Its a different thing altogether but we cant take the fact that its the market and relax...... the worst virus my laptop ever had came in an update from Microsoft...... and another directly from google tools.
Kapersky for Android then? You can pick up free full non-trial versions on the web...
About the Market - yes, that's true. You'd expect them to check if apps are infected or at least leave a bot to do it...
Sorta lame...
The best security is the brain.akp just like brain.exe is on windows - best thing it's free, godgiven and everyone got a copy
Zeze21 said:
The best security is the brain.akp just like brain.exe is on windows - best thing it's free, godgiven and everyone got a copy
Click to expand...
Click to collapse
yeah but not everyone got the full version. A few of my friends got a corrupted exe and then this girl I know got the 30 day trial
not that good
Prawesome said:
It is always a good habit to check the permissions an app needs before installation.I personally think that a system should be implemented in android market where all apps are erquested to give informaation on "Why they need certain permissions?".Certain apps do that.
An antivirus program is also useful in my opinion.I use Lookout antivirus,as i find it simple to use and does not slow down my phone.I tried avg but it slowed down my phone terribly.
Click to expand...
Click to collapse
I have both Lookout and AVG, neither has stopped my phone from getting up to 10 junk downloads, you have won an ipad, iphone etc., a day, not sms or email, I have to have every form of external contact turned off, the moment I get wifi or mobile access it starts downloading spam.
If anyone knows of a way to stop it I would appreciate the feedback
Moved to proper section
maybe either through API level, or by querying market info
Reason: i want to check on GB before I upgrade to ICS, which apps will not work.
don't know if relevant but it is for SGS II
Thx in advance
repost from here as nobody could really answer my question
can't believe I'm the only one with that issue
maybe an idea for a dev? would be willing to pay for that ;-)
I don't see why this can't be done:
-http://stackoverflow.com/questions/2695746/how-to-get-a-list-of-installed-android-applications-and-pick-one-to-run
-http://developer.android.com/reference/android/content/pm/PackageManager.html
-http://developer.android.com/reference/android/content/Context.html#getApplicationInfo()
I haven't thought through the problem just yet, but its seems to be doable. If you don't find an app soon, I will start working on a script that does it and, if successful, a proper, free software app. I am hoping the available methods won't require something as stupid as launching each app fully. But again, I haven't thought it through. Thanks for the idea btw.
EDIT:
Made a little more effort
https://groups.google.com/forum/?hl=en&fromgroups#!topic/android-developers/dXLACRIizKc
I will work on something this weekend and get back with y'all.
EDIT 2:
So it looks like I would need maxSdkVersion which I don't find in the API. Furthermore, it is strongly suggested that one not use maxSdkVersion when building an app so that doesn't sound all that useful. I have received another, much more complicated suggestion that may do what I want, but I will have to look hard at it. Looks like I'm going nowhere in my effort. Always open to suggestions. More to come later this weekend.
I'm not the sharpest tool in the shed, but I thought this was mostly a straightforward task using the API's exposure to AndroidManifest.xml. As per my previously posted link to an Android Developers discussion on the topic, my approach is dead in the water as far as I can see. I did try to find an answer though to the best of my limited ability. If anyone has or ever solves this problem (I consider it a problem) I would hope they find the this thread.
Thanks for the learning experience. I give up.
Most older apps will work fine on ICS, its pretty backwards compatible. If the app uses legacy menus the button will appear in the old lower left hand corner location instead of the upper right hand corner like apps written for ICS.
i'm no dev so bear with me if i write stupid stuff
one likely but not very promising sounding way might be to use android:targetSdkVersion as "As Android evolves with each new version, some behaviors and even appearances might change. However, if the API level of the platform is higher than the version declared by your app's targetSdkVersion, the system may enable compatibility behaviors to ensure that your app continues to work the way you expect. You can disable such compatibility behaviors by specifying targetSdkVersion to match the API level of the platform on which it's running. For example, setting this value to "11" or higher allows the system to apply a new default theme (Holo) to your app when running on Android 3.0 or higher and also disables screen compatibility mode when running on larger screens (because support for API level 11 implicitly supports larger screens)."
question though is how many apps actually use this?
However after having read this re android:maxSdkVersion "Warning: Declaring this attribute is not recommended. First, there is no need to set the attribute as means of blocking deployment of your application onto new versions of the Android platform as they are released. By design, new versions of the platform are fully backward-compatible. Your application should work properly on new versions, provided it uses only standard APIs and follows development best practices. Second, note that in some cases, declaring the attribute can result in your application being removed from users' devices after a system update to a higher API Level. Most devices on which your application is likely to be installed will receive periodic system updates over the air, so you should consider their effect on your application before setting this attribute." (taking from here) i now don't know how important my op is, but then why do all app devs release new versions "fixing things" for ICS?
One pretty significant example which actually currently will prevent my phone from getting ICS for now is that the subsonic app in the current version produces stuttering when playing audio while downloading (problem description here).
Isn't there any way to instead of searching the phone searching google play/android market instead?
Randi said:
maybe either through API level, or by querying market info
Reason: i want to check on GB before I upgrade to ICS, which apps will not work.
don't know if relevant but it is for SGS II
Thx in advance
repost from here as nobody could really answer my question
Click to expand...
Click to collapse
Here's a list of some working games/apps for ICS
Theoretically an Android app (or a combo of say App Engine and Android) could find your installed apps, seacrh Play for said apps and then scrape the page for relevant information. Doesn't sound to hard, but I didn't think about too hard either. Perhaps I will check out what useful info is on Play and how feasible scraping its markup will be. I will get back at y'all if I do.
Well, I’m sure that it isn’t a secret for anyone, CM7 has been and still is my favorite rom for my Defy(s). I’ve been using it since the day Quarx’s brought IP Tables support to it – hence allowing me to use Droidwall as an Android firewall. I could then selectively allow/deny internet access to any installed app [having internet access permission that is…]. This is a first and important security step, but like anything, this has limitations; apps that do ‘really’ need internet access are then free to send (and receive) whatever their Android permissions allow them to get a hand on. For that, CM7 has a neet feature called ‘permissions management’ that allows you to control each app’s permissions individually. This option works fine BUT the problem is that the apps that you control that way often lose functionalities, stop working altogether or even throw you an error message telling you that the app’s permissions have been altered and that you will not be able to use it unless you reset them.
So how to solve this potentially very critical security flaw without losing apps functionality? ==> PDroid.
Thanks to xda user measel, I’ve just recently discovered this wonderful piece of software and I don’t think that my Defy will ever live without it from now on. The app itself is not really a new one and I’ve decided to create this thread to spread to word around and in the hope that it will be helpful to other Defy owners conscious about their data privacy.
WHAT IT DOES:
• More than just blocking apps Android permissions, it lets you control each individual app’s access to private information (user + system);
• It allows you to block and, in some cases, let you either use random or custom private data;
• It will also (if desired) warn you on any root or privacy info access, all that with an easy to figure out and use user interface [see pics];
• And best of all, applications will not crash when their access to private data is blocked unlike with Permission Denied (using LBE Privacy or alike or with CM7).
Disclaimer: I’m only the messenger and I take no credit or responsibility for anything that you’ll do with your phone from here on.
HOW TO:
Original thread by the dev [go have a read and give your thanks to svyat]
Pre-requisites:
- Make sure that you did not use Titanium Backup to integrate sys Dalvik into the rom [if you don’t know what that means, chances are that you didn’t; ignore it];
- a PC running Windows;
- a CM7-jordan/Jordan-plus build;
- PDroid patcher v1.31 (v1.27 also work but the latest version (v1.32) from the link above doesn’t work for the Defy. So I’m attaching v1.31 here which I’ve found with a little digging through that thread;
- the PDroid.apk itself [Market link] or [Dropbox link from the dev];
=> If you don’t have access to a PC running Windows or just don’t want to go through the trouble of patching process described below, you can head over to measel’s CM7 nightlys | info collection thread and locate the build you are using; he was kind enough to provide us with patches for most of recent Jordan builds. So go and grab your applicable patches and give thanks to him.
=> If you’re running CM9 or CM10, this patcher will not work for you, but there are alternatives - namely: the ‘auto-patcher’ or even the PDroid v2 [I’ll give links to those later]. Just go read the last few pages of the original thread, there are quite a few mentions/redirections to those over there. [please don’t ask me about questions about those as I did not try them just yet]
Note: PDroid is an ongoing but currently ‘on hold’ project [because, like someone said before: devs sometimes have a life outside Android...] which works perfectly fine as it is if you follow the next few steps below.
Zero off: Make a nandroid backup of your current phone setup.
First off: Create the patch for your rom:
To work, PDroid first needs you to mod 3 framework files and push them onto your phone. To do so, all you need to do is to execute the PDroidPatcher.exe. file [extract it from the zip attached] and point it to the CM7 build you are using. Let it do its thing and it will create a CWM recovery flashable zip and an undo (RESTORE) one.
Second: Flash the patch:
Just boot into recovery, wipe cache and dalvik and install the patch and boot up.
Third: Install the apk
That’s it!, you’re now ready to go your list of installed apps and start controlling your privacy accesses.
Warning: again, go read the original thread for a how to on how to backup your PDroid settings and/or use TB to do so.
HOW TO USE:
Well, it’s all pretty obvious and with a bit of common sense, you will easily figure out how and what to set up. By default, nothing is blocked and apps are free to access data. So you’ll have to go through your list of installed apps and set up each individual data access and then try them out. For example, logic would tell us not to block the ‘GPS/Network Location’ data to maps related apps nor block ‘Accounts credentials’ to apps dealing with user IDs and passwords like Email or social apps.
I can’t give you detailed instructions here (it’s not the point of this thread anyway), but if like me you already use Droidwall, you can first leave alone all the apps that you’ve black listed for internet access [pic 2] since they won’t do anything with your private data if they can’t send it back home… There is also an option within the app to ‘hide all the safe apps’ [which do not have an internet permission]; check it to reduce the size of your list of apps to configure.
From experience, I’d also suggest you to keep an eye on the apps requiring a password to run since blocking Device or Subscriber ID might mean that you’ll have to always enter passwords each time you run the app that would otherwise be remembered by those apps. As a rule of thumb, I pretty much choose the ‘use random’ option whenever it is available (just to minimize problems with the app on blocking completely – I’m not even sure this is a valid argument here…) or block everything else when it’s not and finally, I leave ‘Network Info’ allowed since it basically only lets apps know if you connected to internet or not [who cares if they get your wifi’s SSID or not…].
But again, you’ll have to fine tune the whole thing for each and every app and run them to check for full functionalities – but at least they won’t crash on you… Finally, you can pinpoint potential problems/solutions by turning off the general PDroid notifications option and by turning on a specific app’s ones [pic 3].
Happy privacy enhancement!
/AL
As usual!
Quality guides from lovely []AL[]
I don't want a tapatalk sig!
nogoodusername said:
As usual!
Quality guides for lovely []AL[]
Why not move to Android Apps forums?
I don't want a tapatalk sig!
Click to expand...
Click to collapse
"lovely AL" wow! you surely are the first person to tell me anything like this here on xda.
..not sure if I should be flattered or run away by homophobia - hehehe! :laugh:
Well, I didn't mean to make it a guide when I started writing it, but like always I had things
to say and the post got longer and longer.. so I guess that we can call it a sort of guide...
But I truly like the app and believe that along with Droidwall, that should be installed on every phone.
In fact, Google should look at this and incorporate something similar into Android.
OK, I'll go reply to your PM now... cheers!
Edit for your question: because like I wrote in the OP, I'm just the messenger and not the dev of the app.
The app also works mostly for on phones running CM7 and even not all the phones support it either.
So I wouldn't publish this widely without at least asking permission to the dev. But here for Defy owners fellows,
I know it works fine and again, I think that it is pretty much an essential app to have.
9 downloads/1 thank;
Leeches, I see leeches everywhere!
Shhhiiiiii- You got me excited! I thought I'd find a patch for the Quarx rom! So far auto-patcher can't patch Quarx's CM10 roms. Nor do I understand why that's so but that's why I'm not a dev.
Excellent app
Arch Linux User ..
KicknGuitar said:
Shhhiiiiii- You got me excited! I thought I'd find a patch for the Quarx rom! So far auto-patcher can't patch Quarx's CM10 roms. Nor do I understand why that's so but that's why I'm not a dev.
Click to expand...
Click to collapse
Well... sorry to hear that; I had no clue that it doesn't work with Quarx CM10. It seems to work for some other JB builds/phones... But like I wrote on the OP, I haven't tried any of this on CM9/JB yet. So again, too bad that this thing is a no go for now. I hear that Quarx is very busy outside Android's world as of lately so it might not be a good time to ask him about this - might also be low on his priority...but who knows, someone might read this and find an answer for you.
ps: quite an avatar you got there :silly:
an thanks for the link to the auto-patcher thread; it might be useful to others and it'll save me the search when I update the OP with it and your comment eventually...
juan296 said:
Excellent app
Click to expand...
Click to collapse
Well thanks but again, just I'm just a messenger here and not the dev... :highfive:
Actually, I use DroidWall , so.. can uninstall this app? And right now, JUST USE pdroid! Right?
Arch Linux User ..
juan296 said:
Actually, I use DroidWall , so.. can uninstall this app? And right now, JUST USE pdroid! Right?
Click to expand...
Click to collapse
I still use both...they are quite different apps and don't do the same at all. Droidwall is a firewall that let you control if an app has access to internet or not; PDroid controls what private information each app can access.
Like I wrote on the OP, any app that is blocked by Droidwall doesn't need a PDroid setup, but apps that need internet connection could be free to get private information from your phone if you don't use PDroid...
Basically, PDroid has no way of blocking all internet access; it only blocks apps from reading private info (or scrambles it by returning info like random network location or sim ID#...)
Hello!
I'm making this post to maybe start a discussion about app safety. I come from iOS, so the first thing that caught my attention when installing apps on my new Android device were the permissions. At first I wasn't really paying attention to what they ment and just went along and installed anything that looked awesome.. But as I've been getting deeper into this thing I've been getting more and more paranoid about any App I install..
Now to clarify:
My device has not been rooted.
Galaxy S4, Android Version: 4.3
GT-I9505
Now for the reason why I made this post. I came across Cartoon Defense 4 (I can't put links in my post since I'm new so I had to remove it, it's on Google Play though) yesterday by chance, which seemed cool to me, so I thought I'd install it. But the permissions it needed seemed a little shady to me.. Not all of them, but at least one:
android.permission.KILL_BACKGROUND_PROCESSES
What could this app need this permission for? This is the first time I've seen an app need this permission.. Looking around on the internet to find out what this permission ment brought me to an androidforums post which said this:
Kill background processes
Hardware controls
URI: android.permission.KILL_BACKGROUND_PROCESSES
Risk: HIGH
Protection level: UNKNOWN
Official Description
Allows an application to call killBackgroundProcesses(String).
Details
This permission is a bit of a tricky one. Often this is used by what are called "task killers". These apps supposedly free system resources by closing apps running in the background. However the usefulness of such apps is minimal at best. They can help close an app that is misbehaving, however a user can already do that themselves through the Android settings under "Apps" or "Manage Applications". Conversely this permission has some potential to maliciously close anti-virus or other security related apps. As with anything I would treat this with caution. Few users should ever need an app with this permission. Rather, it could be an indicator of malicious intent (especially if not requested by a task killer or system performance tuning app).
Click to expand...
Click to collapse
So, my question kindof is.. Does this app really need this permission or is it malicious? I've checked the other versions and they all needed this permission from the first one, which has plenty of 5 Star reviews, but still.. It's something that alarmed me..
I hope someone can help me out on this, any input is appreciated!
EDIT: I think I should mention that I'm not trying to run a cracked version or anything. It's the Google Play install I'm talking about.
I'm wondering what people think is the best ROM (no gapps) for this phone today, and how that's likely to evolve over time.
Do any ROMs stand out in terms of features, performance, or battery life? Are there any ROMs that have significant problems?
Are any ROMs "official", or likely to be? Should that be a concern or factor?
Also I'm looking to set this up no gapps, so micro-g integration is a factor. It seems like the Magisk module should work well enough with most ROMs, but I'm new to this part.
Bump. Anyone…?
"Best" is such a personal thing that I can only tell you that I'm using Resurrection Remix and am extremely pleased; lots of customization, stability, Slim Recents, and no Gapps are what make it perfect for me.
It's the first ROM I tried on this phone, and it works so well for me that I'm not (currently) considering trying something else...although my curiosity and general nature (see my sig) may lead me to trying out a different ROM...eventually, maybe.
- Resurrection Remix has a long history, but who knows for sure about developement for this phone?
- Feels nice and snappy to use, but I have no Gapps and I've only installed a few (5 or 6) apps.
- Battery life is great, for me, I don't use my phone much and go 3-4 days with still 80% left.
- Not interested in Google or microG, so can't speak to that.
TiTiB said:
"Best" is such a personal thing
Click to expand...
Click to collapse
Certainly there's allowance for people to describe what they consider best.
TiTiB said:
I'm using Resurrection Remix and am extremely pleased
Click to expand...
Click to collapse
So far I'm liking RR, but IIUC there's no plans for that to be official for this phone.
Previously, I loved CR-Droid, but on this phone it's missing a lot. IIUC, there's a plan to make that official, but I haven't seen any progress for a few months.
TiTiB said:
Not interested in Google or microG, so can't speak to that
Click to expand...
Click to collapse
I'm curious, how does that work? I'm new to de-Googled phones, and I thought microG was kind of necessary to get most apps working. It certainly seems important for apps that use location, eg weather and mapping.
go vegan said:
Certainly there's allowance for people to describe what they consider best.
So far I'm liking RR, but IIUC there's no plans for that to be official for this phone.
Previously, I loved CR-Droid, but on this phone it's missing a lot. IIUC, there's a plan to make that official, but I haven't seen any progress for a few months.
I'm curious, how does that work? I'm new to de-Googled phones, and I thought microG was kind of necessary to get most apps working. It certainly seems important for apps that use location, eg weather and mapping.
Click to expand...
Click to collapse
I do my best to never allow anything to know my location. I use Open Street Maps in offline mode for maps, my weather app uses my zipcode, etc.
I'm totally ungoogled on my phone. F-droid apps only.
EDIIT: Preemptive correction. Not true about F-droid apps only, or even FOSS only. Obviously Brave Browser, for instance, is neither.
TiTiB said:
I do my best to never allow anything to know my location. I use Open Street Maps in offline mode for maps, my weather app uses my zipcode, etc.
Click to expand...
Click to collapse
I've been using this - https://f-droid.org/en/packages/com.tobykurien.webapps/
If I want a "web app" to have access to my location, I can permit that on an as-needed basis.
I'm also migrating towards weather apps from F-Droid - https://search.f-droid.org/?q=weather&lang=en
TiTiB said:
I'm totally ungoogled on my phone. F-droid apps only.
Click to expand...
Click to collapse
I'm not there yet, but I think I'm on my way. Location (via microG/NLP) is handy for lots of things, especially when I have control over it.
I'm new to de-Googled phones. Can you point me to resources about the pros and cons of microG? I was under the impression that it's kind of necessary for notifications and location services…? But maybe if you don't need/want notifications and location services, then there's no need for it?
go vegan said:
I've been using this - https://f-droid.org/en/packages/com.tobykurien.webapps/
If I want a "web app" to have access to my location, I can permit that on an as-needed basis.
I'm also migrating towards weather apps from F-Droid - https://search.f-droid.org/?q=weather&lang=en
I'm not there yet, but I think I'm on my way. Location (via microG/NLP) is handy for lots of things, especially when I have control over it.
I'm new to de-Googled phones. Can you point me to resources about the pros and cons of microG? I was under the impression that it's kind of necessary for notifications and location services…? But maybe if you don't need/want notifications and location services, then there's no need for it?
Click to expand...
Click to collapse
Haven't had interest in microG in years, and don't have any info about what is or is not required for location or notifications. I have no need for either. I use my phone for calls, texts, and, very rarely, web access via Brave, Bromite, or Fennec—that's it. If need to look at a map, I have it already downloaded is OSM.
TiTiB said:
I use my phone for calls, texts, and, very rarely, web access via Brave, Bromite, or Fennec—that's it. If need to look at a map, I have it already downloaded is OSM.
Click to expand...
Click to collapse
I use a dumb-phone for calls and texts. I use a smart-phone as a pocket-size portable computer.
Which custom rom did you end up trying? Im also on the same boat as you in terms of wanting to degoogle. I just successfully unlocked the bootloader and rooted the device via magisk. Now I'm trying to figure out the next step in getting rid of gapps and having microG in place of play services. The user fulalas created a debloat magisk module, and if that removes core gapps I'm wondering if implementing that and then installing microG will be the solution for me