Related
Most people don't yet know that many Android software leak all sorts of information to the internet with only scant user acknowledgement (basically what you accept when you install the app).
Due to this and the fact that there are already privacy information harvesting apps for Android on the marketplace - a team of security experts have created TaintDroid:
What is TaintDroid?
From the project's web page: "A realtime monitoring service called TaintDroid that precisely analyses how private information is obtained and released by applications "downloaded" to consumer phones."
From: http://appanalysis.org/index.html
How can I install TaintDroid?
As TaintDroid is currently compiled into the kernel, you cannot easily install it, but you have to cook your own kernel. Instructions (for Nexus 1) are available at the project web site: http://appanalysis.org/download.html
How does TaintDroid work?
Here's a video demonstrating how TaintDroid works once it is installed and configured:
http://appanalysis.org/demo/index.html
Why would you want to install this?
There can be many reasons for installint TaintDroid:
- You want to learn about privacy features and play with Android kernel
- As it is currently impossible to differentiate between innocent and sneaky Android apps based only on what access rights they request, you may want to dig in deeper
- You are worried about what apps are doing behind your back and you want to know which apps to uninstall
- You want to help create Android a more secure and privacy-protected platform, instead of the swiss cheese it currently is
What can you do?
As compiling kernels is mostly beyond the reach of mere mortals currently, consider cooking TaintDroid into your kernel, if you are cooking one yourself and offering it available for others to try and use.
Hopefully increased awareness and usage will bring this program eventually into other modders and perhaps even Google's attention and something more easily accessible is offered for the public at large.
BTW, I'm just a user, interested in getting TaintDroid on my own Galaxy S. I'm not affiliated with the research program, but I like what they are doing. This information is purely FYI.
+1 for the idea
Sent from my GT-I9000 using XDA App
+1
Since we cannot expect information gatherer Google to come up with a good privacy protection mechanism soon I think we are forced to take measures ourselves.
I also learned that several of my bought applications are constantly forcing me to enable synchronisation and/or 3G internet. They either randomly uninstall (Asphalt 5), their icons disappear (for example: Mini-squadron) or won't start, with (Schredder Chess) or without a message. Angry Birds Beta2 lite (free game) and Hungry Shark are 2 more examples. So much for an incentive to buy games...
It would be great if applications used a well-defined mechanism to check their validity on-line, and not have this sneaky, lingering attack from all sides to any privacy or battery consumption aware user.
I can not cook Kernels, but this is something i want to use.
Not that i am worried, but i dont know what apps are sending when you open them. Thats something i want to know!
I am sure i am not the only one.
+1
Yes please... This should be in all android phones... as a security option you could turn on!!!
Antonyjeweet said:
Not that i am worried, but i dont know what apps are sending when you open them. Thats something i want to know!
Click to expand...
Click to collapse
And do some of these applications only send stuff when you open them?
--
From a user perspective it currently is really difficult to judge applications that need to start at boot-up and deal with many facets of your computer (Launchers, tools combining lots of divers features).
Do you know some ROM where Taindroid is included?
I've posted in hardcore and laststufo kernel threads to ask if they could add it.
We just need more people wanting it so they think about adding it
exadeci said:
I've posted in hardcore and laststufo kernel threads to ask if they could add it.
We just need more people wanting it so they think about adding it
Click to expand...
Click to collapse
glad you did that
+1 support the idea. hope some of our hardworking kernel builders will add this in.
My concern is how much another real time service will affect battery life. For people trying to make the leanest, fastest kernel I'm not sure it's viable.
I have been wanting TaintDroid built into android by default since the day it was announced, but I really do not think google cares about this, so please, please ROM cookers out there (Maybe Doc?), lets add this into our galaxy S roms.
Well, this seems to work only on android 2.1
Make it so.
+1
Combined with walldroid (or other firewall) this could put back power into users hands. Would really love to see this inside hardcores kernel. Maybe as an option for the stable releases?
+1
This should be the next standard in aAndroid
idea about spoofidroid application
how about a program to spoof or make the phone send fake:
GPS location,
IMEI,
phone number,
simcard id,
etc... information to applications that ask without permission.
this way you can feed these application with information they want but without breaking your privacy. (both end sides are more than happy)
-----
nice option to have:
1) enable/disable auto generate different id every time.
2) allow list / ban list of application to have real or fake id.
3) enable/disable notify for application request.
-----
there are all ready applications that fake your simcard PLMN mobile network codes without the need of kernel rights, but you need to enable disable the flight mode to restore the default code.
===========
good luck to spoofidroid or similar applications.
Jumba said:
My concern is how much another real time service will affect battery life. For people trying to make the leanest, fastest kernel I'm not sure it's viable.
Click to expand...
Click to collapse
I hope there will be developers out there who prioritize privacy/security over speed/battery and storage usage.
I'm the project lead of the TaintDroid system. We are currently working on a few extensions of TaintDroid but unfortunately are short on engineering resources to port TaintDroid onto other systems than Nexus One that we originally developed. We'd greatly appreciate it if XDA developers would take on this effort! Many ongoing projects would hugely benefit from having easy-to-run TaintDroid ROM available for many different devices and upcoming Android systems let alone user benifit.
Thanks,
Jaeyeon
Research Scientist @ Intel Labs Seattle
Ettepetje said:
I also learned that several of my bought applications are constantly forcing me to enable synchronisation and/or 3G internet. They either randomly uninstall (Asphalt 5), their icons disappear (for example: Mini-squadron) or won't start, with (Schredder Chess) or without a message. Angry Birds Beta2 lite (free game) and Hungry Shark are 2 more examples. So much for an incentive to buy games...
Click to expand...
Click to collapse
beta2 lite? i think that was malware, make sure it came from rovio otherwise it's fake and you should delete it.
It's really scary to see with the lookout app how many apps can access to your imei, telephone number "Read Identity Info", can access your contacts, track your position, and can send out all this data.
Here a HTC Desire user, asking for some privacy.
Best regards!
I've seen a couple posts regarding getting Google Wallet to work (and hopefully I'm not being redundant with this post). I've had Google Wallet working on my own 2.3.5 source ROM for quite some time now and I figured I'd share what got it working for me. As a matter of disclosure, I do have the 4G, but I haven't seen anything in the code that would give reason for why this wouldn't work.
While I'm able to build a ROM, I for some reason, don't know how to put together a flashable update. Maybe somebody with a little more know-how can piece this together and try it out, or at least tell me I'm wrong.
Files needed from the GWK74 ROM:
system/etc/permissions/com.google.android.nfc_extras.xml
(I just added the permission entry to the existing com.android.nfc_extras.xml file instead to keep the clutter down).
system/framework/com.android.nfc_extras.jar
The version in the GWK74 ROM contains code that has yet to be released, since korg is down and all. The extra file has something to do with NFC emulation, but I've only glanced at it, so I really couldn't tell you what it does.
system/app/Wallet.apk
Obviously.
Here's the catch: The Wallet app requires permissions from Nfc.apk (NFCEE_ADMIN). By default, the Nfc.apk is signed with the "platform" key, but as long as these two files are signed with the same key, it will grant it the proper permissions to Wallet.apk no matter what key that may happen to be. Considering that Nfc.apk also requests other permissions from "platform" as well, certificate consistency would be advisable.
Hope this works out or at the very least, gets the ball rolling.
Hopefully, someone can make like a flashable zip for CM7 or at least let us know which files need to be copied to our GSM phones so we can extract those files and copy it to system
do you mind zipping up the files used and posting them here?
They're basically the stock files from GWK74 with Wallet.apk and Nfc.apk signed with the same key. My only concern is that since I've used a private key on my own ROM for a while now, I don't remember/know how many or which non-stock ROMs are signed with anything other than the testkeys or which key would be the best for (most) everyone. If the testkeys work universally, I could do that, but I'd hate for someone with differing platform keys getting upset that it's still doing the same FC as before.
For those familiar with using the Android Kitchen, it can do the signing and packaging with testkeys if you're willing to reflash. Might be an easier step for some to take if the command line method seems overwhelming.
As far as Google Wallet working on a GSM Nexus S. I believe there is more protection than it appears. I firmly believe Google has not only modified the NFC drivers and added NFC security to both the drivers and the Firmware. But I also think they added security to the rils and network checks.
How did I get to these conclusions? Well I actually ported the whole NS4G rom over to the GSM. The only things I really had to change were ril libs and the build.prop. Everything else is pretty similar between the two phones. NFC worked and I was able to start up Google Wallet, however, when attempting to add a card to Google Wallet, it kept loading for like 10 minutes until it gave an error. No real description of the error and logcats revealing nothing. Taking out my sim card, I was greeted with a message in Google Wallet that I should check my sim card and insert it if its not inserted. Why would Google Wallet even have anything to do with carriers even connected to wifi? There must be some other things added.
Then I went ahead and decided to revert to a backup of my CM7. I noticed NFC no longer would turn on, it kept giving me an error. Looking at a logcat it looked like it was trying to download and install firmware but failed. Other NS4G users have experienced this same error. Logcats show that it is downloading firmware but failing to be able to install it. My theory: Google added extra security to the firmware located directly onto the NFC chip itself. So now no ROMs (including the new 2.3.6) give me working NFC except for that 2.3.7 rom. I'm still working on trying to fix.
Now I am happy you posted this thread, because maybe if I backport these additions to a GSM rom I might be able to fix NFC. I'm not sure as of yet. I am going to attempt Odin next, but I can already guarantee Formatting System, Boot, Cache, Data did not resolve the issue.
They definitely added something to the firmware. After flashing GWK74 nfc no longer works on 2.3.5. If I flash back to GWK74 it works no problem.
Sent from my Nexus S 4G using xda premium
U could test that driver theory with a chip that hasnt gotten the 2.3.7 update.
apreichner said:
As far as Google Wallet working on a GSM Nexus S. I believe there is more protection than it appears. I firmly believe Google has not only modified the NFC drivers and added NFC security to both the drivers and the Firmware. But I also think they added security to the rils and network checks.
How did I get to these conclusions? Well I actually ported the whole NS4G rom over to the GSM. The only things I really had to change were ril libs and the build.prop. Everything else is pretty similar between the two phones. NFC worked and I was able to start up Google Wallet, however, when attempting to add a card to Google Wallet, it kept loading for like 10 minutes until it gave an error. No real description of the error and logcats revealing nothing. Taking out my sim card, I was greeted with a message in Google Wallet that I should check my sim card and insert it if its not inserted. Why would Google Wallet even have anything to do with carriers even connected to wifi? There must be some other things added.
Then I went ahead and decided to revert to a backup of my CM7. I noticed NFC no longer would turn on, it kept giving me an error. Looking at a logcat it looked like it was trying to download and install firmware but failed. Other NS4G users have experienced this same error. Logcats show that it is downloading firmware but failing to be able to install it. My theory: Google added extra security to the firmware located directly onto the NFC chip itself. So now no ROMs (including the new 2.3.6) give me working NFC except for that 2.3.7 rom. I'm still working on trying to fix.
Now I am happy you posted this thread, because maybe if I backport these additions to a GSM rom I might be able to fix NFC. I'm not sure as of yet. I am going to attempt Odin next, but I can already guarantee Formatting System, Boot, Cache, Data did not resolve the issue.
Click to expand...
Click to collapse
Thanks for chiming in. Appreciate the info
Hmm, that's odd because aside from those three files and the vendor binaries, everything else on my ROM is from the 2.3.5 source files (since I don't have a choice for source files, really). The first thing I tried when Wallet was giving me fits was to poke around the APKs to see if they were holding any additional files, but I didn't locate any in Wallet and the NFC app file is too small to hold any additional files (and doesn't, since I checked anyway). The 2.3.7 nfc_extras JAR file only contains three java files (compared to the two from 2.3.5) so I don't suspect anything warranting investigation.
It's hard to imagine Google going through so much trouble to block their own product on their own phone. Unfortunately, I don't have access to a non-Sprint Nexus S, so I cannot account for the SIM message you experienced, but the hardware vendor for the NFC component appears to be the same (NXP) for both phones and it just doesn't make sense for them to use two different components for the same model of nearly identical phones. I'll try using the libpn544_fw.so binary from the standard crespo and see what kind of (ill) effects I experience.
I did notice during my trial-and-error period that the error messages and the manner in which they would show up seemed to vary slightly. Adding the JAR file alleviated the persistent com.google.android.apps.walletnfcrel FC during startup and use. After that, the signing took care of the persistent 'insufficient system privileges' (or something to that effect) on startup.
I'd be interested in what is in your log readout. Personally, logcat gets visually overwhelming to me, so I just use ddms to filter out the other processes and error messages from obfuscating what I'm looking for. The thing that Wallet is trying to access is NFC permissions, which Nfc.apk appears to have sole (or at least primary) responsibility for. All of the protests coming from Wallet that I observed were related to its inability to be granted permissions from Nfc for NFCEE_ADMIN, which is specified in its AndroidManifest file as being under protectionLevel="signature", of which it is assigned to "platform" by default. That would explain why people with the stock ROM can get it to work, since it still retains the Google signature keys structure. I suspect most of the alternative ROMs are running some varying key structure, but that is just speculation on my part. I suppose modifying the AndroidManifest file to explicitly give permission to Wallet would also address that, but at the time, I considered that unnecessarily tedious.
I'm still betting on certificate-connected privileges being the primary culprit, but I'll give the NFC binary file a run and see what happens.
Update:
Ran with the libpn544_fw.so from crespo and Wallet initially FCed. I pulled the file through ADB first to make sure it was the one installed and it was, but after the FC, I pulled the file again and it was the regular one for crespo4g. So, unless I misread it or made a mistake somewhere, something is replacing the file. I pushed the original file back, ran it, and pulled it again and it seemed to stick, but I suspect it's running from cache. So basically, it appears that the binary from crespo is insufficient, as I got numerous errors in ddms as a result. I don't know if it has the same effect both ways though. Has anybody tried the crespo4g NXP binary yet with any luck?
Also, I do apologize for some misinformation earlier. The 2.3.7 NfcGoogle.apk does contain a libnfc_jni.so file, but it's already in system/lib, so I don't know if that has to do with anything relevant.
Need some help i get this error message when i push the files to newest Cm7 nightly based on 2.3.7. Any ideas?
XK72 said:
It's hard to imagine Google going through so much trouble to block their own product on their own phone.
Click to expand...
Click to collapse
Well keep in mind it's not just Google that's involved, but MasterCard, Citi, MoneyNet or whatever that service is that processes the transactions... they may have mandated that some extra security measures be taken to keep the initial rollout limited to a relatively small specific group.
david279 said:
Need some help i get this error message when i push the files to newest Cm7 nightly based on 2.3.7. Any ideas?
Click to expand...
Click to collapse
I encountered the same issue a while back. It's related to the signature keys on Wallet, which is signed with Google's key out of the box. If the rest of your build is signed with testkeys (which appears to be the case), you can resolve that by signing Wallet.apk with testkeys as well.
tobiasly said:
Well keep in mind it's not just Google that's involved, but MasterCard, Citi, MoneyNet or whatever that service is that processes the transactions... they may have mandated that some extra security measures be taken to keep the initial rollout limited to a relatively small specific group.
Click to expand...
Click to collapse
While Google Wallet is a proprietary application, and as such, Google or the forces that be could possibly be responsible for what's occurring and I wouldn't be able to discern whether or not that is true, I personally don't believe that is the reason behind what is happening.
(This is just as I understand it). There certainly are security measures in place for NFC, which the Android system is responsible for handling. The Wallet app is essentially an interface that is PIN secured on the user end and requests relevant permission from Nfc.apk that manages interaction with the NFC-related subset on its behalf. If anything, the credit card companies are concerned with unauthorized transmissions that could result in financial liability on their end. The fact that Wallet requires signature-protected permission authorization from Nfc to access the NFC element shows that Android is not leaving security duties up to the Wallet app alone.
I think the hindrances in getting this to work for everyone is that the people who could develop a fix probably don't have access to the Nexus S hardware variants. I started with the same or similar issues that people faced when trying to incorporate Wallet into their build and eventually got it to work on a 2.3.5 sourced build was the steps above, but I also don't own a standard Nexus S for me to test with, so I couldn't proclaim that it was a definitive fix. I was hoping, at the very least, that it might be contributive towards finding a fix for everyone.
XK72 said:
I encountered the same issue a while back. It's related to the signature keys on Wallet, which is signed with Google's key out of the box. If the rest of your build is signed with testkeys (which appears to be the case), you can resolve that by signing Wallet.apk with testkeys as well.
Click to expand...
Click to collapse
How do I sign apks? Can you send me a wallet apk signed with test keys?
Sent from my Nexus S 4G using xda premium
---------- Post added at 06:03 PM ---------- Previous post was at 05:39 PM ----------
Ok i found a app in the market for signing apks, zips, etc. but im getting the same error.
XK72 said:
While Google Wallet is a proprietary application, and as such, Google or the forces that be could possibly be responsible for what's occurring and I wouldn't be able to discern whether or not that is true, I personally don't believe that is the reason behind what is happening.
(This is just as I understand it). There certainly are security measures in place for NFC, which the Android system is responsible for handling. The Wallet app is essentially an interface that is PIN secured on the user end and requests relevant permission from Nfc.apk that manages interaction with the NFC-related subset on its behalf. If anything, the credit card companies are concerned with unauthorized transmissions that could result in financial liability on their end. The fact that Wallet requires signature-protected permission authorization from Nfc to access the NFC element shows that Android is not leaving security duties up to the Wallet app alone.
I think the hindrances in getting this to work for everyone is that the people who could develop a fix probably don't have access to the Nexus S hardware variants. I started with the same or similar issues that people faced when trying to incorporate Wallet into their build and eventually got it to work on a 2.3.5 sourced build was the steps above, but I also don't own a standard Nexus S for me to test with, so I couldn't proclaim that it was a definitive fix. I was hoping, at the very least, that it might be contributive towards finding a fix for everyone.
Click to expand...
Click to collapse
I will attempt to port it over. Good news is there's some 2.3.7 source available now to build with. I don't have much hope though because a full port didn't even work on a GSM device. Although newer libs might help.
Sent from my Nexus S using xda premium
apreichner said:
I will attempt to port it over. Good news is there's some 2.3.7 source available now to build with. I don't have much hope though because a full port didn't even work on a GSM device. Although newer libs might help.
Sent from my Nexus S using xda premium
Click to expand...
Click to collapse
Do you know where they're hosting the 2.3.7 source? I just realized that they released the 2.3.7 binaries for both crespo and crespo4g, so between those two, there really shouldn't be anything else getting in the way of making this work.
Here: http://forum.xda-developers.com/showthread.php?t=1284517
People are reporting that Wallet works just fine on I902x phones and stock rooted 2.3.6. I'm only one there unable to add prepaid card. Guess it's because my IMEI is generic, and i'm pretty sure that google is using IMEIs for authentication and similar processes...
One factor may be branch of code. In build numbers, the letters have meanings. First letter is Android version (G for Gingerbread). Second letter is branch. Usually this is R for Release. The build for NS4G is W. I don't know what this W branch is. Maybe special "Wallet" branch.
http://source.android.com/source/build-numbers.html
Sent from my Nexus S using XDA App
Hi,
Stock ROMs aren't really trustworthy by default (e.g., phandroid.com/2014/11/06/carrier-iq-settlement).
Some manufacturers' devices aren't really trustworthy, even with stock ROMs removed (e.g., theepochtimes.com/n3/830922-chinas-xiaomi-smartphones-may-be-spying-on-you).
Cyanogenmod went donwhill:
We may collect information such as occupation, language, zip code, area code, unique device identifier, location, and the time zone where your product or device is used so that we can better understand customer behavior and improve our products, services, and advertising.
Click to expand...
Click to collapse
(from cyngn.com/legal/privacy-policy) They started on this path long ago, but I won’t go there now.
I would like to buy a new Android phone. I won’t have national secrets on it, but I still don't want any Google-style spying. Assuming I don't add GApps, is OmniROM a good choice for me? Does it respect the privacy of its users? Does it contain any components that would ever connect anywhere to trunsmit any information like GApps do. Obivously, I'm not talking about user initiated events.
One more thing, does it have a permission manager? Ideally, something that allows the user to choose for each permission for each apps whether real, fake or blank data is shared, but a bit cleaner than XPrivacy.
Thanks!
Just for the record, you can remove CM-specific apps and block their servers in your device's hosts file. It takes literally 5 minutes and it's pretty good after that.
Dragoon Aethis said:
Just for the record, you can remove CM-specific apps and block their servers in your device's hosts file. It takes literally 5 minutes and it's pretty good after that.
Click to expand...
Click to collapse
Thanks, good to know.
Yes, OmniROM does not include proprietary tracking software unlike cyanogenmod.
Personally if OmniROM does not support your device, I suggest using cyanogenmod + freecyngn (http://forum.xda-developers.com/showthread.php?t=2550769).
One more thing, does it have a permission manager? Ideally, something that allows the user to choose for each permission for each apps whether real, fake or blank data is shared, but a bit cleaner than XPrivacy.
Click to expand...
Click to collapse
Yes. It has "apps permissions". Open the app info of an app and click on apps permissions. There you can disallow access.
6hunnid9 said:
Yes, OmniROM does not include proprietary tracking software unlike cyanogenmod.
Personally if OmniROM does not support your device, I suggest using cyanogenmod + freecyngn (http://forum.xda-developers.com/showthread.php?t=2550769).
Click to expand...
Click to collapse
Thanks for this tip.
I'd like to try setting up my N9005 without Play Store and Google Play Services. Part of the reason is the battery use by Google Apps of various types and the other is the necessity of allowing those apps access to dial the phone, send SMS etc.
I'd like to see if I can make my phone more efficient AND more secure.
So far I'm looking at getjar.com, androidtapp.com and appbrain.com. Which app sites do you use and is it reasonable to find one that provides apps that don't use Google Play functions?
Suggestions welcome and experiences on any alternative sites would be appreciated? Also opinions or experiences in getting rid of the google connection...
I'm currently running @temasek 's cm13 - v 3.5 (more properly @joshndroid 's cm13 now he is building it )
I tried once
Journyman16 said:
I'd like to try setting up my N9005 without Play Store and Google Play Services. Part of the reason is the battery use by Google Apps of various types and the other is the necessity of allowing those apps access to dial the phone, send SMS etc.
I'd like to see if I can make my phone more efficient AND more secure.
So far I'm looking at getjar.com, androidtapp.com and appbrain.com. Which app sites do you use and is it reasonable to find one that provides apps that don't use Google Play functions?
Suggestions welcome and experiences on any alternative sites would be appreciated? Also opinions or experiences in getting rid of the google connection...
I'm currently running @temasek 's cm13 - v 3.5 (more properly @joshndroid 's cm13 now he is building it )
Click to expand...
Click to collapse
I once tried to use my Nexus 7 without Gapps. and then my Livescore app said it needed GPServices. again a shopping app said it needed GPS to run. then I installed Gapps :|
So we're stuck with Google unless we reduce functionality way down?
Hm... I recall seeing a CM Apps option a while back and I am running AOSP on my N9005 - will have a look for it. Thanks for the Reply.
Journyman16 said:
So we're stuck with Google unless we reduce functionality way down?
Hm... I recall seeing a CM Apps option a while back and I am running AOSP on my N9005 - will have a look for it. Thanks for the Reply.
Click to expand...
Click to collapse
the best thing would be installing Pico or Nano version of GApps. Only Play store, Play Services and Contact Sync come with it.
nijom said:
the best thing would be installing Pico or Nano version of GApps. Only Play store, Play Services and Contact Sync come with it.
Click to expand...
Click to collapse
Of course. That is exactly what he wants. :sly:
nijom said:
the best thing would be installing Pico or Nano version of GApps. Only Play store, Play Services and Contact Sync come with it.
Click to expand...
Click to collapse
While that sounds good, those are pretty much exactly the apps that crash the phone if you try to interfere with call/SMS permissions. What I am trying to find out is if it is possible to have a functional and useful phone WITHOUT having Google privy to everything I do.
Just because I am paranoid doesn't mean they're not after me.
You may or may not be interested in this talk by Snowden - think it's about halfway through where he discusses how the various companies have peeled away security for the alphabet agencies.
Journyman16 said:
While that sounds good, those are pretty much exactly the apps that crash the phone if you try to interfere with call/SMS permissions. What I am trying to find out is if it is possible to have a functional and useful phone WITHOUT having Google privy to everything I do.
Just because I am paranoid doesn't mean they're not after me.
You may or may not be interested in this talk by Snowden - think it's about halfway through where he discusses how the various companies have peeled away security for the alphabet agencies.
Click to expand...
Click to collapse
It's possible, but it'll depend on your definition of "functional".
I run my phone without gapps, and have calendar and contacts sync with my own server. I use syncthing for file sync, and open source for almost everything (Skype being one exception).
So for me it's fully functional, and the battery life is great. YMMV.
Sent using XDA One
jisoo said:
It's possible, but it'll depend on your definition of "functional".
I run my phone without gapps, and have calendar and contacts sync with my own server. I use syncthing for file sync, and open source for almost everything (Skype being one exception).
So for me it's fully functional, and the battery life is great. YMMV.
Sent using XDA One
Click to expand...
Click to collapse
Without GApps where do you get your apps? I've been touring sites trying to find a decent one and also discovering apps to replace those with Google links. The issue currently seems to be many good apps still tie back into Play for updates or verification purposes.
For example I have SPenCommand from a Google+ site but updates can usually be manual - i.e. I could DL them on PC and copy them over. The problem would be needing to have a link to the site (I think) to licence check. But that's something I can ask the Dev about.
That sounds pretty close to what I need. Phone, Contacts, Calendar, preferably syncing to Outlook on PC but given I am also thinking of moving to Linux, not wedded to Outlook or MS Products, nor I guess even to live syncing. I WOULD like to have backups in case phone goes away suddenly, but I can learn to use Cloud - something I have been avoiding.
I like playing with ROMs and have just started a course in App development online - my thought was to set up a dual boot with a standard GApps setup for testing as well as an unlinked one for daily driver.
Been looking at Aptoide as a store that maybe i can use without a Google account. Seems to have quite a few categories of apps so i am currently trying to work out what I need versus what I want on my phone. I currently have quite a few apps that i haven't touched in months so I figure they are probably not needed.
Any suggestions on what you consider a must have app or app category?
One possible alternative to play store is Blackmarket. It works great and it has almost all the apps present in the play store. And its best feature is that it provides paid apps for free
AndroiDTechi said:
One possible alternative to play store is Blackmarket. It works great and it has almost all the apps present in the play store. And its best feature is that it provides paid apps for free
Click to expand...
Click to collapse
I think you had better re-read the rules you agreed to in becoming a member here.
Forum Rules
In particular:
6. Do not post or request warez.
If a piece of software requires you to pay to use it, then pay for it. We do not accept warez nor do we permit members to request, post, promote or describe ways in which warez, cracks, serial codes or other means of avoiding payment, can be obtained or used. This is a site of developers, i.e. the sort of people who create such software. When you cheat a software developer, you cheat us as a community.
Regards,
The Merovingian
Forum Moderator
The Merovingian said:
I think you had better re-read the rules you agreed to in becoming a member here.
Forum Rules
In particular:
6. Do not post or request warez.
If a piece of software requires you to pay to use it, then pay for it. We do not accept warez nor do we permit members to request, post, promote or describe ways in which warez, cracks, serial codes or other means of avoiding payment, can be obtained or used. This is a site of developers, i.e. the sort of people who create such software. When you cheat a software developer, you cheat us as a community.
Regards,
The Merovingian
Forum Moderator
Click to expand...
Click to collapse
Oops sorry i forgot about that. My bad. I will remember it now.
Hi.
I'm testing now the following approach.
With Titanium Backup I froze Google Play (not for Google Play Services because I'm testing) and use Aptoide and Uptodown apps to updating.
My issue is Google Play is ALWAYS changing its configs which I've set to "not update automatically" and lots of warnings on screen telling me Google Play or Play Services stopped working.
Also I'm testing whether other apps also stop working.
Aptoide and Uptodown apps obey much better and don't change its configs.
Am I right that all these stuff are related to Google Play, soon I'll be able to return here with a more affirmative answer.
Weapon X said:
I think you had better re-read the rules you agreed to in becoming a member here.
Forum Rules
In particular:
6. Do not post or request warez.
If a piece of software requires you to pay to use it, then pay for it. We do not accept warez nor do we permit members to request, post, promote or describe ways in which warez, cracks, serial codes or other means of avoiding payment, can be obtained or used. This is a site of developers, i.e. the sort of people who create such software. When you cheat a software developer, you cheat us as a community.
Regards,
The Merovingian
Forum Moderator
Click to expand...
Click to collapse
Why i can't post my question on the main menu? Is cause i don't have the upgrade?
What has your post got to do with this message regarding warez ??
Hi all,
Sorry if this question has been asked (by me or others) - I can't fins a simple answer, so I'm trying again.
Is there any way to have sMIUI/MIUI/Xiaomi EU ROM without ANY connection to China servers/Mi accounts etc? Not just removal of the apps, but the platform, independent of connecting to servers and identifying the device through activation etc?
Or, is running a custom ROM (CM/AOSP/BlissPop etc) the only way?
I would like to run MIUI but not have it sending data to yet another bunch of servers (Google is enough for me).
I think it is a straightforward question but cannot seem to get a simple answer...please?
Thanks in advance
Raj
See this: http://forum.xda-developers.com/redmi-note-2/general/roll-skinny-miui-t3309873
DarthJabba9 said:
See this: http://forum.xda-developers.com/redmi-note-2/general/roll-skinny-miui-t3309873
Click to expand...
Click to collapse
Thanks so much @DarthJabba9
Looks like that is well beyond my skill set and time availability. Guess I'll either wait for fully working CM13 or go with sMIUI/Xiaomi EU and just deal with the fact that it will connect to the Chinese servers. Its as much about data usage/CPU cycles as it is security. Anyway, thanks again.
Cheers,
Raj
rajperth said:
Looks like that is well beyond my skill set and time availability. Guess I'll either wait for fully working CM13 or go with sMIUI/Xiaomi EU and just deal with the fact that it will connect to the Chinese servers. Its as much about data usage/CPU cycles as it is security...
Click to expand...
Click to collapse
CM13 will never come for this device, so you will need to try other options. You can try this: http://forum.xda-developers.com/redmi-note-2/general/best-sot-t3434915
This is from someone who has had the skill set and time availability to do most of the work ...
@rajperth A simple way to reduce the telemetry back to China is just delete or rename /system/xbin/tunman and remove or rename /sbin/mdbd from the boot.img (need to unpack and repack the boot.img to do this).
tunman is a tunneling manager that uses vpn (virtual private networking) to connect to Xiaomi.
mdbd is a similar mechanism that operates over a USB connection to find any available network to connect back to Xiaomi.
This does not completely stop all communications as Xiaomi have enlisted other techniques to make the call back home including FTP.
Unfortunately, developers of CM based ROMs still have to use the stock Kernel and unbelievably, have not even bothered to remove the offending Xiaomi services from the ramdisk that enable this prolific reporting
Turn off the internet or the phone. That's the price of buying Chinese stuff
Sent from my Redmi Note 2 using Tapatalk
@cukierkas You mean some China phones? Not all have embedded spyware. If the manufacturer is serious about selling to the global market whose population is not yet under their control, they remove the spyware. Xiaomi should concentrate to making communist party propaganda movies as that is where their talent lies
Thanks @jajk, you beat me to the response. And as for the whole point of this thread - I actually want MIUI, but for the linked account to this phone, I would have it. Preference is I want as close to native Android as I can get but I don't mind the MIUI skin. As to the comment to turn off the internet/phone, whilst it is an unhelpful comment, I can only assume @cukierkas didn't read the OP, I can use the phone on CM12 and other ROMS.
Anyway, thanks to those who responded helpfully and especially to @DarthJaba9 for putting me onto the other link, which might be the solution I need
Cheers,
Raj
jajk said:
@rajperth A simple way to reduce the telemetry back to China is just delete or rename /system/xbin/tunman and remove or rename /sbin/mdbd from the boot.img (need to unpack and repack the boot.img to do this).
tunman is a tunneling manager that uses vpn (virtual private networking) to connect to Xiaomi.
mdbd is a similar mechanism that operates over a USB connection to find any available network to connect back to Xiaomi.
This does not completely stop all communications as Xiaomi have enlisted other techniques to make the call back home including FTP.
Unfortunately, developers of CM based ROMs still have to use the stock Kernel and unbelievably, have not even bothered to remove the offending Xiaomi services from the ramdisk that enable this prolific reporting
Click to expand...
Click to collapse
Can you tell me what roms have these removed please, i take care about my privacy.
Thanks in advance.
@DeKs1 My Skinny boot images disable as much unwanted telemetry services as possible. I am not aware of any ROM that bothers to remove Xiaomi rubbish from the boot.img. You would think that it would be on top of someones to-do list for the sake of battery, more RAM and more performance apart from the obvious privacy issues but it is not the case, just the same BS in different flavors.
jajk said:
@DeKs1 My Skinny boot images disable as much unwanted telemetry services as possible. I am not aware of any ROM that bothers to remove Xiaomi rubbish from the boot.img. You would think that it would be on top of someones to-do list for the sake of battery, more RAM and more performance apart from the obvious privacy issues but it is not the case, just the same BS in different flavors.
Click to expand...
Click to collapse
Thank you very much for reply i'll flash your rom right now.