Related
After reading the article about TaintDroid (http://www.digitaltrends.com/comput...oid-apps-secretly-sharing-your-personal-data/), and how a significant portion of the apps were sending back data when not required to....I must admit, I am a bit concerned about security on my Nexus.
What are you all doing to be safe with your information on your phone? Is there a firewall that any of you are using to deny apps the ability to transmit data?
And please no responses like "don't log into anything or enter any passwords for anything on the phone" ...because then we might as well be rocking blackberries and not a phone like this with a capable browser.
"Name and shame" is the best way for an open system to eradicate this stuff
Damn alarmist journalism. Scare everybody into a corner, and then come out with a product that magically makes it all right.
Personally, I don't do anything different. I don't see why you should.
there's a firewall app that will let you block internet access to specific apps
i think it's called droidwall
Wallpapergate...
This whole issue is a joke, I agree something to monitor outgoing information would be great, I doubt however that someone who want to steal your info would sent it out unencrypted so catching this may not be easy at all..
As for this new episode of the WallPaperGate again, the info this application send is common on any platform, if you ever paid for an app on handhango or such site, the first thing they do is to ask your imei so that the app can be linked (ie DRM) to your phone… in this case the guy use imei as a cookie so that he can offer the correct screen resolution.
I would like to point out that one of the sponsor of this “studies” that target only android device is Intel who have interest into many thing including MeeGo and off course MeeGo is much safer than android…
My 2 cents…
I'm finding a lot of threads about changing from pin/password to pattern unlock, but not having any luck in completely disabling the security feature BS...
Is it possible to completely eliminate the password lock required by my exchange server? I have tried lockpicker and no lock, neither of which worked.
I would like to keep syncing but am not going to deal with this unlocking all the time (they JUST started enforcing it)...any help would be appreciated.
BTW, running Calkulin's EViO 2 v 1.7 (sense, so HTC mail)
Nope, this is tightly integrated down to the OS in order to pass MS requirements, and it reports the control level back to exchange so it can make sure it's in compliance with their mobile device policy.
In theory you can make an app that proxies the API and lies about what the phone can do ... but it wont be done with a simple APK/market app ... it's integration goes much deeper.
Honestly your best best: this is clearly a new policy. complain repeatedly to your IT staff. You're probably not the only one upset ... and noise will result in policy change ... because reality: IT staff hate dealing with people. They want to deal with servers.
Option 2: if you have a buddy on the exchange team he can put you on the same policy he undoubtedly created for himself and his team, that's 10x as lenient so he can mess with his little pet projects he plays with on the side.
Justin.G11 said:
Nope, this is tightly integrated down to the OS in order to pass MS requirements, and it reports the control level back to exchange so it can make sure it's in compliance with their mobile device policy.
In theory you can make an app that proxies the API and lies about what the phone can do ... but it wont be done with a simple APK/market app ... it's integration goes much deeper.
Honestly your best best: this is clearly a new policy. complain repeatedly to your IT staff. You're probably not the only one upset ... and noise will result in policy change ... because reality: IT staff hate dealing with people. They want to deal with servers.
Option 2: if you have a buddy on the exchange team he can put you on the same policy he undoubtedly created for himself and his team, that's 10x as lenient so he can mess with his little pet projects he plays with on the side.
Click to expand...
Click to collapse
Thanks...I figured it wouldn't be that easy but I had to ask.
Justin.G11 said:
Honestly your best best: this is clearly a new policy. complain repeatedly to your IT staff. You're probably not the only one upset ... and noise will result in policy change ... because reality: IT staff hate dealing with people. They want to deal with servers.
Click to expand...
Click to collapse
I get complaints all the time about policies. 99.999% of the time, the policies are created/approved by steering committees, the legal department or executive management. There is usually nothing IT can do about it as the policies are put into place for legal reasons or company security.
Additionally, if IT departments are not compliant in company policies there could be legal ramifications if the company has to comply with certain government guidelines.
And IT staff don't hate dealing with people...it sounds like your work environment is not like others.
Check out this thread to see if it does what you are looking for.
http://forum.xda-developers.com/showthread.php?t=775007
They modified the actual email.apk app to remove the security requirement that was hardcoded in it.
It was taken from CM7 which is AOSP, so I cannot say whether or not it will work on sense.
EDIT: After searching some more, droidforums has a modified email.apk file that you can install, that you use instead of the HTC mail, which tricks your exchange server into thinking that you have your security enabeled.
http://www.droidforums.net/forum/dr...onal-froyo-bypass-exchange-server-policy.html
Just download the zip, and extract the apk from it, then place the apk on your SDCard and install it just like a regular app.
Khilbron said:
Check out this thread to see if it does what you are looking for.
http://forum.xda-developers.com/showthread.php?t=775007
They modified the actual email.apk app to remove the security requirement that was hardcoded in it.
It was taken from CM7 which is AOSP, so I cannot say whether or not it will work on sense.
EDIT: After searching some more, droidforums has a modified email.apk file that you can install, that you use instead of the HTC mail, which tricks your exchange server into thinking that you have your security enabeled.
http://www.droidforums.net/forum/dr...onal-froyo-bypass-exchange-server-policy.html
Just download the zip, and extract the apk from it, then place the apk on your SDCard and install it just like a regular app.
Click to expand...
Click to collapse
Will look into that. Thank you very much!
I ended up using the modified email.apk from CM7...works like a charm!!! The Droid forums version kept coming up with security errors. THANKS AGAIN Khilbron!!!
awenthol said:
I ended up using the modified email.apk from CM7...works like a charm!!! The Droid forums version kept coming up with security errors. THANKS AGAIN Khilbron!!!
Click to expand...
Click to collapse
Can you please post a link to the one you used?
Sent from my PC36100 using XDA App
Justin.G11 said:
Nope, this is tightly integrated down to the OS in order to pass MS requirements, and it reports the control level back to exchange so it can make sure it's in compliance with their mobile device policy.
In theory you can make an app that proxies the API and lies about what the phone can do ... but it wont be done with a simple APK/market app ... it's integration goes much deeper.
Honestly your best best: this is clearly a new policy. complain repeatedly to your IT staff. You're probably not the only one upset ... and noise will result in policy change ... because reality: IT staff hate dealing with people. They want to deal with servers.
Option 2: if you have a buddy on the exchange team he can put you on the same policy he undoubtedly created for himself and his team, that's 10x as lenient so he can mess with his little pet projects he plays with on the side.
Click to expand...
Click to collapse
Yes..this reply really isn't correct. There have been some sqlite modifications that can be made or using the mail.apk from this link (http://forum.xda-developers.com/showthread.php?t=775007) works perfect, even with the new CM7-RC2
Bypassing Exchange security
I had this same issue with my work email. My way of bypassing it and still using the stock Mail app is by installing widgetlocker. Unfortunately the newest version does not bypass your encryption, but the older version before the most recent update does. Also it allows you to fully customize your lockscreen and add widgets and what have you. All in all pretty cool app.
widgetlocker.teslacoilsw.com/general/widgetlocker-1-2-9/
(unfortunately because i have never posted before i cannot post links so pm if the link does not work)
Amazing! So you guys have a device in your pocket that has complete access to your work mail server (something you don't own), and you apparently don't care if that falls into the wrong hands?
I don't want to get preachy but this is serious stuff:
1. Are you aware of the damage that can fall on an organization, its IP and reputation if a hacker/spammer has access to a mail account?
2. Your company's mail server is an assett of the company. Gaining access and leaving it unlocked is like borrowing something from work and leaving it on the street.
I understand that IT policies are annoying to the end user, but they are there for good reason.
Would you leave the company vehicle unlocked because it is annoying to get the key out? No.
Oh, and by the way, you can be held directly liable for damages for disabling/ hacking around policies. I have seen employees get fired for it.
Sent from my device.
ramiss said:
Amazing! So you guys have a device in your pocket that has complete access to your work mail server (something you don't own), and you apparently don't care if that falls into the wrong hands?
I don't want to get preachy but this is serious stuff:
1. Are you aware of the damage that can fall on an organization, its IP and reputation if a hacker/spammer has access to a mail account?
2. Your company's mail server is an assett of the company. Gaining access and leaving it unlocked is like borrowing something from work and leaving it on the street.
I understand that IT policies are annoying to the end user, but they are there for good reason.
Would you leave the company vehicle unlocked because it is annoying to get the key out? No.
Oh, and by the way, you can be held directly liable for damages for disabling/ hacking around policies. I have seen employees get fired for it.
Sent from my device.
Click to expand...
Click to collapse
The issue I have is with the idea that the company gets to dictate how my entire device functions. Your points are valid, but why not just require a password on the email app, not on the whole phone? Why do I have to consent to allowing them to order a full device wipe, instead of just a wipe of the company data?
bkrodgers said:
The issue I have is with the idea that the company gets to dictate how my entire device functions. Your points are valid, but why not just require a password on the email app, not on the whole phone? Why do I have to consent to allowing them to order a full device wipe, instead of just a wipe of the company data?
Click to expand...
Click to collapse
Those are some good points and questions:
If you just locked the mail app then the app would need to encrypt/decrypt all data, which would make it MUCH slower. However, the main reason is that the app lock approach is much more hackable..one simple example would be to load a proxy on the phone to intercept communication before it could be encrypted.
The idea behind the device lock is that it happens on a deeper level and is the most secure answer.
The question about having a choice with your device is actually a simple one to answer...if you don't agree with the work policy then don't use your personal device for work email.
The other thing is that, besides not having a choice, the forced answer is beneficial for everyone....if I lose my device then I definitely don't want strangers crank calling my family or getting personal info. I have read about some horrible stories.
The real question is...If your phone is lost why would you NOT want it to be secure and erased asap??
Sent from my "locked" device.
ramiss said:
Those are some good points and questions:
If you just locked the mail app then the app would need to encrypt/decrypt all data, which would make it MUCH slower. However, the main reason is that the app lock approach is much more hackable..one simple example would be to load a proxy on the phone to intercept communication before it could be encrypted.
The idea behind the device lock is that it happens on a deeper level and is the most secure answer.
Click to expand...
Click to collapse
Yes and no. There are approaches that are easier if you aren't securing the whole device, but that doesn't mean it can't still be hacked.
The question about having a choice with your device is actually a simple one to answer...if you don't agree with the work policy then don't use your personal device for work email.
Click to expand...
Click to collapse
Overall I agree with that, although I think at a company that offers mobile email, there's a sort of "peer pressure" to use it. Not to say that's a good reason. I'd imagine that it'd be hard for a company to actually require you to use mobile email on your personal device -- if your job truly requires it, I'd think they'd have to provide you a device if you don't have a compatible device or aren't willing to use it that way. So yes, you're probably right that you have the choice. It doesn't mean that we can't complain though.
The other thing is that, besides not having a choice, the forced answer is beneficial for everyone....if I lose my device then I definitely don't want strangers crank calling my family or getting personal info. I have read about some horrible stories.
The real question is...If your phone is lost why would you NOT want it to be secure and erased asap??
Click to expand...
Click to collapse
If it's really lost forever, yes. But what if:
- The exchange admin sends the wipe command to the wrong phone. ("Hi, I'm John Smith and I've lost my phone.")
- The "wipe after X invalid passcode" policy is enabled. A friend or a kid picks up the phone and tries to play with it. Whoops.
- Something else goes wrong...bottom line is that the company should have no right to wipe anything other than their own data.
I understand the need for locking the device...I really do. But, if someone does happen to find my phone (knock on wood but HIGHLY, HIGHLY unlikely, as I've never even almost forgotten any phone, anywhere, ever) they aren't going to find ANYTHING of value in my emails. I'm pretty low on the totem pole.
If I had sensitive data on my phone...no questions asked, I would keep it p-word locked.
matt2053 said:
Can you please post a link to the one you used?
Sent from my PC36100 using XDA App
Click to expand...
Click to collapse
http://forum.xda-developers.com/showthread.php?t=775007
awenthol said:
I understand the need for locking the device...I really do. But, if someone does happen to find my phone (knock on wood but HIGHLY, HIGHLY unlikely, as I've never even almost forgotten any phone, anywhere, ever) they aren't going to find ANYTHING of value in my emails. I'm pretty low on the totem pole.
If I had sensitive data on my phone...no questions asked, I would keep it p-word locked.
Click to expand...
Click to collapse
Your Exchange Admin (or you depending on the version of Exchange you're using) has the ability to remotely wipe your device in the event it gets stolen/lost.
Could anyone give a brief possible explanation of why I can connect to my exchange server easily using Touchdown, but not using the Android integrated Exchange Account Sync?
Sent from my PC36100 using XDA App
Just found this thread as I've encountered the same issue on a HTC Sensation, just setup Exchange ActiveSync, and bam, have to set up the PIN lock on the phone.
However I've noticed that once you've done it, you can then go into Settings, Security and change the timeout before it locks up to 1 hour (I think that is dependent on your company setting). Mine was defaulting to every time the screen locked, but changing it to 1 hour I find I hardly ever have to unlock the phone now apart from first thing in the morning as I tend to use it regularly through the day.
Firstly, hi to all the folks at xda-developers. I have always found this place to be the most useful resource when it comes to figuring out android, but never had an unanswered question till just now.
I just helped my dad migrate from a blackberry to a nexus 4, and while he is quite happy with most of the phone's offerings, he finds it exasperating that the phone does not display the company field from his address book in the people/contacts app. After a week searching online for answers, it appears this is indeed not possible on android yet, and the best advice I found was to manually change the company field to middle name/last name and then "everythings alright with the world again". Hopefully, the people on xda recognize that this is hardly a 'solution'.
I then set out to find an app to replace the phone book, but that was a dead-end. Too many apps out there, not enough documentation on what does what properly and most of the descriptions suggested that they were over-kill for what I was looking to do.
So, my question is this ... Does anybody who knows the internal workings of android 4.3 on the nexus 4 know if this can be a simple tweak on a rooted phone? I do not have any experience at all hacking phones, Im not even a developer, but I imagine the display is controlled by some sort of style-sheet type entity (xml?). My reasoning is that the information is already on the phone... The only thing that needs to change is the way the phone displays the information. Would it be possible, at some level, to edit a file to display an extra line of information?
Of course, if somebody knows of a specific app/mod that already does this, please point me in the right direction.
Thanks,
Karthik
Oh yes --- IF it turns out that there is no way to do what I want without some major hacking of the OS, can somebody suggest the best way to unload the contacts from the phone to a desktop, some app that will automatically remap the company name field to the middle name/suffix, and then upload the contacts back to the phone?
The company is displayed right below the name in the top left corner of the people app.
At least in the paranoid android rom
Swyped from my Nexus 4 using Tapatalk 4
In the stock version, the only way to see it is when the actual contact is opened... Meaning, when viewing contact details. The problem with this is that when you have multiple contacts with the same name, it is impossible to dial the right one directly from the Phone App. Each time, one must click on the person's avatar on the left side, which does some weird 'half opening' of the contact, then click again on the top of that dialog box to open the actual contact, at which point the company name is displayed at the top corner.
In my dad's case, he has many many contacts with the same names, even same first and last (we in India have third initials that finally differentiate the persons!) ... On his blackberry, the company name ALWAYS showed under the contact name, and so it was easy to call the right person. With android, neither the phone app, nor the auto-complete introduced in 4.3 seem to care about the company name. So each time, he has to open the contact fully to figure out whom to call!
I would like to complain about my current struggle with Google (since I have no one here to complain to. So I wrote Google a message and said I have a number of purchased programs that give me a download 403 error when i try to download them (geocaching, root explorer, titanium pro, gps status and toolbox pro etc.) and can they help me fix the issue. So they send me a canned response that says that I cannot install the programs because they are from a different userid of mine. So I respond and say that i have both user id's added as accounts on my phone so thats not it. So I get a canned response back that tells me there process of how apps are bought and how they are good forever and how you can install them on any devices. So I respond again telling them this is a download issue that I need help with. So I get another canned response that says during these issues you should try to wipe data on the play store and download manager. So I think, ok, this makes sense. I try that and nothing happens. So I respond again and tell them It didn't do anything but I have tried this on at least 6 different devices and it happens on all of them. So I get another canned response that says during issues like this you should delete your account and re-add it and if that doesnt work then wipe your phone to factory reset and try again. Now I am getting pissed. So I respond again and tell them that I just told them that it happens on many devices not just this device and I included a screenshot of the error this time and suggest maybe its having an issue looking up if i bought it and could they reset it so i could buy it again and see if that works. I get another canned response that says, it sounds like you are having issues with these apps, You should contact the developer so they can explain any issues that you dont understand on how their software works. NOW, each one of their responses comes with atleast a page of "We are sorry, we know this is frustrating, blah blah blah" with more detail on how to find the developers address etc." So I have this mile long email trail that's all canned bull sh!t I realize. So I responded again and told them to quit sending me canned responses and to read my damn issue so you can address it. I told them they should be working with the developer, not me, because this is their issue. Well - Stay tuned for there next canned response. I am going to blow a gasket if its another one that addressess nothing.
Has anyone else had a 403 download error in the playstore that they know how to fix?
Tried selecting the correct account before attempting to install?
JulianPaoloThiry said:
Tried selecting the correct account before attempting to install?
Click to expand...
Click to collapse
that makes sense. is there a place to choose which account?
Where it shows the account name on the left side.
JulianPaoloThiry said:
Where it shows the account name on the left side.
Click to expand...
Click to collapse
OMG dude, you just fixed my problem that i have been having for a year. I should know to ask xda before i ask google....stupid stupid stupid me..
Thanks Bro.
jbeitel said:
I hate Google Support.
Click to expand...
Click to collapse
Here's your first mistake - you assume they care down to the individual customer level. We (humans) all exist as a necessary evil that Google's dependent on because we are the plebes who own the wallets which we open after clicking links that make money by selling advertising to the companies we buy from. If they could by-pass us and connect our wallets directly to advertisers they would. Google's taken away ActiveSync support, created a holy war in the YouTube community to push G+, created another furor by linking G+ to Gmail so anyone on G+ can e-mail anyone they can find on G+. There are tons more but you get the idea that "customer first" isn't exactly their manta. If you want to see their customer support in action look at the Nexus hardware forums. Google's support is byzantine. Your only hope of getting "real" support for s/w from Google is if you happen to stumble upon a s/w issue that intrigues them Or if you unmask a newsworthy security hole.
"Don't be Evil" has long been trumped by the need to keep revenue and margin high to keep the stock high to please both shareholders and Google'rs who's fortunes rise and fall by the value of that very same stock.
Google's an oligopoly now and not benevolent or our friends.
BarryH_GEG said:
Here's your first mistake - you assume they care down to the individual customer level. We (humans) all exist as a necessary evil that Google's dependent on because we are the plebes who own the wallets which we open after clicking links that make money by selling advertising to the companies we buy from. If they could by-pass us and connect our wallets directly to advertisers they would. Google's taken away ActiveSync support, created a holy war in the YouTube community to push G+, created another furor by linking G+ to Gmail so anyone on G+ can e-mail anyone they can find on G+. There are tons more but you get the idea that "customer first" isn't exactly their manta. If you want to see their customer support in action look at the Nexus hardware forums. Google's support is byzantine. Your only hope of getting "real" support for s/w from Google is if you happen to stumble upon a s/w issue that intrigues them Or if you unmask a newsworthy security hole.
"Don't be Evil" has long been trumped by the need to keep revenue and margin high to keep the stock high to please both shareholders and Google'rs who's fortunes rise and fall by the value of that very same stock.
Google's an oligopoly now and not benevolent or our friends.
Click to expand...
Click to collapse
couldn't have said it any better. They just tricked me because the first couple canned responses sounds personal, until i started seeing a pattern and then all out ignorance.
I got the final end all be all response from google
"It appears from the apps that you are having a problem with that your device is rooted. Because of the complexity of rooted devices, we are not able to support you".
So I told them xda told me how to fix in in 5 mins. c*ck suckers.
Hi everyone. I'll explain you. After i watched the documentary about Edward Snowden, i feel that someone is spying on me. I found the blackphone online, and his PrivateOS is awesome! I'm not a porter, so if someone may port the PrivateOS to our OnePlus X, it would be awesome!! Some guys, wanted to port it on xperia (sauce: http://forum.xda-developers.com/android/general/privatos-rom-1-0-1-t2833178)
If you want privacy buy a BlackBerry.
Hi, I had it on my Wiko Wax. I didn´t like it because de UI it´s not nice and it has a lot of security apps that I think it´s unnecessary for users like us. We have decent protection with security patches and the best security is the user. Maybe the blackphone rom is very secure yeah but if you want 100% security with this ROM just buy the blackphone, I don´t think it will be useful on our OPX. And yeah someone is spying on you. Google.
Exodusche said:
If you want privacy buy a BlackBerry.
Click to expand...
Click to collapse
Respect his idea, don't make fun.
sheraz1015 said:
Respect his idea, don't make fun.
Click to expand...
Click to collapse
Thank you so much sheraz1015!
Yesterday, i found a video on youtube. This guy was explaining how to get your search history of Google.
I found that Google, was spying on me...they recorded with microphone of my OnePlus X my voice, every 2h!!
I was surprised that they recorded me also when i was sleeping!!!
I found also that they tracked my position, but my gps is always switched off!!
I didn't know that, but everyone who has google play services on the phone, they keep in history when you open
or close any app that you have. I'm pissed off!
Will someone try to port it, or make a secure rom, maybe not based on google apps?
WithoutValorFreedomDies said:
Thank you so much sheraz1015!
Yesterday, i found a video on youtube. This guy was explaining how to get your search history of Google.
I found that Google, was spying on me...they recorded with microphone of my OnePlus X my voice, every 2h!!
I was surprised that they recorded me also when i was sleeping!!!
I found also that they tracked my position, but my gps is always switched off!!
I didn't know that, but everyone who has google play services on the phone, they keep in history when you open
or close any app that you have. I'm pissed off!
Will someone try to port it, or make a secure rom, maybe not based on google apps?
Click to expand...
Click to collapse
Can you send me the link please..
sheraz1015 said:
Can you send me the link please..
Click to expand...
Click to collapse
Here it is dude
Sauce: https://www.youtube.com/watch?v=TtmR9L0ITlM
Go to minute 2:03 also
Wasn't trying to be rude just herd blackberry has best security. But In this case I don't think it would matter. Thanks for sharing this don't think too many people know about it.
okay first: appreciate, that obviously there are other people concerned about their privacy.
second: there are people even more concerned about their privacy, like i.e. German's chancellor, making them pay 10,000$ for a cell phone - hacked. so how secure can som cell phone for some 100$ be?
next: about BlackBerry: where is ur privacy when all ur communication is routed through a private companies servers? As long as u do not fully trust such a company i'd call that surveillance too...
that being said: what do u consider to be secure regard ur privacy? first answer urself this question before making any progress. keep in mind, that ur cellphone is basically a full featured tracking system (which isnot a bad thing per se).
What do I mean?ˋWell for instance personally i don't consider photos synced to dropbox/google drive/microsoft's whatever to be private. they're located on servers inside the use, and as such accessable by officials whenever there's desire. also I do absolutely not consider my passwords to be safe when synced to my google account. Next i will not consider any call to be secure in a matter of "no one can listen"- that wont change unless u use end-to-end encryption which requires the called person to have an according setup. etc etc
i came to the conclusion that my phone simply is NOT secure! So if u do not intend to just keep ur hands off any device connected to the internet/gps u can be tracked. Just a matter of the effort to achieve that....
Now how can i just keep calm with all that. well i actually don't. its a compromise for me, as i just don't want to miss certain points which are provided by smartphones.
However I totally disagree with just handing over my private data making it needless to spy on me cause i instafacetweet**** whenever i'm at starbucks taking a coffee or sending private photos using services, that claim property of such (needless to call it by name..)
finally, to shorten this and maybe give u one or two hints especially regarding google apps etc:
- y handing google my actual name (u certainly won't be able to hide ur identity just because of this!! but referring to the last paragraph above this is step no1)
- personally i use opengapps pico which shrinks the amount of spyware down a bit (however there are some packages included safe to uninstall)
- regarding the "google tracks my app usage": well this is because u grant playstore/play services permission to do so (settings-->security-->app ausage access)
- also i have restricted access to pretty much anything for google apps as i only want playstore running(privacy guard or similar)
- using greenify (xposed required i guess) u can "uncover hidden synchronizations" which will (what a surprise) a HUGE list of syncs to be disabled in settings -->accounts-->google-->whatever
- also take a look in google settings (ads/"security")
- system administrator
etcetcetc...
if u want to minimize the chance one can create location profiles: mac spoofing (i guess thats the english term). also when u use buetooth headset, u ar visible for any near device. same goes for wlan search, nfc bla.
These are just a few things that make me personally feel a bit more comfortable using such devices. a huge part in this takes NOT using whatsapp/facebook or anything like that. i'm convinced computers don't understand social interaction, and as such they should only take a minor "transmitting" role in this and not tell me who/what i might like or what the f***
I actually do have friends and they will know if theres sth worth to know, which works the other way round too.
I hope I somehow stuck to the read thread (do u really say so? ) and maybe there were 1 or 2 points of use for u.
Whats most: the more u use/rely on such technology, the more of ur life can/will be exposed OR the more effort u will have to put into it to prevent that. (with the only result u increase the effort in spying on u/whatever).
Gesendet von meinem ONE E1003 mit Tapatalk
tet-bundy said:
okay first: appreciate, that obviously there are other people concerned about their privacy.
second: there are people even more concerned about their privacy, like i.e. German's chancellor, making them pay 10,000$ for a cell phone - hacked. so how secure can som cell phone for some 100$ be?
next: about BlackBerry: where is ur privacy when all ur communication is routed through a private companies servers? As long as u do not fully trust such a company i'd call that surveillance too...
that being said: what do u consider to be secure regard ur privacy? first answer urself this question before making any progress. keep in mind, that ur cellphone is basically a full featured tracking system (which isnot a bad thing per se).
What do I mean?ˋWell for instance personally i don't consider photos synced to dropbox/google drive/microsoft's whatever to be private. they're located on servers inside the use, and as such accessable by officials whenever there's desire. also I do absolutely not consider my passwords to be safe when synced to my google account. Next i will not consider any call to be secure in a matter of "no one can listen"- that wont change unless u use end-to-end encryption which requires the called person to have an according setup. etc etc
i came to the conclusion that my phone simply is NOT secure! So if u do not intend to just keep ur hands off any device connected to the internet/gps u can be tracked. Just a matter of the effort to achieve that....
Now how can i just keep calm with all that. well i actually don't. its a compromise for me, as i just don't want to miss certain points which are provided by smartphones.
However I totally disagree with just handing over my private data making it needless to spy on me cause i instafacetweet**** whenever i'm at starbucks taking a coffee or sending private photos using services, that claim property of such (needless to call it by name..)
finally, to shorten this and maybe give u one or two hints especially regarding google apps etc:
- y handing google my actual name (u certainly won't be able to hide ur identity just because of this!! but referring to the last paragraph above this is step no1)
- personally i use opengapps pico which shrinks the amount of spyware down a bit (however there are some packages included safe to uninstall)
- regarding the "google tracks my app usage": well this is because u grant playstore/play services permission to do so (settings-->security-->app ausage access)
- also i have restricted access to pretty much anything for google apps as i only want playstore running(privacy guard or similar)
- using greenify (xposed required i guess) u can "uncover hidden synchronizations" which will (what a surprise) a HUGE list of syncs to be disabled in settings -->accounts-->google-->whatever
- also take a look in google settings (ads/"security")
- system administrator
etcetcetc...
if u want to minimize the chance one can create location profiles: mac spoofing (i guess thats the english term). also when u use buetooth headset, u ar visible for any near device. same goes for wlan search, nfc bla.
These are just a few things that make me personally feel a bit more comfortable using such devices. a huge part in this takes NOT using whatsapp/facebook or anything like that. i'm convinced computers don't understand social interaction, and as such they should only take a minor "transmitting" role in this and not tell me who/what i might like or what the f***
I actually do have friends and they will know if theres sth worth to know, which works the other way round too.
I hope I somehow stuck to the read thread (do u really say so? ) and maybe there were 1 or 2 points of use for u.
Whats most: the more u use/rely on such technology, the more of ur life can/will be exposed OR the more effort u will have to put into it to prevent that. (with the only result u increase the effort in spying on u/whatever).
Gesendet von meinem ONE E1003 mit Tapatalk
Click to expand...
Click to collapse
Thank you very much for your dedication on a precise answering. All that you said.....you are right. Damn
I'm just trying out Nameless ROM. I noticed it has privacey guard as mentioned above. Whether it actually does anything who knows.
I'm paranoid about google services aswell.
Hence i installed a fresh build of CM13 / AOSP CAF
Installed F-Droid as primary market and replaced apps with open source replacements. (Replaced Chrome/AOSP browser with chromium etc.).
I also installed Firewall, adblocker+ and system manager for monitoring malicious apps and processes. Privacy guard & app ops also works wonders together
this not only gives u ability to customize android your way but also provides good level of security.
If you are still paranoid about identity, u can use orbot and tor network for anonymous identity. (Both found on F-Droid).
This also greatly improves battery life and keeps the phone snappy.
Hope this helps
In all honesty, just use Sailfish and remove everything you find funky. Private OS isn't worth porting. Another alternative would be to just flash any ROM without flashing GAPPs
---------- Post added at 04:02 AM ---------- Previous post was at 04:01 AM ----------
At the end of the day though, you are still at the mercy to some company... We have already lost this fight.
karan5chaos said:
If you are still paranoid about identity, u can use orbot and tor network for anonymous identity. (Both found on F-Droid)
Click to expand...
Click to collapse
I agree... in theory. however if u assume to be under surveillance, u better assume that u are not the only one inside the tor network to be under surveillance. u just need to observe a not too small amount of tor servers (which is still a relatively small amount, taking the capacity of todays intelligence services into consideration) to be able to reconstruct the whole path of any communication routed through that network. now also seeing that bandwidth is just lousy, there's just no point in using tor (except u want to access services, that require u to do so).
To cut a long story short, if u want ur internet traffic to be secure, u'll have to go for a vpn provider! (of course u have to trust that provider, as they are able to read anything u pass through that gate)
regards
t
P.S.: if u're interested in vpn service, pm me and i'll tell u my hoster which i think is one of the most trustworthy around and also provides some advanced methods other just don't.
(just to stick to the rules and not advertise here )