Related
Hi, a new guy here!
I recently became a happy owner of 32Gb wi-fi only N7. I’m familiar with software dev (windows developer for 20 years with some work on unix) and customization/modding/flashing process (mostly for satellite receivers). However this is my first tablet and my first Android device so I could use some help
I successfully unlocked, rooted and installed custom recovery on my N7. I would like to get to a bare bones state of the N7 and then slowly add new features/programs to it when it becomes necessary for me. So I would like to remove all non essential parts that were preinstalled on my N7.
I was under impression that I could uninstall programs using N7 UI after device gets rooted. However it seems that for majority of the apps I still only have an option to disable.
I shelled into N7 and looked around. It seems that all (majority?) of the apps are in /system/apps folder. Can I simply remove the apps and their files from that folder? Does this folder only contain user apps or does it also have system apps that are essential for N7 to function? Is there a chance to brick it by removing something (everything?) from that folder?
I searched on a forum for a list of apps that are safe to remove. I thought it would exist since it seems to be something many of us would be interested in doing. I didn’t find the list. If there is such a thing and someone could direct me there, it would be great!
Given that I can remove apps by deleting them from that folder safely, I still have a question what each app does and how important it is. Is safe to assume that any app that has a wheel with a drive belt on it as an icon in apps screen on N7 is system app and has to stay?
I have two keyboard app installed – one is Android keyboard and one is ASUS keyboard. Judging by the name 2 of these are essential since Android is the OS and ASUS is the manufacturer. But do I really need two of them?
If there is a resource/thread that discussed something similar, please let know. I look forward to learn from anyone on this forum!
_Diver said:
Hi, a new guy here!
I recently became a happy owner of 32Gb wi-fi only N7. I’m familiar with software dev (windows developer for 20 years with some work on unix) and customization/modding/flashing process (mostly for satellite receivers). However this is my first tablet and my first Android device so I could use some help
I successfully unlocked, rooted and installed custom recovery on my N7. I would like to get to a bare bones state of the N7 and then slowly add new features/programs to it when it becomes necessary for me. So I would like to remove all non essential parts that were preinstalled on my N7.
I was under impression that I could uninstall programs using N7 UI after device gets rooted. However it seems that for majority of the apps I still only have an option to disable.
I shelled into N7 and looked around. It seems that all (majority?) of the apps are in /system/apps folder. Can I simply remove the apps and their files from that folder? Does this folder only contain user apps or does it also have system apps that are essential for N7 to function? Is there a chance to brick it by removing something (everything?) from that folder?
I searched on a forum for a list of apps that are safe to remove. I thought it would exist since it seems to be something many of us would be interested in doing. I didn’t find the list. If there is such a thing and someone could direct me there, it would be great!
Given that I can remove apps by deleting them from that folder safely, I still have a question what each app does and how important it is. Is safe to assume that any app that has a wheel with a drive belt on it as an icon in apps screen on N7 is system app and has to stay?
I have two keyboard app installed – one is Android keyboard and one is ASUS keyboard. Judging by the name 2 of these are essential since Android is the OS and ASUS is the manufacturer. But do I really need two of them?
If there is a resource/thread that discussed something similar, please let know. I look forward to learn from anyone on this forum!
Click to expand...
Click to collapse
I don't have the energy right now to address every app one at a time, but I'll nudge you in the right direction. That should help you start tinkering.
The Nexus 7 is very popular in this community because it's intentionally more open, and less bloated, than much of the competition.
That being said, sure there are apps you could uninstall if you decide to. Some of the custom ROM's will have probably already have done this for you, but may create little unexpected quirks here and there.
The first thing you'll want to do is backing everything up thoroughly. I would use Titanium Pro (you'll see it referred to as Tibu a lot), to backup all apps and settings. Then I would use the Google Nexus 7 toolkit (found in the forums here) to do a backup, as well as make a nandroid backup.
Ok, so you're ready to tinker. Well, if you bought Titanium Pro from the app store, you've already got all you really need. First, use titanium to freeze an app you don't feel you need, and don't think is required. Re-boot, go about your daily routine, and see if all is ok. Continue on in this manner. Once you've frozen everything you're interested in, and made sure all is well, you can probably go ahead and uninstall them through Tibu. Freezing them should generally make them not start up anyways, so unless the tiny amount of space they take up is a concern, that's really all you generally need to do *.
* Ok, sometimes you have to fully uninstall things you don't want, but this should get you plenty to tinker with for now.
bladebarrier,
Thanks for your response. I understand the approach you suggested – disabling apps one at a time and then when they all disabled and device is working to my liking for a while I could uninstall them.
However, I’m somewhat frustrated with a sheer number of apps that I have out of the box and I can’t find a good description of what they do. For example:
Mobile Network Configuration
Google Partner Setup
Google Services Framework
Searching online doesn’t yield definitive answers if it’s something I need or will N7 work without them. I have google play store and google play services installed – does store app require services? Reading a bit about it doesn’t make it seem so, but I’m not 100% sure. So I was wondering if there is a list of apps that are required for N7 well being and that cannot be removed no matter what.
For example, Black Viper has an excellent example of what I’m looking for but for windows nt services: (can't post a link)
This page explain what each service is, what it does and if it’s safe to disable it depending on configuration you’re seeking – minimal set, typical, out of box of experimental. I would love to find something like that for N7 system apps
I installed CWM recovery when I rooted and as far as I can understand I does NAND backups. I plan on moving the backup file from the device to my desktop and keeping it there for safety reason.
The Tibu process that you described, as far as I understand (and I might be wrong here) is basically equivalent of disabling the apps using native N7 setting app, rebooting, using it for a while and then removing .apk and .odex (or simply app_name.*) files from system/apps folder. Tibu just makes it easier. Did I get that right?
And it’s still removing one app/widget at the time. I’d like to clean it out completely first and start from that point. So Tibu will probably not help me there. So my main Q is still out there – can I brick it by removing everything from system/app? Are there only user apps there or essential system apps as well? With CWM back up file on hand will I be able to recover if my experiment goes bad?
> * Ok, sometimes you have to fully uninstall things you don't want, but this should get you plenty to tinker with for now.
One of the reasons I want to have them removed is to clean up the list of apps I have on N7. Right now I have 5 pages of apps and I have little idea what they do and if I need them – I had Korean keyboard installed for example.
As I mentioned I’m a newb in this area, so maybe my approach is a bit dumb, so please be patient with me
_Diver said:
bladebarrier,
Thanks for your response. I understand the approach you suggested – disabling apps one at a time and then when they all disabled and device is working to my liking for a while I could uninstall them.
However, I’m somewhat frustrated with a sheer number of apps that I have out of the box and I can’t find a good description of what they do. For example:
Mobile Network Configuration
Google Partner Setup
Google Services Framework
Searching online doesn’t yield definitive answers if it’s something I need or will N7 work without them. I have google play store and google play services installed – does store app require services? Reading a bit about it doesn’t make it seem so, but I’m not 100% sure. So I was wondering if there is a list of apps that are required for N7 well being and that cannot be removed no matter what.
For example, Black Viper has an excellent example of what I’m looking for but for windows nt services: (can't post a link)
This page explain what each service is, what it does and if it’s safe to disable it depending on configuration you’re seeking – minimal set, typical, out of box of experimental. I would love to find something like that for N7 system apps
I installed CWM recovery when I rooted and as far as I can understand I does NAND backups. I plan on moving the backup file from the device to my desktop and keeping it there for safety reason.
The Tibu process that you described, as far as I understand (and I might be wrong here) is basically equivalent of disabling the apps using native N7 setting app, rebooting, using it for a while and then removing .apk and .odex (or simply app_name.*) files from system/apps folder. Tibu just makes it easier. Did I get that right?
And it’s still removing one app/widget at the time. I’d like to clean it out completely first and start from that point. So Tibu will probably not help me there. So my main Q is still out there – can I brick it by removing everything from system/app? Are there only user apps there or essential system apps as well? With CWM back up file on hand will I be able to recover if my experiment goes bad?
> * Ok, sometimes you have to fully uninstall things you don't want, but this should get you plenty to tinker with for now.
One of the reasons I want to have them removed is to clean up the list of apps I have on N7. Right now I have 5 pages of apps and I have little idea what they do and if I need them – I had Korean keyboard installed for example.
As I mentioned I’m a newb in this area, so maybe my approach is a bit dumb, so please be patient with me
Click to expand...
Click to collapse
Removing Google framework services is a big no-no. To be honest, the easiest way to accomplish what you want is installing a custom ROM like CyanogenMod, especially since you've done all the prep work for such a thing.
Once you install any official CM build it is as close to app-less as you can get on a modular OS like this.
littleemp said:
Removing Google framework services is a big no-no. To be honest, the easiest way to accomplish what you want is installing a custom ROM like CyanogenMod, especially since you've done all the prep work for such a thing.
Once you install any official CM build it is as close to app-less as you can get on a modular OS like this.
Click to expand...
Click to collapse
that's what i suspected! i thought that google framework would be something essential, but there is not much easily available information there to arrive at that conclusion
since i'm new to this, i thought i should stay away from any rom flashing until i get a bit more familiar with a device, terminology and stuff like that. i'm looking at the "[ROM] CyanogenMod 10.1 [OFFICIAL]" thread and i'm not sure about half of the terms - GAPPS, PSA, Nightlies i do know what ROM is, I do know what kernel is, virtual machine, etc. But it's applied to the platform that I have little experience with, so it makes me a little bit uneasy
_Diver said:
bladebarrier,
Thanks for your response. I understand the approach you suggested – disabling apps one at a time and then when they all disabled and device is working to my liking for a while I could uninstall them.
However, I’m somewhat frustrated with a sheer number of apps that I have out of the box and I can’t find a good description of what they do. For example:
Mobile Network Configuration
Google Partner Setup
Google Services Framework
Searching online doesn’t yield definitive answers if it’s something I need or will N7 work without them. I have google play store and google play services installed – does store app require services? Reading a bit about it doesn’t make it seem so, but I’m not 100% sure. So I was wondering if there is a list of apps that are required for N7 well being and that cannot be removed no matter what.
For example, Black Viper has an excellent example of what I’m looking for but for windows nt services: (can't post a link)
This page explain what each service is, what it does and if it’s safe to disable it depending on configuration you’re seeking – minimal set, typical, out of box of experimental. I would love to find something like that for N7 system apps
I installed CWM recovery when I rooted and as far as I can understand I does NAND backups. I plan on moving the backup file from the device to my desktop and keeping it there for safety reason.
The Tibu process that you described, as far as I understand (and I might be wrong here) is basically equivalent of disabling the apps using native N7 setting app, rebooting, using it for a while and then removing .apk and .odex (or simply app_name.*) files from system/apps folder. Tibu just makes it easier. Did I get that right?
And it’s still removing one app/widget at the time. I’d like to clean it out completely first and start from that point. So Tibu will probably not help me there. So my main Q is still out there – can I brick it by removing everything from system/app? Are there only user apps there or essential system apps as well? With CWM back up file on hand will I be able to recover if my experiment goes bad?
> * Ok, sometimes you have to fully uninstall things you don't want, but this should get you plenty to tinker with for now.
One of the reasons I want to have them removed is to clean up the list of apps I have on N7. Right now I have 5 pages of apps and I have little idea what they do and if I need them – I had Korean keyboard installed for example.
As I mentioned I’m a newb in this area, so maybe my approach is a bit dumb, so please be patient with me
Click to expand...
Click to collapse
Tibu requires root access, in order to perform what we're discussing. I'm relatively new to JB, but I can't imagine any stock settings replicating its capabilities.
As far as a whole bunch of apps being in your list, that's sort of the way Android works. Think of it like "superfetch", or whatever that term was in Windows Vista. Basically, two things happen when you boot. Android looks at a list of apps that are designed to start on boot, and also apps that it expects you may want to run in the future. Both of these are designed to make the device run smoother overall, and it will kill apps if extra ram is required and they are not in use. Certain Android apps require themselves to run at all times. Some of these are apps like Tasker (if you're using tasker profiles), some of these are system apps that make the device function, some of these are apps that maintain widgets or background monitoring (weather apps, gmail, calendar).
Now, there are two ways to go about sorting what is bloat, and what is there because Android decided to load it. You can install an app called Autostarts, that will give an insight into apps that start up when certain criteria are met. You can also use it to stop those apps from queuing up at those trigger points. This is another root required app, and while I purchased it long ago, may have a free version as well. It's time consuming to use, and not perfect, which is why Tibu is better for flat out locking down unwanted apps.
Back to my initial thoughts though, you will see apps in your system list that you haven't touched since boot, because Android tries to anticipate your needs. People used to use "task killers" to close the apps, and came to realize that unless one is causing a real problem, it's just going to go back into the cached app list again anyways, thus reducing battery life when it has to load it over and over again. "Task killer" is a dirty word around XDA, unless you're using it to close an app that doesn't just go into the background like a good little app should.
Basically, you're going to start playing whack-a-mole if you want your list to remain as small as possible, at all times, and yet still actually use the device for anything interesting. You can reduce it, via various methods, and if this were a device from say "insert-name" brand, and was loaded with bloat apps, by all means you should clean those out. However, I think you'll find that while google does install things that aren't needed, or even used by everyone, it's mostly not a big issue.
Check out Better Battery Stats, in the XDA forums. It's an app that shows a pretty good picture of what is actually going on when you're not looking, and can provide data on how to improve your performance. It's probably a better way to start delving into what processes are actually being used, and which ones are just basically harmless. You'll also learn a good bit about how Android works from the Dev's explanations of many of the processes.
---------- Post added at 08:36 PM ---------- Previous post was at 08:32 PM ----------
_Diver said:
that's what i suspected! i thought that google framework would be something essential, but there is not much easily available information there to arrive at that conclusion
since i'm new to this, i thought i should stay away from any rom flashing until i get a bit more familiar with a device, terminology and stuff like that. i'm looking at the "[ROM] CyanogenMod 10.1 [OFFICIAL]" thread and i'm not sure about half of the terms - GAPPS, PSA, Nightlies i do know what ROM is, I do know what kernel is, virtual machine, etc. But it's applied to the platform that I have little experience with, so it makes me a little bit uneasy
Click to expand...
Click to collapse
Make sure whichever ROM you use, if you decide to, supports your HSPA+ model. There is a separate development section in the Nexus 7 forums, for those of us that have the HSPA+ version. We are the minority, as the Nexus 7 was initially released as a wifi only tablet.
bladebarrier said:
Tibu requires root access, in order to perform what we're discussing. I'm relatively new to JB, but I can't imagine any stock settings replicating its capabilities.
Click to expand...
Click to collapse
i do have SU privileges, so what i was talking about was disabling an app thru N7 setting screen and then when i deem the app ok to remove, going to adb shell and removing the actual file.
i just did this:
mount -o remount rw /system
rm iWnnIME_Kbd_White.apk
rm iWnnIME.apk
and it removed the japanese keyboard. however when i go back to app screen under settings, i still see it but now it has a grey icon with a SD symbols in the corner. so it appears it recognizes that the app is gone, but it's still referenced in the list. i pushed the files back using NRT and it all back to the way it was. so looks like my idea of cleaning the list by removing the apk might not fly.
and now I wonder how Tibu uninstalls the apps.
bladebarrier said:
People used to use "task killers" to close the apps, and came to realize that unless one is causing a real problem, it's just going to go back into the cached app list again anyways, thus reducing battery life when it has to load it over and over again.
Click to expand...
Click to collapse
I understand the notion of apps being in the cache and being removed when more RAM is needed, however the purist in me just doesn't want the junk apps to be there in first place However there is a lot of validity to these of your words:
bladebarrier said:
Basically, you're going to start playing whack-a-mole if you want your list to remain as small as possible, at all times, and yet still actually use the device for anything interesting.
Click to expand...
Click to collapse
My wife got Kindle Fire HD recently and she's been using it happily. While I was thinking why would anyone want a closed up system (well, more closed up system then Nexus), she's been using it and I've been frustrated with my N7 so i might just let it go and enjoy the japanese and korean keyboards anyway
bladebarrier said:
Make sure whichever ROM you use, if you decide to, supports your HSPA+ model.
Click to expand...
Click to collapse
i'm wifi only
ngshniq every
i think i found what i was after: http wiki.cyanogenmod.org/wiki/barebones (url modified since i still can't post urls). this wiki page has the list of app with a short description and if it's safe to remove. it also has additional information that explains why i still saw the reference to the app in the list when apk file was deleted:
looks like i need to pay attention to 2 additional files:
/data/system/packages.xml
/data/system/packages.list
i bet I would find a reference to the apps in these and i would need to remove it in order to have the app disappear from the app list. i'll play around a bit more and report back
One thing, could you explain your reasoning behind wanting to delete everything but the essentials? Do you have a particular goal in mind or is it because of your windows background? Because if so, you should know that android operates very differently when compared to windows, and such, the requirements to keep your device working in tip top shape vary greatly.
In my opinion, with your current limited knowledge of each process/app inner workings, what you're trying to do surefire way to break something beyond repair and needing to use a factory image to get back to zero. A custom ROM will be much safer and yield the exact same results that you're looking for. (Eventually, once you understand what each thing does, then this manual approach could satisfy your needs)
Note: GApps are the basic Google apps to flash on top of the barebones system. Gmail, Play store, and the framework.
Nightlies are experimental builds compiled nightly by a bot with the latest CyanogenMod code available.
Sent from my Nexus 7 using Tapatalk HD
My goal was to simplify my approach to N7 by removing anything that I don’t need now and slowly adding all necessary components as I get familiar with it. But it seems at this point that this approach is a bit more complicated as thought it would be.
So I think I would leave it alone for now and revisit this later
_Diver said:
My goal was to simplify my approach to N7 by removing anything that I don’t need now and slowly adding all necessary components as I get familiar with it. But it seems at this point that this approach is a bit more complicated as thought it would be.
So I think I would leave it alone for now and revisit this later
Click to expand...
Click to collapse
From what you've done manually, you're clearly far ahead of a new user when it comes to understanding linux/unix.
If you want to lock down parts of what google implements, purely to keep it minimalistic, I would agree with the above poster. Go for one of the popular ROM options that are available, like CM, and work your way backwards. The Nexus 7 only has as much bloat as you allow it to have via the settings. This is another reason why Better Battery Stats is an excellent way to make sure your device isn't draining battery, yet isn't locked down. The other day I noticed an app that kept fetching my position, even though the case was closed (magnetic sleep mode). It turned out I forgot to disable the tracking in google maps (why it was defaulted to ON, I have no idea). BBS showed me what was running during the sleep phase, and I fixed it when I woke up the next morning after wondering why my battery dropped.
The Kindle Fire is a great option, because it doesn't require any of this fussing about. My woman loves hers. LOVES IT. Personally, I like to tinker a bit, and I'm too invested in Android apps to not have access to the play store. The Nexus 7, is for people like what you find here. We like to tinker, and make everything custom. At the same time, you could spend all day trying to figure out why EntriesRefresh_wakelock is your highest partial wakelock count, at 60seconds per 7 hours, or you can find that you just went 7 hours and only used 6% of the battery, even though you've been connected to wifi, texting, emailing, and checking the weather and news, the whole time. Not bad, honestly.
The biggest investment you can do for your Nexus, is probably getting a case that magnetically puts it to rest when you close it. After that, learn about the settings that drain battery in the background. Then, get Tasker and play around that (it's like programming, without the need to learn the code). After that, go to a custom ROM, or dig out Tibu, and basically start customizing which apps you will use. If that doesn't pass the time long enough, you can literally make your own ROM and put together exactly what you want. Whether the performance will be that much better or not, and whether you'll spend most of your day trying to look for coding errors, is up to you. I don't have the patience to code, but you're a coder, so what is broccoli to me, may be bacon to you.
Will omniroms system apps have the same unnecessary and abusive permissions as stock roms and cyanogen mode roms have?
I'm quite concerned about privacy and whatever rom I use, be it stock, cyanogen mode or aosp, I have to restrict dozens of privacy related permissions.
And of course the device still works, which means that those perms weren't needed.
For example, I don't see why some system apps (I mean, not Google apps cuz I get rid of them but apps like systemui, settings, android system etc.) want to access my location, my contacts, my logs, my imei, my id, my serial number, my phone number, my provider, the list of accounts on the phone etc. eventhough they don't need it to work properly.
I guess that cyanogen mode doesn't have any other choice but to include what is to my opinion little more than spyware in the source, cuz if they didn't Google wouldn't allow them to use its material.
So what about omni roms? Will they be free from Google spyware or will they be enfeoffed to it?
unclefab said:
Will omniroms system apps have the same unnecessary and abusive permissions as stock roms and cyanogen mode roms have?
I'm quite concerned about privacy and whatever rom I use, be it stock, cyanogen mode or aosp, I have to restrict dozens of privacy related permissions.
And of course the device still works, which means that those perms weren't needed.
For example, I don't see why some system apps (I mean, not Google apps cuz I get rid of them but apps like systemui, settings, android system etc.) want to access my location, my contacts, my logs, my imei, my id, my serial number, my phone number, my provider, the list of accounts on the phone etc. eventhough they don't need it to work properly.
I guess that cyanogen mode doesn't have any other choice but to include what is to my opinion little more than spyware in the source, cuz if they didn't Google wouldn't allow them to use its material.
So what about omni roms? Will they be free from Google spyware or will they be enfeoffed to it?
Click to expand...
Click to collapse
Those permissions are there so they can interact with other things in the system.
unclefab said:
Will omniroms system apps have the same unnecessary and abusive permissions as stock roms and cyanogen mode roms have?
I'm quite concerned about privacy and whatever rom I use, be it stock, cyanogen mode or aosp, I have to restrict dozens of privacy related permissions.
And of course the device still works, which means that those perms weren't needed.
For example, I don't see why some system apps (I mean, not Google apps cuz I get rid of them but apps like systemui, settings, android system etc.) want to access my location, my contacts, my logs, my imei, my id, my serial number, my phone number, my provider, the list of accounts on the phone etc. eventhough they don't need it to work properly.
I guess that cyanogen mode doesn't have any other choice but to include what is to my opinion little more than spyware in the source, cuz if they didn't Google wouldn't allow them to use its material.
So what about omni roms? Will they be free from Google spyware or will they be enfeoffed to it?
Click to expand...
Click to collapse
Out of the box, there's no "spyware" that anyone is aware of in Android. If you install Google Apps, you are giving those apps these permissions obviously.
If you don't use Gapps (like me), then you should be fine - you can check what each app does in its own source code.
I am also looking into ways to help protect against spying third party software you install (ie. apps a user installs), for those who want added protection.
I work as a security researcher, so yes, I do care quite a bit about security, and excessive permissions is a life-long hate of mine There are no gapps when you install Omni, so you'll be safe. For those who want them, they can flash them.
What I meant with spyware is not what one usually calls spyware, but I didn't have any other term to refer to it.
What I wanted to say it's that system apps (not Google apps like gmail or gtalk but system apps like phone, android system, systemui etc.) have intrusive, and unnecessary, permissions. When I say unnecessary I mean it, cuz I block or spoof them without my phone to have any problem. I know it's not the devs' fault but Google's, who likes to know what we do, who and where we are, and thus releases android updates full of spying system apps.
So then I wanted to know if Omni's system apps will be free from such perms, since the source comes from Google.
Until cm7 it was possible to block perms directly from the app manager, but I guess Google got annoyed at it and obliged the cm team to remove that function.
Whatever rom we use now, we are left with system apps spying on us, and that's why I call them spyware.
Cuz for me apps that want to know where I am, what contacts I have, what numbers I have called, my phone number, my imei etc, eventhough they don't need it, are in a way spywares. For instance look at the framework-res.apk (android system), every time we connect to the internet it calls home (I've checked, the address is Google inc, mountain view, CA). Look at the perms the systemui or the phone apk have, it's insane! Not to mention all the other system apps that want to access the /proc folder, our serial number and the like. Oh yeah, I nearly forgot fusedlocation.apk, Google's latest spyware since 4.2.2, that one can't uninstall or freeze or block.
I do not use Google apps, and I do use apps like Xprivacy or af+wall, but still, it annoys me to always have to play cat and mouse, and it annoys me that the android system always calls Google when I connect to the internet. Not that I'm an internationally wanted terrorist, but hey, privacy is privacy!
The thing is that future android updates will be more and more filled with such spyware (above mentioned fusedlocation.apk being the perfect example), and I hope that devs will find a way to bypass it.
That's why when I saw an announcement about Omnia I came to see if it will be better than cm privacy wise, and to give some suggestions about privacy and permissions...
unclefab said:
What I meant with spyware is not what one usually calls spyware, but I didn't have any other term to refer to it.
What I wanted to say it's that system apps (not Google apps like gmail or gtalk but system apps like phone, android system, systemui etc.) have intrusive, and unnecessary, permissions. When I say unnecessary I mean it, cuz I block or spoof them without my phone to have any problem. I know it's not the devs' fault but Google's, who likes to know what we do, who and where we are, and thus releases android updates full of spying system apps.
So then I wanted to know if Omni's system apps will be free from such perms, since the source comes from Google.
Until cm7 it was possible to block perms directly from the app manager, but I guess Google got annoyed at it and obliged the cm team to remove that function.
Whatever rom we use now, we are left with system apps spying on us, and that's why I call them spyware.
Cuz for me apps that want to know where I am, what contacts I have, what numbers I have called, my phone number, my imei etc, eventhough they don't need it, are in a way spywares. For instance look at the framework-res.apk (android system), every time we connect to the internet it calls home (I've checked, the address is Google inc, mountain view, CA). Look at the perms the systemui or the phone apk have, it's insane! Not to mention all the other system apps that want to access the /proc folder, our serial number and the like. Oh yeah, I nearly forgot fusedlocation.apk, Google's latest spyware since 4.2.2, that one can't uninstall or freeze or block.
I do not use Google apps, and I do use apps like Xprivacy or af+wall, but still, it annoys me to always have to play cat and mouse, and it annoys me that the android system always calls Google when I connect to the internet. Not that I'm an internationally wanted terrorist, but hey, privacy is privacy!
The thing is that future android updates will be more and more filled with such spyware (above mentioned fusedlocation.apk being the perfect example), and I hope that devs will find a way to bypass it.
That's why when I saw an announcement about Omnia I came to see if it will be better than cm privacy wise, and to give some suggestions about privacy and permissions...
Click to expand...
Click to collapse
If there's anything that you've found like "call home" routines, please let us know - they will be looked at and removed if necessary.
Totally agree with you on privacy though here. It's very important. I have some ideas to go further than CM, but it's all ideas for now.
pulser_g2 said:
Out of the box, there's no "spyware" that anyone is aware of in Android. If you install Google Apps, you are giving those apps these permissions obviously.
If you don't use Gapps (like me), then you should be fine - you can check what each app does in its own source code.
I am also looking into ways to help protect against spying third party software you install (ie. apps a user installs), for those who want added protection.
I work as a security researcher, so yes, I do care quite a bit about security, and excessive permissions is a life-long hate of mine There are no gapps when you install Omni, so you'll be safe. For those who want them, they can flash them.
Click to expand...
Click to collapse
Question here, if you do not use gapp what exactly do you use? I mean you need ways to download apps right? so you only install the playstore and call it a day or what?
mgbotoe said:
Question here, if you do not use gapp what exactly do you use? I mean you need ways to download apps right? so you only install the playstore and call it a day or what?
Click to expand...
Click to collapse
If you want to keep only the play store you can, but you will have to keep the Google service framework as well, and maybe the Google log in.
@pulser_g2
my phone is very well protected, and skinned to the extreme (like only 20 or so remaining system apps), so for now the only app that performs a call home routine is the android system. But if I disable all the protections then the wlan test, the settings and the settings storage do call home as well. I guess other system apps would do it as well, but since I've uninstalled more than 150 of them I can't tell which ones.
One can check by oneself using this:
http://www.xda-developers.com/android/monitor-your-devices-network-connections/
and this:
https://play.google.com/store/apps/...dium=organic&utm_term=network+log+google+play
Regarding android system's home call routine, could you please point me at a tutorial explaining how to disable it (I searched the web but couldn't find anything)? I'm not a dev, but I'm not bad at modding
I'm happy to see that you are more privacy concerned than cm, and when Omnia gets released I think I will try to make a build for my galaxy grand i9082 (cuz there's not much development going on for that device)...
Hello there
I'm about to strip my system of any useless (for me) function and/or app and restrict every possible spying activity.
I messed around with the system and deactived alot of bulk and spam. I also restricted all the stupid triggers with autostarts.
Don't know If anyone saw all the things going on behind the surface, using all the following things to analyse:
I'm using several apps to do so. Xprivacy, Android Firewall, Autostarts, Root Cleaner, Android Tuner, Root Uninstaller, LBE-Security Master and Root Explorer.
So my question to someone with experience is:
What exactly does the google play and also the google framework needs to work properly ?
Would be nice to know that.
cya
seems to be a big secret... ? I think, there are several commands in this play store like, if this app or this function does not get X, return "no connection", even if it got its connection...
no one knows ?
I think it is important to know...
If I recall correctly, the Priv's OS has some application that checks the integrity of the OS, thus prevents rooting.
And can't we simply flash a new ROM which would be just a clean Android? Maybe unlocking the bootloader would be easier than cat-and-mouse play with the real BB Android.
no it does not exist and the drivers for some hw on the device to work like izat and keyboard won't work, also the priv kernel is also secure along with bootloader so if i see a custom or AOSP rom for this device i will be like on twilight zone
There have been lost opportunities here and there but BlackBerry has been active on patching all security holes and that is why is important to the company that a root has to be impossible or this effort has been all for nothing and they became the newest "Blackphone" (now that rooting was unfortunate for a device sold as a "secure" phone).
I know that there are audience in Android just for root capacity but not everybody are in a "real" need for it.
I like that the BlackBerry Launcher leave most of AOSP element, except for icons and notifications sounds.
Personally I only ever use root for CPU control and ability to delete ANY app I deem fit, and on my previous SGS5 that meant all those heart rate and other nonsense apps that ran in background and chunked the battery to no end.
Gonna assume the Priv then has no CPU management ability due to the lack of root, correct?
Skv012a said:
Personally I only ever use root for CPU control and ability to delete ANY app I deem fit, and on my previous SGS5 that meant all those heart rate and other nonsense apps that ran in background and chunked the battery to no end.
Gonna assume the Priv then has no CPU management ability due to the lack of root, correct?
Click to expand...
Click to collapse
Correct. Though, they do use the interactive governor, and while I would kind of like to underclock the CPU a bit to deal with overheating, the default CPU management isn't too shabby. And since the Priv is almost completely stock, removal of unwanted apps is minimal, and all the carrier apps I had weren't system apps, so I was able to actually uninstall them, and what BB apps I didn't care for, I simply disabled. Learning that life without root isn't so bad on the Priv.
I just want root for Adblock for both YouTube and Chrome. I don't care if it's just a temp, as long as it lets me update the Filters for AdAway I am alright with it, I'll deal with the youtube ads.
KOAO said:
I just want root for Adblock for both YouTube and Chrome. I don't care if it's just a temp, as long as it lets me update the Filters for AdAway I am alright with it, I'll deal with the youtube ads.
Click to expand...
Click to collapse
Well, you could use Firefox. It supports extensions on Android, and ublock works nicely to kill ads, though I find functionally that Chrome runs infinitely better on Android than Firefox does, so your kilometerage may vary.
Artemis-kun said:
And since the Priv is almost completely stock, removal of unwanted apps is minimal
Click to expand...
Click to collapse
Not true! The Priv is full of bloatware that you can only deactivate but not uninstall (Yahoo Finances, for example). And some of those apps will stay active and make the phone unusable despite being 'deactivated'. Like BB Hub. I deactivated it from the start and just recently saw that it still had several permissions (location, contacts, messages, calendar etc). So I revoked those permissions. Now it constantly pops up and wants permissions. I can't even add a contact without granting these permissions. Annoying as hell. It's ridiculous that BB regard themselves as a secure company with secure smartphones (which was rebutted several years ago) that emphasize on privacy but when it comes to their own apps, it can't get any more privacy invading. I so hate BB!
So I'm waiting for
a) another producer to make an Android phone with a hardware keyboard or
b) someone to make root for the Priv happen so that I can install a ROM of my choice.
Shani Ace said:
Not true! The Priv is full of bloatware that you can only deactivate but not uninstall (Yahoo Finances, for example). And some of those apps will stay active and make the phone unusable despite being 'deactivated'. Like BB Hub. I deactivated it from the start and just recently saw that it still had several permissions (location, contacts, messages, calendar etc). So I revoked those permissions. Now it constantly pops up and wants permissions. I can't even add a contact without granting these permissions. Annoying as hell. It's ridiculous that BB regard themselves as a secure company with secure smartphones (which was rebutted several years ago) that emphasize on privacy but when it comes to their own apps, it can't get any more privacy invading. I so hate BB!
So I'm waiting for
a) another producer to make an Android phone with a hardware keyboard or
b) someone to make root for the Priv happen so that I can install a ROM of my choice.
Click to expand...
Click to collapse
I wouldn't call it full of bloat. Full of bloat is what Samsung has on offer. Yes, there are some bloatware apps that you can't uninstall, but they disable just fine. Sounds to me like your hub got re-enabled, mine has been disabled since day one, and still has no permissions, and doesn't harass me about anything.
Artemis-kun said:
Sounds to me like your hub got re-enabled, mine has been disabled since day one, and still has no permissions, and doesn't harass me about anything.
Click to expand...
Click to collapse
Interesting. Did you do any of the BB OTA updates (mine's running the most recent version, 6.0.1, security patch from August 5th)?
The Hub is still deactivated, but it doesn't seem to 'care' about that. I activated and deactivated it again to no effect.
So you're telling me when you go into Settings -> Apps -> BB Hub -> Permissions, all six permissions (calendar, camera, contacts, storage, phone and BB Productivity Suite) are turned-off?
I'm pretty sure I had these turned off when I got the phone in May. So maybe some of the OTA updates changed something about it. Unless you're running the same version that I am.
Oh and the fullscreen pop-up says Blackberry Hub+, maybe this is a new thing then?
And yes, other manufacturers may have more Bloatware. But at least there you can uninstall them or flash a different ROM. And all the BB services like BB Hub count as Bloatware for me, too.
Maybe I should sell my Priv and get a S6 Edge Plus (again). I still got the keyboard cover for that model and it's flashable, although Samsung also makes it hard for the users. But the keyboard cover is not back-lit and the phone is even bigger than the Priv (already too big for my taste).
EDIT: Ah wait! I just saw that the 'Blackberry Services' were activate, so I deactivated it and revoked all its permissions and now the pop up is gone. I definitely had this deactivated before the update, but as with the other BB apps, you have to deactivate them again after each update. Guess I just overlooked this one. Yay!
Shani Ace said:
Interesting. Did you do any of the BB OTA updates (mine's running the most recent version, 6.0.1, security patch from August 5th)?
The Hub is still deactivated, but it doesn't seem to 'care' about that. I activated and deactivated it again to no effect.
So you're telling me when you go into Settings -> Apps -> BB Hub -> Permissions, all six permissions (calendar, camera, contacts, storage, phone and BB Productivity Suite) are turned-off?
I'm pretty sure I had these turned off when I got the phone in May. So maybe some of the OTA updates changed something about it. Unless you're running the same version that I am.
Oh and the fullscreen pop-up says Blackberry Hub+, maybe this is a new thing then?
And yes, other manufacturers may have more Bloatware. But at least there you can uninstall them or flash a different ROM. And all the BB services like BB Hub count as Bloatware for me, too.
Maybe I should sell my Priv and get a S6 Edge Plus (again). I still got the keyboard cover for that model and it's flashable, although Samsung also makes it hard for the users. But the keyboard cover is not back-lit and the phone is even bigger than the Priv (already too big for my taste).
EDIT: Ah wait! I just saw that the 'Blackberry Services' were activate, so I deactivated it and revoked all its permissions and now the pop up is gone. I definitely had this deactivated before the update, but as with the other BB apps, you have to deactivate them again after each update. Guess I just overlooked this one. Yay!
Click to expand...
Click to collapse
https://puu.sh/qYFcI/bca42bb0e9.png here is a screenshot I just took. I should also point out that I have everything else BB disabled as well, and I've never had to re-disable any of them. I'm on the MM beta program, so that might also make some kind of diffeerence, but I stay up to date with patches, and haven't had to disable anything again. Not sure how it happened in your case, but glad that you got it sorted.
Another thing I do feel I need to bring up, this is also a BB phone made for BB people, so it does make sense that they include the software suite that their fans have grown to love. Sure, those of us who couldn't care less about BB's software, and just wanted in on their amazing hardware prowess, will find these apps bothersome, but if nothing else, visually they left Android alone, and for that, I can't not happily thank them. They could have given us something like a BB10 inspired touchwiz, could you imagine? Lol.
Yeah that's true and I'm also happy that they didn't over-customize their ROM. It's just hard to accept any deviation when you've been used to having full freedom on all kinds of custom ROMs for the last ten years.
Strange though that you didn't have to re-deactivate the apps after the updates. Then I guess I'll look into the beta program (had seen it before but didn't mind).
and I do not have 'Secure Start-up' turned-on.
There's enough bloatware that I'd like to remove, such as "Hang-Outs" & BBM is eating data with stupid pics of available 'stickies' & other crap I don't want to see/read about & my ONLY choice for disable is "Do you want to restore this app to Factory Default?". No, I don't I want to Restore it to Factory Default - I want to DISABLE it. I do understand that the PRIV's supposed to be secure & yes that's a Good Thing. I also understand that most users LIKE to be kept informed. I am NOT 'social' - Let ME decide what I want to be informed about & when. I didn't even get a choice of what subscription (?) I wanted (which is NONE). There's a bunch of apps that I can only Restore to Factory default. That, too me, means I CANNOT Remove or Disable them. I call that bloatware. Un-wanted bloatware. If I could remove them without Rooting, then I would not be looking to do so! I have an 'Essential Tremour' & I NEED a physical keyboard or I'd look elsewhere.
OK: I managed to get BBM to stop shouting at me (as noted: I make mistakes, but I do learn from them); it's just down to wanting to get rid of apps I don't want taking-up space. Rooting a PRIV appears to be dicey, with no firm info from Oct/2016, onwards, regarding 'safe' rooting of my device. I'm running 6.0.1 & Bell is my provider. If it makes any difference, I do not have 'Secure Start-Up' turned-on. As noted, if I didn't need a physical keyboard, I probably would not have chosen this make/model. Guess I'll live with it & keep looking for ways to put my phone on diet (& the battery barely lasts a day, unfortunately). I basically use it as a PDA - no games, few calls, occasional checking notes & calendar - it should last longer.
Bootstrap69 said:
There's enough bloatware that I'd like to remove, such as "Hang-Outs" & BBM is eating data with stupid pics of available 'stickies' & other crap I don't want to see/read about & my ONLY choice for disable is "Do you want to restore this app to Factory Default?". No, I don't I want to Restore it to Factory Default - I want to DISABLE it. I do understand that the PRIV's supposed to be secure & yes that's a Good Thing. I also understand that most users LIKE to be kept informed. I am NOT 'social' - Let ME decide what I want to be informed about & when. I didn't even get a choice of what subscription (?) I wanted (which is NONE). There's a bunch of apps that I can only Restore to Factory default. That, too me, means I CANNOT Remove or Disable them. I call that bloatware. Un-wanted bloatware. If I could remove them without Rooting, then I would not be looking to do so! I have an 'Essential Tremour' & I NEED a physical keyboard or I'd look elsewhere.
OK: I managed to get BBM to stop shouting at me (as noted: I make mistakes, but I do learn from them); it's just down to wanting to get rid of apps I don't want taking-up space. Rooting a PRIV appears to be dicey, with no firm info from Oct/2016, onwards, regarding 'safe' rooting of my device. I'm running 6.0.1 & Bell is my provider. If it makes any difference, I do not have 'Secure Start-Up' turned-on. As noted, if I didn't need a physical keyboard, I probably would not have chosen this make/model. Guess I'll live with it & keep looking for ways to put my phone on diet (& the battery barely lasts a day, unfortunately). I basically use it as a PDA - no games, few calls, occasional checking notes & calendar - it should last longer.
Click to expand...
Click to collapse
In order to disable some of the apps on this device they must be restored to factory default. I have hangouts and BBM disabled. My battery life is pretty good. You have to figure out what's killing yours. Do you use a case that has the preview window on the front?
On non rootable devices I use AdGuard to have a firewall and adblocker. It works by routing everything through a local vpn server. Great concept and working fine for me.
Couldn't find that one listened anywhere here specifically. I'm pretty sure my phones compromised but I'll probably just get people telling me I'm being paranoid. Just notice a lot of weird stuff going on.
I'll give some examples, but it would be cool if someone else here has an A03s and could give me a full list of the system apps to know for sure if mine has some extra ones that aren't truly factory. Because I've restore it several times and they don't go away.
Like under the apps screen under the basic ones I got apps like Android auto, webview, configapk, customization service, and something called data restore tool, device health services, group sharing, meet, nearby device sharing, quick sharing, quick share, settings..etc. which to my knowledge are pretty normal apps to see on phones right? But I seem unable to control them, if I disable them and go back and check later they mysteriously reenabled again, or after that the permissions lists will be greyed out not being able to do anything. Also there is a app called "permissions controller", as well as ones called "apps", "apps update", "tools", "app recommendations", "settings recommendations"..etc. is that normal? I never noticed that with my old samsung. They are really small file size apps with pretty generic looking icons and they don't let me disable them.
What gets more weird to me though is when I enable the system apps too. I see all kinds of suspicious looking ****.
Like for the android setup, and android system apps there are two of each, and the other two have generic looking icons, also got stuff like configuration restore, audio mirroring, auto hotspot, automation test, bluetooth/bluetooth midi service, call & text on other devices, callbgprovider, camera extensions proxy, carrier login engine, sim tool kit, cell broadcast services, clipboardsaveservice, cmh provider, companion device manager (where I have no idea where my "companion is or how to control it so I must be the one being controlled?", configupdater, csc, dcktimesyncapplication, dynamic system updates, ipservice, enterprise sim pin service, external storage, like 10 different gestural navigation bars, group sharing, iaft, ims service, settings, and logging, input devices, iothiddenmenu, keycustomizationinfobnr, launcher, locale overlay manager, service mode and service mode ril, media and devices, mdmapp, vpndialogs, mmigroup,mmsservice, mobilewips, mtp host, nearby device scanning (2 instances), network diagnostic, nsdswebapp, one handed mode, osulogin, package installer, an app called "people", private share, proxy handler, quick share agent, samsung core services? (is that a real app even? I can disable it but who wants to disable "core" system apps, so touche there if it is a program deployed by a hacker on their app naming skills lol, smart switch agent, 2 instances of software update, system connectivity resources, system uwb/wifi resources, an app called "tasks", tethering, tethering provision and tethering automation, tfstatus/tffunlock always running when I never access them, usbsettings, and theres one called wallpaper services/wallpaper and style that looks really generic which is confusing because I assumed the samsung theme manager just handled all that stuff in one? We also got wearable manager installer running, and sometimes wificalling and wifi direct or work setup will be running when I don't have any of those configured.
Sorry for the huge block of text, I'm sure I missed a bunch i missed because there's some that don't show even when you tap "show system apps", like the skms agent as one example, so got a few general questions for you, so for the file/download system I got a bunch of default apps. There's two different files apps, there's a download manager and download app, and also a storage manager, and ALSO a app called the external storage that always wants to be running but can you explain that if I have no external storage? Is the built in storage space on the a03 called external storage? I even have my drive apps and stuff disabled.
Another things that's suspicious to me is secmediastorage, secvideoengineservice, secsoundpicker, secureelementapplication, media and devices + ext storage. Like why should there be a SECOND video or audio engine running when I'm old school and don't even use cast programs/features or anything like that? In fact it's usually one of the first things I just go ahead and try disable.
I noticed a lot of weird things going on with the display though too, looking really sharp then suddenly almost looking like there's two layers of gui not exactly lined up, like off by a pixels making things look blurrier. Like the one ui home is the default factory launcher right? So why does my phone also have a app called "launcher", plus another hidden launcher or something running in the background? I can't remember the name of it offhand, something GUI..
And I understand the concept of android have a permission controller, and "core apps" but are there actually apps under the system apps named that lol? "permission controller", "samsung core apps" one called "device services"...
also is service mode suppose to be running in the background? I googled into it and know it's a genuine service, but I really don't understand why a lot of these apps are stopping and running or renabling themselves.. It's like I have zero control over my own phone and if I'm just paranoid and they are meant to be just seems like a waste of complete waste of ram/data to me.
****, I was just sitting here thinking for like a few minutes about to post and almost forgot the most suspicious ones I've noticed in last few days. all the "com." overlay apps. I guess I really saw the word "overlay" as something you should be suspicious about until the vpn I recently bought had a feature that is suppose to block web browser based overlays. Then I noticed that MOST of my com. apps are all overlay apps! Lol, ranging from google/samsung to mediatek.
I won't post all of them because there's probably 20 at least but here's a few.
com.mediatek.frameworkresoverlay
com.mediatek.settingsproviderresoverlay
com.mediatek.systemuiresoverlay
com.samsung.android.networkstaack.tethering.overlay
com.samsung.android.smartswitchassistant
com.samsung.android.wifi.p2paware.resources
com.sec.android.app.camerasaver and a camera.app.cameraapp one (camera always running in background even if background and battery saver with restricted settings enabled)
com.google.android.ondevicepersonalization.services (I never used any personalization service or see a personalization app for that matter)
com.google.android.networkstack.tethering.overlay
and there's a bunch of com.google.android.overlay.gmsconfig ones /common geotz/ gsa/ photos/
com.google.android.overlay.modules.captiveportallogin.forframework
plus a overlay broadcastreceiver, ext.services, documentsui, permissioncontroller, and sdksandbox one.. tetheringresoverlay, wcmurlsnetworkstackoverlay, locale overlay manager..etc.
Also I get my service through straight talk which I think uses verizon and I noticed when I go to connections/mobile networks and network operators and uncheck the box "select automatically" that for some reason it only wants to connect to a network operator called "Home". I just thought that was kind of a weird and generic name for a network operator. I tried to use a android hidden settings app to change that because it was blocked out and thought I messed up my phone because I no longer had data and couldn't access the menu through the app anymore, but luckily a reformat fixed it but I'm still dealing with all this crap haha.
Can someone tell me I'm not crazy and there's definitely someone that is accessing and controlling my phone without my permission and what would be the best way to go about dealing with this?
Thanks.
First things fist: Here on XDA we expect you to follow the Forum Rules:
2.5 All members are expected to read and adhere to the XDA rules.
Click to expand...
Click to collapse
If you haven't done that yet, click the link in my signature and do it now.
One of the rules you'll notice is this one:
5. Create a thread topic or post a message only once, this includes external links & streaming media.
As a large forum, we don't need unnecessary clutter. You're free to edit your message as you like, so if you do not receive an answer, revisit your message and see if you can describe your problem better. Not everyone is online at the same time so it might take a while before you receive an answer.
You can bump your unanswered question once every 24 hours
Duplicate threads and posts will be removed
Always post in an existing thread if a topic already exists, before creating a new thread.
Use our search function to find the best forum for your device.
Click to expand...
Click to collapse
You've copied this post at least once. We'll be removing the duplicate.
Now on to your question...
It is my opinion that the problem may not be with what you are observing, but with your assumptions. In the duplicate thread, you assume two possibilities:
You're being hacked
Your paranoia is justified
Have you thought there may be a third or even fourth option? Such as, maybe you don't understand that much about Android, you don't recognize what you see, you're assuming it's malicious, which combined with your own confirmation bias, has led you to the conclusion that foul play is afoot?
Nothing you have described sounds in any way abnormal. You have a Samsung device running OneUI (Samsung's framework overlaid on top of Android) that is powered by a Mediatek chipset. Everything you describe sounds completely normal to me, with over 10 years of experience in Android, most of that with Samsung devices.
My conclusion, to be frank: You are not being hacked, and your paranoia is unfounded.
OP your post gave me a headache trying to read it.
So...
Have it reflash to the stock firmware if you really think it's behaving erratically and a factory reset doesn't work. Change Google password and all others.
Then be careful what you install.
Don't put in foreign thumb drives or let others use it.