I'm hoping someone can point me in the right direction after spending a day reading about mobile phone security. I'm still confused as to what an app can do and how I can limit access. Some answers or a point in the right direction for more information would be helpful.
Apps that are granted permission "Modify/Delete SD Card" can pretty much read/write anything on my device? Could an app go through my sd card and see files, for example, music, movies, other data from different apps; file names/content? I have about 35 apps running on my phone with this access. I'd rather not leave it to "how much I trust the developer" and have some means to limit access to data.
I don't keep national security secrets on my nexus but there is work and personal information that is sensitive and I wouldn't want shared. It looks like if I use android to encrypt my data it only encrypts the /data folder and there doesn't seem to be much in there.
What about securing contact and calendar data? Is this possible? Not as critical as guarding my file data, but still important to me. Thanks.
Yes, files on the external sdcard are not protected, I.e. all apps which have the right to read/write sdcard can read/write everything there. One reason is just the filesystem type: on FAT you don't have access rights. On internal /sdcard it's a bit different, because it's using ext4 as a filesystem, so principally not all apps can read everything, but also here you have the problem that for example the camera, the gallery app, ... need access to the same files and directories. So at the moment you need to trust the apps in a certain way or not to install it at all.
Sent from my Nexus 7 using xda app-developers app
While it is difficult for someone with limited tech experience, it is plausible to protect your data with measures like XPrivacy or PDroid.
However, if you're looking for an answer without jumping through a few technical hoops, there aren't many good ones unfortunately. The best bet is as you already suggested, that is to be smart about where you browse the net, and only install trusted apps. Always think twice and review permissions carefully for any app even if it's from the Play Store.
And don't forget encryption only works similar to a house door. It's only good if you keep it locked. But if you let the bad guys into your house (i.e., installing a naughty app), it doesn't protect you much. It only keeps them out so long as you don't let them in (physical access). P.S. I'm assuming you're talking about the stock android encryption not actually having individual encrypted files on your device if not then ignore this paragraph (although I'm sure some will disagree that even having SHA-512 AES encrypted files with a extremely complex and long passwords is still not enough to protect data once a malicious user gets their hands on that file.)
Even on the internal SD card, it looks like once I give an app access to "modify/delete" the entire sd card is exposed; did I understand that correctly? It looks like grant access to everything or nothing.
After reading this:
http://appanalysis.org/
It seems that even trusted developers can't be trusted. I don't consider myself a novice user but I'm really surprised at how exposed the data is on phones and tablets. Its like leaving money on your front porch and hoping it isn't too tempting for someone to walk though a broken gate and grab.
Any idea what WP, iOS or BB10 offer in the way of data protection?
TheAltruistic said:
While it is difficult for someone with limited tech experience, it is plausible to protect your data with measures like XPrivacy or PDroid.
However, if you're looking for an answer without jumping through a few technical hoops, there aren't many good ones unfortunately. /QUOTE]
XPrivacy looks good, might be worth rooting for that app.
I'm not as concerned with an app downloading files and using a high level attack on my data. I am concerned about an app where the developer decides to go through my contacts, photos, and files which are unlocked and easily viewed. Then sell the data to whomever that can do whatever. No effort required, no ability to know the data was even accessed and no ability to lock the data. I think like most things, if there is more than a slight effort needed to access the data, they'll move on to something else.
I see Google offers encryption but I can't find information on exactly what is encrypted and if I install an app with say permission to contacts does that give them encrypted access to all contacts? For example, a program that can add a contact via sms I don't want to allow it to read all my contacts, just add a new one.
Maybe Android isn't the right platform for me.
Click to expand...
Click to collapse
mgerbasio said:
TheAltruistic said:
While it is difficult for someone with limited tech experience, it is plausible to protect your data with measures like XPrivacy or PDroid.
However, if you're looking for an answer without jumping through a few technical hoops, there aren't many good ones unfortunately. /QUOTE]
XPrivacy looks good, might be worth rooting for that app.
I'm not as concerned with an app downloading files and using a high level attack on my data. I am concerned about an app where the developer decides to go through my contacts, photos, and files which are unlocked and easily viewed. Then sell the data to whomever that can do whatever. No effort required, no ability to know the data was even accessed and no ability to lock the data. I think like most things, if there is more than a slight effort needed to access the data, they'll move on to something else.
I see Google offers encryption but I can't find information on exactly what is encrypted and if I install an app with say permission to contacts does that give them encrypted access to all contacts? For example, a program that can add a contact via sms I don't want to allow it to read all my contacts, just add a new one.
Maybe Android isn't the right platform for me.
Click to expand...
Click to collapse
Heh don't give up. To be honest at least android tells you when it grants a program certain permissions unlike some other OSes where you're in the dark in terms of security.
As far as I know, and I'm assuming we're talking about the same thing, the type of encryption Android offers only prevents people from gaining unauthorized access to your data if your device is mounted or accessed when your lock screen is up. (I'm sure someone will correct me if I'm wrong--please do). But if your device is not password protected (e.g., you set lock password to lock every hour and they get it when it's unlocked) then your data can potentially be compromised.
This encryption does not, however, protect your data as you're browsing the internet, or running apps like facebook.
If you're looking for something to protect your data from say facebook finding your GPS location without your permission, or accessing your contacts and doing God knows what with it, then XPrivacy and PDroid (links above) is your answer, and I'd say that's awesome.
I may not play around with an iPhone / iOS enough, but I'm confident enough to say that they don't offer the same privacy protection even from Cydia that you can get from communities like here on XDA. Perhaps for iOS users, ignorance is bliss?
Click to expand...
Click to collapse
TheAltruistic said:
mgerbasio said:
Heh don't give up. To be honest at least android tells you when it grants a program certain permissions unlike some other OSes where you're in the dark in terms of security.
Click to expand...
Click to collapse
Thanks again. I appreciate the comments.
All I'm really looking to do is prevent an app downloading all my contacts, photos, movies, files, etc. I have some work data on my tablet that isn't confidential but it is what I would call sensitive. Actually, I rarely use external memory, mostly just use in internal sd card.
It seems all the "good apps" grab more permissions than they need or, the permission they do need to operate gives them way more access than I'd like. I'm not so concerned that I'd start using Tor or duckduckgo, but just trusting a developer with an open door to data is more than I can to leave to chance.
From what I've been reading the sandboxing in iOS and WP provide good security and in BB you can remove permissions from apps; BB10 is still the most secure if you can believe the internet articles. I'd like to see Google make it more clear as to what encryption actually allows and prevents.
There seems to be apps that button up a lot of holes, like photos, but there still are gaping holes.
Click to expand...
Click to collapse
Hi guys,
Any progress? I use PDroid on my smartphone and find it unnerving to see how much and how often data is accessed not only by third party apps but by Google itself. With PDroid you can restrict permissions without bricking the app because it can provide fake data rather than none. I have to say that I am not entirely happy with it though. I hope that Firefox OS will have success in stopping the appification of our devices. Data wise, it is much safer to use web-based services than app-based services.
I think Google's Android is so successful with developers (also) because they can gather so much data. Our smartphones are unfortunately "data gold mines" for the ICT industry.
If you have any progress in improving privacy, safety and security of the Nexus 7 than I'd be happy to read about it.
Related
After reading the article about TaintDroid (http://www.digitaltrends.com/comput...oid-apps-secretly-sharing-your-personal-data/), and how a significant portion of the apps were sending back data when not required to....I must admit, I am a bit concerned about security on my Nexus.
What are you all doing to be safe with your information on your phone? Is there a firewall that any of you are using to deny apps the ability to transmit data?
And please no responses like "don't log into anything or enter any passwords for anything on the phone" ...because then we might as well be rocking blackberries and not a phone like this with a capable browser.
"Name and shame" is the best way for an open system to eradicate this stuff
Damn alarmist journalism. Scare everybody into a corner, and then come out with a product that magically makes it all right.
Personally, I don't do anything different. I don't see why you should.
there's a firewall app that will let you block internet access to specific apps
i think it's called droidwall
Wallpapergate...
This whole issue is a joke, I agree something to monitor outgoing information would be great, I doubt however that someone who want to steal your info would sent it out unencrypted so catching this may not be easy at all..
As for this new episode of the WallPaperGate again, the info this application send is common on any platform, if you ever paid for an app on handhango or such site, the first thing they do is to ask your imei so that the app can be linked (ie DRM) to your phone… in this case the guy use imei as a cookie so that he can offer the correct screen resolution.
I would like to point out that one of the sponsor of this “studies” that target only android device is Intel who have interest into many thing including MeeGo and off course MeeGo is much safer than android…
My 2 cents…
At least with windows 7.x you could switch ROMs and side load useful apps, with this safeboot thing and Microsoft's lame attitude to give us more of the features and apps that we want it's no wonder why Windows Phone 8 fourms and blogs are so boring. Way to go Microsoft.
Agreed. I used to come here every day but, now it's once a week (kind of how it was on PPCgeeks.com). No roms, No interop unlocks, no unlocks period.
If you want more discussion about WP8, I suggest going to WPcentral.com...It's pretty active over there...
I really wish a hack of some type would hit, this is getting old. I just want my custom colors back (like I have with WP7).... Advanced Config I miss you !!!
Nobody has been able to find an exploit yet , but I don't really mind lack of activity in forms though as long as cobwebs don't settle upon the entire ecosystem itself we'll be fine
DavidinCT said:
Agreed. I used to come here every day but, now it's once a week (kind of how it was on PPCgeeks.com). No roms, No interop unlocks, no unlocks period.
If you want more discussion about WP8, I suggest going to WPcentral.com...It's pretty active over there...
I really wish a hack of some type would hit, this is getting old. I just want my custom colors back (like I have with WP7).... Advanced Config I miss you !!!
Click to expand...
Click to collapse
Yea I agree that WP Central has lost more action going on but it's all the same stuff; I mean how many reviews of itsdagram, Facebook, Angry Birds and Skype can one handle before they get bored.
I always use to wonder why XDA turned into Android forum almost over night; now I know why its thanks to Microsoft. I feel sorry for Nokia though they took a big risk and now MS is being stubborn.
sinister1 said:
Yea I agree that WP Central has lost more action going on but it's all the same stuff; I mean how many reviews of itsdagram, Facebook, Angry Birds and Skype can one handle before they get bored.
I always use to wonder why XDA turned into Android forum almost over night; now I know why its thanks to Microsoft. I feel sorry for Nokia though they took a big risk and now MS is being stubborn.
Click to expand...
Click to collapse
Agreed, it's the same *****ing over there sometimes. Don't get me wrong, it's a good site if you want new and useful Windows Phone news. This site used to be a WM haven, just like PPCgeeks was. As that is all there was at the time, we had WM and BB...they were all mainly used by business people or hackers like ourselves.
WP7.x was pretty hackable after a while (with custom roms for most phones and interop unlock for about 90% of the models) so it was pretty active but, now with everyone moving to WP8 (ex WP7 users and converts) and No hacks yet, it's slowed down to almost nothing.
Android is mostly hackable and most phones have or NEED a custom rom, so this became a haven for Android users. And for now, as long as they are not going in this area and trolling, there is no issue with it or at least, I don't have an issue with it.
I do think it's a matter of time, they will find a exploit in WP8. I know why MS locked it down, once WP7 was hacked, it opened the doors for the pirates and some people took advantage if it. Sure there was some cool underground apps but, it just opened the system for the pirates. They wanted to lock down WP8 to make the higher end DEVs come and create the apps and games people want, to grow the system.
Nokia was paid pretty well to make a change to WP and over all they are doing very well with it...and their market is growing.
I'm stil deciding if I am going to pick up the Lumia 928 or stick with my HTC 8X(full price, Not giving up my unlimited data)....Hmmmmm... I just wish I could use Advanced Config to get my custom tile colors back
^stick with 8x at least till Nokia world sometime in September because surprises are on its way
Personally I like the very secure nature of my windows phone, I have rimmed more than my share of devices over the years, so its kind of refreshing to k ow this nuts hard to crack. Nokia did take a big risk but I think its been good for both companies. Nokia has done well with exclusive apps in a starved market and there devices are aimed well at a growing group of android overloaded users. With apps like tumble, netflix, Hulu and others coming over the devices are getting more main stream support and with time that will pay good dividends too. All in all I have found little reason to "root" this device other than for the hell of it. They come pretty lean on apps out of box. The biggest thing people seem to be trying to do is get tethering to work without paying out to a carrier for it. Personally if that's basically the reason your wanting to rom so bad, go back to android its far easier get going. I ramble now though, to sum up phone runs great unrommed, clean eco system and very secure setup makes for an all around pleasant device. I think special rimming is more or less unneeded for these devices. Been running unrommed windows mobile 7 and 8 now for about two years collectively. Have android tablets all rommed and a s3 rommed as a backup device.
Sent from my RM-878_nam_usa_100 using XDA Windows Phone 7 App
Meh... I considered WP7 without hacks to be nigh-unusable, even though I stuck with a stock ROM. No way to have apps open files automatically, for example (but I could manually add the registry entries, and could write apps that knew how to handle them). No way to access the filesystem (but I could sideload Kindle ebooks using homebrew file managers). No way back up app data or messages (except with homebrew). Minimal control of theming (as a class, this was one of the biggest homebrew categories). No real control over multitasking (I like that the default behavior is so conserving of battery life, but sometimes I don't *want* Puzzle Quest 2 or Fruit Ninja to have to go through its entire launch process just because I switched tasks or let the phone sleep for a bit!). Severe limit on sideloaded apps (I have over 30 of them, counting small utilities that that I developed, and not counting outdated versions, redundent apps, or anything else I removed). No listener sockets (though this didn't require a very fancy hack). No C++ code reuse (same as the server sockets). No way to tell how much space each app was using (but there's a homebrew for that).
WP8 fixes many of the worst problems. We can now register filetype handlers (though Kindle still doesn't register .MOBI or .PRC, so no more sideloading my ebooks for now...), use native code (with restrictions, but it's better than the default on WP7), and theme our phones (well, a litttttle bit more than before; still not enough). They added some much-requested features (SMS backup, variable text size, ability to control the browser app bar at least a bit, WiFi on while sleeping, Skype integration) and of course the change in OS brought many other improvements (multi-core, removable SD cards, higher resolutions, etc.). However, it still has some big problems of its own. True multitasking is still very limited. Data backup is still iffy. Still no filesystem access (or ability to do anything outside an app sandbox except the official Settings tools). Still very limited sideloading.
I promise you, though, people are working on it. I'm one of them, and several of the other names you know from WP7 hacking are as well.
People like GoodDayToDie & netham45 make the windows forums so much fun to follow
nikufellow said:
^stick with 8x at least till Nokia world sometime in September because surprises are on its way
Click to expand...
Click to collapse
Yea but, I am on Verizon....After a release of a model it will take 6 months for Verizon to get a phone that is almost outdated on release.
The 8X is so limited on space that it's driving me nuts, If I find app or game I want to try, I have to uninstall a Paid app to install it. It's getting too old. 8X on format is 11.5gb and the Lumia 928 is 23.5gb, a little over double the space might be worth it, depending on what I can get it for, of course.
The blogs are dead because places like XDA that centralize around modding your phone to improve performance isn't necessary when WP8 software already performs flawlessly. Go to blogs like WPCentral and the Windows Phone community is alive and well swapping out our black Lumia shells for yellow and talking about games and apps. Pretty much doing what we should be doing on a phone, not repairing phones that came broken.
Flawlessly? Ahahahahaha
Still no app data backup machanism.
Still no custom themes.
Still no way to sideload XAP files (unless they are "company apps") without a PC.
Still no filesystem access.
Still no way to control the permissions an app has (what if I want to use the app, but don't want to give it access to my camera?)
Still no way remove "Settings" apps.
Still no way to do true multitasking (not the restricted and often crippled things that the official APIs call multitasking).
Still no way to overwrite file associations (you can choose them when opening a file that multiple apps claim to support, but that's it).
Still no way to change the default browser or email client or dialer.
Still no way to install apps to the SD card.
Still have only limited access to Bluetooth.
Still no way to browse, much less edit, the registry.
Still no way to sideload large numbers of (non-"company") apps.
...
Seriously, go look at the list of things that are possible with WP7 homebrew (never mind WinMo or Android or iOS), and then see how many of them are possible with WP8 right now. It's a joke. MS added some (much needed) features, but also took away some things that I think are vitally important, and took away our ability to re-create them for the new OS... unless and until we break it as we have broken OSes in the past.
You imply that WP8 didn't come "broken" and therefore doesn't need modding? Bull.
I've been wanting to root/unlock my Lumia for one purpose only, sideloading my own developed apps. It's gruesome to try an app in the emulator all the time, but in a month that will be fixed with an AppHub account. And after that my real purpose for rooting/unlocking is gone.
Always fun to see what's possible on the unlocked device though, code-wise.
Sent from my Lumia 920 using Board Express
GoodDayToDie said:
Flawlessly? Ahahahahaha
Still no app data backup machanism.
Still no custom themes.
Still no way to sideload XAP files (unless they are "company apps") without a PC.
Still no filesystem access.
Still no way to control the permissions an app has (what if I want to use the app, but don't want to give it access to my camera?)
Still no way remove "Settings" apps.
Still no way to do true multitasking (not the restricted and often crippled things that the official APIs call multitasking).
Still no way to overwrite file associations (you can choose them when opening a file that multiple apps claim to support, but that's it).
Still no way to change the default browser or email client or dialer.
Still no way to install apps to the SD card.
Still have only limited access to Bluetooth.
Still no way to browse, much less edit, the registry.
Still no way to sideload large numbers of (non-"company") apps.
...
Seriously, go look at the list of things that are possible with WP7 homebrew (never mind WinMo or Android or iOS), and then see how many of them are possible with WP8 right now. It's a joke. MS added some (much needed) features, but also took away some things that I think are vitally important, and took away our ability to re-create them for the new OS... unless and until we break it as we have broken OSes in the past.
You imply that WP8 didn't come "broken" and therefore doesn't need modding? Bull.
Click to expand...
Click to collapse
If there is one thing I do not understand about the new SDK APIs, is why on earth an app can not register itself to open file formats reserved by the system. IMO thats the most retarded idea ever implemented in the history of computing. And to make the retarded thing completely retarded, they made it so most common files are handled by system apps, so you can not override the file association.
I am really wondering what is microsoft going to do about these things. If they really want a marketplace full of games, facebook, youtube and instagram apps, then they should stick to their current plan. WP will never get useful in a broad sense.
I hope the update this fall brings new stuff, otherwise the platform will die soon.
GoodDayToDie said:
Flawlessly? ... You imply that WP8 didn't come "broken" and therefore doesn't need modding? Bull.
Click to expand...
Click to collapse
Although I don't agree with much of his bill-of-particulars, I have to agree with GDTD's sentiment.
Probably, modders need to correct deficiencies. I'm down with MS or anybody else who steps up. I'm in no hurry to crack my OS open right now, though.
I am especially offended at Microsoft's pitiful PDF reader attempt. And some of the apps in the store make me squint. I want to see the author "Google" emblazoned on my YouTube app, not a third party dev. I sure hope MS is putting these apps under a microscope.
The joy of homebrew (and of a developer forum, like this one) is, even if your goals are different from mine, it's possible for you to make your own changes to the device. It's yours; you control it. That's what security *means*, or at least what it's supposed to mean: you (the owner) are in control of what happens.
Ever since the iPhone, though, the trend has been twoards more and more lockdown, taking control away from the device owner and branding this as "security". I don't like it, so I aim to break it. Ideally, we break it in ways that only work with a local attack; I don't want somebody else able to control my device (that really would be the opposite of security)... but I do want to control it myself!
Part of the problem is that there have been no updates in recent months. Portico came out, Nokia dropped some new firmwares last month. But largely, nothing has changed in WP8 since launch. Personally, I find that boring. Maybe I should have an Android phone on the side to keep me entertained with updates, but I find Windows Phone much more usable day-to-day.
It has been more than 6 months since the WP8 launch, and GDR1 didn't really add much. Microsoft should have planned to have GDR2 out by now, even if it meant postponing some features for GDR3. I think most of us would rather have small quarterly updates to WP8, rather than a massive upgrade once a year. It's starting to feel like WP7 and the Mango anticipation all over again, now that it sounds like WP8.1 might be delayed into 2014. Hopefully they come through with their vaporware enthusiast program to keep our attention in the meantime.
I agree with the OP. Cobwebs on this side of the section totally. A thread in a week may be? But there is something I often read on many forums. People who are happy (I know it's a very wide term) with their devices, I.e don't run into problems with their devices, see no need to lurk around. So actually, it is a good sign. It shows how well-thought after a WP device is.
And GoodDayToDie, even though I agree with everything u've noted down, I don't quite believe WP needs all of that.
Still no app data backup machanism. - Umm...Data Sense?
Still no custom themes. - Fair Enough, but again, WP IS NOT meant to be themed to the T
Still no way to sideload XAP files (unless they are "company apps") without a PC. - I believe this is for security reasons.
Still no filesystem access. - Why do you even want that when the system is running flawless, (yes the same word u scorned at.)
Still no way to control the permissions an app has (what if I want to use the app, but don't want to give it access to my camera?) - LOL! You gotta be kidding me right?
Android has the worst permission management I have ever seen in my adult life. Android gives wayyyyyyyyyyyyyy more information out than any OS out there.
Still no way remove "Settings" apps. Umm..u sure u want that?
Still no way to do true multitasking (not the restricted and often crippled things that the official APIs call multitasking). Multi-tasking is really good with WP8.
Still no way to overwrite file associations (you can choose them when opening a file that multiple apps claim to support, but that's it). - Fair enough, but not a deal breaker either.
Still no way to change the default browser or email client or dialer. - I believe you are again entering the territory of themeing, already replied above. Every OS comes with it's own email client. I don't see the point here.
Still no way to install apps to the SD card. - Fair enough. By far the best point in your list.
Still have only limited access to Bluetooth. - In what way?
Still no way to browse, much less edit, the registry. - Again, WHY? WHy mend it when it's not broken.
Still no way to sideload large numbers of (non-"company") apps - U can download the app(paid or otherwise) from the App store on your computer, put it on the SD card and say install from the Store App on the phone. Simple?
DataSense has nothing even remotely to do with backing up (and restoring) app data; where'd you get that idea? Vital feature that homebrew eventually made avaialble in WP7 but is missing in WP8.
"IS NOT meant" nothing! Somewhere under all that sandboxing and locked-down UI is a general-purpose OS running on top of highly capable hardware. It's "meant" to be whatever the owner fo the device *wants* it to be, including (in the case of many, many people if the popularity of WP7 homebrew apps is any sign) theming. Stop being an apologist for Microsoft; it's one thing to say "extensive theming wasn't implemented because other features were higher priority" but when you start trying to tell me that I'm not supposed to theme it, you seriously need to put down the Kool-Ade. Besides, the very claim is ludicrous to the point of disingenious; have you *seen* the WP8 ads? They all stress the customizability of the Start screen. To the point of suggesting you can "meet" a person simply through how they have their phone set up... those ads freaking scream "customize me!" Then you discover there's only a handful of pre-set colors, two background styles, and the ability to mess with the tiles; nothing else.
No, it is quite absolutely *not* for "security" reasons. Security means the owner of the device controlling the device's behavior. If somebody else (like, for example, the manufacturer of the device) is controlling its behavior, that is not security; it's lockdown. The sideloading restriction can only be called security if it's not your device but actually belongs to Microsft. Screw that. Besides, that argument makes no sense anyhow; if I can pay my $99 and sideload with a PC, why can't I sideload without one (or without paying)? The marketplace has DRM to mitigate piracy and that's a darn weak excuse to cripple a device anyhow.
When I can load my Puzzle Quest 2 savegames and other game progress and high scores, copy my PGP keychain, sideload my Kindle ebooks into the Kindle app (yes, this is possible on WP7), extract or replace the built-in audio files, and delete the junk which accumulates in the OS and uses up storage space (without hard resetting the device), then I will stop considering the level of filesystem access a problem. Until then, "running flawless" is quite worthy of scorn indeed.
Wow, I seriously question your reading comprehension. I never mentioned Android in this point, or anywhere else (except to point out that it has a lot of homebrew). But, for your information, the default permissions / capabilities handling in Android is just as broken as in WP8. The difference is that with Android, it is possible (CyanogenMOD did this, for example) to install apps without actually granting them all the permissions they ask for. On WP7, this wasn't properly possible yet, but I was working on a system to do it that hooked the app install process and allowed people to uncheck app capabilities they didn't want to permit.
Um yes, I'd like to remove the non-functioning Samsung apps (until they are fixed) that are taking up space on my phone's storage and making the Settings list longer. I can always re-install them if needed. Every other carrier or OEM app is removable; why should these get special treatment just because they have a field in their app manifest that says "install me in the Settings hub"?
Multitasking - true multitasking, where multiple apps can run at once - is nigh-nonexistent on WP8. Aside from things like audio background agents and once-every-30-minutes-you-get-a-few-seconds-of-CPU-time scheduled tasks, there basically isn't any multitasking (of third-party apps) at all. Fast app switching is *not* multitasking; every app aside from the main one is suspended, unable to do amything until brought into the foreground.
Changing file associations obviusly isn't a deal-breaker, or I wouldn't be using the phone... but definitely a problem. Windows has offered the ability to control file associations since at least Win95, and I think it was possible in 3.1 as well...
Changing the default browser and email client and calendar and dialer aren't "theming" by any conventional definition, but the point made above about theming stands anyhow: it's a matter of personalization. It can also be a matter of functionality (for example, the built-in email client can't handle S/MIME encrypted email at all and has no PGP integration). Or a matter of usability (I use folders a lot; it's a pain needing to expand a menu to get to them)! Or something else... the important point is that it should be possible. Every OS comes with an email client, but every OS except iOS (and WP) allows you to change the default email client, too. This isn't even hard to implement (the relevant registry keys were present on WP7, at least; carrying over the API to control them wouldn't have been hard at all); it's once again a case of Microsoft intentionally restricting what you can do with your phone. If I wanted a mobile OS designed by a control freak, I'd buy an iPhone...
Nothing more really needs to be said here, except that with filesystem access (create a symlink or junction in the apps folder, for example) this would be possible...
Many BT profiles, such as HID devices (for mice and keyboards), are missing from WP8. So far as I know, apps can't use the Headset profile either; the pseudo-turn-by-turn navigation on WP7 would give its instructions via the car's BT if possible, but Nokia/Here Drive must use the phone's speakerphone speaker instead.
When I can change default browser and text editor, create my own themes, enable features that a ROM shipped disabled (have you seen the thread by the guy who can't get visual voicemail?), sideload high-privilege apps (without paying for the privilege), and remove root certificates of CAs that I don't trust (in WP7, these were stored in the registry), then I will stop considering the level of registry access to be a problem.
If they're from the store, they aren't really sideloaded, just downloaded on a different machine. I'm talking homebrew, stuff that the isn't yet, or never will be, or *can't* be (because it breaks some policy of Microsoft's, or requires high privileges to work) put in the store. Besides, many of the most popular WP8 models don't have an SD card slot at all.
GoodDayToDie said:
Flawlessly? Ahahahahaha
Still no app data backup machanism.
Still no custom themes.
Still no way to sideload XAP files (unless they are "company apps") without a PC.
Still no filesystem access.
Still no way to control the permissions an app has (what if I want to use the app, but don't want to give it access to my camera?)
Still no way remove "Settings" apps.
Still no way to do true multitasking (not the restricted and often crippled things that the official APIs call multitasking).
Still no way to overwrite file associations (you can choose them when opening a file that multiple apps claim to support, but that's it).
Still no way to change the default browser or email client or dialer.
Still no way to install apps to the SD card.
Still have only limited access to Bluetooth.
Still no way to browse, much less edit, the registry.
Still no way to sideload large numbers of (non-"company") apps.
...
Seriously, go look at the list of things that are possible with WP7 homebrew (never mind WinMo or Android or iOS), and then see how many of them are possible with WP8 right now. It's a joke. MS added some (much needed) features, but also took away some things that I think are vitally important, and took away our ability to re-create them for the new OS... unless and until we break it as we have broken OSes in the past.
You imply that WP8 didn't come "broken" and therefore doesn't need modding? Bull.
Click to expand...
Click to collapse
The only thing I can agree with you on is the file system, bluetooth, and not being able to override the default apps associations (seriously, the default apps is the most retarded idea ever).
(sorry about my chinglish )
So here's how:I locked my nexus10 and forgot the password, and I do not see the "Forgotten" button on the screen and also I didn't turn USB debugging mode on, so is there any possibility I can save my data instead of cleaning them up? Thank you (btw, I deleted the original recover files(because I once booted Ubuntu Touch on it) how can I reset it anyway?) Tanks a lot
EX_RIVER said:
(sorry about my chinglish )
So here's how:I locked my nexus10 and forgot the password, and I do not see the "Forgotten" button on the screen and also I didn't turn USB debugging mode on, so is there any possibility I can save my data instead of cleaning them up? Thank you (btw, I deleted the original recover files(because I once booted Ubuntu Touch on it) how can I reset it anyway?) Tanks a lot
Click to expand...
Click to collapse
If you have TWRP (not sure about Clockworkmod), "Factory Reset" will leave personal files on while clearing settings, custom apps, etc. FORTUNATELY, there is no way to bypass, other than resetting the device, the password for security reasons
dibblebill said:
If you have TWRP (not sure about Clockworkmod), "Factory Reset" will leave personal files on while clearing settings, custom apps, etc. FORTUNATELY, there is no way to bypass, other than resetting the device, the password for security reasons
Click to expand...
Click to collapse
Pretty sure that's not true, strictly speaking. Unless OP is talking about encryption, flashing a new ROM over top will preserve most user data saved on /sdcard (much to my annoyance).
Rirere said:
Pretty sure that's not true, strictly speaking. Unless OP is talking about encryption, flashing a new ROM over top will preserve most user data saved on /sdcard (much to my annoyance).
Click to expand...
Click to collapse
You are correct. I forgot that circumstance. TWRP specifically excludes the data/media area
Sent from my Samsung Galaxy Victory via XDA Developers App
dibblebill said:
You are correct. I forgot that circumstance. TWRP specifically excludes the data/media area
Sent from my Samsung Galaxy Victory via XDA Developers App
Click to expand...
Click to collapse
I mean, it's useful because if you flub a flash you can use a backup, but these recoveries are not secure and aren't designed to be.
EX_RIVER said:
(sorry about my chinglish )
So here's how:I locked my nexus10 and forgot the password, and I do not see the "Forgotten" button on the screen and also I didn't turn USB debugging mode on, so is there any possibility I can save my data instead of cleaning them up? Thank you (btw, I deleted the original recover files(because I once booted Ubuntu Touch on it) how can I reset it anyway?) Tanks a lot
Click to expand...
Click to collapse
USB debugging isn't required for ~all~ USB stuff, so you should try it anyways.
Then, as long as you still know your Google password you can install this to your Nexus, via the web (no log on to device actually needed):
http://www.androidlost.com/
I haven't actually tried or used that program, so cant say 100% it will work on N10 - but "in general" it seems like it should!
:good:
bigmatty said:
USB debugging isn't required for ~all~ USB stuff, so you should try it anyways.
Then, as long as you still know your Google password you can install this to your Nexus, via the web (no log on to device actually needed):
http://www.androidlost.com/
I haven't actually tried or used that program, so cant say 100% it will work on N10 - but "in general" it seems like it should!
:good:
Click to expand...
Click to collapse
I don't know if AndroidLost can unlock a device, and he doesn't seem to have lost it either. Unless an app had root/device admin access, I can't imagine that it would have the privileges necessary to remove authentication from a device (since that seems to be the pinnacle of bad security). Secure Settings + Tasker can do it, but you need to set that up beforehand.
Rirere said:
I don't know if AndroidLost can unlock a device, and he doesn't seem to have lost it either. Unless an app had root/device admin access, I can't imagine that it would have the privileges necessary to remove authentication from a device (since that seems to be the pinnacle of bad security). Secure Settings + Tasker can do it, but you need to set that up beforehand.
Click to expand...
Click to collapse
It says it can:
Lock the phone
You can lock and unlock the phone from the web. If you forget your pincode you can simply overwrite it or remove it from the web
bigmatty said:
It says it can:
Lock the phone
You can lock and unlock the phone from the web. If you forget your pincode you can simply overwrite it or remove it from the web
Click to expand...
Click to collapse
I don't think this means what you think it means (and I could be wrong). Many security apps like avast! offer a similar "locking" functionality, where the normal lockscreen (whatever security it is) is covered by a second lockscreen, superimposed over all system UI elements to prevent access. This lockscreen is controlled by the app, but it will not affect any underlying security (basically, think of it as a replacement lockscreen for security reasons, not much unlike HoloLocker or Go Launcher's lockscreen).
Rirere said:
I don't think this means what you think it means (and I could be wrong). Many security apps like avast! offer a similar "locking" functionality, where the normal lockscreen (whatever security it is) is covered by a second lockscreen, superimposed over all system UI elements to prevent access. This lockscreen is controlled by the app, but it will not affect any underlying security (basically, think of it as a replacement lockscreen for security reasons, not much unlike HoloLocker or Go Launcher's lockscreen).
Click to expand...
Click to collapse
I don't know man, and like I said I've never tried it. But its a super popular app, and has been featured in write ups. On their main page it states that text, as the fifth "main feature" which seems pretty straight forward to mean "the main lock screen"...
bigmatty said:
I don't know man, and like I said I've never tried it. But its a super popular app, and has been featured in write ups. On their main page it states that text, as the fifth "main feature" which seems pretty straight forward to mean "the main lock screen"...
Click to expand...
Click to collapse
No good, sorry. You're right on one count-- I just tested it, and it does interact with the stock lockscreen. Unfortunately, as I said earlier, unless the app is granted root/device admin privileges, no Android app can change the stock lockscreen...and since OP can't get into his device, he can't grant it device admin.
Rirere said:
No good, sorry. You're right on one count-- I just tested it, and it does interact with the stock lockscreen. Unfortunately, as I said earlier, unless the app is granted root/device admin privileges, no Android app can change the stock lockscreen...and since OP can't get into his device, he can't grant it device admin.
Click to expand...
Click to collapse
Nice on the testing! Too bad about the unlock. Perhaps he can still use it to offload his content though.
Did you try to "push" it to your device w/out installing it direct? I have wondered if I should pre-load this app on my devices, but "they" tout its remote-install-ablity, so I somewhat feel like I would not have to pre-install. (But then again, Im always apprehensive of claims that make things seem super easy.)
EDIT: Hmmm.... I see it requires "SMS" to install this on a device via Push - so I guess it NEEDS to be pre-loaded on a N10 if one wishes to use it to retrieve a lost N10, or even use it in this context! Now to decide if I install this or not...
bigmatty said:
Nice on the testing! Too bad about the unlock. Perhaps he can still use it to offload his content though.
Did you try to "push" it to your device w/out installing it direct? I have wondered if I should pre-load this app on my devices, but "they" tout its remote-install-ablity, so I somewhat feel like I would not have to pre-install. (But then again, Im always apprehensive of claims that make things seem super easy.)
Click to expand...
Click to collapse
I installed direct. I use Cerberus (and before that, avast! Anti-Theft) to help secure my devices, but these things are all a game of chance. My advice: completely disregard remote-install abilities. If you're going to use this kind of service, it really doesn't make any sense not to install it yourself, where you can change your preferences (such as install to /system or rename the application) to work for you.
The bigger problem is that, obviously, six hundred million things could go wrong. I noticed that AndroidLost noted that they were using Google to push messages, which indicates that they're using C2DM (unlikely, it's deprecated) or GCM push services, which require your phone being connected to a network (itself a big assumption) that will allow Google's ports to send traffic. This excludes no small number of places, particularly corporate networks (and many schools as well). It also looks like one of the wakeup methods if SMS, which is not only noticeable (to a thief), but potentially may be intercepted by other apps on the phone (such as an alternative SMS app).
The idea is that these apps intercept and delete any command SMS before any other app, but in practice this doesn't always happen. So test your setup before something happens!
Rirere said:
I installed direct. I use Cerberus (and before that, avast! Anti-Theft) to help secure my devices, but these things are all a game of chance. My advice: completely disregard remote-install abilities. If you're going to use this kind of service, it really doesn't make any sense not to install it yourself, where you can change your preferences (such as install to /system or rename the application) to work for you.
The bigger problem is that, obviously, six hundred million things could go wrong. I noticed that AndroidLost noted that they were using Google to push messages, which indicates that they're using C2DM (unlikely, it's deprecated) or GCM push services, which require your phone being connected to a network (itself a big assumption) that will allow Google's ports to send traffic. This excludes no small number of places, particularly corporate networks (and many schools as well). It also looks like one of the wakeup methods if SMS, which is not only noticeable (to a thief), but potentially may be intercepted by other apps on the phone (such as an alternative SMS app).
The idea is that these apps intercept and delete any command SMS before any other app, but in practice this doesn't always happen. So test your setup before something happens!
Click to expand...
Click to collapse
Thanks for the info, I will look into Cerberus. I am assuming you would recommend that as you are currently using it? Do you think its better than AndroidLost, even though you haven't spent as much time w/ AndroidLost?
bigmatty said:
Thanks for the info, I will look into Cerberus. I am assuming you would recommend that as you are currently using it? Do you think its better than AndroidLost, even though you haven't spent as much time w/ AndroidLost?
Click to expand...
Click to collapse
I like it a lot more, but I will admit I personally liked avast! better. Its uncertain future (plus a nice promotion) led me to jump ship to Cerberus. I'd have to play around with it a bit more to be sure though.
Rirere said:
No good, sorry. You're right on one count-- I just tested it, and it does interact with the stock lockscreen. Unfortunately, as I said earlier, unless the app is granted root/device admin privileges, no Android app can change the stock lockscreen...and since OP can't get into his device, he can't grant it device admin.
Click to expand...
Click to collapse
Yep, you're right I can't get root under this situation, thanks a lot I'm trying to figure out how to save my data mow
EX_RIVER said:
Yep, you're right I can't get root under this situation, thanks a lot I'm trying to figure out how to save my data mow
Click to expand...
Click to collapse
It's not root you need per se, it's device admin. But root isn't an easy option for you either, because unlocking your bootloader will hose your data. I also think most of the locked-bootloader exploits require the device to be on and unlocked. If you're signed into your Google account, you should have a fair degree of stuff backed up already-- what sorts of data are you trying to save?
Rirere said:
It's not root you need per se, it's device admin. But root isn't an easy option for you either, because unlocking your bootloader will hose your data. I also think most of the locked-bootloader exploits require the device to be on and unlocked. If you're signed into your Google account, you should have a fair degree of stuff backed up already-- what sorts of data are you trying to save?
Click to expand...
Click to collapse
Mostly..........Photos and videos
EX_RIVER said:
Mostly..........Photos and videos
Click to expand...
Click to collapse
...do you have a Google+ account? Slash have you ever opened the app? If so, you might actually be in luck and your data should have been backed up to your Google+ (or PicasaWeb if you prefer).
Hello Good People of XDA
I have been a i9506 owner for quite long, had a 9100 before,
I am used to root and mess with apps to customize things to my wim,
at the best of my knowledge (I lack android programming skills, but I can do things with terminal and filesystems).
All that before to say I am not totally a noob, but my lack of technical knowledge might bite me there.
System wise, I am under 4.2.2, rooted, unknow sources are not allowed, system check for apps is allowed,
I have an antivirus (more than one, but only one works each day, just to be sure I don't miss things)...
My problem is that I recently found out that some apps, actually system apps, blocked
with Titanium backup, or with gemini app manager, or app quarantine,
were actually running anyway.
They are marked as blocked in my app manager, but can still be force closed,
and they appear in battery displays (most of these under the android system block, in the list of services/apps used),
and in process running when using Ccleaner apps.
Also, my battery display show GPS is activated, while when I go into options, all boxes are off or unticked.
I thus wonder what's happening?
How is it possible to have these schrödinger apps tamed and blocked like I want them.
I want these to shut down and only work when I DO ALLOW these, for them not to suck my battery or do unauthorized chores like tracking me when I don't want.
How is it possible that they even behave like that? In i9100, I never observed that in Android 4.0.
I wonder if Google didn't change the workings for making us unable to disactivate what we don't want to work, which was pissing them off.
They already change the permissions displays in the market so permissions as intrusive as "contacts/sms message/USB stockage" are considered "not relevant/important",
while they are depending on the announced display of the app.
But I don't want to go on the "conspiracy route" (I am not like that, I am a pragmatist and I just observe facts, like these apps, with sensitive access, not being able to be deactivated), so let's focus on the technical part:
such apps were Maps, Samsung sync adapters, NFC service , Google Agenda/Contact synchronisation, sysscope, context provider, etc.
That's a lots of things that are supposed to communicate to cloud or other devices, with feels lot like a gaping flaw in the armor...
I want a phone and a tool, not something that track me or put me at risk of being stolen by somebody with technical knowledge.
Am I alone?
Thanks for any insights.
Blocked apps still working
I don't know if my title was too unclear, so I would like to change the title but am unable to do so?
Is it please possible for a moderator to do it (with the title of this post)?
Thanks by advance.
I feel like it is a true problem not being able to block some apps,
or even more, to believe they are blocked while they perfectly perform in the background,
and display activity only in secondary reports, not under their respective "buttons"/information tabs.
I wonder abourt the technical reason to such behavior.
Then delete those apps or block some of the permissions with an app (eg Privacyguard).
It's my opinion that an antivirus app (at the moment) is a waste of resources. Just think before you install something. Also if you are worried about security, you should always run the latest version of Android. 4.2.2 is an old version.
Lennyz1988 said:
Then delete those apps or block some of the permissions with an app (eg Privacyguard).
It's my opinion that an antivirus app (at the moment) is a waste of resources. Just think before you install something. Also if you are worried about security, you should always run the latest version of Android. 4.2.2 is an old version.
Click to expand...
Click to collapse
Thanks for your answer.
Well I don't want to delete system app when they might be useful at time.
I just want them to behave correctly, that is, not work when they are blocked.
That is not a solution to say "uninstall this", while the true problem is Android general behavior here.
I didn't installed system apps, they came with the thing, and all of them are not bloatware.
"NFC service" is something I want to keep for when I am ready to use it,
but I don't want to let it free and unleashed because of the opening it leaves on my phone.
Same goes for bluetooth, synced backups and so on.
I don't want backups on the cloud, so I deactivated the options, and blocked the apps.
Why are they running? It is not normal!
And my old version is maybe not secure, but actually trying 4.3 hasn't changed anything,
and I only suspect this to be some "new feature".
The antivirus is a waste for scans, I agree, still it has useful firewall features that justifies in itself its uses.
Okay, so this is a difficult one. I'm not even sure if this is possible, as it's so specific and probably will not get the responses I want for this... but here goes.
I am trying to retrieve the data (passwords, history, settings, etc.) from Vivaldi web browser. Here's the problem: it's not easy to locate. On Windows and Linux, I can just go through the file system and see it there; it will even appear in my user data directories. On Android, however, it's a whole different ball of wax. I go to SDCARD/Android/data/com.vivaldi.browser only to find that nothing is there. I then do some web searching to find out that it may be stored in ROOT/data/data/, which is a problem because I can't access it normally. For most everything beyond user folders, I need root access. Pulling with ADB does nothing, as I get the does not have sufficient permissions error. To top it all off, I then go to vivaldi://about and find that it may actually store the stuff in /data/user/0/com.vivaldi.browser! It too is inaccessible.
Now, this is my friend's Tab A. I have had experience in root before, but it often ends up with me fiddling with patches in order to get stubborn apps to ignore the fact that it is rooted, and even THEN some apps don't work well at all because of things I've done on the system level. Therefore, I am very wary about rooting, but I don't know what else to do. Is there ANY WAY, other than rooting, that I can retrieve all the browser data files I want access to, so I don't potentially damage or even brick my friend's device? Is there something besides root that I can install or use that will override the device restrictions, or perhaps there is a better way to retrieve the data? I am well aware of Sync, but my friend doesn't want a Vivaldi account. I also know that passwords can be exported as text, but I also would like to import them onto another Android device (ANY Android device) where Vivaldi will be installed.
HarvHouHacker said:
Okay, so this is a difficult one. I'm not even sure if this is possible, as it's so specific and probably will not get the responses I want for this... but here goes.
I am trying to retrieve the data (passwords, history, settings, etc.) from Vivaldi web browser. Here's the problem: it's not easy to locate. On Windows and Linux, I can just go through the file system and see it there; it will even appear in my user data directories. On Android, however, it's a whole different ball of wax. I go to SDCARD/Android/data/com.vivaldi.browser only to find that nothing is there. I then do some web searching to find out that it may be stored in ROOT/data/data/, which is a problem because I can't access it normally. For most everything beyond user folders, I need root access. Pulling with ADB does nothing, as I get the does not have sufficient permissions error. To top it all off, I then go to vivaldi://about and find that it may actually store the stuff in /data/user/0/com.vivaldi.browser! It too is inaccessible.
Now, this is my friend's Tab A. I have had experience in root before, but it often ends up with me fiddling with patches in order to get stubborn apps to ignore the fact that it is rooted, and even THEN some apps don't work well at all because of things I've done on the system level. Therefore, I am very wary about rooting, but I don't know what else to do. Is there ANY WAY, other than rooting, that I can retrieve all the browser data files I want access to, so I don't potentially damage or even brick my friend's device? Is there something besides root that I can install or use that will override the device restrictions, or perhaps there is a better way to retrieve the data? I am well aware of Sync, but my friend doesn't want a Vivaldi account. I also know that passwords can be exported as text, but I also would like to import them onto another Android device (ANY Android device) where Vivaldi will be installed.
Click to expand...
Click to collapse
Even if you unlock the bootloader and permanently change the knox flag, you cannot be sure that the files pertaining to Vivaldi are not encrypted and associated with one particular device.
Consequently, your action may be useless.
ze7zez said:
Even if you unlock the bootloader and permanently change the knox flag, you cannot be sure that the files pertaining to Vivaldi are not encrypted and associated with one particular device.
Consequently, your action may be useless.
Click to expand...
Click to collapse
I'd still like to try, regardless, just to see if it can be done.
HarvHouHacker said:
I'd still like to try, regardless, just to see if it can be done.
Click to expand...
Click to collapse
Wouldn't it be more prudent to ask on the Vivaldi forum if this is doable?
Vivaldi for Android
Join the Vivaldi Community to connect with friends from around the world and discuss technology, the future of the web, and development of the Vivaldi Browser.
forum.vivaldi.net
ze7zez said:
Wouldn't it be more prudent to ask on the Vivaldi forum if this is doable?
Vivaldi for Android
Join the Vivaldi Community to connect with friends from around the world and discuss technology, the future of the web, and development of the Vivaldi Browser.
forum.vivaldi.net
Click to expand...
Click to collapse
I didn't know where to ask, honestly. Besides, I use Vivaldi as an example, but I also have other browsers I wanted to get their data from, and they're not common ones (DuckDuckGo browser, for instance).