OnePlus 7 Pro-Restricting access to certain settings/functions? - Android Q&A, Help & Troubleshooting

**If this is posted in the wrong section, my apologies as I very rarely post to this forum and was unsure where to post it.**
If this is already available somewhere, I apologize, but after several days worth of searching, I could not find it.
That said, what I am looking for (and Im not sure that I am wording this correctly) is a system or root level addon or mod that will completely lock or disable the modification of certain settings with a password, i.e. changing/disconnecting from the current wifi, disabling the developer settings (more than just the "off switch"), restricting access for installing or uninstalling apps and their settings, etc. Kind of like the Mobile Device Management in iOS.
I would really prefer not to have to use google policies if that is possible, because last time I tried that I was forced to sign up for a google developer account and even then I had to be part of a business before being able to access any of the "corporate" or "enterprise" software that does what I am asking. Needless to say, I was unable to get those settings to work anyways because I am not part of a business.
I would like to use this on a rooted OnePlus 7 Pro running stock android 10 with the eXposed/EdXposed framework, Magisk, and TWRP.
Thank you,
Fenix

Related

[APP] [CM7] Increase Your Privacy with PDroid [alt CM9/CM10]

Well, I’m sure that it isn’t a secret for anyone, CM7 has been and still is my favorite rom for my Defy(s). I’ve been using it since the day Quarx’s brought IP Tables support to it – hence allowing me to use Droidwall as an Android firewall. I could then selectively allow/deny internet access to any installed app [having internet access permission that is…]. This is a first and important security step, but like anything, this has limitations; apps that do ‘really’ need internet access are then free to send (and receive) whatever their Android permissions allow them to get a hand on. For that, CM7 has a neet feature called ‘permissions management’ that allows you to control each app’s permissions individually. This option works fine BUT the problem is that the apps that you control that way often lose functionalities, stop working altogether or even throw you an error message telling you that the app’s permissions have been altered and that you will not be able to use it unless you reset them.
So how to solve this potentially very critical security flaw without losing apps functionality? ==> PDroid.
Thanks to xda user measel, I’ve just recently discovered this wonderful piece of software and I don’t think that my Defy will ever live without it from now on. The app itself is not really a new one and I’ve decided to create this thread to spread to word around and in the hope that it will be helpful to other Defy owners conscious about their data privacy.
WHAT IT DOES:
• More than just blocking apps Android permissions, it lets you control each individual app’s access to private information (user + system);
• It allows you to block and, in some cases, let you either use random or custom private data;
• It will also (if desired) warn you on any root or privacy info access, all that with an easy to figure out and use user interface [see pics];
• And best of all, applications will not crash when their access to private data is blocked unlike with Permission Denied (using LBE Privacy or alike or with CM7).
Disclaimer: I’m only the messenger and I take no credit or responsibility for anything that you’ll do with your phone from here on.
HOW TO:
Original thread by the dev [go have a read and give your thanks to svyat]
Pre-requisites:
- Make sure that you did not use Titanium Backup to integrate sys Dalvik into the rom [if you don’t know what that means, chances are that you didn’t; ignore it];
- a PC running Windows;
- a CM7-jordan/Jordan-plus build;
- PDroid patcher v1.31 (v1.27 also work but the latest version (v1.32) from the link above doesn’t work for the Defy. So I’m attaching v1.31 here which I’ve found with a little digging through that thread;
- the PDroid.apk itself [Market link] or [Dropbox link from the dev];
=> If you don’t have access to a PC running Windows or just don’t want to go through the trouble of patching process described below, you can head over to measel’s CM7 nightlys | info collection thread and locate the build you are using; he was kind enough to provide us with patches for most of recent Jordan builds. So go and grab your applicable patches and give thanks to him.
=> If you’re running CM9 or CM10, this patcher will not work for you, but there are alternatives - namely: the ‘auto-patcher’ or even the PDroid v2 [I’ll give links to those later]. Just go read the last few pages of the original thread, there are quite a few mentions/redirections to those over there. [please don’t ask me about questions about those as I did not try them just yet]
Note: PDroid is an ongoing but currently ‘on hold’ project [because, like someone said before: devs sometimes have a life outside Android...] which works perfectly fine as it is if you follow the next few steps below.
Zero off: Make a nandroid backup of your current phone setup.
First off: Create the patch for your rom:
To work, PDroid first needs you to mod 3 framework files and push them onto your phone. To do so, all you need to do is to execute the PDroidPatcher.exe. file [extract it from the zip attached] and point it to the CM7 build you are using. Let it do its thing and it will create a CWM recovery flashable zip and an undo (RESTORE) one.
Second: Flash the patch:
Just boot into recovery, wipe cache and dalvik and install the patch and boot up.
Third: Install the apk
That’s it!, you’re now ready to go your list of installed apps and start controlling your privacy accesses.
Warning: again, go read the original thread for a how to on how to backup your PDroid settings and/or use TB to do so.
HOW TO USE:
Well, it’s all pretty obvious and with a bit of common sense, you will easily figure out how and what to set up. By default, nothing is blocked and apps are free to access data. So you’ll have to go through your list of installed apps and set up each individual data access and then try them out. For example, logic would tell us not to block the ‘GPS/Network Location’ data to maps related apps nor block ‘Accounts credentials’ to apps dealing with user IDs and passwords like Email or social apps.
I can’t give you detailed instructions here (it’s not the point of this thread anyway), but if like me you already use Droidwall, you can first leave alone all the apps that you’ve black listed for internet access [pic 2] since they won’t do anything with your private data if they can’t send it back home… There is also an option within the app to ‘hide all the safe apps’ [which do not have an internet permission]; check it to reduce the size of your list of apps to configure.
From experience, I’d also suggest you to keep an eye on the apps requiring a password to run since blocking Device or Subscriber ID might mean that you’ll have to always enter passwords each time you run the app that would otherwise be remembered by those apps. As a rule of thumb, I pretty much choose the ‘use random’ option whenever it is available (just to minimize problems with the app on blocking completely – I’m not even sure this is a valid argument here…) or block everything else when it’s not and finally, I leave ‘Network Info’ allowed since it basically only lets apps know if you connected to internet or not [who cares if they get your wifi’s SSID or not…].
But again, you’ll have to fine tune the whole thing for each and every app and run them to check for full functionalities – but at least they won’t crash on you… Finally, you can pinpoint potential problems/solutions by turning off the general PDroid notifications option and by turning on a specific app’s ones [pic 3].
Happy privacy enhancement!
/AL
As usual!
Quality guides from lovely []AL[]
I don't want a tapatalk sig!
nogoodusername said:
As usual!
Quality guides for lovely []AL[]
Why not move to Android Apps forums?
I don't want a tapatalk sig!
Click to expand...
Click to collapse
"lovely AL" wow! you surely are the first person to tell me anything like this here on xda.
..not sure if I should be flattered or run away by homophobia - hehehe! :laugh:
Well, I didn't mean to make it a guide when I started writing it, but like always I had things
to say and the post got longer and longer.. so I guess that we can call it a sort of guide...
But I truly like the app and believe that along with Droidwall, that should be installed on every phone.
In fact, Google should look at this and incorporate something similar into Android.
OK, I'll go reply to your PM now... cheers!
Edit for your question: because like I wrote in the OP, I'm just the messenger and not the dev of the app.
The app also works mostly for on phones running CM7 and even not all the phones support it either.
So I wouldn't publish this widely without at least asking permission to the dev. But here for Defy owners fellows,
I know it works fine and again, I think that it is pretty much an essential app to have.
9 downloads/1 thank;
Leeches, I see leeches everywhere!
Shhhiiiiii- You got me excited! I thought I'd find a patch for the Quarx rom! So far auto-patcher can't patch Quarx's CM10 roms. Nor do I understand why that's so but that's why I'm not a dev.
Excellent app
Arch Linux User ..
KicknGuitar said:
Shhhiiiiii- You got me excited! I thought I'd find a patch for the Quarx rom! So far auto-patcher can't patch Quarx's CM10 roms. Nor do I understand why that's so but that's why I'm not a dev.
Click to expand...
Click to collapse
Well... sorry to hear that; I had no clue that it doesn't work with Quarx CM10. It seems to work for some other JB builds/phones... But like I wrote on the OP, I haven't tried any of this on CM9/JB yet. So again, too bad that this thing is a no go for now. I hear that Quarx is very busy outside Android's world as of lately so it might not be a good time to ask him about this - might also be low on his priority...but who knows, someone might read this and find an answer for you.
ps: quite an avatar you got there :silly:
an thanks for the link to the auto-patcher thread; it might be useful to others and it'll save me the search when I update the OP with it and your comment eventually...
juan296 said:
Excellent app
Click to expand...
Click to collapse
Well thanks but again, just I'm just a messenger here and not the dev... :highfive:
Actually, I use DroidWall , so.. can uninstall this app? And right now, JUST USE pdroid! Right?
Arch Linux User ..
juan296 said:
Actually, I use DroidWall , so.. can uninstall this app? And right now, JUST USE pdroid! Right?
Click to expand...
Click to collapse
I still use both...they are quite different apps and don't do the same at all. Droidwall is a firewall that let you control if an app has access to internet or not; PDroid controls what private information each app can access.
Like I wrote on the OP, any app that is blocked by Droidwall doesn't need a PDroid setup, but apps that need internet connection could be free to get private information from your phone if you don't use PDroid...
Basically, PDroid has no way of blocking all internet access; it only blocks apps from reading private info (or scrambles it by returning info like random network location or sim ID#...)

google-ectomy, possible?

Hi all.
I have a rooted phone that is used strictly in wifi mode and only needs to be able to run 4 or 5 standard aps, a couple of optional aps, plus the aps that support rooted phones and enhanced power management. I don't want google-anything on it, and I am not kidding. My prime concern is battery life, I hope to be able to run my phone for 3 to 4 days (or more) between charges, so deleting all fluff aps and crapware is important, as is underclocking it and getting rid of google. I also want to stop updating of the operating system and installed software by google.
I hope to do a hardware mod to remove power from the cell band rf transceiver. Despite it being turned off in the phone using software, I am detecting occasional transmissions from the cell band transmitter. Hardware mods are not a problem for me, I'm a retired EE, who specialized in RF design.
I need to know if it's possible for the phone to function if gmail, google+, google search, chrome, google calendar and google-whatever are exhorsized (uninstalled)? Yes, I also want to give the playstore the boot, to prevent excessive battery drain (and, yes, I do realize downloading aps will be slightly more difficult without the playstore).
For those who might be interested, the phone is used as a wifi phone for the home based Ooma telephone service. I also might like to run a mini bittorrent server. It seems to me that the android community could use bittorrent in place of the playstore, thus making it easier for others to give google and google playstore the boot
I love this forum, and want to thank all those that support and administer it.
Aloha,
A
alohagirl said:
Hi all.
I have a rooted phone that is used strictly in wifi mode and only needs to be able to run 4 or 5 standard aps, a couple of optional aps, plus the aps that support rooted phones and enhanced power management. I don't want google-anything on it, and I am not kidding. My prime concern is battery life, I hope to be able to run my phone for 3 to 4 days (or more) between charges, so deleting all fluff aps and crapware is important, as is underclocking it and getting rid of google. I also want to stop updating of the operating system and installed software by google.
I hope to do a hardware mod to remove power from the cell band rf transceiver. Despite it being turned off in the phone using software, I am detecting occasional transmissions from the cell band transmitter. Hardware mods are not a problem for me, I'm a retired EE, who specialized in RF design.
I need to know if it's possible for the phone to function if gmail, google+, google search, chrome, google calendar and google-whatever are exhorsized (uninstalled)? Yes, I also want to give the playstore the boot, to prevent excessive battery drain (and, yes, I do realize downloading aps will be slightly more difficult without the playstore).
For those who might be interested, the phone is used as a wifi phone for the home based Ooma telephone service. I also might like to run a mini bittorrent server. It seems to me that the android community could use bittorrent in place of the playstore, thus making it easier for others to give google and google playstore the boot
I love this forum, and want to thank all those that support and administer it.
Aloha,
A
Click to expand...
Click to collapse
There are threads all over the place trying to do this. Google is deeply ingrained into all the apks used by the os. You will be very hard pressed to find away to remove them completely and still have things work right.
I agree that security is an illusion. I dumped Microshaft in 2013 in order to improve my security and privacy.
However, the android operating system is supposed to be open source, so it should be possible to de-google-ize it IF someone knows how to edit and recompile the android OS.
I was merely asking if anyone knew of a way to give google the boot, even if it came down to paying someone to compile a custom rom.
The loss of google playstore is not a consideration, neither is a monetary forfeiture (any programmers out there?).
I'm curious, is it possible to gag google so it can't connect to the outside world (with a firewall)? We used to do this in XP to prevent Bill's Internet Explorer from downloading updates.
Are any of the custom roms currently available able to run without google-anything??
Is there any hope, or is it truly hopeless? If a custom rom that gave google the boot was available, how many would pay a small fee to have it? Just curious??!!
TY
A.
alohagirl said:
I agree that security is an illusion. I dumped Microshaft in 2013 in order to improve my security and privacy.
However, the android operating system is supposed to be open source, so it should be possible to de-google-ize it IF someone knows how to edit and recompile the android OS.
I was merely asking if anyone knew of a way to give google the boot, even if it came down to paying someone to compile a custom rom.
The loss of google playstore is not a consideration, neither is a monetary forfeiture (any programmers out there?).
I'm curious, is it possible to gag google so it can't connect to the outside world (with a firewall)? We used to do this in XP to prevent Bill's Internet Explorer from downloading updates.
Are any of the custom roms currently available able to run without google-anything??
Is there any hope, or is it truly hopeless? If a custom rom that gave google the boot was available, how many would pay a small fee to have it? Just curious??!!
TY
A.
Click to expand...
Click to collapse
There is one project that is working on removing Google completely in the forums. A search will find it for you. There are some issues that I don't recall if they could find a way around or fix. You could give that a shot.

Is Greenify Malware?... or Spyware?

I originally posted a summary of these thoughts on my Play Store review of Greenify. But, since comments there soon get lost in the traffic, I thought I'd rewrite here.
Greenify seems to get a free pass from pretty much every Android-focussed site as a "must have app". I even saw an article on one site that said all RAM/Battery optimiser apps were a waste of time except for Greenify.
My own findings are a bit less uncritical.
My findings are that Greenify is constantly trying to make internet connections behind your back. I have the excellent AFWall+ installed on all my gadgets and, after I installed Greenify and blocked it from making internet connections, I was having AFWall+ alert me that Greenify was trying to make connections, almost constantly.
I would be doing something on my phone and the alerts from AFWall+ would be popping up continually, telling me that Greenify was trying to connect to one IP address after another. This would literally go on for two or three minutes at a time. It got so distracting that I eventually turned off AFWall+'s alerts for Greenify, just so I could use my phone in peace!
Digging further into AFWall+'s logs I found that, in the couple of months I'd had Greenify installed, it had attempted to make over ten thousand internet connections!
To put that into perspective; during the same time period, the second most tenacious app on my phone, Google's Gboard keyboard [which you'd expect to be spying on you], had made around two thousand attempts to phone home – and the connection figures for all the other apps I'd blocked with AFWall+ were way down in the couple of hundreds.
So, what is Greenify doing, trying to connect to these myriad servers all the time?
Even if you believe it's benign [although I can't see any legitimate reason it should be making ANY online connections at all] you've got to wonder how much the app is saving your battery by shutting down other background processes, when it's pretty much constantly trying to make internet connections itself.
I realise this is just my unverified opinion. I've since uninstalled Greenify from all my devices and so no longer have the AFWall+ logs to back up what I'm saying. And you've got no reason to trust me on this. But, if you've any doubts, feel free to install AFWall+ and try it yourself. You might just get a nasty shock.
@xxxmadraxxx I'm a long time user of Greenify in its donation version running on all of our devices and I confirm all of your observations. As you could see by my other own threads, I'm very heavily privacy minded but I continue to use Greenify despite its permanent attempts to "call home" (actually the 1e100.net i.e. Google) because I'm able to fight it. From my perspective, reason are the implemented Google analytics tracker. Certainly, I'd prefer if first no trackers at all were implemented and second no attempts to connect to the internet were made at all. Grenify doesn't require an internet connections for its functionality.
However, as I said I'm able to fight it and I don't want to miss Greenify as it certainly enhances the duration of my battery.
All of our devices still run on custom Nougat ROMs for specific reasons. As far as I see if you're already using Oreo or Pie you wouldn't require Greenify any longer to achieve a better battery duration.
Remark: Malware? Not from my point of view. Spyware? As much as every application that contains trackers or analytics tools but there are a few I trust for the benefit of the developer and the development. As an example: SD Maid and Piwik (now Matomo) (the SD Maid Privacy Statement).
If interested: https://forum.xda-developers.com/android/general/how-enhance-battery-duration-sgs-3-lte-t3478287
Oswald Boelcke said:
...I don't want to miss Greenify as it certainly enhances the duration of my battery...
...As far as I see if you're already using Oreo or Pie you wouldn't require Greenify any longer to achieve a better battery duration....
Remark: Malware? Not from my point of view. Spyware? As much as every application that contains trackers or analytics tools....
Click to expand...
Click to collapse
My problem isn't so much with the fact Greenify phones home per se. I know that most apps do so, or at least try to. My problem with Greenify is the tenacity and persistence with which it tries to phone home. As I said in my previous post, it made over TEN THOUSAND! attempts to phone home in the space of the couple of weeks I had it installed.
With the vast majority of other apps, they'll try a couple of times to phone home, maybe using a couple of different IP addresses and then give up. With Greenify, I would sit there and watch the AFWall+ alerts pop up on screen, one after the other, with a succession of different IP addresses, literally for 2 or 3 minutes continually. Also, as I said previously the only other app I had installed that came anywhere near this level of persistence was Google's GBoard which would regularly try and phone home as I was typing stuff on my phone [you can draw your own conclusions as to what that entails for your privacy!]. But, even then, Gboard only [relatively speaking] made about a fifth of the attempts to connect to the internet that Greenify did.
I uninstalled it because I really couldn't see how whatever small savings in battery juice that Greenify was purportedly giving me by sleeping apps which aren't doing anything much anyway wouldn't be being more than cancelled out by the drain on my battery caused by Greenify spending countless minutes every day, trying to make hundreds of internet connections behind my back.
I haven't noticed any difference whatsoever in battery life, since uninstalling Greenify.
xxxmadraxxx said:
My problem isn't so much with the fact Greenify phones home per se. I know that most apps do so, or at least try to. My problem with Greenify is the tenacity and persistence with which it tries to phone home. As I said in my previous post, it made over TEN THOUSAND! attempts to phone home in the space of the couple of weeks I had it installed.
With the vast majority of other apps, they'll try a couple of times to phone home, maybe using a couple of different IP addresses and then give up. With Greenify, I would sit there and watch the AFWall+ alerts pop up on screen, one after the other, with a succession of different IP addresses, literally for 2 or 3 minutes continually. Also, as I said previously the only other app I had installed that came anywhere near this level of persistence was Google's GBoard which would regularly try and phone home as I was typing stuff on my phone [you can draw your own conclusions as to what that entails for your privacy!]. But, even then, Gboard only [relatively speaking] made about a fifth of the attempts to connect to the internet that Greenify did.
I uninstalled it because I really couldn't see how whatever small savings in battery juice that Greenify was purportedly giving me by sleeping apps which aren't doing anything much anyway wouldn't be being more than cancelled out by the drain on my battery caused by Greenify spending countless minutes every day, trying to make hundreds of internet connections behind my back.
I haven't noticed any difference whatsoever in battery life, since uninstalling Greenify.
Click to expand...
Click to collapse
It's amazing the conclusions one draws when given a tool. Perhaps Greenify behaves differently on your device than the huge universe of other long time users, some of which share your concerns over excessive outreach. I do not see the aggressive characteristics you and a few others describe - perhaps because I permit *most* analytics to flow unimpeded.
The power saving potential of Greenify and similar tools has depreciated over time given native doze and more aggressive enforcement of app background behaviors via Google policy. That said, Greenify remains an essential tool in my arsenal for performing selective tasks without manual intervention. It certainly is not malware/spyware as your click-bait thread title suggests.
Oswald Boelcke said:
@xxxmadraxxx I'm a long time user of Greenify in its donation version running on all of our devices and I confirm all of your observations. As you could see by my other own threads, I'm very heavily privacy minded but I continue to use Greenify despite its permanent attempts to "call home" (actually the 1e100.net i.e. Google) because I'm able to fight it. From my perspective, reason are the implemented Google analytics tracker. Certainly, I'd prefer if first no trackers at all were implemented and second no attempts to connect to the internet were made at all. Grenify doesn't require an internet connections for its functionality.
However, as I said I'm able to fight it and I don't want to miss Greenify as it certainly enhances the duration of my battery.
All of our devices still run on custom Nougat ROMs for specific reasons. As far as I see if you're already using Oreo or Pie you wouldn't require Greenify any longer to achieve a better battery duration.
Remark: Malware? Not from my point of view. Spyware? As much as every application that contains trackers or analytics tools but there are a few I trust for the benefit of the developer and the development. As an example: SD Maid and Piwik (now Matomo) (the SD Maid Privacy Statement).
If interested: https://forum.xda-developers.com/android/general/how-enhance-battery-duration-sgs-3-lte-t3478287
Click to expand...
Click to collapse
There are a couple of ways around Greenify's nearly constant call-outs to Crashlytics.
First, set up your hosts file.
Second, use MyAndroidTools and XPrivacyLua to lock Greenify down.
In MyAndroidTools, disable:
Content Provider > Greenify > com.crashlytics.android.CrashlyticsInitProvider
In XPrivacyLua, disable everything for Greenify except:
Determine activity
Get applications
Read identifiers
In Settings > Apps > Gear Icon > App permissions, go through and ensure Greenify isn't enabled for anything.
Greenify, being root, will still try to connect, but it won't be able to because of the hosts file.
---------- Post added at 06:25 AM ---------- Previous post was at 06:15 AM ----------
xxxmadraxxx said:
My problem isn't so much with the fact Greenify phones home per se. I know that most apps do so, or at least try to. My problem with Greenify is the tenacity and persistence with which it tries to phone home. As I said in my previous post, it made over TEN THOUSAND! attempts to phone home in the space of the couple of weeks I had it installed.
With the vast majority of other apps, they'll try a couple of times to phone home, maybe using a couple of different IP addresses and then give up. With Greenify, I would sit there and watch the AFWall+ alerts pop up on screen, one after the other, with a succession of different IP addresses, literally for 2 or 3 minutes continually. Also, as I said previously the only other app I had installed that came anywhere near this level of persistence was Google's GBoard which would regularly try and phone home as I was typing stuff on my phone [you can draw your own conclusions as to what that entails for your privacy!]. But, even then, Gboard only [relatively speaking] made about a fifth of the attempts to connect to the internet that Greenify did.
Click to expand...
Click to collapse
Google Keyboard is, by Google's own admission, a keystroke logger... it's in their privacy policy for GBoard. I've removed it from my phone, along with nearly every other Google app (16 Google apps removed, 3 disabled in case I need them in the future)... and what remains is so locked down that the only thing that works is Google Play Store... for the rest of Google Play Services and Google Services Framework functionality, I've used MyAndroidTools and .xml file hacks to disable. I have no location tracking from Google, no logging from any Google components, no aGPS phone-homes to anywhere (aGPS is completely disabled)... in fact, Google can't even see when I'm online unless I change to my 'Google Enabled' AFWall+ profile to visit Google Play Store. In fact, I've recently disabled all Google Ads functionality... I found out that Google is presenting to the user a fake_adid_key that the user could change but which otherwise did nothing, yet they also have an adid_key which never changes, which they use as a GUID to track users.
Try Hacker's Keyboard... no ads, I've never seen any connection attempts from it, and it's a very nice keyboard once you configure it to suit you.
For me, I set Portrait keyboard height to 45%, landscape keyboard height to 55%, Keyboard mode in portrait and landscape as 'Full 5-row layout', Gingerbread keyboard theme, Auto-capitalization, Double-tap Shift mode, Apply Shift Lock to modifier keys, no Ctrl-A override, no Ctrl key code, no Alt key code, no Meta key code and ignore slide-typing.
It does everything I need, I can type pretty quickly, and it doesn't log keystrokes. I especially like the little arrow keys which let me navigate around in a text file, and the fact that I can Ctrl-A (select all), Ctrl-C (copy) and Ctrl-V (paste) just like a regular keyboard.
Pro-tip: If you want to select a few lines of text, hold the shift key, and tap the down arrow key, just as you'd do on a regular keyboard.
Lusty Rugnuts said:
There are a couple of ways around Greenify's nearly constant call-outs to Crashlytics...
Google Keyboard is, by Google's own admission, a keystroke logger... it's in their privacy policy for GBoard. I've removed it from my phone....
Try Hacker's Keyboard... no ads, I've never seen any connection attempts from it, and it's a very nice keyboard once you configure it to suit you....
Click to expand...
Click to collapse
I found the simplest way of reining in Greenify was to uninstall it. As I said, I've not noticed any detriment to battery life whatsoever –although that may be partly because I'm using an Oreo based ROM now. When I had Greenify installed I was on Marshmallow.
I do use Hacker's Keyboard for apps like Termux and JuiceSSH when I need access to all those extra keys, but it doesn't have swipe-to-type [or didn't last time I looked] so it's no good for my day-to-tay messaging/email/texting etc. where I swipe-to-type all the time.
After uninstalling Gboard and having a brief foray through Samsung's built-in keyboard, I've ended up using SwiftKey on all my devices.
Don't laugh! –I know it's owned by Microsoft which is a huge red flag. But if you set it up without creating a SwiftKey account and switch off any of the "cloudy" options [such as backup, dictionary sync, downloading themes, etc.], it does all its word-prediction processing locally on your device and [according to AFWall+] has never tried to make a single online connection.
Lusty Rugnuts said:
There are a couple of ways around Greenify's nearly constant call-outs to Crashlytics.
...
Click to expand...
Click to collapse
I'm glad to see that we both have nearly the same setup to protect our privacy.:good:
xxxmadraxxx said:
I found the simplest way of reining in Greenify was to uninstall it. As I said, I've not noticed any detriment to battery life whatsoever –although that may be partly because I'm using an Oreo based ROM now. When I had Greenify installed I was on Marshmallow.
I do use Hacker's Keyboard for apps like Termux and JuiceSSH when I need access to all those extra keys, but it doesn't have swipe-to-type [or didn't last time I looked] so it's no good for my day-to-tay messaging/email/texting etc. where I swipe-to-type all the time.
After uninstalling Gboard and having a brief foray through Samsung's built-in keyboard, I've ended up using SwiftKey on all my devices.
Don't laugh! –I know it's owned by Microsoft which is a huge red flag. But if you set it up without creating a SwiftKey account and switch off any of the "cloudy" options [such as backup, dictionary sync, downloading themes, etc.], it does all its word-prediction processing locally on your device and [according to AFWall+] has never tried to make a single online connection.
Click to expand...
Click to collapse
I'm surprised that you quoted me but with statements in the quotation, which I've never made. As far as I see they are by @Lusty Rugnuts. If you click the quotation you're referred to post #2 with a totally different content. May I politely ask you to edit your post in regard to the quotation.
Sorry about that. The multiple nested quotes, when replying, gets a bit unweildy. I deleted the wrong bit when trimming then.
xxxmadraxxx said:
I found the simplest way of reining in Greenify was to uninstall it. As I said, I've not noticed any detriment to battery life whatsoever –although that may be partly because I'm using an Oreo based ROM now. When I had Greenify installed I was on Marshmallow.
Click to expand...
Click to collapse
I wish there were a way to do away with it on Nougat... I take the Lotus approach, add speed by taking away. The less installed, the better. The stock ROM backup I took when the phone was brand-new is 4.74 GB in size. My latest backup is 2.29 GB. Yeah, I've stripped out a lot of Google-stuff.
xxxmadraxxx said:
I do use Hacker's Keyboard for apps like Termux and JuiceSSH when I need access to all those extra keys, but it doesn't have swipe-to-type [or didn't last time I looked] so it's no good for my day-to-tay messaging/email/texting etc. where I swipe-to-type all the time.
Click to expand...
Click to collapse
The Hacker's Keyboard options does have an "ignore slide-typing" option, so I'm assuming it supports slide-typing / glide-typing / swipe-to-type. I've never tried it... I'm a creature of habit, and regular typing suits me. I watched my sister-in-law doing slide-typing, and it seems like one would need very good word correction to get readable text. Besides, I'm a mechanical engineer, I use my hands as hammers, pliers, etc. all day... they're not exactly "tuned" for the finesse I think slide-typing would require.
I came across this thread because in the past year, three times I have been notified by Xposed that a module has been updated. SuperSU also asks me to grant root access again so I'm wondering what the app is doing self updating?
Version 4.5.1 (donate)
Never ever had a "self-update" of Greenify.
Currently on Greenify v4.6.3 (Google beta programme) & Greenify (Donation Package) v2.3
Oswald Boelcke said:
Never ever had a "self-update" of Greenify.
Currently on Greenify v4.6.3 (Google beta programme) & Greenify (Donation Package) v2.3
Click to expand...
Click to collapse
Same. This FUD about Greenify being evil by design is disinformation the net craves. I expect this to be a top trending thread in no time that trashes the reputation of an otherwise fine product. Shesh.
Davey126 said:
Same. This FUD about Greenify being evil by design is disinformation the net craves. I expect this to be a top trending thread in no time that trashes the reputation of an otherwise fine product. Shesh.
Click to expand...
Click to collapse
Absolutely concur. I'm going to refrain from bumping this thread any longer; this is the last time. BTW: Congrats to well deserved 9,000+ thanks. And what does "shesh" means? Never heard it. Just for me to learn.
Davey126 said:
Same. This FUD about Greenify being evil by design is disinformation the net craves. I expect this to be a top trending thread in no time that trashes the reputation of an otherwise fine product. Shesh.
Click to expand...
Click to collapse
I don't see how stating a fact and questioning why it happens is spreading "FUD". And it's certainly not "disinformation". Surprised you didn't also call it "Fake News", since that seems to be the millennial way to deal with anything you read which doesn't align to your own personal viewpoint.
10,000+ attempted internet connections by Greenify in the space of a couple of months is a statement of fact that I observed on my own device. But, as I said in the first post in the thread:
xxxmadraxxx said:
I realise this is just my unverified opinion... And you've got no reason to trust me on this. But, if you've any doubts, feel free to install AFWall+ and try it yourself...
Click to expand...
Click to collapse
Hardly spreading FUD and disinformation. Just letting people know what I saw and telling them to check for themselves and draw their own conclusions.
If other people want to believe that Greenfy is 100% benign, because it's useful to them, then that's fine too. But I could counter your accusations of FUD with saying other people are spreading CCC [Complacency, Certainty and Confidence]. ie. you're blindly trusting an app just because it provides a useful service
[cf. Google, Facebook, et al, if you want to see where that can lead].
I also note that these questions about Greenify's surreptitious behaviour have been raised before on this forum, on other forums and also on the app's reviews on Google Play and, as far as I can see, the developer has not once responded. That may or may not seem suspicious to you but I ask myself:
* If there's an innocent explanation, why not just explain it and clear the air?
* If there's a bug in the app which is causing these attempts to phone home to be repeated endlessly, thousands upon thousands of times, why not fix it?
or, since the phoning home is not necessary for the app to function;
* Why not provide a preference to turn it off? [especially for those people who have paid for the donation version]
Defensive wall of text speaks for itself. Moving on.
(several generations removed from "millennial")
xxxmadraxxx said:
I don't see how stating a fact and questioning why it happens is spreading "FUD". And it's certainly not "disinformation". Surprised you didn't also call it "Fake News", since that seems to be the millennial way to deal with anything you read which doesn't align to your own personal viewpoint.
10,000+ attempted internet connections by Greenify in the space of a couple of months is a statement of fact that I observed on my own device. But, as I said in the first post in the thread:
Hardly spreading FUD and disinformation. Just letting people know what I saw and telling them to check for themselves and draw their own conclusions.
If other people want to believe that Greenfy is 100% benign, because it's useful to them, then that's fine too. But I could counter your accusations of FUD with saying other people are spreading CCC [Complacency, Certainty and Confidence]. ie. you're blindly trusting an app just because it provides a useful service
[cf. Google, Facebook, et al, if you want to see where that can lead].
I also note that these questions about Greenify's surreptitious behaviour have been raised before on this forum, on other forums and also on the app's reviews on Google Play and, as far as I can see, the developer has not once responded. That may or may not seem suspicious to you but I ask myself:
* If there's an innocent explanation, why not just explain it and clear the air?
* If there's a bug in the app which is causing these attempts to phone home to be repeated endlessly, thousands upon thousands of times, why not fix it?
or, since the phoning home is not necessary for the app to function;
* Why not provide a preference to turn it off? [especially for those people who have paid for the donation version]
Click to expand...
Click to collapse
---------- Post added at 09:59 AM ---------- Previous post was at 09:47 AM ----------
Oswald Boelcke said:
Absolutely concur. I'm going to refrain from bumping this thread any longer; this is the last time. BTW: Congrats to well deserved 9,000+ thanks. And what does "shesh" means? Never heard it. Just for me to learn.
Click to expand...
Click to collapse
"Sheesh" (forgot the second ''e') is a mild expression of exasperation generally uttered as a final remark. Not entirely dismissive but leaning in that direction. Akin to 'geez'.
As for the other, any and all acknowledgements go back to the XDA community who support each other like a well designed house of cards. Each depends on the other for support but removing one (or many) does not lead to collapse but the subtle shifting of another 'card' to share the load.
Davey126 said:
Defensive wall of text speaks for itself. Moving on.
(several generations removed from "millennial")
Click to expand...
Click to collapse
In other words:
I'm not a millennial and just to show how mature I am –because I disagree with what you're saying, I'm going to stick my fingers in my ears and go "Na! Na!Na! I can't hear you!"
M'lud. The defence rests its case.
Davey126 said:
Same. This FUD about Greenify being evil by design is disinformation the net craves. I expect this to be a top trending thread in no time that trashes the reputation of an otherwise fine product. Shesh.
Click to expand...
Click to collapse
I have to disagree with you, and I applaud the original poster for making this thread. No closed source project should be immune from scrutiny.
I of course have been using the app for many years and trust the developer but still don't have an answer as to why Xposed and SuperSU were telling me that Greenify has been updated - I think it would be fair to question what's going on.
Though OP could have probably not used such a click-baity and sensational title. Even if it's not malware, the bug would mean that Greenify is not getting root access unless I manually grant it again.
htr5 said:
Though OP could have probably not used such a click-baity and sensational title...
Click to expand...
Click to collapse
The title wasn't intended to be either click-baity or sensational but, with hindsight, I can see how it might read it that way. Mea culpa.
However, given that no third party has been able to offer any justifiable reason as to why Greenify behaves as it does and the developer has never responded to the oft-expressed concerns of users –I don't think it unreasonable to infer that Greenify may be behaving; at best, irresponsibly and at worst, nefariously.
In which case, maybe the headline wasn't that click-baity, after all.
htr5 said:
I of course have been using the app for many years and trust the developer but still don't have an answer as to why Xposed and SuperSU were telling me that Greenify has been updated - I think it would be fair to question what's going on.
Click to expand...
Click to collapse
Yes, that would be a fair question (sans other baggage).
xxxmadraxxx said:
10,000+ attempted internet connections by Greenify in the space of a couple of months is a statement of fact that I observed on my own device.
Click to expand...
Click to collapse
I've quieted Greenify. I used MyAndroidTools to disable the following for Greenify:
Content Provider:
com.crashlytics.android.CrashlyticsInitProvider
com.google.firebase.provider.FirebaseInitProvider
Activity:
com.google.android.gms.common.api.GoogleApiActivity
com.google.android.gms.tagmanager.TagManagerPreviewActivity
Broadcast Receiver:
com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver
com.google.android.gms.measurement.AppMeasurementReceiver
com.google.firebase.iid.FirebaseInstanceIdReceiver
Service:
com.google.android.gms.measurement.AppMeasurementJobService
com.google.android.gms.measurement.AppMeasurementService
com.google.firebase.components.ComponentDiscoveryService
com.google.firebase.iid.FirebaseInstanceIdService
com.google.android.gms.tagmanager.TagManagerService
That Tag Manager Service and Tag Manager Preview Activity are worrisome...
https://support.google.com/tagmanager/answer/6102821?hl=en
Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app. Once the small segment of Tag Manager code has been added to your project, you can safely and easily deploy analytics and measurement tag configurations from a web-based user interface.
When Tag Manager is installed, your website or app will be able to communicate with the Tag Manager servers. You can then use Tag Manager's web-based user interface to set up tags, establish triggers that cause your tag to fire when certain events occur, and create variables that can be used to simplify and automate your tag configurations.
Click to expand...
Click to collapse
https://blog.hubspot.com/marketing/google-tag-manager-guide
Collecting data using tools like Google Analytics is critical for expanding your business’s online reach, converting leads into customers, and optimizing a digital marketing strategy to create stronger relationships with your audience.
However, collecting data is easier said than done. Google Analytics and other similar analytics tools aid the process, but they work more effectively with the addition of tags.
Tags, in a general sense, are bits of code you embed in your website’s javascript or HTML to extract certain information.
Click to expand...
Click to collapse
So Tag Manager is yet another way for Google to track your every move... in apps and on web pages. It's almost a backdoor to your device, since Tag Manager can be used to remotely change what it tracks and when. Google is getting awfully malware-y, which is why I've worked so hard to make it so I can completely kill all Google components on my phone and the phone still works... and the Google components stay killed until I start them (without the necessary modifications, Google Persistence kicks in and restarts the Google components, which is also very malware-y... Google is a service provider, they shouldn't run unless the user wants to use their services, and there should be an interface to disable (or uninstall) any functionality the user doesn't want.). Further, the user shouldn't have to rely upon changing settings on Google's servers, while leaving the Google components running on their phone... that means we have to trust that Google is abiding by those settings... does anyone believe they are?
I've uncovered instances on this very phone where Google is less than honest in abiding by settings... another is their GoogleOtaBinder, which disregards the Developer Options setting to disable Automatic System Updates... the only way to turn off Google pushing a new ROM (without consent, without notification) and rebooting the phone (at midnight each night, without consent, without notification) is to edit a file such that GoogleOtaBinder can't authenticate with Google's servers.
You'll probably also find an app in Settings > Apps called 'Tag Manager'... I got rid of it long ago.
Google Tag Manager / Tracking Pixels and Tags
package:/system/priv-app/TagGoogle/TagGoogle.apk=com.google.android.tag
To get a list of packages installed on your system, in an Administrator-privilege command prompt on your computer, with your phone plugged into your computer via USB and set to 'File Transfer' USB mode, type:
adb shell pm list packages -f
Here's the list of packages I've removed.
{UPDATE}
I've also found the following:
The file:
/data/user/0/com.oasisfeng.greenify/app_google_tagmanager/resource_GTM-KN73P2
contains the following:
Component Display Name:
com.xiaomi.mipush.sdk.PushMessageHandler
alibaba.sdk.android.push.AliyunPushIntentService
com.igexin.sdk.PushService
com.tencent.android.tpush.service.XGPushServiceV3
org.android.agoo.client.MessageRecieverService
com.baidu.sapi2.share.ShareService
"MessageReceiverService"? PushMessageHandler? What is being pushed to our phones?
Further down, because I've completely neutered Google Analytics, it reads:
.analytics.disabled.exception.NoSuchMethodError true
{/UPDATE}
Greenify is also using the real 'adid_key' content in /data/data/com.google.android.gms/shared_prefs/adid_settings.xml, although I doubt they're in on Google's nefarious scheme to trick users into thinking they can reset their Advertising ID, while tracking them with a non-changing GUID (Globally Unique ID).
There are two keys in adid_settings.xml... 'adid_key' and 'fake_adid_key'... pushing the "Reset Advertising ID" button in Settings > Google > Ads changes 'fake_adid_key', but 'adid_key' never changes and is propagated to many other apps.
https://forum.xda-developers.com/showpost.php?p=79521903
Further, I tried to uninstall Greenify (I'll manually set up device_idle_constants to mimic what Greenify did)... it's never had Device Administrator privileges, I disabled Usage Access, uninstalled the XPosed Framework 'Greenify Experimental Features', then went into Greenify's settings and disabled all that was there... but when I went into Settings > Apps > Greenify, there isn't an "uninstall" button, just "Force Stop" and "Disable" buttons. There's no way to uninstall it from within Greenify itself, either.
I booted into TWRP Recovery Mode, went to /data/adb/modules, deleted the module for Greenify, and when I rebooted, Greenify was gone. All that remained was to wipe it from the Dalvik cache.

How to find Info/Errs from an Android App Crash to steer toward App's bad Settings?

I'm a long time developer but brand new to Android, with my having past experience developing in Unix systems as well as a lot using Cygwin in Windows. I have a newly-installed App that seems popular called 'C Locker'. So far, I've just got the Free version because I'm trying it out to see if it does what I need. Unfortunately, it's now crashing with the Settings that I've enabled, and as a general developer, I'm interested in seeing if I can glean information from the Bugreport (or whatever else I can use...perhaps even gdb on the device itself?) to help me know what specific Settings might be the problem being that there are so many of them and I would prefer to gain some type of help from my phone in figuring out what the bad settings might be that I've enabled that are causing the problem rather than to spend all day flipping them around. I've already scanned through the Bugreport after uploading it to my computer, examining all of the references it makes in there to "com.ccs.lockscreen" with this apparently being the process name for the C-Locker program. I've seen indications in there where it indeed shows that it has crashed, but I couldn't yet discern if it is able to give me pointers as to what the cause of the crashes might have been. Is that possible to gain such information out of these Bugreport files? Or is there a way to run it directly in gdb on my device to perhaps see the stack at the time that it crashes, for which the names provided might help to discern what specifically it was trying but failing to do at the time? If it helps, as an intended future Android developer, I've already gotten Android SDK set up on my computer, although I haven't yet really used it much to speak of for anything. I also have adb working from my computer to the smartphone and even have rooted it using a rare method being that I have an older phone purchased years ago via Amazon that I didn't activate until about a month ago. (It's an LG G4 VS986 version 13B so I couldn't use the popular rooting method for version 11A but instead had to use the "Injection" method which took me FOREVER although I finally got it to work!) And just in case it helps perhaps even to bypass a direct answer to this question (although it will still of course be appreciated), my Settings within C Locker involve having set it to be a Device Admin and to bring it up as the first App upon Reboot as well as I've selected within the Root category to make it a System App as well as my then having Disabled ALL things that typically show on the screen (such as 9-1-1, camera, Etc). I had left it set to the default "Gesture" Unlock method, but whenever I bring up the App again and go into "Unlock Methods", it now immediately crashes each time (as well as upon Restarting the phone!). So this covers the majority of the most significant of the Settings that I've made on it so far to the best of my recollection. And I feel that if I could get some indications from the system as to what the specific errors may be when its crashing (or from a stack trace or whatever else), then it might help me to discern what specific Settings are creating the problem being that perhaps I just have an odd (rare) combination of Settings on it that I can tweak to get it working. My goal is to ultimately get a lockscreen App that I can use a Pattern type Unlock with that allows an UNLIMITED number of Failed Attempts (so that it won't ever Factory Reset my phone after the 10th or ANY number of failures!!!). I also--as mentioned above--don't want ANY shortcuts whatsoever being accessible BEFORE the phone is unlocked...not even 9-1-1. Anyway, so if there's a way to glean information from the Bugreport (or from whatever other methods available) to find the specific cause (involved errors) of this or any other App that's crashing that I do NOT have the source code for (being that I of course am not its developer) then it will be greatly appreciated to know how to best find this information. (And I promise that I've already searched extensively on Google but couldn't filter out its replies all being based on the idea that I'm the developer of the App that's crashing, with my even trying adding phrases such as "not my app" and "not the developer of" Etc to no avail...lol). Thanks.
By the way, if I shouldn't have combined the 'C Locker' Settings details into this post, then please just let me know because I'm new to posting here. Also, unfortunately, if I don't receive any help with this right away, then I'll be forced to start testing different Setting combinations anyway, which would then of course solve this problem but without knowing truly what exactly was causing the issue. Even if so, it will still be helpful in the long run with other potential App crashes to get the answer to this general question.
Unless not disabled by user, all runtime activities in Android are logged, so app crashes and their reason also. You can view this log by means of Android's logcat command-line tool or by means of a LogCat Viewer app. My POV: logcat is essential for determining what an app and the Android OS are doing while the app is running on a device.
BTW: Android's log can be filtered per package, too.
Thanks!
jwoegerbauer said:
Unless not disabled by user, all runtime activities in Android are logged, so app crashes and their reason also. You can view this log by means of Android's logcat command-line tool or by means of a LogCat Viewer app. My POV: logcat is essential for determining what an app and the Android OS are doing while the app is running on a device.
BTW: Android's log can be filtered per package, too.
Click to expand...
Click to collapse
Thank you, and since posting this, I've been learning more about Android Studio and have used it to actually see the stack trace within the "Android Monitor" pane there in order to find the instant reason why the/ANY (meaning 3rd party as well) App is crashing at the time! Thanks again for the help!

Trying to use Company Portal with Rooted, Not Encrypted V30 -- Please Help!

Hi,
Just joined a new company that requires Company Portal to access Outlook email and other apps on my phone.
Evidently even if you manage to hide root from Company Portal, a major requirement is having an encrypted device with Company Portal.
In order to get rooted 2 years ago, I ran Disable_Dm-Verity_ForceEncrypt during the TWRP setup process so my rooted V30 is not encrypted.
Is there any way to restore encryption now without losing my current stock rom settings and data and maintain root?
I see in LG Settings there is an option to Encrypt Phone and SD Card. Will this suffice so I can maintain root?
If not, is there a way to root and install a TWRP LG Pie Rom zip without disabling encryption via Disable_Dm-Verity_ForceEncrypt?
Or is it impossible to root and use Company Portal with the LG V30?
Thanks in advance!
Drew
drewcu said:
Hi,
Just joined a new company that requires Company Portal to access Outlook email and other apps on my phone.
Evidently even if you manage to hide root from Company Portal, a major requirement is having an encrypted device with Company Portal.
In order to get rooted 2 years ago, I ran Disable_Dm-Verity_ForceEncrypt during the TWRP setup process so my rooted V30 is not encrypted.
Is there any way to restore encryption now without losing my current stock rom settings and data and maintain root?
I see in LG Settings there is an option to Encrypt Phone and SD Card. Will this suffice so I can maintain root?
If not, is there a way to root and install a TWRP LG Pie Rom zip without disabling encryption via Disable_Dm-Verity_ForceEncrypt?
Or is it impossible to root and use Company Portal with the LG V30?
Thanks in advance!
Drew
Click to expand...
Click to collapse
My only solution to this problem was to always use webaccess for my Office365 account. They required the portal to use Outlook, and part of that requirement allowed them to wipe my phone whenever they wanted. It's my phone, so I guess I won't use their email on my phone.
Sounds like your company has yet another behind-the-times IT department (like mine). Although mine is also exceptionally incompetent. They left the IMAP server open and available to anyone, so I simply used that with my GMail account instead. It did require me to allow them admin access to the phone to wipe the device (though I think they can only wipe the email) but it worked. They finally got modern and are using 365 so now it doesn't need these extra things. You might want to see if you can wait until they wake up and/or see if there is a server you can connect to. I found mine because, due to their incompetence, they let iPhones use the native mail app via the IMAP server, but forced Android to use some garbage 3rd party software for it instead of GMail. In both cases, the IMAP server was easily seen and setup.
I also have a company phone, so I don't really care if they can wipe it. Again, if I was going to take data from them, I'd do it before I announced I was leaving like any reasonably-intelligent person... so wiping accomplishes nothing. But, again, these IT departments are really dumb and incompetent...
To answer your initial question, I don't know if there's a way to re-enable encryption... but I also don't think that this is something that they can detect anyway. I'm thinking it may be something else they're tripping over. You may consider installing Magisk, and then using it's HIDE feature to see if you can hide the typical "signs" of rooting/etc. It may be good enough to get you working. If it doesn't you simply remove Magisk again (or just stop using it)?
Thanks @ldeveraux and @schwinn8 for the replies!
I know we use Office 365 but I'll have to ask about web access to see if that is possible. It's my phone and supposedly it's "not required" that I install Company Portal/Outlook/Teams on my phone, but I would be the only one at the firm not doing that and I am a new hire so... kind of a bad look so soon. I am not really comfortable with them being able to wipe my phone either, but that wasn't mentioned to me... yet.
Also would have to ask about IMAP, but I doubt it. No company phones either which is fine.
Pretty sure it is the encryption (or lack thereof in my case) that is the issue. I already use Magisk v22 and Hide all signs of Company Portal and pass Safetynet. On another XDA thread where Company Portal is discussed, I followed the suggested steps to no avail:
1) Install Company Portal V5.0.5067.0
2) Magisk Hide ALL of Company Portal checkboxes
3) Reboot
4) Still pass SafetyNet
5) Launch Company Portal
While the app doesn't specify the encryption as to why it cannot get me to the login screen, that's the only conclusion I can reach at the moment.
Did either of you try or look into encryption built into the LG/Android Settings menu? I don't want to do that unless I know of someone with success with it, but am curious if that would allow root via Magisk Hide, encryption, and Company Portal.
Thanks!
Drew
No I stopped carrying when they wanted permission to wipe. If the company was paying for the phone, that's one thing. If I'm using my personal phone for company use, that doesn't fly.
I realize this doesn't answer your question at all, but it's food for thought!
ldeveraux said:
No I stopped carrying when they wanted permission to wipe. If the company was paying for the phone, that's one thing. If I'm using my personal phone for company use, that doesn't fly.
I realize this doesn't answer your question at all, but it's food for thought!
Click to expand...
Click to collapse
Carrying? Or did you mean caring?
drewcu said:
Carrying? Or did you mean caring?
Click to expand...
Click to collapse
Caring. I don't own a firearm.
ldeveraux said:
Caring. I don't own a firearm.
Click to expand...
Click to collapse
Lol got it. Just making sure I understood what you meant.
Assume you didn't look into the LG rom based encryption then?
drewcu said:
Lol got it. Just making sure I understood what you meant.
Assume you didn't look into the LG rom based encryption then?
Click to expand...
Click to collapse
No at that point I gave up
Hopefully you'll get some help here, because I'd still like to be able to actually use Outlook on my phone!
So, a quick search says that there are modules available and other things that need to be tried. One further thing is to hide root from various Google modules. I remember hearing that for some other apps... that you had to hide root from Google services. I also remember hearing that, in some cases, you have to clear data for apps after the hide, because they apparently save the rooted-status in their own data.
Basically, I doubt encryption is the issue... root is usually the problem and can be a bit tricky to hide properly. You just have to try things. I have never seen any app fail to work because encryption is not available... it's always a root-detection issue.
As for the IMAP thing, the point there is to use the settings you find elsewhere to access email. You're not asking IT for permission or info... you just need to find it. Most Microsoft-based IT places I have worked with have zero clue that this is open and offered, so once you find it it's just a matter of plugging in the right info.
As for the web-interface, again, my company (for example) doesn't tell us that we can use the Outlook app, but it works with no tricks whatsoever. Plug in your company account info and it figures out how to connect.
FYI, the module I mentioned above is referenced here: https://forum.xda-developers.com/t/...ne-company-portal-hider-intune-hider.3780451/ - no idea if this is necessary or even the latest version...
schwinn8 said:
So, a quick search says that there are modules available and other things that need to be tried. One further thing is to hide root from various Google modules. I remember hearing that for some other apps... that you had to hide root from Google services. I also remember hearing that, in some cases, you have to clear data for apps after the hide, because they apparently save the rooted-status in their own data.
Basically, I doubt encryption is the issue... root is usually the problem and can be a bit tricky to hide properly. You just have to try things. I have never seen any app fail to work because encryption is not available... it's always a root-detection issue.
As for the IMAP thing, the point there is to use the settings you find elsewhere to access email. You're not asking IT for permission or info... you just need to find it. Most Microsoft-based IT places I have worked with have zero clue that this is open and offered, so once you find it it's just a matter of plugging in the right info.
As for the web-interface, again, my company (for example) doesn't tell us that we can use the Outlook app, but it works with no tricks whatsoever. Plug in your company account info and it figures out how to connect.
FYI, the module I mentioned above is referenced here: https://forum.xda-developers.com/t/...ne-company-portal-hider-intune-hider.3780451/ - no idea if this is necessary or even the latest version...
Click to expand...
Click to collapse
Thanks for the suggestions! I actually have tried different modules without success both for EdXposed (Security Bypass for Company Portal with CP version 5.0.3013.0 and Bypass Exchange Policies). The closest I got was with CP 5.0.3013.0 where I could enter my credentials but then wasn't able to agree to the Terms and Conditions which is a prerequisite and got denied. The module you linked is no longer needed if using Magisk v22 with Magisk Hide according to people in the thread.
Have also tried the Outlook app, Outlook web access, Gmail, IMAP, POP3 -- all smartly locked down tight for compliance reasons by our IT. Just says to enroll with Company Portal after entering credentials.
Pretty sure the Magisk Hide route would work with V5.0.5067.0 if my device was encrypted. Company Portal checks whether your device is encrypted supposedly, so either you have to actually be encrypted or find a way around that. I am willing to be encrypted if I can still be rooted...
Not sure where to go from here to get it working without an encrypted device... but thanks for the post.
As I recall, Xposed is not really working or functional these days. The module I linked to is a Magisk module. Did you follow those directions, because it sounds like you didn't.
It sounds like you don't want to believe me... that's fine. I believe the answers are out there and it's just a root issue. You probably just need to do more reading and searching. I'm going to give up since you don't seem to want to hear it from me, so good luck...
If you find a solution, do let people know on this thread so the matter can be closed/completed.
I remember the other reason I stopped trying to use the Company Portal. They need permission to wipe my phone, which obviously I'm not cool with. Whenever I disable the Company Portal, mail stops working. That's reason enough!
schwinn8 said:
As I recall, Xposed is not really working or functional these days. The module I linked to is a Magisk module. Did you follow those directions, because it sounds like you didn't.
It sounds like you don't want to believe me... that's fine. I believe the answers are out there and it's just a root issue. You probably just need to do more reading and searching. I'm going to give up since you don't seem to want to hear it from me, so good luck...
If you find a solution, do let people know on this thread so the matter can be closed/completed.
Click to expand...
Click to collapse
Yes I am aware that the module you linked is for Magisk. If you go to the OP, all the text is struck through because the module is no longer necessary as I stated previously.
[MODULE] Microsoft Intune Company Portal Hider (Intune Hider)
Introduction: Simple Module To Hide The Root From Microsoft Intune Company Portal. - After The Installation & 1st Reboot, It Hides The Rooting & Disables Itself [P.S. Disabling Itself For Some Versions] - Enabling This Module From Magisk Manager...
forum.xda-developers.com
kb8no said:
It is easy to be confused. The "module" from the OP was needed before but is now obsolete since Magisk has gained the necessary functionality alone without the "module". There is no "module" in Magisk. Now go back and read the past posts over 2 months. First you hide Magisk so it passes safety net. Then you go into superuser MagiskHide, go into the app (eg Portal) and check everything. You need to understand that they updated Portal so you need to downgrade it so Portal will work again. You need to understand to use latest Magisk and Magisk changed. Not surprising you are confused. Now perhaps you have figured out the basics and the details will make sense.
Click to expand...
Click to collapse
So I followed the steps on page 23 of that thread using Intune Company Portal V5.0.5067.0:
[MODULE] Microsoft Intune Company Portal Hider (Intune Hider)
Introduction: Simple Module To Hide The Root From Microsoft Intune Company Portal. - After The Installation & 1st Reboot, It Hides The Rooting & Disables Itself [P.S. Disabling Itself For Some Versions] - Enabling This Module From Magisk Manager...
forum.xda-developers.com
IlyaKol said:
Good call on the GitHub ticket.
For anyone reading, this is the process I followed:
1) Uninstall the existing Intune Company Portal
2) Reboot
3) Install the APK listed above or from another source (I used APK Pure). DO NOT LAUNCH INTUNE!
4) Before launching, go into Magisk and make sure to hide ALL of it as well as all of Outlook, OneNote, OneDrive, Teams, etc. (whatever uses your company credentails)
5) Launch InTune and set it up.
6) Disable auto-updates of the app as he stated in Google Play Store.
7) Profit.
Click to expand...
Click to collapse
The result is I am still stuck on the "Open the Intune App" screen... No other error messages related to rooting, but cannot even get to log in or download Outlook or Teams. Have tried downloading the Intune App from the Play Store and that tells me to open Company Portal... so going in circles... I'm told I need to only use Company Portal from our IT firm.
I went through the same Magisk module thread and found others talking about not having encryption, and they are in the same position as I am -- following the steps or using the Magisk module (before Magisk v22) and still not getting CP to work.
Thus I am 99.9% sure I cannot use CP because I don't have encryption. You don't have to believe me, but I have tried everything I can think of save for using LG's Encrypt Phone feature... Would do it if I got confirmation I could stay rooted, not lose my data/settings, and then use Company Portal.
But yes, I absolutely would post the solution here if I find it!
Thanks anyway.
I'm rooted and have long had corporate email (two different companies) on a paid app called "Nine". First company was Fortune 100 global media company, and 2nd (past 3 years) is smaller but still has aggressive IT policies. Neither paid for my phone. I specifically remember with the first having to agree they could wipe the phone if it was lost -- but I think due to me being rooted they wouldn't be able to.
Nine - Email & Calendar - Apps on Google Play
Nine is a full-fledged and intuitive email app which supports Exchange and IMAP
play.google.com
ChazzMatt said:
I'm rooted and have long had corporate email (two different companies) on a paid app called "Nine". First company was Fortune 100 global media company, and 2nd (past 3 years) is smaller but still has aggressive IT policies. Neither paid for my phone. I specifically remember with the first having to agree they could wipe the phone if it was lost -- but I think due to me being rooted they wouldn't be able to.
Nine - Email & Calendar - Apps on Google Play
Nine is a full-fledged and intuitive email app which supports Exchange and IMAP
play.google.com
Click to expand...
Click to collapse
Just tried Nine and it also tells me after entering my credentials that I need to use Company Portal (just like Outlook and Web Access).
Do these two companies you worked for use Intune Company Portal to manage policies?
drewcu said:
Just tried Nine and it also tells me after entering my credentials that I need to use Company Portal (just like Outlook and Web Access).
Do these two companies you worked for use Intune Company Portal to manage policies?
Click to expand...
Click to collapse
I just installed portal and outlook, added both as admin or whatever it's called, and have a fully functioning inbox. I don't know if I'll leave it like this for the reasons I mentioned, but it works. I have the latest twrp, latest magisk, and adguard installed. I have no clue if I'm encrypted or not, how would I check? But I was trying to use the older version of Portal and it kept looping, so I installed the latest from the play store and we're up and running.
@ChazzMatt do you really think they can't wipe if they so desire? How could we confirm that? I surely don't want to give them that ability considering if you disable their permissions it stops working completely.
ldeveraux said:
I just installed portal and outlook, added both as admin or whatever it's called, and have a fully functioning inbox. I don't know if I'll leave it like this for the reasons I mentioned, but it works. I have the latest twrp, latest magisk, and adguard installed. I have no clue if I'm encrypted or not, how would I check? But I was trying to use the older version of Portal and it kept looping, so I installed the latest from the play store and we're up and running.
@ChazzMatt do you really think they can't wipe if they so desire? How could we confirm that? I surely don't want to give them that ability considering if you disable their permissions it stops working completely.
Click to expand...
Click to collapse
For Nine I only needed the email server name.
For the previous Fortune 100 company I worked for, it was almost 4 years ago so I don't remember all the details but I remember granting them the privilege but I don't remember adding them as an admin.
ldeveraux said:
I just installed portal and outlook, added both as admin or whatever it's called, and have a fully functioning inbox. I don't know if I'll leave it like this for the reasons I mentioned, but it works. I have the latest twrp, latest magisk, and adguard installed. I have no clue if I'm encrypted or not, how would I check? But I was trying to use the older version of Portal and it kept looping, so I installed the latest from the play store and we're up and running.
@ChazzMatt do you really think they can't wipe if they so desire? How could we confirm that? I surely don't want to give them that ability considering if you disable their permissions it stops working completely.
Click to expand...
Click to collapse
Company Portal didn't used to work for you, correct? What changed? Can you please list your steps this time?
I think to check encryption you use Termux and enter 'getprop ro.crypto.state' -- mine says unencrypted.
One other question is what version of Twrp are you using? I'm using one from 2 years ago -- 3.2.3 and never wanted to bother with the Pie one 3.3 or whatever is latest... Might have something to do with it...

Categories

Resources