Related
http://www.tgdaily.com/security-brief/50862-as-many-as-4-million-people-downloaded-data-stealing-android-app
Mike Luttrell | Thu 29th Jul 2010, 08:30 am
A seemingly innocuous Android app that let users change their phone's wallpaper has actually been stealing private user information and may have been downloaded millions of times.
Users should be concerned if they downloaded an app from "Jackeey Wallpaper." While it does perform the functions described in the app download page, it also ends up taking the phone's Internet browser history, mobile phone number, every single text message, and voicemail password. That information is then sent to a website based in Shenzhen, China.
Click to expand...
Click to collapse
http://phandroid.com/2010/07/29/another-app-stealing-data/
[Update]: MyLookout chimed in with us to clarify some details that other outlets have been reporting. Specifically, the app does collect data from your phone, but only the device’s phone number, subscriber identifier, and voicemail number fields are retrieved. SMS and browsing history are not touched by any of the apps they analyzed throughout their Blackhat conference. Your voicemail’s password is also not transmitted unless you included the password in your phone’s voicemail number field.
We’re not yet certain on what the developer’s intentions are for using the pieces of data it does send to China – so we can’t outright call it malicious – but it is collecting and sending data nevertheless. Hopefully that clears up some of the confusion everyone’s been faced with regarding the read-only property READ_PHONE_STATE that the application uses to access certain pieces of data.
Click to expand...
Click to collapse
So no SMS, browsing history or voice mail password taken.
FOR REAL?!?!
All your data belongs to somebody else
jp_macaroni said:
http://www.tgdaily.com/security-brief/50862-as-many-as-4-million-people-downloaded-data-stealing-android-app
Click to expand...
Click to collapse
Free isn't free: http://www.androidpolice.com/2010/0...t-all-your-data-are-belong-to…-somebody-else/
Same happened to me with an app posted here for movies
Flixster for android
http://www.flixster.com/
I did find out ON TIME , that someone was messing with my gmail account , had to change my password inmediatly
I received an altert from an IP ( from their site ) trying to change my password !
You've been warned , happened to me !
It's not like it doesn't show you the stuff when you install apps.. And this "Genome Project" thing is out of context nonsense.... 14% of free apps have access to your contacts. You realize that includes IM programs, SMS programs, Email programs, etc....
If you install a wallpaper app that requests access to your Accounts and Contacts, well....
http://www.cyrket.com/search?q=Jackeey+Wallpaper
I don't see such permissions on the 2-3 I looked through, but maybe specific ones did.
Another thing about this "lookout" app and Genome Project.. Look at the permissions on their app on the market:
Permissions: ACCESS_COARSE_LOCATION , ACCESS_FINE_LOCATION , ACCESS_NETWORK_STATE , CLEAR_APP_CACHE , DISABLE_KEYGUARD , GET_ACCOUNTS , INTERNET , MANAGE_ACCOUNTS , MODIFY_AUDIO_SETTINGS , PERSISTENT_ACTIVITY , READ_CONTACTS , READ_LOGS , READ_OWNER_DATA , READ_PHONE_STATE , READ_SMS , READ_SYNC_SETTINGS , READ_USER_DICTIONARY , RECEIVE_BOOT_COMPLETED , RECEIVE_SMS , VIBRATE , WAKE_LOCK , WRITE_CALENDAR , WRITE_CONTACTS , WRITE_SETTINGS , WRITE_SMS , WRITE_SYNC_SETTINGS , WRITE_USER_DICTIONARY , com.android.browser.permission.READ_HISTORY_BOOKMARKS , com.android.browser.permission.WRITE_HISTORY_BOOKMARKS
What if the 'AV' software itself turns out to be the one stealing data? If anything could, it could.
we get that all apps ask for permission to allow access to our location, contacts, emails etc....but to gather our private info and sell them to China.....thats messed up.
time to sue.
That information is then sent to a website based in Shenzhen, China.
Click to expand...
Click to collapse
question:
if this app was downloaded and used by US government....would it be considered as a SPY? lol
It's a big deal, but it illustrates very well that android users are in a ffa environment without someone looking over their shoulder to protect them.
It's good and bad. Some people will call bad on google for not protecting them, but others will see it for the truth of it and know they have to cover their own ass.
Wouldnt a functional firewall app work for this?
cutting off apps access to non essential portions of data...but also from data transmitting?
Flixster is malicious??
pvillasuso said:
Same happened to me with an app posted here for movies
Flixster for android
http://www.flixster.com/
I did find out ON TIME , that someone was messing with my gmail account , had to change my password inmediatly
I received an altert from an IP ( from their site ) trying to change my password !
You've been warned , happened to me !
Click to expand...
Click to collapse
Woaaah now... I have used this app on almost ever ROM I flash - downloaded straight from the market each time. I've never had an indication that my information was compromised in any way... Are you 100% sure that Flixster was the culprit? That's a pretty heavy claim for what I think is a very widely used (and recommended) app.
and what about all the gmail notifiers?
More fears:
I will preface this by saying I don't know much about Android security, but to me, it's as secure as any PC.
So: what about gmail notifier apps and apps that ask for access to your gmail account?
Do they have access to your gmail password? Seems like it. So what's to stop malicious gmail notifier developers from stealing your gmail passwords and having their way with your google account, for example, grepping your mailbox for banking information.
Also think about keyboard apps, what's to top malicious keyboard developers from writing a keyboard which logs all your keystrokes to a zipfile then uploads it to a russian server for analysis of B-A-N-K and P-A-S-S-W-O-R-D and then the next keystrokes which follow that?
It doesn't end there. Picture apps which can steal your pictures. Apps which can record your phone conversations and upload the audio to servers a few hours later so you don't notice that data going on.
bwolmarans said:
More fears:
I will preface this by saying I don't know much about Android security, but to me, it's as secure as any PC.
So: what about gmail notifier apps and apps that ask for access to your gmail account?
Do they have access to your gmail password? Seems like it. So what's to stop malicious gmail notifier developers from stealing your gmail passwords and having their way with your google account, for example, grepping your mailbox for banking information.
Also think about keyboard apps, what's to top malicious keyboard developers from writing a keyboard which logs all your keystrokes to a zipfile then uploads it to a russian server for analysis of B-A-N-K and P-A-S-S-W-O-R-D and then the next keystrokes which follow that?
It doesn't end there. Picture apps which can steal your pictures. Apps which can record your phone conversations and upload the audio to servers a few hours later so you don't notice that data going on.
Click to expand...
Click to collapse
The same things are possible for a regular computer as well. You can connect to a site and it could execute a download that then snoops your keystrokes and uploads them somewhere.
The difference (so far) is that on android you have to install an app to do that.
The takehome message is to excersize caution and install apps you can verify where they come from and what they do.
This will happen more and more. Mobile is where people are doing most of there communication and beginning alot of banking.
Not just Android all mobile OS.
Like I said a zonealarm/lilsnitch like app would be of great use. Even if logging or reading they still need to communicate out. An easy low mem/bat/cpu usage app that monitors this behaviour would go along way.
This is becomming a bigger issue and we do need some type of security alert monitor!
http://www.newsfactor.com/story.xhtml?story_id=13100EVAC2WI
"Mobile apps on Android-powered smartphones and Apple's iPhone can disclose more personal data than most users realize, security vendor Lookout revealed Wednesday at the Black Hat USA 2010 conference in Las Vegas. Rather than being malicious, users often give the apps permission to access data when they are installed...."
jp_macaroni said:
http://www.tgdaily.com/security-brief/50862-as-many-as-4-million-people-downloaded-data-stealing-android-app
Click to expand...
Click to collapse
Opps missed this post prior to posting my thread...
http://forum.xda-developers.com/showthread.php?t=739446
Arcarsenal said:
Woaaah now... I have used this app on almost ever ROM I flash - downloaded straight from the market each time. I've never had an indication that my information was compromised in any way... Are you 100% sure that Flixster was the culprit? That's a pretty heavy claim for what I think is a very widely used (and recommended) app.
Click to expand...
Click to collapse
100% sure , I checked out the IP involved , and it pointed directly to their website !!!
pvillasuso said:
Same happened to me with an app posted here for movies
Flixster for android
http://www.flixster.com/
I did find out ON TIME , that someone was messing with my gmail account , had to change my password inmediatly
I received an altert from an IP ( from their site ) trying to change my password !
You've been warned , happened to me !
Click to expand...
Click to collapse
Don't be stupid. Flixster is a 100% legitimate app. Don't bad mouth it because you fell for a phishing scam some place else.
GldRush98 said:
Don't be stupid. Flixster is a 100% legitimate app. Don't bad mouth it because you fell for a phishing scam some place else.
Click to expand...
Click to collapse
Use it then, who cares anyway ..!
Hope u get your gmail account hacked ...
samagon said:
The takehome message is to excersize caution and install apps you can verify where they come from and what they do.
Click to expand...
Click to collapse
Easy to say, but how do you 'verify where they come from and what they do'?
Hi All,
This weekend I installed a couple of ROMs and played about with my phone quite a bit. I didn't install new apps, except for the ones I already had in previous ones.
Unfortunately this morning I have found that my google account has been hacked and some sod has been sending emails from my e-Mail address. Here are the details as provided by google:
Mobile India (125.19.103.21) 08:53 (2.5 hours ago)
I am not placing blame on anyone, or pointing fingers, but perhaps it can serve as an alert to the mostly honest XDA community.
you live in india?
astrodemoniac said:
Hi All,
This weekend I installed a couple of ROMs and played about with my phone quite a bit. I didn't install new apps, except for the ones I already had in previous ones.
Unfortunately this morning I have found that my google account has been hacked and some sod has been sending emails from my e-Mail address. Here are the details as provided by google:
Mobile India (125.19.103.21) 08:53 (2.5 hours ago)
I am not placing blame on anyone, or pointing fingers, but perhaps it can serve as an alert to the mostly honest XDA community.
Click to expand...
Click to collapse
hmmm,, are you sure that this is related to changing Roms (winmor or android)
oh and do you live in India
I don't live in India no... never even been to India for that matter
hmmm,, are you sure that this is related to changing Roms (winmor or android)
Click to expand...
Click to collapse
In short, no I am not sure ... but the coincidence cannot be overlooked. I've had my account for several years and this had never happened before.
I also checked my PCs and they're clean, I don't use (or let anyone use) my account for stupid things like sending out webcards or anything of the like.
My intention though wasn't to indicate there is a problem, but to raise awareness of the potential for one.
weird problem , should figure out what it is ..
IP address belong to
Geolocation Information
Country: India
State/Region: Maharashtra
City: Pande
Latitude: 18.3833
Longitude: 75.2333
WinMo ROM, Android Builds, Installed Apps plz
btw, your account may be hacked through wireless when you login not using https/encryption
Did you check what was sent from your account?
hey
did you use a "good" password btw?
bb.
This is odd. Same thing happened to me couple of days ago.
Aparently someone sent the following message: "Subject: Have been searching for a best place to buy drugs? here it is: **url removed**" to all my google contacts.
My account was locked, with a message saying it was "compromised" - asking me to reactivate the account over sms / phonecall.
I did not check where this happened from , i just reactivated and changed my password.
I had the same thing happen to one of my dummy Gmail accounts a while back... an account i hardly use and have certainly never logged into on Android..
Just pure unlucky mate, nothing to do with Android any build or any Chef...
Reset your password - delete the crap - and get on with life...
This has also recently happened to my yahoo and facebook account, since the two were linked on winmo, I traced it found it came through via one of those stupid apps that someone dropped on my wall. Facebook has been going through a rough patch of these types of break-ins. It could be something with that if you own a FB account.
paulrgod said:
I had the same thing happen to one of my dummy Gmail accounts a while back... an account i hardly use and have certainly never logged into on Android..
Just pure unlucky mate, nothing to do with Android any build or any Chef...
Reset your password - delete the crap - and get on with life...
Click to expand...
Click to collapse
Agreed, no win situation
andreasbjorvik said:
This is odd. Same thing happened to me couple of days ago.
Aparently someone sent the following message: "Subject: Have been searching for a best place to buy drugs? here it is: **url removed**" to all my google contacts.
My account was locked, with a message saying it was "compromised" - asking me to reactivate the account over sms / phonecall.
I did not check where this happened from , i just reactivated and changed my password.
Click to expand...
Click to collapse
oh .. my also locked 2 days before ..... is this is all about this , oh man ...
i am using android now for several weeks and yesterday was the first time my phone asked me for my google password (in a textbox), after i entered it, everything was normal.
but now as i read this topic, i instantly changed my google account password
I'd agree that it ain't android...I've been getting e-mails from facebook/gmail friends, most of them with a topic saying: "Hi:" and most of them are fake user ads from a Taiwanese company. Be careful who you add on FB/Gmail etc.
I'll quickly reply to all of you as best I can
1) WinMo ROM is completely empty. No accounts setup, no contacts, even sense is disabled.
2) My Gmail password is quite strong (which is what surprised me the most) it is longer than 8 chars, combination of symbols, letters and numbers
3) I don't use *any* facebook apps/games, precisely for that reason
4) I had some returned undelivered messages in my inbox this morning, it was spam with a link to a website
5)My email account spoofed, I don't care. Happens all the time and there is not much you can do about that. What concerns me is that this person actually logged into my account and managed to send mail to all my contacts.
I'll post a list of my android apps soon (it's quite long)
Do you use the Gawker service to login to any of the websites they are a part of?
http://www.informationweek.com/news...html?articleID=228900009&cid=RSSfeed_IWK_News
If so, that could be a good reason why you're getting spam.
Long story short i have my hotmail, along with other accounts setup in my evos email client, awhile back I noticed I sent myself an email about diet crap that I personaly did not send and so I dismissed it.
Well tonight I had over a hundred mailer daemon unable to reach address blah blah in my email inbox I check my sent box and sure enough my account has been mailing random people crap about diet stuff.
Anyways i heard Android has some exploits that could be leading to our phones being related in a exploit.
I changed my email password and it stopped doing this temporarily but it started right back up again after a while.
Can this be Related to my phone at all?
Sent from my PC36100 using XDA App
It's probably not your phone.
It's far more likely that you (or someone else in your household) clicked something you shouldn't have on a website, and have a keylogger on your computer now.
Or if you're... Uneducated enough to be running an open WiFi network (or, even more facepalm-worthy, connected to one that doesn't belong to you, and mooching off it), then someone could be picking up your plaintext passwords.
But really, biggest chance is you've got some malware on your computer. Congrats!
Your biggest issue is that you are still using hotmail...
- Changed your hotmail password from a virus-free computer or your EVO's browser.
- Run AntiMalware and an antivirus on your computer.
- Switch to Gmail
Problem solved.
well, i know about wlan encryption and i use wpa2 personal, i also know how to crack wep
i also know about keystroke loggers, i do use them and know how to detect software versions of them
somehow my girlfriend somehow gets a copy forwarded to her of email i reply to, even though there is no trace of a setting for this anywhere that i can find, which i always found suspicious and it doesn't happen all the time. she could be spying or maybe its from when we tried to link our outlook calendars and something broke
i use hot-mail because until recently i have had zero problems and i created this hotmail account back in 2001 on my dream cast before i even knew how to turn on a pc, and now i run a computer repair shop, so it kinda has sentimental value, so i want to fix this, not throw it away. also i have many other email address for work and school purposes so email isn't nothing new to me.
last night i had my gf change my password on my hotmail account because i was on my evo and hotmail.com kept sending me to their mobile site and i couldn't see any settings for change password and she had her laptop in her lap. maybe her laptop is the culpti but i doubt it, i will check into it though.
today i changed my password to my hotmail on my work computer. i will allow my evo access to the new password for the sake of tying to figure out where the culprit is and only changing one thing at a time.
thanks for the replies i really was hoping to hear that someone has less then public information about hotmail email servers them selves being hacked. because i have friends with hotmail accounts that started spamming me not too long before my account starting spamming others.
i guess i'll use this thread to keep notes on this situation, but thanks for the replies
zeuzinn said:
- Changed your hotmail password from a virus-free computer or your EVO's browser.
- Run AntiMalware and an antivirus on your computer.
- Switch to Gmail
Problem solved.
Click to expand...
Click to collapse
yep all I had to do was change my email on another SAFE PC and then I was good to go. But dont discount adware programes and all.
DL and run/update
Malware bytes, Super antispyware and update and load spyware blaster. You'll be good to go.
spybot/teatimer ftw
drmacinyasha said:
It's probably not your phone.
It's far more likely that you (or someone else in your household) clicked something you shouldn't have on a website, and have a keylogger on your computer now.
Or if you're... Uneducated enough to be running an open WiFi network (or, even more facepalm-worthy, connected to one that doesn't belong to you, and mooching off it), then someone could be picking up your plaintext passwords.
But really, biggest chance is you've got some malware on your computer. Congrats!
Click to expand...
Click to collapse
Please don't be politically correct. :|
Stupid not uneducated. He says he knows all this, so uneducated wouldn't apply.
...
Sorry, I'm very blunt. :|
Well my hotmail accounts were still spamming people, also my yahoo account started to join in on the fun.
I changed passwords on both accounts to something very lone Qiu no dictionary words and used numbers and symbols. And about a day later low and behold I am spamming people again.
Focusing in on my hotmail account, I can see the sent folder, in my web based GUI, I can see all these emails that my account has been sending.
I have probably have questionable apps on my phone so I thought I'd wipe my phone. Well, its been 4 days since I have had any problems.
While I can't confirm my suspecion, I can suggest as a possibility that my phone had something that was pulling my passwords and sending them out to someone or something that would inturn log into my accounts and spam away.
I don't have time to really look into this any more thoroughly but I thought I'd document my observations.
Sent from my PC36100 using XDA App
potna said:
well my hotmail accounts were still spamming people, also my yahoo account started to join in on the fun.
I changed passwords on both accounts to something very lone qiu no dictionary words and used numbers and symbols. And about a day later low and behold i am spamming people again.
Focusing in on my hotmail account, i can see the sent folder, in my web based gui, i can see all these emails that my account has been sending.
I have probably have questionable apps on my phone so i thought i'd wipe my phone. Well, its been 4 days since i have had any problems.
While i can't confirm my suspecion, i can suggest as a possibility that my phone had something that was pulling my passwords and sending them out to someone or something that would inturn log into my accounts and spam away.
I don't have time to really look into this any more thoroughly but i thought i'd document my observations.
Sent from my pc36100 using xda app
Click to expand...
Click to collapse
STOP using pirated apps. That's my guess.
It was most likely an app that requests permissions to your contacts and email. There are a lot of shady apps out there and google needs to step up with this crap.
I always avoid them but it's ridiculous how many apps (themes and stupid stuff) request information.
Well surprise surprise, it was most likely an app I got from the market that was stealing my info. Not that I can confirm it, but most of the replies implied I was an idiot and that it couldn't possible be my phone. I eventualy got an email from Google saying I had installed something from the mArket that was infected.
So it was not that I'm stoopid ignorant, it wasnt that i was using hotmail, it wasnt that my pc was infected.
It was my phone all along.
Maybe there is a thread about this already, but I bet my topic.was created first and I thought I'd bring this thread to a conclusion.
Sent from my PC36100 using XDA App
I hate to say it but if you downloaded an app that infected your device with malware you still are pretty stupid. Not trying to be an a**hole here but if you actually researched the app before downloading it you could have advoided it altogether. Common sense is still the best antivirus.
Sent from my PC36100 using XDA App
This isn't malware on your phone. It's been a huge issue with hotmail for the past couple of weeks. People who use the same pass across multiple sites usually are the most vuln. Also happens when you get phished.
I have a friend thats has the same thing going on with his hotmail...hasn't been using it at all and all of a sudden I'm getting emails from him sending me links to increase my penis length...and god knows I don't need that..
I wouldnt dismiss it being non-phone related. I recently have been having it happen on my hotmail account as well and I have not logged into my hotmail account on a computer in years only have it on my phone to setup craigslist ads, Redbox rentals and small stuff like that and use gmail for important stuff. I dont have any Pirated apps or anything just normal stuff 12 or so games and 15 or so other market apps.
Same thing happened to my hotmail a while back. I changed my password and it solved the problem.
Sent from my rooted HTC EVO using the xda app!
alright guys stop calling the op stupid and learn ya something yourselves. Even legitimate apps were affected read the news every once in awhile and you would know. This is just one of the many articles on the topic.
http://m.cnet.com/Article.rbml;jses...fVH2Mtw**?nid=20039881&cid=null&bcid=&bid=-83
Sent from my Supersonic Evo using Xda-app.
Last-Chance said:
This isn't malware on your phone. It's been a huge issue with hotmail for the past couple of weeks. People who use the same pass across multiple sites usually are the most vuln. Also happens when you get phished.
Click to expand...
Click to collapse
Exactly, it happened with my hotmail account a few months ago, and I havent used my hotmail in months.
alright guys stop calling the op stupid and learn ya something yourselves. Even legitimate apps were affected read the news every once in awhile and you would know. This is just one of the many articles on the topic.
Click to expand...
Click to collapse
Unless you login to hotmail from your phone's browser, there is no way one of these apps could get your hotmail info.
i swear, i dont know why i take peoples opinions so damn seriously around here...but for the sake of my sanity and the general level of competence of reading and having accurate postings with good conclusions here i go again.
there were a handful or legitimate applications on the market than were infected.
i already changed my email passwords and it ddint help
when i formatted/re flashed rom...it stopped
i later received some notification of some market tool that Google automatically installed and ran and "fixed the issue"
i received an email from Google telling me about a phone tied to my gmail account may have been infected, but i already solved my issue my self, so their fix didn't apply.
how the hell can you people some how twist this into "op is dumb, or stupid"?
now for a bit of my SPECULATION, and its only that, its not my opinion thrown at you as fact, as so many here love to do.
what are the odds that all of us android users just happen to have our email accounts hacked? whats the one thing all of us email user have in common on these boards....android. just saying
btw, more than just my hotmail account was hacked.
here are some urls that the idiots wont read, talking about what i have been trying to say
http://www.google.com/search?q=Droi...s=org.mozilla:en-US:official&client=firefox-a
My son got my first HD2. What I did not know when I installed it the first time before he got it, was the fixation of the phone to the gmail-account I used at that time and only for that purpose. Intuition has its flip side too.
My son has his own gmail account, which I was not aware of, and obviously he wants to have his HD2 running his affairs on his own account (communicate with friends etc.)
Now, he has used the HD2 extensively, installed lots of apps, also some paid ones. Purging my old (installation-) account will reset the whole device to its initial state, all accounts and licences will be lost, if he understands that warning correctly.
Is there a way to change the 'ownership' with as little damage to the contents as possible, like save all contents as a backup, start with a new account identity, and restore all contents? Or will that also inevitably overwrite the new account with the old one too?
One could call the task also a migration of an android installation to a different account. BTW, it's equipped with a 16 GB card which has lots of free space left right now (looking at the backup space needs).
I am sure this has been discussed here before, but I seem to not find the right search words. Any hints, links, advice?
Would a total backup using Titanium be advisable? Or will that restore the present status including the unwanted account again?
Thanks for your help in advance. It doesn't make things simpler that my son and his HD2 are some 1.000 miles from here, studying there. but we have skype and other paths on PCs...
Cheers,
the longkeeler.
You can always use Titanium Backup to back up the apps (the paid ones, too), make a factory reset and let him set his own account and then restore the backup.
But you can never transfer the ownership of app(s) from one account to another. (For example, by using TB backup, he can use the paid apps, but he won't be able to update them, he'd need to buy them from his own account)
I'm sorry, but that is the way Android works. (which is lame)
follow-up
Clearing the primary gmail-account and thus resetting the device did not remove just that account, which kind of surprises me. Well, I don't have the HD2 in my hands, and I just hope that my son will have made the backup I advised hin to make and store it where he can reconstruct from.
Cheers,
the longkeeler.
But at least, he would have back what was there before. The nature of the paid apps is static, there are no backups to be expected. And it was not an amount of money that would kill anyone - just throwing it away should be avoided. Now, as posted a few minutes before, he was not successful to remove the undesired account. Are there any protections built in, that follow the great old MS tradition , it's not a bug, it's a feature, if not even industry standard?
it is however possible - to some extent - to "merge" google accounts.
if you do not use your gmail acc (as i understood from your first post) you can transfer quite a bit of contacts/features and stuff to your sons account and the other way round. this way he might be able to keep the paid apps (and updates) and also communicate with his friend on the dame account.
if thats any help...
Is the phone running froyo or gingerbread? If it is on Ginger then try deleting the account from sync and accounts... that's all for froyo u will need root explorer to delete a file located in the data folder.
Sent from my HTC HD2 using XDA Premium App
From accounts and sync remove the account.. I believe this only works for Ginger ..
Sent from my HTC HD2 using XDA Premium App
You can also do it by deleting this file With root explorer . Hope this helped.
Sent from my HTC HD2 using XDA Premium App
Just use your sons email and then go to accounts and sync.turn sync off. That's basically your only hope.
Sent from my HD2 using xda premium
First: Thanks to all for your replies!
Afaik, it's the gingerbread flavor.
I have the same type of HD2 here for myself but don't want to mess that up too much - I just saw under acc and synch that my account appears there once under mail and then under google.
If I remove either of those - does it only purge the link from my device to gmail resp. all other google-accounts, or does it remove the account as a whole from google's servers? (if so, probably only from the visible surface, but that's a different story...)
I am not sure if my son sees the same image and what he did there.
So again: Does "removing" the account on the smartphone just "divorce" it from google, or does it kill it?
Thanks again for your help!
Cheers,
The Longkeeler
Nieve, thank you so much. I am not sure yet if it will work but it sounds plausible. surprising how close to the surface such an essential database is located - like the rock that merged with the Costa Concordia... So, everybody just can hope that it will become easier in future to change the primary account rights.
A different side-question: What tool did you use to add the hints to the screen shots?
Extended thought, not necessarily useful for my son's problem, but: Would it be possible to cultivate different versions of the accounts.db, renaming them according to the desired application spectrum (like, say, change the "personality" of the phone from business to leisure)?
Reset device completely
With a clean device when the touch android screen comes up...
he signs in with his account. Establishes his acct as primary
then logs in with your acct secondly or later on in order to get access to the paid apps on your account
Only way to xhange primary is a wipe of data. The primary is simply the very first acccount entered after a device reset.
Your a great mom!
Sent from my Kindle Fire using xda premium
nieves53 said:
You can also do it by deleting this file With root explorer
Click to expand...
Click to collapse
Nieve, thanks. After getting root explorer 2.15 I can see into the innards now too - on my phone here, there is the accounts.db of course, and two more entries, one called accounts.db-wal and the other accounts.db-shm. Look more like folders. What about those?
androidcues said:
Your a great mom!
Click to expand...
Click to collapse
Always try to do my best, and I'll ask my wife for her opinion on this . Well, I'm just only the dad...
But your proposal sounds very reasonable and based on practice. If nieve's and your advice can be combined (purging the data base, tnen installing accs from scratch), it would be great.
accounts removed now, but no re-installation yet.
nieves53 said:
You can also do it by deleting this file
Click to expand...
Click to collapse
(\data\system\accounts.db) deleted - et voilà, after rebooting, no more accounts. So, step one done successfully. So, again, thanks for that!
Now came the next one, re-installing his own gmail account as a primary one. He could open the dialogue - but his entry was refused, 'sorry, username and pw don't match.' Bummer. He tried it several times, took care that the account was not opened anywhere else - no avail so far. The error message could well be misleading.
There must be a missing resp. hidden link.
Update: re-installing the prior "false" primary account worked immediately. So, the error message IS misleading. I guess there will be no other way than to completely re-initiate the whole system and then start with the other identiy. Unfortunately, the HD2 has to travel 2.000 miles for that, but it is the safest way then. My son has neither the experience nor the tools to do that himself there.
If somebody has yet another idea - please don't hesitate to let us know!
The application is call picsin, you can find it in the android market...about his account ask him to make sure his email and password are correct. I have change my accounts many times doing that process. He can maybe try login to his account thru the browser, just to make sure the email and password are right.
Sent from my HTC HD2 using XDA Premium App
SOLVED
longkeeler said:
Update: re-installing the prior "false" primary account worked immediately. So, the error message IS misleading.
Click to expand...
Click to collapse
Some times, the solution comes as a surprise. Just before my son had started his trial to rearrange the accounts yesterday, he had applied for a new login scheme with google - some double-password story. This, he had not mentioned until today, an hour ago, when he received a mail from google, giving him directions on how to handle logins in a transitional phase.
You guess it: All is well now, he has his own account as the primary one, and sounds much more relaxed than before.
Oh well...
But nevertheless: Your help was absolutely substantial in achieving this, and I hope that the bitdust will settle soon... So thanks again, I can recommend you
Cheers, and a happy rest of this weekend!
The Longkeeler, now also a bit more in weekend mood/mode.
That's good to hear! And a pleasure to help.
Sent from my HTC HD2 using XDA Premium App
I got my N4 a couple of days ago. It's my first foray in the Android world.
The requirements that I am hoping to meet are pretty simple:
1) I want to be able to call contacts and send text messages
2) I don't want Google tracking my contact list
3) I don't want Google tracking my location
4) I don't want Google tracking my browsing history
5) I want to be able to use the Play store to download 3rd party apps. I didn't buy an N4 to use it it like a dumbphone. Logically, the Play store shouldn't require constant access to my contacts, location or browsing history.
I am making this post to get help meeting the above requirements. Despite seeming really basic, I'm running into trouble, and I think I will need frequent help. This thread can act as a journal that hopefully other people can follow.
What I did so far is immediately flashed the N4 to AOKP, and applied the OpenPDroid patches (though I've yet to use OPD). From a blank slate start, I declined to create an account, disabled location access, etc, during the startup wizard.
Adding a contact round 1
I was able to create a local, unsynced contact.
Using the Play store
I was forced to sign up for a gmail account, which is normal. I declined to "keep this phone backed up with my Google Account". I then went in Settings > Account and disabled sync for everything, including Contacts. I also disabled background sync in the power controls.
Adding a contact round 2
I am now unable to add a contact without being forced to sync it with my BS gmail account. When I click "Add Contact" in the phone app, a dialog says "Your contact will be synced with [email protected]" and my choices are either "OK", "Add other account", or to cancel out by clicking Back.
So I'm already stuck. Once a Play account is created, I am now unable to do something as basic as adding a contact without sending it to Google. Can someone tell me how to get past this obstacle?
That's how Google makes their money! Your only options are to either start using the amazon app store only or side loading apps if you don't want Google involvement. Good luck.
Sent from my Nexus 7 using xda premium
Why? Like they don't have all your information already? You freely give your information to everyone when you use the internet. Congratulations. You are not that special.
Sent from my Nexus 4 using xda app-developers app
Eurotrash: always in this sort of discussions there's people like you who essentially advocate shutting up and taking it. "That's how things are" is not an acceptable solution to my problem, or I would not have made this post. There IS a way around the creeping, and someone knows it. My last resort is blocking every Google service from accessing the Internet except Play. I'm asking here because I'm hoping there's a less extreme solution that other people can use.
Gotzadroid: I will hold out for a better solution. Amazon appstore will likely be limited. Sideloading is not possible because many devs don't provide APKs
I know you can get an app to block individual permissions of other apps: https://play.google.com/store/apps/details?id=com.stericson.permissions
It requires root. Not sure about the contacts and other stuff you wanted to block, im assuming you've disabled location services.
Why not try flashing like cm10 and not flashing gapps so no Google apps? Then just manually downloading the apps apks and sideload the ones you need?
Sent from my Nexus 4 using Tapatalk 2
Didn't think my post lacked clarity, so hopefully this will be clearer:
My ONLY problem right now (we'll leave the rest for later) is that the Phone app, an essential app if I want to use my phone for making calls, an app that isn't even part of Gapps, doesn't let me add a local contact without sharing it with Google. That's it. Forget everything else in my post.
So my simple question is, how do I add my friend Bob to my contact list, locally in phone memory or on the SIM card or whatever, without telling Google I'm friends with Bob and giving them his phone number?
MachinTrucChose said:
Didn't think my post lacked clarity, so hopefully this will be clearer:
My ONLY problem right now (we'll leave the rest for later) is that the Phone app, an essential app if I want to use my phone for making calls, an app that isn't even part of Gapps, doesn't let me add a local contact without sharing it with Google. That's it. Forget everything else in my post.
So my simple question is, how do I add my friend Bob to my contact list, locally in phone memory or on the SIM card or whatever, without telling Google I'm friends with Bob and giving them his phone number?
Click to expand...
Click to collapse
As previously mentioned, try flashing a rom without gapps
OK, try this. Make a dummy gmail account for the play store only. Get all the apps you want and then sign out of gmail. Only sign back in when you want another app. That should keep Google from syncing all your info.
Sent from my Nexus 7 using xda premium
Michealtbh said:
As previously mentioned, try flashing a rom without gapps
Click to expand...
Click to collapse
The Phone app is not a part of gapps. It came on the stock ROM before I flashed gapps on it. I didn't try it before adding gapps, are you saying it will change behavior and no longer prompt me to sync when I try to add a contact?
I gotta go to sleep, I'll do more tests tomorrow evening to test this (and wait for your reply to the above question in case you misread my posts).
If the answer to the above question is yes, this would immediately beg another question: how do I install 3rd party apps from Play without flashing gapps?
gotzaDroid said:
OK, try this. Make a dummy gmail account for the play store only. Get all the apps you want and then sign out of gmail. Only sign back in when you want another app. That should keep Google from syncing all your info.
Sent from my Nexus 7 using xda premium
Click to expand...
Click to collapse
That's what I did in the OP (2nd bolded step). I created a dummy account cause Play requires it. That became my main Google account on this phone (since I declined to set up an account prior to that). That's the account Google tries to sync my contacts to when I try to add a contact.
I looked in the Gmail app, there's no way for me to sign out. All I can do is add more accounts.
A similar thread from the galaxy nexus forums: http://forum.xda-developers.com/showthread.php?t=1589367
However, I'd also be interested in a deeper insight on why you're trying to do this. Fear of the big brother? Or just proving a point?
We know before buying an android phone that everything is tied to that Gmail address; now you want to cut that tie but maintain full functionality. Well, that probably doesn't work. And if it at the end does, why going through all that trouble? If a different platform offers all that then..
Why you bought an android phone in the first place? Just curious
Sent from my Nexus 4 using Tapatalk 2
You can try downloading or side loading the app "contacts+" then sign out of your dummy gmail account. You can get a sim to USB hub online and plug your sim into the hub and into PC to add contacts directly to sim. I don't know if there's a way to export contacts to sim anymore unless I'm guessing developers somehow add that feature. So look into CM or another well built ROM and ask some questions.
Good luck
Sent from my SCH-I605 using xda premium
MachinTrucChose said:
The Phone app is not a part of gapps. It came on the stock ROM before I flashed gapps on it. I didn't try it before adding gapps, are you saying it will change behavior and no longer prompt me to sync when I try to add a contact?
I gotta go to sleep, I'll do more tests tomorrow evening to test this (and wait for your reply to the above question in case you misread my posts).
If the answer to the above question is yes, this would immediately beg another question: how do I install 3rd party apps from Play without flashing gapps?
Click to expand...
Click to collapse
Stock rom comes with gapps already loaded.
Most custom roms come without them and they must be flashed separately. If you choose not to flash them you aren't even given an option to sign into your Google account at first boot, so there will obviously be no option to sync your contacts.
Your phone will be crippled and you'll have to find workarounds for many things. I don't think you'll be able to use Maps for example. To install apps you'll have to download and install the apks or use an alternative app market like SlideMe or Amazon
What's there to hide? They're just contacts
Sent from my Nexus 4
Google doesn't care what your Aunt Bertie's phone number is. All they use the data for is to customize ads for you, and if you're going to be seeing ads anyways they might as well be relevant to you.
Sent from my Nexus 4 using xda app-developers app
It's disappointing that the thread is taking the direction of Google advocacy rather than finding a technical solution to my problem, hopefully this post answers your questions and we can stop arguing about this.
Drakkula4 said:
You can try downloading or side loading the app "contacts+" then sign out of your dummy gmail account.
Click to expand...
Click to collapse
How do I sign out of my dummy gmail account?
Vangelis13 said:
A similar thread from the galaxy nexus forums: http://forum.xda-developers.com/showthread.php?t=1589367
However, I'd also be interested in a deeper insight on why you're trying to do this. Fear of the big brother? Or just proving a point?
We know before buying an android phone that everything is tied to that Gmail address; now you want to cut that tie but maintain full functionality. Well, that probably doesn't work. And if it at the end does, why going through all that trouble? If a different platform offers all that then..
Click to expand...
Click to collapse
Nope, not full functionality. I can avoid using all gapps. The only required Google service is the Play store, which is the primary gateway to non-Google apps. I would use Email over Gmail, Navfree over Maps, etc.
The next paragraph is meant as a reply to the 5 posts essentially saying "tinfoil hat, trust Google!".
This is supposed to be an open phone, allowing the user to do what they want, compared to the big bad iOS. That's why I bought it. Now I find out Google is insisting on taking something extremely private (my social graph) even when I don't want to give it to them. I respect my friends' privacy, and I don't want an intersection of my online and offline lives being made by some 3rd party with intentions I don't trust. The insistence is starting to creep me out. You can provide convenience and still respect basic privacy, look at Mozilla with Firefox Sync: even they don't see the data you sync. I'm not even asking for that much, just respect my wish to draw the line at real-life stuff. I guess I shouldn't be surprised, this is the company banning people using pseudonyms on Google+.
The most disappointing thing in all this, is that you have 5000 custom ROMs being developed, which mainly differ in pointless GUI BS like scroll animation speed. Not a single one of those projects thought to provide a way to make the phone usable without giving up extremely private data. AFAIK only 3 guys are working on privacy stuff, and even those guys' patches and apps don't protect you from the Eye of Google.
chrisrozon said:
Google doesn't care what your Aunt Bertie's phone number is. All they use the data for is to customize ads for you, and if you're going to be seeing ads anyways they might as well be relevant to you.
Sent from my Nexus 4 using xda app-developers app
Click to expand...
Click to collapse
What if I don't want tailored ads? Or what if I only want tailored ads by tracking the online activity I'm willing to submit to them, and I feel it should be my my right to draw a line? Many people are not comfortable seeing an intersection of online and real life activity. I am one of those people.
MachinTrucChose said:
Didn't think my post lacked clarity, so hopefully this will be clearer:
My ONLY problem right now (we'll leave the rest for later) is that the Phone app, an essential app if I want to use my phone for making calls, an app that isn't even part of Gapps, doesn't let me add a local contact without sharing it with Google. That's it. Forget everything else in my post.
So my simple question is, how do I add my friend Bob to my contact list, locally in phone memory or on the SIM card or whatever, without telling Google I'm friends with Bob and giving them his phone number?
Click to expand...
Click to collapse
Simple question deserves simple answer, only thing I can think of, go to settings > accounts > google > tap your account email address > and uncheck the things you don't want synced with google.
Hopefully it works and you will just have a local copy of everything then.
Again just flash like cyanogen mod since you have to flash gapps separate. Then don't flash gapps and your phone will have nothing to do with google.
Sent from my Nexus 4 using Tapatalk 2