After the recent article on apps that are sharing our personal information, it occurred to me that this should be an easy problem to fix. All we need is a good personal firewall app. Heck, iptables would be a great start, but it can be hard to implement that on an app by app basis. It will be hard to set up for apps that have legitimate needs to connect over port 80 for legitimate needs, but also uses that same port for less than legitimate needs. So I guess it will also take some blacklisting of certain servers, perhaps along the lines of the ad blockers apps that modify the hosts file.
Or does such an app already exist?
Skip
Here you go:
http://www.appbrain.com/app/droidwall-android-firewall/com.googlecode.droidwall.free
MrGibbage said:
After the recent article on apps that are sharing our personal information, it occurred to me that this should be an easy problem to fix. All we need is a good personal firewall app. Heck, iptables would be a great start, but it can be hard to implement that on an app by app basis. It will be hard to set up for apps that have legitimate needs to connect over port 80 for legitimate needs, but also uses that same port for less than legitimate needs. So I guess it will also take some blacklisting of certain servers, perhaps along the lines of the ad blockers apps that modify the hosts file.
Or does such an app already exist?
Skip
Click to expand...
Click to collapse
1. There's already a couple adblock apps like Adfree which block a lot of stuff.
2. If you read the permissions for the apps you CHOOSE to download, then you'll know exactly what access to data they'll have. If you don't like that PaperToss wants access to your device ID, then just don't install PaperToss.
And of course, such an app would undoubtedly cause more issues than the perception of "security" it would provide, since you'd probably not be able to use half the apps anymore. Or they'd stop being ad-supported, and would begin to charge instead.
From the article:
Google requires Android apps to notify users, before they download the app, of the data sources the app intends to access. Possible sources include the phone's camera, memory, contact list, and more than 100 others. If users don't like what a particular app wants to access, they can choose not to install the app, Google says.
Click to expand...
Click to collapse
Just read the app permissions. That tells you almost everything you need to know.
The problem is, the app permissions don't tell you what you need to know. Here are the permissions for Paper Toss by Backflip Studios:
Your Location (coarse network-based location)
Network communication-full internet access
Phone Calls - read phone state
While the Location permission would be suspect, and would cause me to question whether or not I should download this app, the other two permissions are not so immediately obvious that they are "bad". Network communications is a permission needed by every app that has in-game ads such as AdMob. And I don't know why this app needs the Phone Calls permission, but almost every single app in the market uses that permission. At least it isn't asking for access to the address book or anything like that.
What I would like is for the app to tell us what it needs internet access for, and to tell us what information it is sending to third parties.
MrGibbage said:
The problem is, the app permissions don't tell you what you need to know. Here are the permissions for Paper Toss by Backflip Studios:
Your Location (coarse network-based location)
Network communication-full internet access
Phone Calls - read phone state
While the Location permission would be suspect, and would cause me to question whether or not I should download this app, the other two permissions are not so immediately obvious that they are "bad". Network communications is a permission needed by every app that has in-game ads such as AdMob. And I don't know why this app needs the Phone Calls permission, but almost every single app in the market uses that permission. At least it isn't asking for access to the address book or anything like that.
What I would like is for the app to tell us what it needs internet access for, and to tell us what information it is sending to third parties.
Click to expand...
Click to collapse
Maybe to detect a phone call and pause the game.
Sent from my SGH-T959 using XDA App
MrGibbage said:
The problem is, the app permissions don't tell you what you need to know. Here are the permissions for Paper Toss by Backflip Studios:
Your Location (coarse network-based location)
Network communication-full internet access
Phone Calls - read phone state
While the Location permission would be suspect, and would cause me to question whether or not I should download this app, the other two permissions are not so immediately obvious that they are "bad". Network communications is a permission needed by every app that has in-game ads such as AdMob. And I don't know why this app needs the Phone Calls permission, but almost every single app in the market uses that permission. At least it isn't asking for access to the address book or anything like that.
What I would like is for the app to tell us what it needs internet access for, and to tell us what information it is sending to third parties.
Click to expand...
Click to collapse
All free apps will collect some information .... so they know what ads to aim your way ..... so they can make money ... Every one does this .... on your computer its the same as your cookies .... and only the really paranoid will set their browser cookies settings to "ultimate :block all cookies "...
Here's the difference, android openness will allow others to research and publish their findings, un like others that are closed and will not allow research, and if anyway is found to get the research. done the publication will be deleted from the web ......
The openness is why you see soooooo many articles on this issue over n over, none of them mentioning that the paid versions of these apps don't collect any thing .....
How much personal information are you planning on storing in the paper toss game?
Consider this in your answer, android system runs apps in sand box mode meaning, one app cannot access another without YOUR permission, or if an app is infected with malware, that malware will only operate in that app, unlike your windows machine where it would have a free for all .....
ferhanmm said:
Maybe to detect a phone call and pause the game.
Sent from my SGH-T959 using XDA App
Click to expand...
Click to collapse
That's my point. That would be a legitimate need for access to the phone state. However, granting that permission also gives the app permission to make phone phone calls. I still think the apps need to be more specific about the permissions they need.
The bottom line is, these phones are great, they can run all kinds of awesome software, but the people writing the software need to make a living too. If someone really wants to prevent their phone from sending out personal information, then they should not install any software, and maybe shouldn't even be using the phone at all. But I still see a need for a firewall app (possibly DroidWall, as mentioned above) to help us prevent this type of thing from happening.
A permissions firewall would be much more interesting and useful in my opinion.
Being able to block a certain thing like "read contact data" for all apps and only permit access with a white list would be very useful to me.
Hello,
I was wondering if someone could point me in the right direction for a Bluetooth Networking Project I'd like to do.
The ultimate goal:
- Having some sort of bluetooth app with root privileges, which, when walking past someone, would allow some sort of passive communication without the users authorisation nor involvement.
This is similar to the idea on the 3DS called "SpotPass":
(I would have posted the link, but I'm not allowed to)
I do not have much experience on the subject, but suppose it would involve having root permissions to access the bluetooth module, being able to broadcast a message (to other users of this application).
I'm not sure if this might involve creating a completely different driver.
The reason is actually to create a short-distanced-passive-communication application useful for getting short messages or announcements across, with the low power consumption of bluetooth (vs wifi).
If this kind of communication if not possible, could someone please explain why, or at least give me some sort of link with the reason.
Thanks in advance
Hi everyone! First of all sorry for my english, second, I'm here because I've a big problem.
I need to lend some tablets to some friends for testing an app. The problem is that I don't complete trust in them (or they are too smart or they aren't very familiar with digital products), so I'm afraid that they can make some trouble voluntarily or not.
I'm searching for something that can block the access to determinate applications of the tablet (for example: phone, settings or other installed apps) and the install of new app. Something like a limited user of the tablet, that allowed you to running only some default apps.
I've tried to test some apps that allow you to open the app just by entering a code or a sequence, but they aren't very safe. I always find a way to bypass them. Moreover this type of application don't block the install of new app.
Do you have any solution? What can I do to create this sort of "Limited User"?
Thanks to everyone
You could try the app called "SwitchMe". It should be able to help.
Hi,
I am a student in computer programming and I am looking to self-learn advanced android development by making an android app for my personal use. I was thinking about making an application that would require a Client/Server model that would let me browse/playback my music that sits on my PC from my android device. Something similar to the Audiogalaxy application where I would stream the data from my PC to my device.
Knowing that I know how to make an Android app, I would like to know what would be the best technology to use. I would like to be able to access my library from Internet or via Wifi. I have done some search and found out that using Zend Framework as the server and using JSON-RPC as the client could be one of the way to go, but I haven't found all the informations that would convince me to go with that idea.
I would like to know your opinion/feedback on the technology or where I should start looking to make this happen.
Thanks!
have a good day!
* Please move this topic to the correct sub-forum if I haven't done it correctly.
Hey guys, I've been seeking an alternate of Network Log (you can find it on Google Play Store) for quite a while but with no luck, so come out to ask if anyone knows one suitable for me .
I have to say Network Log is almost worthy for purchasing (although it is not a paid app), considering the job it's done in categorizing by protocols, by apps, displaying packets by size and time, graphing as a timeline, and that made it an excellent choice for analyzing apps consuming data and draining battery, but unfortunately the app owner doesn't respond to bug summit or emails.
The thing is, Network Log no longer works after Android 6.0, while others in the market relies on system-built-in VPN function to capture data, which is not suitbale for people like me in China using proxies to reach out to world .
So if anyone knows apps that can capture packets (not necessarily able to decrypt contents) and display by apps, just to make it easy to let me see the amounts and frequency Android apps uses the Internet, I‘ll be thankful that you recommend them to me (again it cannot be using Android VPN function since Shadowsocks is already using VPN, so I think the app maybe require root permission but I'm OK)
check...
will somebody know that???