I’ve seen on the billing from my cellphone provider, that the Note 4 makes approximately 3-5 times in a month a mobile data connection without my permission.
How is it possible to figure out the reason of this bad behaviour? (I use MIUI Global 8.2 Stable 8.2.10.0, and I want to use this Android 6 based MIUI Version furthermore). Maybe this is a huge bug in MIUI, or is it possible that this is caused by an App? But which one?
Anyway I’ve disabled the setting “Allow background data” for apps to prevent the use of mobile data when I’m not using them. But this setting is not enough to prevent the mobile data connection buildup of the Note 4X.
mi_eu said:
I’ve seen on the billing from my cellphone provider, that the Note 4 makes approximately 3-5 times in a month a mobile data connection without my permission.
How is it possible to figure out the reason of this bad behaviour? (I use MIUI Global 8.2 Stable 8.2.10.0, and I want to use this Android 6 based MIUI Version furthermore). Maybe this is a huge bug in MIUI, or is it possible that this is caused by an App? But which one?
Anyway I’ve disabled the setting “Allow background data” for apps to prevent the use of mobile data when I’m not using them. But this setting is not enough to prevent the mobile data connection buildup of the Note 4X.
Click to expand...
Click to collapse
Have you ever heard the phrase "ET phone home"? See for example: https://www.reddit.com/r/androidapp..._apps_desperately_try_to_phone_home_how_do_i/
That is why I will never use a MIUI ROM that has not had all the "phone home" functionality removed. There are XDA threads for the Redmi Note 2 that are devoted to (among other things) doing this - see e.g., https://forum.xda-developers.com/redmi-note-2/development/b-skinny-pro-t3347906
It is getting increasingly difficult to remove all the phone home functionality, hence why I will never use MIUI.
Firewall app Netguard (no root) will let you check and, at least to a certain extent, control things like this.
Some "calling home" behavior is obviously necessary for proper functioning of android (Google account) and MIUI (Mi account).
cobben said:
Firewall app Netguard (no root) will let you check and, at least to a certain extent, control things like this.
Some "calling home" behavior is obviously necessary for proper functioning of android (Google account) and MIUI (Mi account).
Click to expand...
Click to collapse
I think, if a mobile data connection is not enabled by the user, it should stay in this mode until the user enables it.
The Device and the manufacturer are not allowed to do self decisions. Who pays me the permanent mobile data traffic? Xiaomi? Sure not.
I fear that a firewall doesn't help. The firewall is able to prevent network data traffic e.g. for an app. But for my understanding a firewall can't prevent a system app independently to open and close a new mobile data line - unless I'm mistaken.
mi_eu said:
I think, if a mobile data connection is not enabled by the user, it should stay in this mode until the user enables it.
The Device and the manufacturer are not allowed to do self decisions. Who pays me the permanent mobile data traffic? Xiaomi? Sure not.
I fear that a firewall doesn't help. The firewall is able to prevent network data traffic e.g. for an app. But for my understanding a firewall can't prevent a system app independently to open and close a new mobile data line - unless I'm mistaken.
Click to expand...
Click to collapse
Yes, I think I have actually noticed some "unexplainable" traffic on a few occasions, bypassing the firewall, with mobil data enabled, but the firewall supposedly shutting off all traffic.
But as it does not have any particular importance for me personally, I haven't spent any time looking into it.
But if you do not even have mobile data enabled, then nothing should get through at all - I assume?
This is really strange that data is enabled by a system app, and the first I've ever heard of it happening. Are you SURE it is MIUI using your data and not a rogue app or malware (are you rooted and/or do you use pirated apps or APK's from random places)?
MIUI built in security app is perfectly capable of measuring the data usage per app, and also total data usage. You can use the built-in firewall to block any app - user or system - from accessing data.
The restriction here is that you cannot block a system app from WiFi, not without a third party mod to the Security APK (a guy on en.miui.com forums has instructions for this, bit you need to be good with smali). I will eventually release a generic patch for this once my patching tool is ready for a public alpha.
But I digress.
MIUI security app should tell you. If MIUI is using data without permissions and you can demonstrate that it is definitely an MIUI process and not something *you* put on, I would think it is definitely a bug. They will NOT want their stuff costing you data without permission!
DarthJabba9 said:
Have you ever heard the phrase "ET phone home"? See for example: https://www.reddit.com/r/androidapp..._apps_desperately_try_to_phone_home_how_do_i/
That is why I will never use a MIUI ROM that has not had all the "phone home" functionality removed. There are XDA threads for the Redmi Note 2 that are devoted to (among other things) doing this - see e.g., https://forum.xda-developers.com/redmi-note-2/development/b-skinny-pro-t3347906
It is getting increasingly difficult to remove all the phone home functionality, hence why I will never use MIUI.
Click to expand...
Click to collapse
It's called anonymous telemetry, dude. Yes there is a lot of it in MIUI, but this is just the way of the world these days. If you don't like it, go and use a non-branded device with AOSP and no Google services at all. Not everyone is this paranoid, most of us are fine with revealing *anonymous* data to help improve product experience.
I guarantee you that XDA are collecting data about your PC and browser and your location for statistical and security reasons.
Sent from my Redmi Note 4 using Tapatalk
CosmicDan said:
most of us are fine with revealing *anonymous* data to help improve product experience.
Click to expand...
Click to collapse
So am I - when it is entirely my choice and decision and I have control over whether or not it happens.
It is good to know that some people are so trusting, and are certain that all those communications with servers in China are all about anonymous data.
CosmicDan said:
I guarantee you that XDA are collecting data about your PC and browser and your location for statistical and security reasons.
Click to expand...
Click to collapse
Yes - if they can drill through VPNs.
If you were that paranoid you'd know that a VPN doesn't make you untraceable. Even using Tor browser with all its hardening doesn't guarantee privacy...
It's not that some "some people are so trusting", but rather that some people have faith in companies not being stupid enough to break international laws - especially on an OS like Android where it's very easy for security experts to find this stuff.
There was once a scare about Xiaomi data collection years ago, but it has since been debunked as anonymous. Yes it might annoying that the collection is opt-out, but it's certainly not forced.
Your case is isolated - I have no such data use without my permission and I've never seen anybody else report it in all my years of being an MIUI power user.
Unless you're using the China ROM of course, which would be silly....
Back to the matter at hand, have you checked in Security > Data Usage the stats? And have you blocked everything in the system tab of the firewall from using data?
One last question. Do you have an MMS APN setup? Because it could just be a heartbeat to your provider.
Sent from my Redmi Note 4 using Tapatalk
Related
Most of the app now require acces to the phone calls..even a news app requires it, sms app such as go sms also requires it. So I want to know after knowing that an app will be able to acces your phone call you still download it? And does anyone in what way the developers use such info?
Sent from my E10i using XDA App
Excellent topic, I'm really troubled by this. The business world makes a whole lot of money based on the average persons inertia - their lack of information or willingness when it comes to the products and services they use and the money they use to pay for them. Particular mobile phone network providers come to mind, who are happy to charge the most expensive prices because people don't know or don't care.
This lazy attitude is seeping into the Android app world. It will be a small per centage of us who will realize this threat and do something about it - exactly like cookies and public wifi privacy etc.
For those of us already interested, are there websites or apps which can guide us on this?
I had thought about it before but it seemed to be all apps out there at least need to access your internet, calls, phonebook and etc.. Not sure really if some of these nasty apps has the evil purpose to steal our vital informations in the phone... say if we're checking our bank account or something similar..
What I practice:
1) Installed AVG pro and do scan regularly, and set to scan every newly installed apps.
2) Use both cache cleaner and history eraser to clean up all traces once a day.
3) Hope they don't see me as a target.
Don't worry.
I think access to the phone calls is just to minimize the running app in case you receive a call. In other case you would not even realize an incoming call?!
Deehee3 said:
Don't worry.
I think access to the phone calls is just to minimize the running app in case you receive a call. In other case you would not even realize an incoming call?!
Click to expand...
Click to collapse
What about data? When you install an app in most cases you allow data access to it.
Searching for updates or viewing developers homepage maybe?
Sent from my U20i using XDA App
Deehee3 said:
Searching for updates or viewing developers homepage maybe?
Sent from my U20i using XDA App
Click to expand...
Click to collapse
What if not? What if app you´ve installed is spying on you and sending info to hackers. How would you know?
On android we have the luck that there are a lot of applications that are open source. When I have to choose an application, I always choose and support the open projects!
You will notice that most of those applications don't need all that personal information! Makes you wonder...
On other systems, apps usually have an user/administrator scheme, where the 'user' has access to some things and 'administrator' has access to everything.
There is no such thing on Android (except if you have a rooted phone and some app asks for superuser access, but you get a requester asking for permissions as well).
Each app has to specifically ask for permissions or the system will deny it. A spyware has to ask for those permissions or it won't work.
Some permission requests to look out for:
- "Call phone"
can be used by the application to silently dial some "premium" numbers
- "Send SMS"
can be used to send SMS to special "premium" numbers
- "Record phone calls"
can be harmful if associated with "internet access" permission
- "Access fine location"/"access coarse location" and "internet access"
can be used for tracking purposes
Many apps ask for:
- "Phone identity" / "internet access"
they use it for "statistics purposes" (flurry.com mostly) but it is bad. The developer should always inform the user about those.
BTW, that an app is open source makes no difference. Someone can always (willingly or not) tamper with the final build. And not everyone reviews open source apps.
zapek666 said:
A spyware has to ask for those permissions or it won't work.
Click to expand...
Click to collapse
Sure. But if an app legitimately ask for data transmission and file system access, AND you grant it, how would you know it is not using the granted rights for something else?
ppirate said:
On android we have the luck that there are a lot of applications that are open source. When I have to choose an application, I always choose and support the open projects!
You will notice that most of those applications don't need all that personal information! Makes you wonder...
Click to expand...
Click to collapse
Don´t tell me that you evaluate the source code of each application you load from the market. And even so, how would you know the difference between what is shown to you and the final build, available on the market?
vlissine said:
Sure. But if an app legitimately ask for data transmission and file system access, AND you grant it, how would you know it is not using the granted rights for something else?
Click to expand...
Click to collapse
Filesystem access are limited to the external memory card. An app with such permission cannot access other apps' private data (which are stored on the phone).
Android apps are all sandboxed into their own homes.
A good example of a suspicious application is HTML5 Reference.
"This HTML5 reference lists all tags supported in the HTML5 specification.", fine. Let's look at the permissions:
Network communication: full Internet access
Phone calls: read phone state and identity
While the first 2 could be produced as a side effect of the developer implementing some "statistics library" (flurry.com or so), the next 2:
Your location: fine (GPS) location
Your personal information: read sensitive log data
Are a giveaway that this app does a bit more than just listing HTML reference tags
zapek666 said:
Filesystem access are limited to the external memory card. An app with such permission cannot access other apps' private data (which are stored on the phone).
Click to expand...
Click to collapse
Ok, how about a picture viewer, which usually picks pictures from each and every
directory, no matter if you want it (and not only from memory card).
Hey vlissine and zapek666. You both have a point.
One individual cannot review every code he or she uses. And also one does not only uses his or her own builds of the projects. But every now and then, I have to go into a project, mostly to add functionality. During that time, I usually have to go over a lot of code to understand the program. It is no guarantee, but you can imagine that some strange code will stand out.
I'm surely not the only person. So while one individual is not capable of such an endeavor. A lot are.
Your other point is as valid as can be. But here again, builds are comparable.
Surely, one does not have to find himself or herself obliged to use certain kind of projects. But to me, when I have the change, I use and support the open source project. One important reason is because of the concern raised by the original poster!
http://googlemobile.blogspot.com/2011/03/update-on-android-market-security.html
Apparently we were not that paranoid, thinking of spying apps
Two options:
1) To avoid being spy and get super paranoid about it... ditch your smartphone and get those early 2000 phones with only calls and sms capable.
2) Use the smart phone eg: X10 mini/pro or any android phones and ignore these spying scene and live with it like nothing ever going to happen since this new technologies really live up our life nowadays..
farsight73 said:
Two options:
1) To avoid being spy and get super paranoid about it... ditch your smartphone and get those early 2000 phones with only calls and sms capable.
2) Use the smart phone eg: X10 mini/pro or any android phones and ignore these spying scene and live with it like nothing ever going to happen since this new technologies really live up our life nowadays..
Click to expand...
Click to collapse
One more option - stop giving stupid advises when you have nothing to say.
maybe apps need to call functions or need it to run?
write them your self if your that bothered?
...
Sent from my E10i using the XDA mobile application powered by Tapatalk
Many of you have probably already read the news:
Apple, Google Receive Phone Users' Locations
I must say, they're doing it to a degree beyond what most of us may have assumed was taking place.
How can we stop this? Do we know if cooked ROMs also do it?
Update 4/25/2011 5:00PM ET:
- Here's how I stop Android from phoning home.
- I dont' use this, but here's a sweet google removal script.
- A seperate thread for discussion: Why the data Android sends to Google is less anonymous than Apple's implementation
Update 4/26/2011 9:25PM ET:
- [Q] How do we protect our Android device from the CelleBrite UFED?
Update 6/8/2011 5:24PM ET:
- Use Autostarts to stop apps from opening behind your back!
Its not that they care where you are personally, you're more of an anonomous statistic to them. They use these huge mountains of collected data to decide which markets are the most potentially lucrative fir them to invest their zillions of dollars of advertising and marketing money into. You and I will likely never be directly affected by our locations being disclosed, save for more accurate search suggestions from our google search widgets.
Sent from my HTC HD2 using XDA App
I'll ask again to try and keep this thread on topic. Anyone who wants to discuss why the companies do it is free to start another thread and discuss that there.
How can we stop this? Do we know if cooked ROMs also do it?
Droidwall...
I was so mad when I heard what they were doing, I wanted to throw my phone out the window. How is it even legal for them to do this, regardless of where its anonymous or not its still bs and I want that crap off my phone. I am a newb to the whole android and software thing and I wish I could help.
There out to find your house and steal your prized poodle. Honestly if its for marketing then it what it is. Honestly if you want to get mad at something, get mad at T-Mobile for throttling 4G speeds. I see what your saying but I would like them putting the right ads for my area and know quickest way to the quickie-e-mart.
Also we are using their OS.
Every other OS is monitored also.
Sent from my UD Glacier
What's with the useless comments defending these companies?
Can anyone answer the question - DO cooked ROMs also track your location?
According to this article, Android tracks the last 50 mobile masts and last 200 WiFi networks.
This is a problem, anyone have the solution?
I found this comment on one of the articles, does this explain it?
All mobile phones keep a record of the locations and unique IDs of the most recent mobile masts that it has communicated with. It's called the neighbour cell list and normally it enables the phone to connect to the network more quickly than it otherwise would. GSM mobile phones have done this since about 1992.
To see the benefits storing the neighbour cell list compare the time it takes a mobile to find a network after it is switched on in a new location, e.g., after a long flight, with the time it takes to find a network when the phone is switched on in the location where it was switched off.
The difference in the iPhone case is that the iPhone is keeping this information for such a long period of time.
Click to expand...
Click to collapse
wrapper said:
I found this comment on one of the articles, does this explain it?
Click to expand...
Click to collapse
That is about the iPhone storing, not about a device sending GPS location data day and night.
So far, the only mentioned potential solution is Droidwall.
I'm going to play around with that.
There's a related app named HiSurfing, but one reviewer says that does not work as well as DroidWall. Seems DroidWall does a better job of keeping things from slipping out when they've been blocked.
Darnell_Chat_TN said:
So far, the only mentioned potential solution is Droidwall.
I'm going to play around with that.
Click to expand...
Click to collapse
The only viable option I can see to block is "10052: Network Location, Google Calendar Sync, Google Services Framework, Google Contacts Sync."
Problem is, I use some of these.
I have ultimate juice defender it has a section in it where you can control how and when apps connect to the network, but I don't know if it will stop the Droid from phoning home.
wrapper said:
The only viable option I can see to block is "10052: Network Location, Google Calendar Sync, Google Services Framework, Google Contacts Sync."
Problem is, I use some of these.
Click to expand...
Click to collapse
Yea, it uses a different listing number on my device, but "Network Location, Google Calendar Sync, Google Services Framework, Google Contacts Sync" may be the one to disable to stop the device from phoning home. I sync my data locally (via MyPhoneExplorer), so I can't think of any personal need for those, I've disabled that from all network and WiFi connectivity.
I've done some testing (blocking an app I could test with) and the firewall continues to work even after exiting DroidWall and even after killing DroidWall with a task killer. That's good to see so it won't be any burden on the battery.
I'm not any expert that can test for "certain" whether my device has really stopped phoning Google with my location data, but this seems to be the best shot for now.
Darnell_Chat_TN said:
I've done some testing (blocking an app I could test with) and the firewall continues to work even after exiting DroidWall and even after killing DroidWall with a task killer. That's good to see so it won't be any burden on the battery.
Click to expand...
Click to collapse
That's because DroidWall is just an interface for iptables, the built-in firewall. So your battery life will not change at all, that's correct.
I'm not any expert that can test for "certain" whether my device has really stopped phoning Google with my location data, but this seems to be the best shot for now.
Click to expand...
Click to collapse
You could connect to your wireless network, run a sniffer like Wireshark on your PC and check whether any packets are transmitted to Google servers.
frosty_ice said:
You could connect to your wireless network, run a sniffer like Wireshark on your PC and check whether any packets are transmitted to Google servers.
Click to expand...
Click to collapse
Or turn on my router's logging and check there, yea either of those would work.
Not sure if/when I'll get around to it .
droidhell said:
I have ultimate juice defender it has a section in it where you can control how and when apps connect to the network, but I don't know if it will stop the Droid from phoning home.
Click to expand...
Click to collapse
that seems like the best app if it works, any way to verify?
slapshot136 said:
that seems like the best app if it works, any way to verify?
Click to expand...
Click to collapse
I'm new to Droid, I really don't know how to test and see, it does stop other app really well, as far as a OS I don't know.
From what i here it's all stored in a location history file.
One simple solution might be to routinely delete this file.
Doesn't exactly solve the problem.
Might we consider expanding the subject to protecting our privacy? If not, I apologize in advance, as I think it is all connected.
It is probably Darnell's call, as he started the thread.
In the meantime, please consider this article: http://bit.ly/gCynrh
So let me understand this. I buy access to a network for my phone, which I also paid for. My location information, which is the result of my purchases is being used to generate income. So I'm allowing my spent cash to generate data and be leveraged to generate income. My information wouldn't exist with out my investment in the technology, so I own it.
I'm paying to be stalked !!!
Reduce my bill, provide remuneration for my investment in this technology, prove that it's anonymous, remember since I paid for the means to generate the data- the data belongs to me.
BTW for $1.50 I'll wire the battery to switch off, try getting data then.
I'd rather have an app which monitors my relevant info and bills the users for access to it.
This is an interesting article on how phones are being used to collect loads of personal information. There are a number of privacy tools out there for Android (Droid wall, pdroid).
What applications, procedures or methods do you employ for keeping your privacy?
Anyone know of an AT&T S3 ROM that has Pdroid enabled?
Going under the locations services section of settings and limiting what services can use your location data is one way to maintain some level of security if your paranoid about privacy ;-)
Sent from my SCH-I535 using xda premium
shimp208 said:
Going under the locations services section of settings and limiting what services can use your location data is one way to maintain some level of security if your paranoid about privacy ;-)
Sent from my SCH-I535 using xda premium
Click to expand...
Click to collapse
I turn off that option as well. I use Droid Wall to try and limit some of the apps from communicating, however it doesn't appear to prevent all data communications as the apps can tie into other services (I think), and transmit data from the web (port 80).
How paranoid about security do you want to get?
creedicd said:
I turn off that option as well. I use Droid Wall to try and limit some of the apps from communicating, however it doesn't appear to prevent all data communications as the apps can tie into other services (I think), and transmit data from the web (port 80).
Click to expand...
Click to collapse
Correct also if you disable data communications for certain apps it will break them resulting in Force closes. It sucks you can't just disable it from sending information while still allowing the app to use data permissions for legitimate tasks. I suppose if you were super paranoid about your privacy and willing to spend some (Or a lot depending on how in depth you want to get) you could decompile the APK file of apps that transmit personal data and search for services that transmit that data and disable it in the XML files or make smali edits. Overall seems like it would be a lot of work for really not much gain, but I suppose it all depends on how far you want to take your personal security.
Say I wanted to have the most secure Sony Xperia Z Ultra possible (without "too much" sacrifice of useability).
In the context of this thread I define security as broadly anything barring network anonymity ie. hiding your device public IP address.
So I want security from network attackers (eg. drive-by download, WiFi attacks), physical device attackers (eg. customs searching devices for IP violations ... no really, that's about to become a thing apparently, GF and/or mistresses) .
How would you do it?
Could you please use sections of
Code:
firmware
phone settings
app settings
behavior
because I want to curate the best answers from users in this post for the good of the forum.
My thoughts so far are:
Firmware:
Root is disabled
Bootloader should be locked.
^^ These I'm not sure about - see if we don't have root then we don't have iptable firewall and hosts level server blocking.
One recovery should be used
Honestly I'm not sure which ROM is more secure than another but I'm assuming the latest and greatest is more secure so that would be MM atm. No idea if Sony is more secure than another flavour of ZU Android.
Phone settings:
Developer options off
Sideload apps off
Do not connect to unknown WiFi
NFC Off by default
Bluetooth Off by default
PIN unlock required
Auto-lock ON
App settings: (this includes apps you should have/not have and their settings)
I figure every additional app that I don't use is a needless attack surface so start with no apps at all - uninstall everything. Only install what you use ... for which you need root unless the ROM is premade like this.
Firewall app (Netguard no-root Firewall, DroidWall if we have root)
Adblock (if we have root)
AV - honestly most mobile AV seems pathetic at being secure and not acting like malware (notifications, popup windows etc) but Avast at least seems to not hog resources.
-Auto update every app
User behaviour:
NEVER:
-install apps from anywhere other than Google Play. Or possibly FDroid
-let another person use your device
I'd like to hear your suggestions, critique and everything else, cheers!
So you're not gonna install from other than google play, then what ad blocker are you going to use? Where is adblocker connecting to?
You're talking about still having a lot of apps connecting through servers that you don't control.
morestupidemailnames said:
You're talking about still having a lot of apps connecting through servers that you don't control.
Click to expand...
Click to collapse
Well if you are worried about connecting to servers that you dont control - isnt that all servers?
At which point you may as well remove all WIFI and Mobile Data capabilities and just stick to 2G
panyan said:
Well if you are worried about connecting to servers that you dont control - isnt that all servers?
At which point you may as well remove all WIFI and Mobile Data capabilities and just stick to 2G
Click to expand...
Click to collapse
Exactly my point.
The op is a long winded question that leaves you with more questions.
Probably why there's been such a landslide of security tips here
Hey guys,
what do you think about GrapheneOS? (https://grapheneos.org)
I think there are some disadvantages:
- only Pixel devices (because only these have some security "flags")
- no root access
- hardcoded Google domains
and some advantages:
- good hardware support
- hardenized aosp
- closed bootloader after flashing
Now I would like to discus about this ROM
I too would be interested to hear about anyones experience regarding this OS
johndoe118 said:
Hey guys,
what do you think about GrapheneOS? (https://grapheneos.org)
I think there are some disadvantages:
- only Pixel devices (because only these have some security "flags")
- no root access
- hardcoded Google domains
and some advantages:
- good hardware support
- hardenized aosp
- closed bootloader after flashing
Now I would like to discus about this ROM
Click to expand...
Click to collapse
I'm interested in this ROM too. I have a Pixel 3a. I haven't flashed it yet because I'm trying to find out what people's experiences are first. There doesn't seem to be a lot of posts about it. Did you ever flash it? Also, what do you mean by "hardcoded Google domains"?
Well, the captiveportal contacts the Google servers regularly when you connect to a WiFi. That was one reason why I lost interest in the ROM. The other was the limited device support and missing root access. I absolutely need access to the iptables. As a one-man show, the ROM can be adjusted at any time.
johndoe118 said:
Well, the captiveportal contacts the Google servers regularly when you connect to a WiFi.
Click to expand...
Click to collapse
Do you have some kind of reference for that? I'm using it now and would really like some proof to bring up in their subreddit as a WTF.
graphene seems great, no root does not
I don't want the bootloader locked.
I want Magisk extensions
I need root for LP _only_ to remove ads. Is there something like LP that allows (interactively) disabling app activities?
hardcoded google domains info from faq
https://grapheneos.org/faq#device-support
GrapheneOS leaves these set to the standard four URLs to blend into the crowd of billions of other Android devices with and without Google Mobile Services performing the same empty GET requests. For privacy reasons, it isn't desirable to stand out from the crowd and changing these URLs or even disabling the feature will likely reduce your privacy by giving your device a more unique fingerprint. GrapheneOS aims to appear like any other common mobile device on the network.
HTTPS: https://www.google.com/generate_204
HTTP: http://connectivitycheck.gstatic.com/generate_204
HTTP fallback: http://www.google.com/gen_204
HTTP other fallback: http://play.googleapis.com/generate_204
Click to expand...
Click to collapse
nay_ said:
hardcoded google domains info from faq
https://grapheneos.org/faq#device-support
Click to expand...
Click to collapse
Thanks, right from there
I have Graphene OS taimen-factory-2020.07.06.20.zip on my Pixel 2 XL.Under "System update settings" is "Check for updates" but nothing happens if I tap.Only the field becomes darker.Has someone experience with this?
Update with adb sideloading to 2020.08.03.22 works.
OTA update from 2020.08.03.22 to 2020.08.07.01 likewise.
I'm personally not a fan of these kinds of projects, they aren't really all that 'secure', you're still using proprietary vendor blobs and such
help please
Hello! In the description
I pointed out that you can change servers just not through the GUI.
Has anyone tried this?
```
Providing a toggle in the Settings app for using connectivitycheck.grapheneos.org as an alternative is planned. The option to blend into the crowd with the standard URLs is important and must remain supported for people who need to be able to blend in rather than getting the nice feeling that comes from using GrapheneOS servers. It's possible to use connectivitycheck.grapheneos.org already, but not via the GUI.
```
captive portal leak + location services data leak
Few points:
1. General idea is that privacy/security oriented OS (as graphene is advertised) should limit network activity as much as possible, and not ping google using captive portal service every few seconds providing perfect IP-based location to google
It is possible to switch it off, but should be off by default
2. Connections of android location services to get GPS constellations were shown before to send sim card imsi and connected cellular tower id to provider (qualcom/google):
"blog.wirelessmoves.com/2014/08/supl-reveals-my-identity-and-location-to-google.html"
Graphene still allows those connections (check their FAQ on website)
W/O root no way to switch this off. Even some devices ignore config files and still leak data (on the level of cellular modem most probably)
3. Android services make other weird connections. Example: AOSP dialler app is querying phone numbers against online database leaking all contacts to google. How was this taken care of in graphene? Are all AOSP services/apps security-verified to not leak any data?
w/o root no way to install afwall to block everything
Is graphene built-in firewall capable of blocking system services from network access?