Related
Im still pretty new to the smartphone world. But after looking at various apps I noticed the app declares a list of permissions it will need to certain files on the phone. Im just concerned that any one of these apps are gathering sensitive information like our contacts or notes on our phones. How do we know exactly what is being accessed and sent out. I just realized an app like mixzing sends the developers information about the songs we listen to, our playlists, etc.. Now Im not too concerned about this in particular, but how do we know what other information they or any other developer are grabbing from our phones? On a PC you atleast have a firewall, router, security sofware, etc..
Its interesting that someone finally asked this question. I asked this very thing since i.had my G1.
I am in infomation security and as a security researcher, ive used a rooted device and the shark app which is like wireshark for packet captures from your phone. You could always stick your vibrant on your wireless network and watch the packets there as well.
Take a peek at this screengrab from an alt keyboard install from the sticky page. I would not trust any app at all
On a side note, if you saw the forensics app for these phones...wow
Sent from my SGH-T959 using XDA App
there have been apps said to collect sensitive data that it doesnt need to function... In russia there was also a tip calculator that sent sms messages to various numbers without your knowledge... at the moment there is no virus, or worm, or trojan for android atleast not on this side of the world...
Just be careful what you download, always read the apps permissions..
Or download a app that scans applications, I personally use Lookout. Not because im paranoid about viruses but there are other features implemented such as losnig your phone and includes tracking.
It's on the market, "Lookout."
Lookout is a great tool to have. I use it on all my phones, out scan every app as you install, if its bad, it'll tell you
Sent from my SGH-T959 using Tapatalk
paradox4286 said:
Lookout is a great tool to have. I use it on all my phones, out scan every app as you install, if its bad, it'll tell you
Sent from my SGH-T959 using Tapatalk
Click to expand...
Click to collapse
SO how man y, if any, bad apps have you encountered? I havnt bought into the whole AV for mobile phones yet. I understand the potential risk, but the real world risk seems minimal to nearly nonexistant at this moment. Now I will probably be one of the first ones to go palm to face when the first virus makes its way around and I get it, but for now i'll stick with the ignorance is bliss unless this lookout app is actually kicking back potential risks.
Chief Geek said:
SO how man y, if any, bad apps have you encountered? I havnt bought into the whole AV for mobile phones yet. I understand the potential risk, but the real world risk seems minimal to nearly nonexistant at this moment. Now I will probably be one of the first ones to go palm to face when the first virus makes its way around and I get it, but for now i'll stick with the ignorance is bliss unless this lookout app is actually kicking back potential risks.
Click to expand...
Click to collapse
It's 0.. I use it mainly incase I lose my phone. That's the thing about Lookout, it isn't intrusive at all. It runs weekly scans (disabled if you want), and scans when you install a new application.
It has a lot of other functionality other than scanning for malicious applications.
Hello All,
First time poster, and new Android user (and loving it!). I like most people am waiting (hoping and praying) that the DEV community for the Moto Atrix picks up and cool things start happening! Anyway onto my question.
Does anyone know if the PRO Version has free updates, or if you need to pay for the updates that happen to PRO?
Thanks all for the time and knowledge.
why dont you ask the developer that question?
meztizo_kid said:
Hello All,
First time poster, and new Android user (and loving it!). I like most people am waiting (hoping and praying) that the DEV community for the Moto Atrix picks up and cool things start happening! Anyway onto my question.
Does anyone know if the PRO Version has free updates, or if you need to pay for the updates that happen to PRO?
Thanks all for the time and knowledge.
Click to expand...
Click to collapse
It has free updates, meaning you only need to pay once.
I don't mean to question the integrity of the dev but I feel it necessary to ask, is it safe to pay for PRO if you live in the US? I don't want to pay to an overseas dev for him to keep charging my card over and over.
Juls317 said:
I don't mean to question the integrity of the dev but I feel it necessary to ask, is it safe to pay for PRO if you live in the US? I don't want to pay to an overseas dev for him to keep charging my card over and over.
Click to expand...
Click to collapse
i purchased Titanium Backup pro a year ago.....only paid once.....the dev is respectable
Juls317 said:
I don't mean to question the integrity of the dev but I feel it necessary to ask, is it safe to pay for PRO if you live in the US? I don't want to pay to an overseas dev for him to keep charging my card over and over.
Click to expand...
Click to collapse
..the market doesn't work like that. Great paid app. It should be *the* first app you purchase as soon as you root.
Never pay for updates, and the updates are frequent. TiBu Pro is a must have app.
Support the dev who gave you what is probably the most useful app on the Market.
Beamed from WinBorg 4G via XDA Premium
I knew that I wouldn't have to pay for updates but it's not like identity theft is unheard of and I just wanted to make sure. You said it yourself, it should be the first app that any root user downloads and there are a lot of root users out there
Sent from my SGH-T959V using XDA App
Just look at the app description in the market!
Code:
Adds PRO Features:
• Multiple backups per app
• 0-click batch restore
• Batch verification
• Hypershell speed
• Migrate system data across different ROMs
• Market Doctor
• Apps freezer (incl. batch support)
• Market "auto updating" manager
• Convert user app <=> system app
• Encryption
• Unlimited schedules
• Sync to/from Dropbox
• Send backup by e-mail
• Brand the app with your name
• Bloatware Melter (experimental)
• And more!
Juls317 said:
I knew that I wouldn't have to pay for updates but it's not like identity theft is unheard of and I just wanted to make sure. You said it yourself, it should be the first app that any root user downloads and there are a lot of root users out there
Sent from my SGH-T959V using XDA App
Click to expand...
Click to collapse
wtf?! identity theft? @Juls317, is this what you always think when you pay for an app?
read up on how the market works actually works
the dev never even sees your credit card information!
feisty_noodle said:
Just look at the app description in the market!
Code:
Adds PRO Features:
• Multiple backups per app
• 0-click batch restore
• Batch verification
• Hypershell speed
• Migrate system data across different ROMs
• Market Doctor
• Apps freezer (incl. batch support)
• Market "auto updating" manager
• Convert user app <=> system app
• Encryption
• Unlimited schedules
• Sync to/from Dropbox
• Send backup by e-mail
• Brand the app with your name
• Bloatware Melter (experimental)
• And more!
wtf?! identity theft? @Juls317, is this what you always think when you pay for an app?
read up on how the market works actually works, guys
the dev never even sees your credit card information!
Click to expand...
Click to collapse
I got corrected already. I don't buy apps usually so I wasn't sure exactly how the market worked. There's no need for the flame
Sent from my SGH-T959V using XDA App
You are right; there is no need to flame.
However, "identity theft" should not be used lightly here. Them's fightin' words.
I love my pro key. 2nd on supporting the best apps and devs.
feisty_noodle said:
You are right; there is no need to flame.
However, "identity theft" should not be used lightly here. Them's fightin' words.
Click to expand...
Click to collapse
I wasn't trying to start anything. I was just saying that while im sure the dev of TiBackup isn't a credit card lurked, you never know. merely an awareness.message if you will
Sent from my SGH-T959V using XDA App
Juls317 said:
I don't mean to question the integrity of the dev but I feel it necessary to ask, is it safe to pay for PRO if you live in the US? I don't want to pay to an overseas dev for him to keep charging my card over and over.
Click to expand...
Click to collapse
For "Anybody" out there concerned about using your CC (or having PS3 security withdrawals) allow me to offer some "alternative suggestions" if you are still not comfortable to using your regular CC:
1.) "Rebate Debit Cards" - My personal favorite, and they work. These are easy to acquire. Many software companies are are starting to give these out instead of checks.
Some grocery stores and gas stations still have issues accepting these, but the Android Market takes them with no problem. I keep a spreadsheet open of how much balance is left and which programs I've already purchased.
2.) "Virtual Credit Cards" - Just an extra layer of protection for those wanting that added peace of mind.
3.) Titanium Backup Pro - Is actually an app that you can purchase from the Developers Website and use PayPal for the transaction.
Finally as already stated in this thread, the Android Market keeps your info hidden from the developer. With that said, I have friends that don't trust using their CC for anything anymore since they are still ticked about the PS3 fiasco (I know Apples vs Encrypted Oranges) but there's no changing their minds.
Hopefully some of the suggestions listed above can help more people feel comfortable supporting the developers that actually need your support...
feisty_noodle said:
wtf?! identity theft? @Juls317, is this what you always think when you pay for an app?
read up on how the market works actually works
the dev never even sees your credit card information!
Click to expand...
Click to collapse
The OP posted a very valid question here. Some people are, quite rightly, concerned about this.
Beamed from WinBorg 4G via XDA Premium
Like many other developers, I also received the 30-days deadline warning email from Google Play team about the potential "misuse" of accessibility service in Greenify.
As the very first developer who introduced this trick of "misusing" accessibility to achieve UI automation years ago, I'm very proud that many more creative tool apps followed this approach to enable fantastic functionality beyond the imagination of the creator of Android, without root. It's a miracle bred from the openness and flexibility of Android.
Unfortunately, the supervisor of the dominant app market is now declaring its right of final interpretation, to judge the proper use of Android API and claim that this whole idea is unacceptable. At this point, I feel I have to say something.
Why accessibility service?
As we all know, root is the ultimate playground of super users in the Android community. But it also has its inconvenience and grey side, so I decided to make Greenify work for users with non-root device. I had been experimenting with many approaches for this purpose in almost the whole year 2013. Finally I found the magic of UI automation driven by accessibility service. With this approach, many more users now enjoy the improved battery life and smoothness brought by Greenify.
I know that accessibility service is not a perfect solution, considering the overall UI performance degradation involved (explained below). So I never gave up seeking alternative approaches ever since, (many of which might also be considered API "misusing" in strict speaking) but still no better approach found. If Android could provide any alternative solution, I would never prefer accessibility service in the first place.
The Good
Accessibility service is so powerful, that I have to admit it's some kind of Pandora's box.
With accessibility, developers could not only help people with disabled abilities, but also greatly benefit the general users with wonderful use cases, including:
• Remote assistant via touch interaction, without root. (seems like no such apps yet?)
• Automate the tedious operations inside not-well-designed apps, even possibly driven by Tasker or IFTTT, without root.
• Programatically trigger global actions (e.g. Back, Home).
• Overlay the whole screen including the notification shade on Android O.
• ……
I even wrote a small app with accessibility service to "fix" the bottom navigation bar of my wife's Moto X Style, whose touch screen is not reading touches any more in bottommost rows of pixels.
The Bad
With such power, accessibility service is also becoming the trending target of malware, endangering average users world-wide. A typical malware could deceive user to enable its accessibility service and then perform many dangerous actions without user consent, including gaining other sensitive privileges.
Together with screen overlay, this could even hide from average user's observation, effectively making it a seductive approach, thus highly dangerous in the wild.
The Ugly
The dangers above may not be a thread to advanced users, but the overall UI lag caused by accessibility service could be a real hurt.
Android delivers accessibility events to active accessibility service in two phases. Events are first generated in the current interacting app and immediately sent to system process, then dispatched to separate accessibility services, each in its own process.
If no accessibility services enabled, both phases are shutdown, thus no performance affection at all. If at least one accessibility service is enabled, the first phase is turned on, in full power, no matter which types of events are interested (declared by accessibility service). The second phase is taking that into consideration and only delivers the interested events to each accessibility service.
The performance lag comes mostly out of the first phase because some types of accessibility events are so heavy, considering how frequently they are triggered. For example, TYPE_WINDOW_CONTENT_CHANGED is generated and sent every tiny bit of UI content changes and TYPE_VIEW_SCROLLED is generated and sent every pixel your finger is moved across during scrolling, even if no accessibility services are interested in them.
Sounds crazy? Unfortunately that's the current situation. Although Android O took a step to address that, the situation is still not changed fundamentally. Maybe in Google's view, accessibility service is not intended for general users, so performance optimization is never in the priority.
How is Greenify doing
Performance is always Greenify's priority since it’s one of the purposes defining Greenify. So I took all the possibilities to improve that in the past years, even greatly pulled-back by Android system itself.
First of all, Greenify declares no interest of events at all at most of the time and only declares minimal interest of events (all are trivial to generate) and specific target (system settings app) required during the short period of on-going hibernation operation. This is implemented by dynamic registration, cutting the cost of the second phase to almost zero.
Due to the inefficient implementation in Android system, the first phase is still the bottleneck of UI performance. After a long time of trial and failure, I finally managed to eliminate that cost, in a tricky way. With necessary permission granted via ADB, Greenify only enables its accessibility service during the hibernation operation and disable it immediately afterwards. That means, if no other accessibility service enabled, you will have no performance problem of accessibility service at all while still enjoy the power of Greenify.
With above optimization, Greenify limited the events it could receive to the minimal, thus also effectively keeps the privacy of users in safety. I'm planning to bring this optimization to broader users who has little knowledge about ADB, and even to other apps with accessibility service hopefully.
My Concern
Accessibility service is a yard full of potential creativity and magic. It should never be a Pandora's Box if Android itself implement it with caution in the first place. I understand the complexity and historical reasons that lead to the current situation, but feel sorry and sad about how Google deals with this situation, by banishing popular tool apps. Will that make Android users more secure? I highly doubt.
I don't know if Google Play team represents the atitude of Android team at Google. If so, it will then be the breaking day for all Android developers, when Google starts to use its power to judge the "proper use" of Android API, even if it's not used by malware.
Will it come a day that the use of screen overlay besides showing information will be banned?
Will it come a day that the use of content provider not for providing data will be banned?
Will it come a day that the use of internal APIs will be banned?
oasisfeng said:
Like many other developers, I also received the 30-days deadline warning email from Google Play team about the potential "misuse" of accessibility service in Greenify.
As the very first developer who introduced this trick of "misusing" accessibility to achieve UI automation years ago, I'm very proud that many more creative tool apps followed this approach to enable fantastic functionality beyond the imagination of the creator of Android, without root. It's a miracle bred from the openness and flexibility of Android.
Unfortunately, the supervisor of the dominant app market is now declaring its right of final interpretation, to judge the proper use of Android API and claim that this whole idea is unacceptable. At this point, I feel I have to say something.
Why accessibility service?
As we all know, root is the ultimate playground of super users in the Android community. But it also has its inconvenience and grey side, so I decided to make Greenify work for users with non-root device. I had been experimenting with many approaches for this purpose in almost the whole year 2013. Finally I found the magic of UI automation driven by accessibility service. With this approach, many more users now enjoy the improved battery life and smoothness brought by Greenify.
I know that accessibility service is not a perfect solution, considering the overall UI performance degradation involved (explained below). So I never gave up seeking alternative approaches ever since, (many of which might also be considered API "misusing" in strict speaking) but still no better approach found. If Android could provide any alternative solution, I would never prefer accessibility service in the first place.
The Good
Accessibility service is so powerful, that I have to admit it's some kind of Pandora's box.
With accessibility, developers could not only help people with disabled abilities, but also greatly benefit the general users with wonderful use cases, including:
• Remote assistant via touch interaction, without root. (seems like no such apps yet?)
• Automate the tedious operations inside not-well-designed apps, even possibly driven by Tasker or IFTTT, without root.
• Programatically trigger global actions (e.g. Back, Home).
• Overlay the whole screen including the notification shade on Android O.
• ……
I even wrote a small app with accessibility service to "fix" the bottom navigation bar of my wife's Moto X Style, whose touch screen is not reading touches any more in bottommost rows of pixels.
The Bad
With such power, accessibility service is also becoming the trending target of malware, endangering average users world-wide. A typical malware could deceive user to enable its accessibility service and then perform many dangerous actions without user consent, including gaining other sensitive privileges.
Together with screen overlay, this could even hide from average user's observation, effectively making it a seductive approach, thus highly dangerous in the wild.
The Ugly
The dangers above may not be a thread to advanced users, but the overall UI lag caused by accessibility service could be a real hurt.
Android delivers accessibility events to active accessibility service in two phases. Events are first generated in the current interacting app and immediately sent to system process, then dispatched to separate accessibility services, each in its own process.
If no accessibility services enabled, both phases are shutdown, thus no performance affection at all. If at least one accessibility service is enabled, the first phase is turned on, in full power, no matter which types of events are interested (declared by accessibility service). The second phase is taking that into consideration and only delivers the interested events to each accessibility service.
The performance lag comes mostly out of the first phase because some types of accessibility events are so heavy, considering how frequently they are triggered. For example, TYPE_WINDOW_CONTENT_CHANGED is generated and sent every tiny bit of UI content changes and TYPE_VIEW_SCROLLED is generated and sent every pixel your finger is moved across during scrolling, even if no accessibility services are interested in them.
Sounds crazy? Unfortunately that's the current situation. Although Android O took a step to address that, the situation is still not changed fundamentally. Maybe in Google's view, accessibility service is not intended for general users, so performance optimization is never in the priority.
How is Greenify doing
Performance is always Greenify's priority since it’s one of the purposes defining Greenify. So I took all the possibilities to improve that in the past years, even greatly pulled-back by Android system itself.
First of all, Greenify declares no interest of events at all at most of the time and only declares minimal interest of events (all are trivial to generate) and specific target (system settings app) required during the short period of on-going hibernation operation. This is implemented by dynamic registration, cutting the cost of the second phase to almost zero.
Due to the inefficient implementation in Android system, the first phase is still the bottleneck of UI performance. After a long time of trial and failure, I finally managed to eliminate that cost, in a tricky way. With necessary permission granted via ADB, Greenify only enables its accessibility service during the hibernation operation and disable it immediately afterwards. That means, if no other accessibility service enabled, you will have no performance problem of accessibility service at all while still enjoy the power of Greenify.
With above optimization, Greenify limited the events it could receive to the minimal, thus also effectively keeps the privacy of users in safety. I'm planning to bring this optimization to broader users who has little knowledge about ADB, and even to other apps with accessibility service hopefully.
My Concern
Accessibility service is a yard full of potential creativity and magic. It should never be a Pandora's Box if Android itself implement it with caution in the first place. I understand the complexity and historical reasons that lead to the current situation, but feel sorry and sad about how Google deals with this situation, by banishing popular tool apps. Will that make Android users more secure? I highly doubt.
I don't know if Google Play team represents the atitude of Android team at Google. If so, it will then be the breaking day for all Android developers, when Google starts to use its power to judge the "proper use" of Android API, even if it's not used by malware.
Will it come a day that the use of screen overlay besides showing information will be banned?
Will it come a day that the use of content provider not for providing data will be banned?
Will it come a day that the use of internal APIs will be banned?
Click to expand...
Click to collapse
Well thanks for all you've done for the Android community!
Perhaps you and many other devs should just pull away from Google and switch to a different market like FDroid.
Google has done this sort of thing in the past, like with SCR Pro (screen recording software with internal audio support) because it changed SELinux Policy. If Google loses their cut money, maybe they would rethink that decision. Personally if I was Google, I'd just add a "Potential Security Issue" or a "Modifies Critical Security Settings" indicator to apps on the Play Store that use the Accessibility Services or change SELinux Policy, or other security related settings. Give the users the option of what they choose or not choose to run on their phones! They already have some sort of a system in place that already does this with the "Play Protect" system. Slowly but surely, Android is becoming more like iOS with less freedom.
Interesting update to original article on XDA
https://www.xda-developers.com/google-threatening-removal-accessibility-services-play-store/
"Update: LastPass has just responded to this news and states that there will be “no immediate impact” for their Android apps. Whether or not this means that other applications will be given leniency remains to be seen."
Accessibility Service options
If I may ask -- what are you going to do? Are you going to pre-emptively unpublish the app before the 30 day limit is up? Are you going to try to reach out to Google and ask them to clarify whether there is any changes / clarifications? (LastPass implies they have gotten some kind of assurance, but they don't directly state that). Or, are you going to try to get as compliant as possible (put the appropriate language in the appropriate places), and hope for the best?
As far as I'm concerned your app is one of the few mission critical apps in the android ecosystem. So I can only hope that this can be resolved amicably.
I think this change is aimed solely at Substratum, as I have heard (not confirmed) than in Android 8.1 without root/unlocking and only using accessibility services, OMS can be exploited for theming. So Google is using a shotgun to kill all apps using this service rather than narrow their focus.
@oasisfeng
An insightful, deliberate and extremely well written post! ?
Sent from my SM-G955W ??
I think its time of the developers make a big migration of the apps to the XDA store to save the lagacy of the -7.0
Sent from my Asus ZenFone 3 Deluxe using XDA Labs
divineBliss said:
Interesting update to original article on XDA
https://www.xda-developers.com/google-threatening-removal-accessibility-services-play-store/
"Update: LastPass has just responded to this news and states that there will be “no immediate impact” for their Android apps. Whether or not this means that other applications will be given leniency remains to be seen."
Click to expand...
Click to collapse
LastPass and Chrome enjoyed a cozy relationship in the past. That said I'm almost surprised at the news given Google could easily incorporate similar functionality into Android. Maybe Google and LogMeIn have something going on the side (new rumor...lol).
As much as i like to sympathize with developers using Accessibility to improve functionality of Android, I can't.
Because in last couple of months i have seen many crappy apps (cleaners n all) also start asking for same permission, and average user don't really understand or even care to read what impact or access they are giving and more than 95% of Android user falls in this category. We at XDA or other nerdy site don't like this fact but it's bare truth.
And from Google perspective, They can't monitor each and every App for eternity that which one is using this permission for good and which one isn't. So hammer of Banning all of it seems only solution for now on their part. especially considering Accessibility service was never meant to use for improving "Device Functionality" (Button Mapper, Battery Saver) it was always meant for "helping hand" in case normal functionally can't be used, not as "Replacement".
Also in my personal option, i think this ban is more due to App developers are trying to bypass each and every thing device manufacturers put (Bexby & Assistant Button) than apps trying to help with routine task (LastPass, Greenify).
Though they may not say explicitly OEM are not happy with their excursive feature are ruined by apps using accessibility as bypass and they (including Google in this case) can force Play Store to make restriction on this. (whether it's is Good practice or not is entire different topic so don't dwell into that debate in replies)
So in conclusion, Till Google come up with better solution (and i think they will, People working there are not fools they understand good that this access can do for Android as whole) , banning seems fair to me because security & stability of 95% users comes above 5% demanding modification & features.
Nerdy will always find a way but it's extremely difficultly to help understand average user why their phone suddenly start behaving abnormally
and that's what Google & OEM face daily.
jineshpatel30 said:
As much as i like to sympathize with developers using Accessibility to improve functionality of Android, I can't.
Because in last couple of months i have seen many crappy apps (cleaners n all) also start asking for same permission, and average user don't really understand or even care to read what impact or access they are giving and more than 95% of Android user falls in this category. We at XDA or other nerdy site don't like this fact but it's bare truth.
And from Google perspective, They can't monitor each and every App for eternity that which one is using this permission for good and which one isn't. So hammer of Banning all of it seems only solution for now on their part. especially considering Accessibility service was never meant to use for improving "Device Functionality" (Button Mapper, Battery Saver) it was always meant for "helping hand" in case normal functionally can't be used, not as "Replacement".
Also in my personal option, i think this ban is more due to App developers are trying to bypass each and every thing device manufacturers put (Bexby & Assistant Button) than apps trying to help with routine task (LastPass, Greenify).
Though they may not say explicitly OEM are not happy with their excursive feature are ruined by apps using accessibility as bypass and they (including Google in this case) can force Play Store to make restriction on this. (whether it's is Good practice or not is entire different topic so don't dwell into that debate in replies)
So in conclusion, Till Google come up with better solution (and i think they will, People working there are not fools they understand good that this access can do for Android as whole) , banning seems fair to me because security & stability of 95% users comes above 5% demanding modification & features.
Nerdy will always find a way but it's extremely difficultly to help understand average user why their phone suddenly start behaving abnormally
and that's what Google & OEM face daily.
Click to expand...
Click to collapse
Actually Google has fairly simple way to provide a solution, for example, Play services API to provide similar functionality with refined security and proper restriction. The new SMS verification API is a good example for app to avoid requesting SMS permission. Fairly speaking, SMS too was not designed for verification purpose.
They did nothing for a long time, but rush to ban all these apps in just 30 days. I think they just don't care that much about advanced user like the old days when Android was competing with iOS fiercely.
I’m the developer of Battery Overlay Percent. Not one of the big apps out there but it does got 500,000 downloads and about 30,000 active users.
I use accessibility services for hiding overlay when user pull status bar or on later release to resolve overlay breaking permission.
I’m quite sad with Google closing down on legitimate use cases. Personally from an open source OS we now live in a world of 2 pretty closed mobile environments.
And who’s collecting most data? Play Services of course.
Hope there will be a shift from this centerlized dark state we’re in.
oasisfeng said:
Actually Google has fairly simple way to provide a solution, for example, Play services API to provide similar functionality with refined security and proper restriction. The new SMS verification API is a good example for app to avoid requesting SMS permission. Fairly speaking, SMS too was not designed for verification purpose.
Click to expand...
Click to collapse
I thought something similar and i still think they will implement it but not before 30day timeline.
They did nothing for a long time, but rush to ban all these apps in just 30 days. I think they just don't care that much about advanced user like the old days when Android was competing with iOS fiercely.
Click to expand...
Click to collapse
True that. When you have 90% of market you don't need to expand it any more you just need to control it.
I don't mean to sound like I'm supporting them, but this what people do in general, when they have control on almost entire market.
Luckily for now (and unlike with ios) Android can still and probaly can always exist without the Google Play Store and Google Play Services and thats still a big win over ios! And as much as I hate this news, this is something I think will ultimately lead advanced users and advanced developers to become less dependant upon Google Play Store and Google Play Services.... and for users/devs like us, thats actually a good thing!
Maybe now Google Play Store will finally get some real competition!! Google has certainly with their actions have now got a significant chunk of users and devs properly motivated to look or create healthy alternatives for app licensing and license management on Android, thats for sure and to also kick it off with a healthly sample of some of the most prized apps android has ever seen, yikes!! Greenify is amazing but Tasker too; bigger yikes!!!
cantenna said:
Luckily for now (and unlike with ios) Android can still and probaly can always exist without the Google Play Store and Google Play Services and thats still a big win over ios! And as much as I hate this news, this is something I think will ultimately lead advanced users and advanced developers to become less dependant upon Google Play Store and Google Play Services.... and for users/devs like us, thats actually a good thing!
Maybe now Google Play Store will finally get some real competition!! Google has certainly with their actions have now got a significant chunk of users and devs properly motivated to look or create healthy alternatives for app licensing and license management on Android, thats for sure and to also kick it off with a healthly sample of some of the most prized apps android has ever seen, yikes!! Greenify is amazing but Tasker too; bigger yikes!!!
Click to expand...
Click to collapse
Exactly.
We need to stand our ground.
I have a feeling that alternate app stores are about to see a huge boost in users. Google is going to sorely regret their decisions.
betatest3 said:
Exactly.
We need to stand our ground.
I have a feeling that alternate app stores are about to see a huge boost in users. Google is going to sorely regret their decisions.
Click to expand...
Click to collapse
I admire your optimistic attitude - But... Alphabet is a Juggernaut and if it suits them - They'd probably just buy any potential problem ?
Sent from my SM-G955W ??
shaggyskunk said:
I admire your optimistic attitude - But... Alphabet is a Juggernaut and if it suits them - They'd probably just buy any potential problem ?
Click to expand...
Click to collapse
Not to mention the relatively small number of individuals that will be adversely impacted when all is said and done. Bigger players (eg: LastPass) will likely receive some form of dispensation. Niche tools like Greenify might take a hit but that is not where the revenue stream resides. Google ain't catering to the Android enthusiast community.
shaggyskunk said:
I admire your optimistic attitude - But... Alphabet is a Juggernaut and if it suits them - They'd probably just buy any potential problem ?
Click to expand...
Click to collapse
I dont think they'll be buying the amazon app store any time soon.
but to the point of the other user you quoted, you'll likely see the accessibility needing market move to another app store.
cantenna said:
I dont think they'll be buying the amazon app store any time soon.
but to the point of the other user you quoted, you'll likely see the accessibility needing market move to another app store.
Click to expand...
Click to collapse
Sure. There are a handful of reputable alternative app stores that cater to small communities that dare to venture off the beaten path. Niche market; don't think Google is worried. Nor is it likely Amazon will cater to Android enthusiasts.
If Alphabet/Google is serious about reining in potential abuses look for further adjustments in the successor to Android 8.
Can you on XDA Dev put an parallel market on the XDA Labs with PayPal account with less taxes (good for all) to maintaining and update webpage to conventional user going fu*k up the Google to the apps then will not survive on the Google rules on the market?
Put and good design market to the conventional use on XDA please.
Sent from my Asus ZenFone 3 Deluxe using XDA Labs
---------- Post added at 05:31 PM ---------- Previous post was at 05:20 PM ----------
If you on XDA Labs put a inner market in the app with an Market safe with PayPal the developers can update the Apps on the Market with no acessibility but make an link to be updated on the XDA Labs with a plugin or a new full version, we can free more people with xposed solutions to defeat Google Policy
Sent from my Asus ZenFone 3 Deluxe using XDA Labs
---------- Post added at 05:37 PM ---------- Previous post was at 05:31 PM ----------
Dev can update your apps and redirect to the external link in XDA Labs without violated google policy.
Sent from my Asus ZenFone 3 Deluxe using XDA Labs
---------- Post added at 05:50 PM ---------- Previous post was at 05:37 PM ----------
XDA Labs have power with an safe and free market scanning and checking malicious new apps to be so respected and Xposed so popular then I believed on the futere ASUS and Samsung make the ZenFone Deluxes and Galaxy S with Xposed on stock on the most expansive "and free" devices, absolutely. Please think renew the XDA webpage and XDA Labs to defeat the enemies of the freedom on coding.
Sent from my Asus ZenFone 3 Deluxe using XDA Labs
---------- Post added at 05:58 PM ---------- Previous post was at 05:50 PM ----------
Its time of the XDA webpage be more like Facebook on design and XDA Labs more like market on the safe and design to receive more redirected links to update and pay by apps on the XDA Labs with PayPal an Google Account if I like. Well if that happen we really will see if Google support free coding on open source.
Sent from my Asus ZenFone 3 Deluxe using XDA Labs
Interesting/digestible read; nothing new if you have been keeping up with the news on this topic.
https://www.howtogeek.com/333365/android-apps-using-accessibility-services-could-disappear/
S10 stock cleanup actions
yet another phone this year V30->Note9->6T->Mi9->S10, time to update guides. Goal is to have a clean phone after each update, and since reboot doesn't happen often, but defly happens during upgrade, i'm putting cleanup commands into a [boot] script.
Boot script
What it does:
* choose 8 categories of app removal, in the beginning of the file
* use more switch to disable some questionable/helpful stuff
* disable up to 100 apps (preferred method, ppl can reenable)
* remove usage access for google (this is the part not tested and disabling device/trust admins can not be scripted)
Tested ok on recent stock. Not much to put in script unlike on MIUI which used shady practices. Samsung not hiding processes, not persisting apps (except Payment triggers some soft brick - interesting), and not sending tcpdumps to china. Also not having privacy policy in every basic app. It's on you to accept Fourthsquare, Google and then Bixby 3rd party stuff. Well I initially sniffed network and saw some 3rd party sleezy connection to social networking IPs (nonstop monitoring by facebook etc), but that is obvious and well known, and is swiftly disabled by the script. Will see later if there's something that could be tweaked further.
Download: file attached
Installation:
- run in su terminal or add to any startup script
Which plugins to use for S10
Similarly to Mi9, collecting what i think is useful to keep on stock rooted firmware.
Magisk plugins:
* Riru - Core, Riru - Ed Exposed -- brings XPosed to Pie. Need also installer. Now i use old version 0.3 as i feel new SandHook/Yahfa bipolar releases make phone sluggish. This case is to be monitored.
* Bixby button remapper -- so in Samsung case, extra key is not released after Bixby debloat, so we first slap this plugin into phone and then customize via Xposed Edge
* libsecure_storage companion -- helps us keep the bluetooth pairings
* (optional) Universal GMS Doze (disappeared from repository?) or Sysconfig patches -- cools down GMS services. Questionable impact but i use it.
* (optional) YouTube Vanced black themed -- brings usable YouTube experience
* (impossible) QuickSwitch -- we can't have Quickstep+Hyperion (the most capable Quickstep launcher) as there's no pill but Samsong custom recents
* (untested) - FDE, LKT - in a short time, i wasn't optimizing battery. It's good out of the box(!).
XPosed plugins:
* Xposed Edge Pro - a must have and best plugin. Here, by the way, we will modify Bixby button once again, including double press and long press. Because why not
* XPrivacy - Screw the big brother. Must have. Disabling analytics, tracking, telephony, network, identification for all visible apps and all Google and Samsung apps with some exceptions.
* Firefds kit - so this is our main customization app, and enables the very important call recording, which is beutifully integrated into call history. Bye bye external apps. Also we will remove Restart action and replace with Recovery action and rename it to Restart
* afWall - Problems with this firewall and some VPN clients. Should by disabled in Xposed but we want to have this tool
* (optional) Exi for Swiftkey - you can make Swiftkey great again, GBoard is still the best, Samsung keyboard is very good, but too tall and leaves gap in fullscreen mode
Other stuff
- booting to non-root ok, impact could be lost pairings. So let's have it as a useful safe mode.
- after setup, never used Power+Bixby+VolUp. After shutdown, not needed. Rebooting with modified Restart command. Easy
- using TWRP to flash blank Samsung boot logos, to see files etc
- not using multidisabler as i'm on stock and i do want encryption, ROMs/MODs push it thou
- next monthly upgrade will be interesting, as it'll be time to verify what unwanted stuff is being reenabled
Battery saving:
- unknown effect of {LSpeed, Naptime, Servicely, FDE, LKT, Universal GMS Doze, Sysconfig patcher} in such a short time.
- not big impact by dozes (AOD, fp icon, dt2wake, raise2wake) - that's cool.
- having 1.0-1.2%/hr in home wifi standby, VPN, locationtracking, perma BT watch, and tons of widgets and apps
- not liking memory filling up by thrashware even after debloat. From 4GB free to 2GB free quickly.
someone try on this ?
Hi dogg,
seems to work on multiple apps, and has some exceptions thrown, but how can i enable apps again if i need?
thanks and regards.
pep086 said:
Hi dogg,
seems to work on multiple apps, and has some exceptions thrown, but how can i enable apps again if i need?
thanks and regards.
Click to expand...
Click to collapse
do you know which process has thrown fc or exception?
many ways to reenable individually, or to roll back the script, use the undo script attached
i thought i'd debloat Device Security (which i think is the Mcaffe antivirus noone uses), but it's hooking up to app installations. So when disabled, gplay installations will freeze forever. So another memory hog has to stay in memory.
Hi dog,
I will try again I think, there were apps that I don't have already on the phone maybe.
I sure had to enable Samsung experience and contacts sync only cause I needed them.
Thank you very much.
Like the way you inspect packages and traffic.
Keep sharing your knowledge with us.
Thanks.
Thank you very much! Really helpful script, pretty much what I was looking for.
doggydog2 said:
S10 stock cleanup actions
yet another phone this year V30->Note9->6T->Mi9->S10, time to update guides. Goal is to have a clean phone after each update, and since reboot doesn't happen often, but defly happens during upgrade, i'm putting cleanup commands into a [boot] script.
Boot script
What it does:
* choose 8 categories of app removal, in the beginning of the file
* use more switch to disable some questionable/helpful stuff
* disable up to 100 apps (preferred method, ppl can reenable)
* remove usage access for google (this is the part not tested and disabling device/trust admins can not be scripted)
Tested ok on recent stock. Not much to put in script unlike on MIUI which used shady practices. Samsung not hiding processes, not persisting apps (except Payment triggers some soft brick - interesting), and not sending tcpdumps to china. Also not having privacy policy in every basic app. It's on you to accept Fourthsquare, Google and then Bixby 3rd party stuff. Well I initially sniffed network and saw some 3rd party sleezy connection to social networking IPs (nonstop monitoring by facebook etc), but that is obvious and well known, and is swiftly disabled by the script. Will see later if there's something that could be tweaked further.
Download: file attached
Installation:
- run in su terminal or add to any startup script
Which plugins to use for S10
Similarly to Mi9, collecting what i think is useful to keep on stock rooted firmware.
Magisk plugins:
* Riru - Core, Riru - Ed Exposed -- brings XPosed to Pie. Need also installer. Now i use old version 0.3 as i feel new SandHook/Yahfa bipolar releases make phone sluggish. This case is to be monitored.
* Bixby button remapper -- so in Samsung case, extra key is not released after Bixby debloat, so we first slap this plugin into phone and then customize via Xposed Edge
* libsecure_storage companion -- helps us keep the bluetooth pairings
* (optional) Universal GMS Doze (disappeared from repository?) or Sysconfig patches -- cools down GMS services. Questionable impact but i use it.
* (optional) YouTube Vanced black themed -- brings usable YouTube experience
* (impossible) QuickSwitch -- we can't have Quickstep+Hyperion (the most capable Quickstep launcher) as there's no pill but Samsong custom recents
* (untested) - FDE, LKT - in a short time, i wasn't optimizing battery. It's good out of the box(!).
XPosed plugins:
* Xposed Edge Pro - a must have and best plugin. Here, by the way, we will modify Bixby button once again, including double press and long press. Because why not
* XPrivacy - Screw the big brother. Must have. Disabling analytics, tracking, telephony, network, identification for all visible apps and all Google and Samsung apps with some exceptions.
* Firefds kit - so this is our main customization app, and enables the very important call recording, which is beutifully integrated into call history. Bye bye external apps. Also we will remove Restart action and replace with Recovery action and rename it to Restart
* afWall - Problems with this firewall and some VPN clients. Should by disabled in Xposed but we want to have this tool
* (optional) Exi for Swiftkey - you can make Swiftkey great again, GBoard is still the best, Samsung keyboard is very good, but too tall and leaves gap in fullscreen mode
Other stuff
- booting to non-root ok, impact could be lost pairings. So let's have it as a useful safe mode.
- after setup, never used Power+Bixby+VolUp. After shutdown, not needed. Rebooting with modified Restart command. Easy
- using TWRP to flash blank Samsung boot logos, to see files etc
- not using multidisabler as i'm on stock and i do want encryption, ROMs/MODs push it thou
- next monthly upgrade will be interesting, as it'll be time to verify what unwanted stuff is being reenabled
Battery saving:
- unknown effect of {LSpeed, Naptime, Servicely, FDE, LKT, Universal GMS Doze, Sysconfig patcher} in such a short time.
- not big impact by dozes (AOD, fp icon, dt2wake, raise2wake) - that's cool.
- having 1.0-1.2%/hr in home wifi standby, VPN, locationtracking, perma BT watch, and tons of widgets and apps
- not liking memory filling up by thrashware even after debloat. From 4GB free to 2GB free quickly.
Click to expand...
Click to collapse
Hello sir! I'm new to all of this, but i have learned a lot by myself already, and I have researched a lot about privacy on android and how to make the phone more secure! I need some help and guidance please. I have debloated and played around with my s10 for a long time, and had to flash and root 4 times now. The first two times the AOD didn't work anymore(probably bixby related -_-), the next two times I had a soft brick because I removed payment services! I'm really annoyed as I just want to use regular phone functions and I want be as untrackable and unhackable as possible. I mostly use apps from F-DROID, almost all! I also removed google services, basically everything google is gone.
As I understand your Guide, I have to:
1. Flash/root my phone again
2. Run script in su terminal <- here I have no idea what where and how to do this.
or
1. Flash/Root my phone again
2. Install all magisk plugins
3. Install Xposed and all plugins
4. Now Run script in su terminal <- again no idea what where and how to do this.
Could you explain in which order I should proceed and how to do the scripting part? And, when I use Xprivacy, can I leave google play services on the phone for youtube vanced?(or even other nongoogle apps and feed them false data?)Right now I use NewPipe for youtube. does XMPP work?
My biggest concern is privacy, I dont want any f***ers to spy on me. Another thing, how good is LineageOS, I could buy a SDcard and I try it or sell my stupid phone!
Thank you if you could help me, I'm really annoyed by all of this, I used a normal 30 € phone for 2 years because I don't want be spied on and not forget how nice the world is without phone that knows everything, for and about me!
---------- Post added at 11:39 PM ---------- Previous post was at 11:34 PM ----------
.TanTien said:
Thank you very much! Really helpful script, pretty much what I was looking for.
Click to expand...
Click to collapse
Hi! Can you tell me how to do the scripting??? greetings
kejsix said:
Hello sir! I'm new to all of this, but i have learned a lot by myself already, and I have researched a lot about privacy on android and how to make the phone more secure! I need some help and guidance please. I have debloated and played around with my s10 for a long time, and had to flash and root 4 times now. The first two times the AOD didn't work anymore(probably bixby related -_-), the next two times I had a soft brick because I removed payment services! I'm really annoyed as I just want to use regular phone functions and I want be as untrackable and unhackable as possible. I mostly use apps from F-DROID, almost all! I also removed google services, basically everything google is gone.
As I understand your Guide, I have to:
1. Flash/root my phone again
2. Run script in su terminal <- here I have no idea what where and how to do this.
or
1. Flash/Root my phone again
2. Install all magisk plugins
3. Install Xposed and all plugins
4. Now Run script in su terminal <- again no idea what where and how to do this.
Could you explain in which order I should proceed and how to do the scripting part? And, when I use Xprivacy, can I leave google play services on the phone for youtube vanced?(or even other nongoogle apps and feed them false data?)Right now I use NewPipe for youtube. does XMPP work?
My biggest concern is privacy, I dont want any f***ers to spy on me. Another thing, how good is LineageOS, I could buy a SDcard and I try it or sell my stupid phone!
Thank you if you could help me, I'm really annoyed by all of this, I used a normal 30 € phone for 2 years because I don't want be spied on and not forget how nice the world is without phone that knows everything, for and about me!
---------- Post added at 11:39 PM ---------- Previous post was at 11:34 PM ----------
Hi! Can you tell me how to do the scripting??? greetings
Click to expand...
Click to collapse
i keep running the script without problems for months now.
to run a script, you need a terminal - use any terminal app, like 3C Toolbox or via adb. this is too generic question.
to run it, you need root, so at least magisk must be present. you normally flash your favorite image, then magisk, in magisk you load riru & exposed plugins, then in edxposed installer you load xposed plugins like xprivacy. i run strict privacy settings on every device and this requires some work. first thing i do, is press RESTRICT button on all visible apps for these permissions: identification, network, telephony, tracking, analytics, then calendars, call log, contacts, location and messages. Then i go throught individual apps and deselect neccessary permisions for some apps. on the left menu, i set 'restrict new apps'. this way i can control non-geeky users phone who install any app without thinking and accept all default choices without any hesitation. It's very hard for them to fight XPrivacy thou - they don't understand it luckily. unlike personal computers, phones are great source of snitching, as you have so much data available to the aggressive companies like SIM details (=directly identify your person via Telco), IP (=directly identify you via ISP), web services where you provided real name and phone number (to "recover account" blabla, real meaning is to identify you), tracking and analytics (to study your behaviour and share your internet presence via a token between companies). All this needs to be cloaked and more: browser should be full of privacy plugins, ad killers, fingerprinting killers, webrtc killers etc etc. VPN set, and firewall set. I also use Changer xposed plugin to cloak extra items not covered by XPrivacy.
I have zero ads in any apps. Zero suggestions by ecommerces. Getting dummy search hits without relevance. Always a blank user to each web or app. Email on the best privacy provider, with zero knowledge encryption, this and any web services paid via bishuffled bitcoin bought in person (Coinbase? really? send ID? seriously people do this?). IP is cloaked via trustful service, in case of need to express opinion on the internet (which i've given up to) in todays politically correct era, use also Tor and Psiphon. No phone numbers, IMEIs, IMSIs etc etc provided. No real names ever entered anywhere. I can have great privacy with commercial tools, and don't need to use Snowden type of blank OS. But it's difficult to set up, it takes hours and some tweaking later. I just find mobile encryption too weak, on PC an intruder (govt) needs to: enter BIOS password, enter TCG-OPAL password, enter bitlocker password, enter Windows password, enter fingerprint to USB flash drive with keys to data drive, unlock bitlocker of the same USB, then unlock data drive -- it's just 20 seconds of extra work once per day. Mobile phone: password and FBE and sensitive app locking. Don't use fingerprints (they belong to govt) or facelock (too lame). Or use fingerprints with lockdown feature (use AI button to map this action with XPosed Edge plugin), and lock it deeply when going to customs or similar checkpoint. Your data and thougts are yours and noone elses.
Yeah install instructions man.. su in terminal and then what ???
kejsix said:
Hi! Can you tell me how to do the scripting??? greetings
Click to expand...
Click to collapse
I opened the script file and picked the features i wanted to disable by manually typing the commands. Standard procedure should be starting terminal as su
Code:
chmod 777 filename.sh
and after that
Code:
./filename.sh
You should be in your file directory of course. You can get there by typing
Code:
cd /your/file/path
Will that work on Snapdragon s10?
i'm running this for 8 months now after each boot. And i didn't update firmware as the rooting process was so exhausting. Now i'm going through the horror again, hoping to keep the encryption, therefore strictly without a custom ROM.
Script should work on Snapdragon, it's not related to the root process.
easier way to run the .sh file:
1. su
2. cd /storage/emulated/0
3. sh S10_cleanup.sh
So I currently have a Tmobile Note 8 that I just found out that rooting it will prevent me from installing apps like bank apps and using samsung pay. I also have an At&t Note 10 plus for work but I dont want to root it as if something happens how will I explain it to my boss lol. So being that my Note 8 is 3 years old I decided that it's time to upgrade to a new phone. My question is what phone can I buy that I will still be able to install bank apps and keep using google or samsung pay. I'm open to any suggestions
Thank you
David
these guidelines will help
--- find out if rooting is easily available for the phone
--- take a look at extant ROMs and see what are the problems associated with those ... in the latest update and how easy it is to fix them or else live with them
--- broader the user base better it is find support available for various issues
--- coming to your question on banking apps it has nothing to do with what phone you want to buy
if you root that phone and the banking app has various checks and balances to detect root you may not be able to use it. with passage of time banking apps are clamping down on root detection and unfortunately Evasive measures are not sufficient so those fighting for root and wanting to use banking apps ... are on the losing side
Sent from my Redmi 8A using Tapatalk