What will be impact of Google Contact API deprecation? - Android Q&A, Help & Troubleshooting

According to Google, Contact API will be deprecated on June 15, 2021. Developers should use "People API" (published in 2016).
I am trying to understand what will be impact of this change on old Android phones (Android 4.4 and below).
Does it mean that these devices will not be able to sync contacts with Google account?

Related

[Q] EXRULE support in Android Calendar?

A question came up elsewhere about having a recurring meeting every first Monday of the month except not on Jan 1st or July 4th. In ICS format it would be like this:
Code:
BEGIN:VCALENDAR
BEGIN:VEVENT
DTSTART;VALUE=DATE:20130603
RRULE:FREQ=MONTHLY;INTERVAL=1;BYDAY=1MO
EXRULE:FREQ=MONTHLY;BYMONTHDAY=1;BYMONTH=1
EXRULE:FREQ=MONTHLY;BYMONTHDAY=4;BYMONTH=7
DESCRIPTION:
LOCATION:
SEQUENCE:0
STATUS:CONFIRMED
SUMMARY:Event first Monday of every month, except Jan 1st or Jul 4th.
TRANSP:TRANSPARENT
END:VEVENT
END:VCALENDAR
Now, importing this to Google Calendar works and it seems to skip correctly on July 4th 2016 and January 1st 2018. Only problem is, it doesn't show up in my Galaxy Nexus at all. Somewhat differently if I import this to Outlook and sync via Google's email app, I get the meeting in Outlook and phone but it doesn't skip.
So is the unfortunate conclusion then that EXRULE is currently not supported in the Android Calendar app? Any suggestions for apps that can handle this?

A question about legality of AOSP derived phone with no Google services

Hi all,
One of my friends (an ardent iOS fan) claimed while arguing a few days back to me that "You can't make a phone with AOSP (pure Open source part of Android) which has Yahoo Mail as the default mail app, Bing as the default search engine and Google maps as the default maps app. That would be illegal! ". This was his exact condition. I want to know whether his claim was true. I know there is a full replacement suite of Google play services in active development (called Replicant) - but even if they wanted (including MS and Yahoo ready to provide necessary support), could they do it? What terms and conditions would prevent them from doing it if they had required money and time to implement - given the requirement above?
I believe Nokia has already done that with Nokia x
Sent from my Nexus 4 using Tapatalk

Monitoring of Google Fit API Calls on Android Devices

Hey guys,
I am interested in monitoring Google Fit API calls on Android devices. In particular, I would like to inspect reading and writing data to the Google Fitness Store. For that, I need to monitor 3 APIs: Recording API, History API and Session API.
However, I don't exactly know how to do it.
Do you think it can be done using Xprivacy (or even Xposed modules)?
Thanks!

Native CalDAV/CardDAV support?

Lately I have been wondering why Android still does not have native support for CalDAV & CardDAV, when both have been the de-facto open standard for contacts and calendar sync for years. Is there no native support because Google wants it to make it more difficult to use alternatives to their services? (In my case: NextCloud/ownCloud, which I can add right away even to an old Iphone, but still do not work with android out of the box without something like DAVDroid) Or are there plans to integrate it into future versions?
What's the problem with installing an app? Android has a native API for contacts and calendars, so I guess they can't be accused of making it "difficult". They probably just don't want to make it "too easy".
One could also ask why 99,9% of app developers don't support APK distribution but require users to use GApps & Play Store …
xv22gk said:
What's the problem with installing an app? …
Click to expand...
Click to collapse
Which is not answering my question whether it is planned to have native support for CalDAV/CardDAV.
CardDAV / CalDAV are open standards for data exchange just like IMAP, NTP, SMTP and so on. It would be only natural for android to support them

PSA: K-9 Mail is (AFAIK) the ONLY 3rd-party MUA on Android working after May 30th, 2022 by using OAuth2 over the web (& not 2FA/2SV or andOTP/FreeOTP)

Update on 3rd-party MUAs (e.g., K-9 Mail) using OAuth2 on Android after May30th, 2022... which we have been searching for since early March of this year when Google notified us of the demise of the venerable login/password credentials.
PSA: K-9 Mail is (AFAIK) the ONLY 3rd-party MUA on Android working after May 30th, 2022 by using OAuth2 over the web (and not andOTP/FreeOTP or app passwords, etc., all of which require 2FA/2SV/MFA/MSV which results in a loss of privacy!)​
1. I am a typical Android user who was badly affected on May 30th 2022, when Google unilaterally stopped supporting login/password authentication for 3rd party Android mail user agents (MUAs).
2. Since then, I've been desperately looking for a 3rd-party MUA which can log into a Google account WITHOUT 2FA/2SV/MFA/MSV and without creating a mothership tracking account on the phone.
3. Google (seemingly) allows MANY ways to authenticate a MUA onto the Google email servers; but all but one method (AFAIK) requires a "second something" (which is often referred to as 2FA/2SV/MFA/MSV) - which trades privacy for security.
4. The one method of authentication that doesn't require 2FA/2SV/MFA/MSV is OAUth2 (which itself is inherently insecure, but the problems with OAUth2 are not the point of this thread).
5. I have a Google email account, like many others... simply because it's the best free email account that I can find.
6. However, I am one of those Android users who cares a lot about privacy (where privacy is a thousand things, much like health and hygiene is a thousand little things - where people who care about privacy never just give up - just like people who care about hygiene never just give up - but they understand that many others do just give up, and that's OK.
7. One of those privacy little things is I don't have a Google Mothership Tracking Account on my unrooted Android phones, and I never will.
8. Hence, I could never use the Android Google GMail app to log into my Google email account because it CREATES that mothership tracking account.
9. Another of those privacy little things is I don't use 2FA (aka 2SV/MSV/MFA, etc.) which trades privacy for security since a "second something" is always needed in your hands (e.g., freeOTP, andOTP, etc.).
10. Some MUAs (such as Thunderbird on the PC) use OAuth2 over the web, but until this week (AFAIK), there were ZERO 3rd-party MUAs on Android which authorized Google email using OAuth2 over the web (mainly because Google apparently requires an annual security audit costing thousands of dollars for anyone who does).
11. Therefore, AFAIK, every third-party MUA stopped working with login/password on May 30th, 2022, where some of them (e.g., Fair Mail) were forced to switch to some other authentication mechanism, one of which was to authorize via OAuth2 using a Google Mothership Tracking Account (which the app would CREATE for you, whether you wanted it to do so or not). Just like the GMail app does.
12. Apparently, as of this week, the developers of K-9 Mail (teamed up with the resources of Thunderbird), are the first free 3rd-party MUAs on Android that allow OAUth2 authentication over the web with Google email accounts.
13. Last week OAuth2 was added to K-9 Mail for the first time (version 6.200), but it CREATED a Google Mothership Tracking Account in order to authenticate with the Google email servers.
14. This week, I was advised that the K-9 Mail version 6.201 was updated to perform that all important OAuth2 over the web. I tested it just now. It works. Note the K-9 team probably have resources that most Android developers lack now that they've teamed up with the Mozilla Thunderbird folks.
15. This is a PSA, and, a question of whether you know of any other 3rd-party Android MUA which can authorize OAUth2 with Google email servers over the web (WITHOUT creating a Google Mothership Tracking Account on Android).
Disclaimer: I am just a user; I am NOT affiliated in any way with anything.
Spoiler: Where to get the version 6.201 K-9 APK
*K-9 Home Page*
<https://k9mail.app/>
<https://k9mail.app/download>
*Google Play Store* (via the FOSS Aurora Store GPS client)
<https://play.google.com/store/apps/details?id=com.fsck.k9>
Name: com.fsck.k9.apk
Size: 8103422 bytes (7913 KiB)
SHA256: 46F071F989C6A138C2B8835D7FCDFA902AE1697B6B3C1C16581EE34B42E51CC3
*SourceForge*
<https://sourceforge.net/projects/k-9-mail.mirror/>
<https://sourceforge.net/projects/k-9-mail.mirror/files/latest/download>
<https://downloads.sourceforge.net/project/k-9-mail.mirror/6.200/k9-6.200.apk>
<https://master.dl.sourceforge.net/project/k-9-mail.mirror/6.200/k9-6.200.apk>
Name: k9-6.200.apk
Size: 8098357 bytes (7908 KiB)
SHA256: 3D8275705E00C159CD1AE473164B403EDF2A2D24E97D9F34D50FDA0677F8B398
*GitHub*
<https://github.com/thundernest/k-9>
<https://github.com/thundernest/k-9/releases>
<https://github.com/thundernest/k-9/releases/download/6.201/k9-6.201.apk>
Name: k9-6.201.apk
Size: 8103232 bytes (7913 KiB)
SHA256: 53F6678B9CF065B2413A53F70BFBF56E2C9C42454DA1A4F37AEC6AD60AB9D53A
*F-Droid*
<https://f-droid.org/packages/com.fsck.k9/>
<https://f-droid.org/en/packages/com.fsck.k9/>
<https://f-droid.org/repo/com.fsck.k9_32001.apk>
Name: com.fsck.k9_32001.apk
Size: 8102284 bytes (7912 KiB)
SHA256: 53637CC7DCF5B4F16EB167F91797DE06D07E00B30FDDBCAC0AA6CBC79122A42D
In summary, as far as I know, K-9 Mail is the ONLY 3rd-party Android MUA that can connect to Google mail servers after May 30th, 2022 without 2FA/2SV.
And what's your experience with the native Samsung E-Mail app?
Until recently, I assumed that account authorization was done by the Samsung server, not Google. However, last year I got a shock when it turned out that Samsung was being queried by Google about my age, because there was a mismatch between the settings in my Google account and my Samsung account.
Without explaining exactly what the issue was, Samsung sent me reminders that it would remove my access to its account if I didn't correct it. After my repeated interventions, Samsung finally realized its mistake, but did not apologize.
ze7zez said:
And what's your experience with the native Samsung E-Mail app?
Click to expand...
Click to collapse
Thanks for that question, but, unfortunately, I don't have a Samsung Mothership Tracking Account for the same reasons I don't have a Google Mothership Tracking Account on any of my phones (unfortunately, I also own iOS devices which not only REQUIRE Apple mothership tracking accounts just to download software but if you set up 2FA, it's PERMANENT (as in forever!)).
In addition, one of the first things I did when I got my phone was wipe out (or disable) every app I didn't want (e.g., I replaced Chrome with Ungoogled Chromium, and I replaced YouTube with NewPipe, and I replaced the Google Play Store with the Aurora Store & Aurora Droid, and I replaced Google Search with DuckDuckGo Search, and I replaced the default Samsung launcher with Nova free, etc.).
I just ran a search for "Samsung" in my app drawer app and there's nothing that isn't either deleted or disabled. (Of course, when I search for "samsung" in my MuntashirAkon App Manager, it finds a lot of apps with names such as "com.samsung.android.whatever", but I don't have the Samsung Mail app you are speaking about. However, if it accesses the Google Mail servers, I suspect it would be subject to the same rules that Google foisted upon all 3rd-party MUAs.
Spoiler: These are Google & Thundernest/K-9 references on this topic
*Less secure apps & your Google Account*
<https://support.google.com/accounts/answer/6010255?hl=en>
Here is the official Google announcement (afaik).
<https://support.google.com/accounts/answer/6010255>
Google says you can use app passwords here.
<https://support.google.com/accounts/answer/6010255>
And here is Google help on "signing in with app passwords".
<https://support.google.com/accounts/answer/185833>
*K-9 Mail (future Thunderbird for Android) adds OAuth 2.0 support*
<https://www.ghacks.net/2022/07/08/k-9-mail-future-thunderbird-for-android-adds-oauth-2-0-support/>
*Add OAuth 2.0 configuration for Office 365 / Outlook #6094*
<https://github.com/thundernest/k-9/pull/6094>
NOTE: AFAIK
Thundernest belongs to Thunderbird.
K9 moved their repo there I assume.
Thunderbird is not Mozilla any more.
Eran Hammer:
*OAuth 2.0 leader resigns, says OAuth2 standard is 'bad'*
<https://www.cnet.com/tech/services-and-software/oauth-2-0-leader-resigns-says-standard-is-bad/>
"The standard grew too far away from its roots as a simple Web
authentication technology, author Eran Hammer-Lahav says,
and now is insecure and overly broad."
*Eran Hammer's last conference on why OAUth2 is "Death by a million cuts"*
<https://hustoknow.blogspot.com/2012/12/oauth2-road-to-hell.html>
*Thunderbird & GMail*
<https://support.mozilla.org/en-US/kb/thunderbird-and-gmail>
Since some people may be confused, Google equates 2SV with 2FA:
<https://support.google.com/accounts/answer/185839>
"With 2-Step Verification (also known as two-factor authentication),
you add an extra layer of security to your account in case your
password is stolen. After you set up 2-Step Verification,
you'll sign in to your account in two steps using:
1. Something you know, like your password
2. Something you have, like your phone"
Note that Apple's 2FA/2SV is PERMANENT!
*Apple 2FA Case Dismissed by California Federal Court*
<https://securitycurrent.com/no-good-deed-apple-2fa-case-dismissed-by-california-federal-court/>
Here's a list I came up with searching for a list of what our choices might be.
1. OAuth2 (usually using an on-device Google Account), or
2. Autoforward Google mail to a non-Google account, or,
3. 2FA/2SV/MSV/MFA via a variety of authenticators, such as...
a. app passwords
b. Some kind of "2FA/2SV/MSV/MFA authenticator" app, such as...
FreeOTP Authenticator, Google Authenticator, Authy, FreeOTP+, etc.
c. USB tokens
d. Time-based one-time passwords (TOTP)
e. SMS 2FA
f. Use the phone's built-in security key
g. Use a physical "security key"
h. Get a one-time security code from another device
i. Enter one of your 8-digit backup codes
j. Sign in using QR codes
k. Set up a "trusted computer" for sign in
l. Sign in with "google prompts"
Any others?
*Email client K-9 Mail will become Thunderbird for Android*
<https://arstechnica.com/gadgets/2022/06/email-client-k-9-mail-will-become-thunderbird-for-android/>
*Frequently Asked Questions: Thunderbird Mobile and K-9 Mail*
<https://blog.thunderbird.net/2022/06/faq-thunderbird-mobile-and-k-9-mail/>
*Revealed: Our Plans For Thunderbird On Android*
<https://blog.thunderbird.net/2022/06/revealed-thunderbird-on-android-plans-k9/>
*K-9 Mail (future Thunderbird for Android) adds OAuth 2.0 support*
<https://www.ghacks.net/2022/07/08/k-9-mail-future-thunderbird-for-android-adds-oauth-2-0-support/>
*The OAuth 2.0 Authorization Framework*
<https://datatracker.ietf.org/doc/html/rfc6749>
App Manager blocks XDA App by default, even though logging into XDA calls up the web browser to log in through it. So it's not the best on the planet. Yes, I disconnected everything for it, then it stopped clinging to the XDA App.
ze7zez said:
App Manager blocks XDA App by default, even though logging into XDA calls up the web browser to log in through it.
Click to expand...
Click to collapse
We should take that issue up privately (or in another thread) as it's off topic here, but what I want to say for the topic is that, today, I just found out from the developer of the Fair Mail app that the K-9 development team worked with him to add the same web-OAuth2 libraries as they were using to enable Fair Mail to ALSO authenticate GMail via web-OAUth2.
This means for both Fair Mail and for K-9 Mail...
a. No mothership tracking account is necessary as of this week!
b. No app passwords (which requires 2FA/2SV) are needed!
c. That means we don't have to trade privacy for security!
This is great news for those of us whose 3rd-party MUA died on May 30th 2022 because Google prioritized security over privacy.
Spoiler: Where to get MUAs that use web OAUth2 with Google email accounts
Given trading privacy for security is a bad bargain for most of us., it's great to know this week there are now at least two 3rd-party MUAs to recover from Google May 30th 2022 unilateral loss of privacy (due to deprecation of login/passwords)...
1. Fair Mail
2. K-9 Mail
Today I was notified by the developer of Fair Mail that the developer of K-9 Mail worked with him so that _both_ of them now authorize OAuth2 over the web on Android (much like TB does on the PC).
Apparently Google loosened the annual audit requirement, but I'm not wholly sure what changed in the interim between last week & this week's changes.
To be sure, there are a huge number of issues still outstanding (e.g.,
Google is limiting their token counts to such a low number as to be anti competitive, which is affecting Fair Mail far more than K-9 Mail due to the huge number of Google email users on Fair Mail compared to K-9 Mail), but the PSA here is that Google "apparently" loosened the annual security audit requirements for MUA developers so that Android can again authorize Google email accounts WITHOUT creating a mothership tracking account on the device.
This means that you don't need a mothership tracking account for OAuth2.
And it means that you don't need "app passwords" (which requires 2SV/2FA).
Best to get the 3rd-party MUAs from GitHub due to F-droid lagging behind.
*K-9 Mail* by K-9 Dog Walkers
Free, ad free, rated 3.1 stars, 96.3K reviews, 5M+ Downloads
<https://play.google.com/store/apps/details?id=com.fsck.k9>
Name: com.fsck.k9.apk
Size: 8103422 bytes (7913 KiB)
SHA256: 46F071F989C6A138C2B8835D7FCDFA902AE1697B6B3C1C16581EE34B42E51CC3
*GitHub*
<https://github.com/thundernest/k-9>
<https://github.com/thundernest/k-9/releases>
<https://github.com/thundernest/k-9/releases/download/6.201/k9-6.201.apk>
Name: k9-6.201.apk
Size: 8103232 bytes (7913 KiB)
SHA256: 53F6678B9CF065B2413A53F70BFBF56E2C9C42454DA1A4F37AEC6AD60AB9D53A
*Fair Mail* by Faircode.eu
<https://email.faircode.eu/>
<https://github.com/M66B/FairEmail>
<https://github.com/M66B/FairEmail/releases>
<https://github.com/M66B/FairEmail/releases/download/1.1940/FairEmail-v1.1940a-github-release.apk>
Name: FairEmail-v1.1940a-github-release.apk
Size: 26750634 bytes (25 MiB)
SHA256: DF1B41DD912B90F8F3B57E014C1EDA436FF0D0C89232E007E6DCDBB8B6800E6D
See also:
<https://github.com/M66B/FairEmail/blob/master/FAQ.md#user-content-faq173>
<https://github.com/M66B/FairEmail/blob/master/FAQ.md#user-content-faq147>
<https://github.com/M66B/FairEmail/blob/master/FAQ.md#user-content-faq111>

Categories

Resources