I've been using LBE Security Master for the longest time, and its mainly due to its very useful component which is the SMS keyword blacklist which automatically deletes any message if my blacklisted keyword is in them.
Unfortunately during the upgrade to Lollipop, LBE is now making my phone extremely sluggish to use. I was thinking of switching to Xprivacy for the privacy settings, however I have not found any equivalent app for sms keyword blacklisting. I've tried at least 20 apps that proclaimed to do just that, but they all failed. Can anyone direct me to an actual app that can solve my problem?
bump
Related
I've seen a few articles about how "stolen" or ripped apps will secretly send SMS to all your friends, the developer and so on about how you're a thief, etc. Now I want to be clear: I'm not looking for a way to get around consequences of stealing paid apps (as a general rule I only use "paid" apps if they are "donation" apps like XDA anyways), or spreading FUD (fear, uncertainty and doubt).
What I am interested in is really finding out what my phone might be doing behind my back, who knows, like sending a list of my contacts to my provider, or sending them SMS or some other kind of "ping". Obviously if I download an app like "Homer Simpson Soundboard" and it asks for SMS permissions it doesn't last long on my phone But is there a way I can monitor such behaviour? Are there non-obvious precautions I can take, or apps which might log this stuff?
You're in luck. A dev here at XDA has made LBE Privacy Guard. It'll run in the background checking permissions of other apps. For example if Facebook wants to read your contacts, a pop-up will alert you and ask you if you want to give Facebook the permission to read them, and so on.
Btw, you'll need to be rooted.
LBE!
Another thumbs up for LBE. Locks any app you want from snooping around and phoning the mother ship.
By blocking network access, on apps that really don't need it, it also blocks those annoying ads that are usually at the top or bottom of an app.
Awesome, thanks so much guys!
Hi I am trying to understand permissions management a bit better, primarily what all the different things you can block etc are. Some of the things such as Call logs, Calendar, SMS etc are self explanatory, but other things (what they are and implications of access to) such as:
Device ID
Subscriber ID
SIM serial
Phone and mailbox number
Incoming call number
Outgoing call number
Network location
List of accounts
Account auth tokens
SIM info
Network info
Is there an FAQ/Guide that explains these things in detail that someone could point me to?
Thanks,
-Gaiko
Make phone calls
Services that cost you money
This permission is of moderate to high importance. This could let an application call a 1-900 number and charge you money. However, this is not as common a way to cheat people in today's world as it used to be. Legitimate applications that use this include: Google Voice and Google Maps.
Another important point to note here is that any app can launch the phone screen and pre-fill a number for you. However, in order to make the call, you would need to press [Send] or [Call] yourself. The difference with this permission is that an app could make the entire process automatic and hidden.
Send SMS or MMS
Services that cost you money
This permission is of moderate to high importance. This could let an application send an SMS on your behalf, and much like the phone call permission, it could cost you money by sending SMS to for-pay numbers. Certain SMS numbers work much like 1-900 numbers and automatically charge your phone company money when you send them an SMS.
Modify/delete SD card contents
Storage
This permission is of high importance. This will allow applications to read, write, and delete anything stored on your phone's SD card. This includes pictures, videos, mp3s, documents and even data written to your SD card by other applications. However, there are many legitimate uses for this permission. Many people want their applications to store data on the SD card, and any application that stores information on the SD card will need this permission. You will have to use your own judgment and be cautious with this permission knowing it is very powerful but very, very commonly used by legitimate applications. Applications that typically need this permission include (but are not limited to) camera applications, audio/video applications, document applications
WARNING: Any app targeting Android 1.5 or below (possibly 1.6 as well) will be granted this permission BY DEFAULT and you may not ever be warned about it. It is important to pay attention to what version of Android an app is targeting to know if this permission is being granted. You can see this on the Market website in the right hand column.
Read contact data, write contact data
Your personal information
This permission is of high importance. Unless an app explicitly states a specific feature that it would use your contact list for, there isn't much of a reason to give an application this permission. Legitimate exceptions include typing or note taking applications, quick-dial type applications and possibly social networking apps. Some might require your contact information to help make suggestions to you as you type. Typical applications that require this permission include: social networking apps, typing/note taking apps, SMS replacement apps, contact management apps.
Read calendar data, write calendar data
Your personal information
This permission is of moderate to high importance. While most people would consider their calendar information slightly less important than their list of contacts and friends, this permission should still be treated with care when allowing applications access. Additionally, it's good to keep in mind that calendar events can, and often do contain contact information.
Read/write Browser history and bookmarks
Your personal information
This permission is of medium-high importance. Browsing habits are often tracked through regular computers, but with this permission you'd be giving access to more than just browsing habits. There are also legitimate uses for this permission such as apps that sync or backup your data, and possibly certain social apps.
Read logs / Read sensitive logs
Your personal information / Development Tools
This permission is of very high importance. This allows the application to read what any other applications have written as debugging/logging code. This can reveal some very sensitive information. There are almost no reasons an applications needs this permission. The only apps I might grant this permission to would be Google apps. The name of this permission recently changed as it came to light how important and dangerous this permission can be. Both the old name and category and the new name and category are listed above.
Read phone state and identity
Phone calls
This permission is of moderate to high importance. Unfortunately this permission seems to be a bit of a mixed bag. While it's perfectly normal for an application to want to know if you are on the phone or getting a call, this permission also gives an application access to 2 unique numbers that can identify your phone. The numbers are the IMEI, and IMSI. Many software developers legitimately use these numbers as a means of tracking piracy though. This permission also gives an application to the phone numbers for incoming and outgoing calls.
WARNING: Any app targeting Android 1.5 or below (possibly 1.6 as well) will be granted this permission BY DEFAULT. And you may not ever be warned about it. It is important to pay attention to what version of Android an app is targeting to know if this permission is being granted. You can see this on the Market website in the right hand column.
(see image above)
Fine (GPS) location
Your location
While not a danger for stealing any of your personal information, this will allow an application to track where you are. Typical applications that might need this include (but are not limited to) restaurant directories, movie theater finders, and mapping applications. This can sometimes be used for location based services and advertising.
Coarse (network-based) location
Your location
This setting is almost identical to the above GPS location permission, except that it is slightly less precise when tracking your location. This can sometimes be used for location based services and advertising.
Create Bluetooth connection
Network Communication
Bluetooth (Wikipedia: Bluetooth) is a technology that lets your phone communicate wirelessly over short distances. It is similar to Wi-Fi in many ways. It itself is not a danger to your phone, but it does enable a way for an application to send and receive data from other devices. Typical applications that would need bluetooth access include: Sharing applications, file transfer apps, apps that connect to headset out wireless speakers.
Full internet access
Network Communication
This is probably the most important permission you will want to pay attention to. Many apps will request this but not all need it. For any malware to truly be effective it needs a means by which to transfer data off of your phone; this is one of the settings it would definitely have to ask for.
However, in this day and age of cloud computing and always-on internet connectivity, many, many legitimate applications also request this.
You will have to be very careful with this setting and use your judgment. It should always pique your interest to think about whether your application needs this permission. Typical applications that would use this include but are not limited to: web browsers, social networking applications, internet radio, cloud computing applications, weather widgets, and many, many more. This permission can also be used to serve Advertising, and to validate that your app is licensed. (Wikipedia article on DRM).
View network state / Wi-Fi state
Network communication
This permission is of low importance as it will only allow an application to tell if you are connected to the internet via 3G or Wi-Fi
Discover Known Accounts
Your accounts
This permission is of moderate-high importance. This allows the application to read what accounts you have and the usernames associated with them. It allows the app to interact with permission related to that account. An example would be an app that was restoring your contact, would discover your Google account then send you to Google's login screen. It doesn't actually get to see your password, but it gets to work with the account. This is also legitimately used by applications to add contacts to your accounts, such as dialer replacements and contact managers/backup/sync/etc.
Manage Accounts
Your accounts
This permission is of high importance. This allows the application to manage the accounts on your phone. For instance it would be used by a service like Facebook to add an account to your accounts list. It seems at this time unclear if this permission allows an app to delete accounts.
Use Credentials
Your accounts
This permission is of high importance. This will allow an application authorization to use your accounts. They do this typically by giving what's called an AuthToken depending on what account you use (Google/Facebook/Yahoo/Last.fm/Microsoft/etc.). It's not as scary as it sounds however, it does typically protect your password from being seen by the application. However, it's still a very important permission you should give only with great caution.
Read/modify Gmail
Your messages
This permission is of high importance. Few apps should need access to your Gmail or email account. Email is also a prime method for managing accounts with other companies and services. For example, someone with control over your email could request a new password from your bank. While this is the worst case scenario, and there are various legitimate uses for this permission, it's still best to treat all email related permissions with extreme care.
Install Packages
System tools
This permission is of critical importance. This allows an application to install other applications on your system. This can be exploited by virus writers to install adware and malware on your system without your knowledge. It is a very, very dangerous permission and should almost NEVER be granted to a typical app. The only legitimate uses for this permission are for Market-like apps such as the Amazon AppStore or the Android Market.
Prevent phone from sleeping
System tools
This is almost always harmless. Sometimes an application doesn't expect the user to interact with the phone directly, and therefore may need to keep the phone from going to sleep. Many applications will often request this permission. Typical applications that use this are: Video players, e-readers, alarm clock 'dock' views and many more.
Modify global system settings
System tools
This permission is pretty important but only has the possibility of moderate impact. Global settings are pretty much anything you would find under Android's main 'settings' window. However, a lot of these settings may be perfectly reasonable for an application to change. Typical applications that use this include: volume control widgets, notification widgets, settings widgets, Wi-Fi utilities, or GPS utilities. Most apps needing this permission will fall under the "widget" or "utility" categories/types.
Read sync settings
System tools
This permission is of low impact. It merely allows the application to know if you have background data sync (such as for Facebook or Gmail) turned on or off.
Restart other applications
System tools
This permission is of low to moderate impact. It will allow an application to tell Android to 'kill' the process of another application. However, any app that is killed will likely get restarted by the Android OS itself.
Retrieve running applications
System tools
This permission is of moderate impact. It will allow an application to find out what other applications are running on your phone. While not a danger in and of itself, it would be a useful tool for someone trying to steal your data. Typical legitimate applications that require this permission include: task killers and battery history widgets.
Control Vibrator
Hardware controls
This permission is of low importance. As it states, it lets an app control the vibrate function on your phone. This includes for incoming calls and other events.
Take Pictures & Video
Hardware controls
This permission is of moderate importance. As it states, it lets an app control the camera function on your phone. In theory this could be used maliciously to snap unsuspecting photos, but it would be unlikely and difficult to get a worthwhile picture or video. However, it is not impossible to make malicious use of cameras.
wow, thats perfect thanx!
Hi guys,
I'm searching for some messenger with strong privacy and "secret" features. Better explained, I've found Telegram as a good alternative to Whatsapp with its encryption features, but it lacks one thing that I really need: I'd like to keep some chat very private: it will be very useful if the conversation had some kind of PIN-password-pattern unlocking features.
This is possible for sms (Handcent, for example), but I haven't found it in any Messenger service.
Do you know any?
Bump. I'm looking for one too. I looked into evolveSms but I think its a bit over priced for the features. I'm currently using handcent but I don't really like the UI.
I have a data plan with limited sms, so I am interested in messenger/chat service like Whatsapp, Telegram, Kakao Talk and so on, but they all don't offer the 'private chat' option.
Surespot
You could just lock Telegram with another app? There are tons on the Play Store.
https://play.google.com/store/apps/details?id=com.domobile.applock
Zenety said:
You could just lock Telegram with another app? There are tons on the Play Store.
https://play.google.com/store/apps/details?id=com.domobile.applock
Click to expand...
Click to collapse
Yes, I know, but this is the last option. I'd like to find a solution within the messenger app.
Threema has an Option for PIN Protection.
If activated you have to enter your PIN Code before you can see the messages.
The Problem with Threema is the same with most other messengers ... it´s not open source.
Go Sms Pro
Try GO SMS PRO the best messaging app on playstore it has lots of themes a good ui and the most important one privacy !!! you can protect your messages with pin or pattern lock !!! you can search on play store. I think you have to pay for some features but you can try it !!!
Sorry for my bad english ....!
androidrocks23 said:
Try GO SMS PRO the best messaging app on playstore it has lots of themes a good ui and the most important one privacy !!! you can protect your messages with pin or pattern lock !!! you can search on play store. I think you have to pay for some features but you can try it !!!
Sorry for my bad english ....!
Click to expand...
Click to collapse
Once again, I'm not interested in sms app, I need some messenger app working through data network. Maybe with the same features of go sms pro.
As shiva-afk stated, Threema has the protection option you want. It provides end-to-end encryption and protects your send/received messages/media:
First, you can protect your conversations if you set a passphrase for your encryption key. So, if you end the Threema process or reboot your phone, you have to enter this passphrase first before you can access any chat log or received pictures since they are stored encrypted (unless you exported them from the app into common store like the sd card).
Second, you can set a PIN to the app itself. So, even if you have unlocked the key with your passphrase, the app locks itself after being idle for some time and asks for a pin. You can define the time before it locks itself in several steps (30s, 1m, 2m, 5m, 10m, 20m).
However, it is not free (costs ~1,60€) and its not open source. The devs (from Switzerland) claim to use the common NaCl-library for crypto, but you must trust their sayings.
https://threema.ch
Go sms pro
powersimon said:
Once again, I'm not interested in sms app, I need some messenger app working through data network. Maybe with the same features of go sms pro.
Click to expand...
Click to collapse
as i know it include the log in feature so you can send msgs or chat with your friends online through your data network, who have GO SMS PRO !!!
Hi, I have a note 4 lollipop. The Samsung messaging app is great because you can schedule messages to be sent later, I believe Gmail also has this capability though perhaps not yet from the app.
However I communicate with people mostly through telegram, what's app, viber, facebook, etc. None of these offer delayed messages capability.
I was wondering if there was some automation app or combination of apps, that I could use to request the message and time in a dialog then wait until that time and then macro control some app and paste the text there to send.
I'm interested in a non root solution however, root is a good plan B. Although xposed onky works on one device I have, so non xposed is probably preferable.
Does anyone have any ideas or would this not be possible due to security sandbox in type restrictions?
Sent from my SM-P900 using Tapatalk
I have the following privacy policy which is located here: http://minutewalks.inthepress.biz/PrivacyPolicy.html The text of the policy is:
MinuteWalks Privacy Policy
This app collects location data. The data collected remains on your device and is only stored and used in order to calculate the distance you have travelled. All the analysis is done on your device. No data is communicated to or shared with us or anyone else. No data is stored after monitoring is stopped. Monitoring continues in the background in order to allow you to continue receiving audible notifications and carry on using other apps to listen to music, provide other fitness monitoring or anything else you want to do. So long as monitoring is ongoing you will see a notification. You can stop monitoring at any time by pressing the stop button in the app. If you have closed the app you can restart it as normal to stop monitoring or you can restart it by tapping on the notification.
Click to expand...
Click to collapse
Google just keep saying: "make sure your privacy policy specifically covers user privacy" and are marking my app as non-compliant.
Can anyone help me understand this so that I can fix it?