Database Users

[Q] Going after minimalistic set of programms/feature on N7

Hi, a new guy here!
I recently became a happy owner of 32Gb wi-fi only N7. I’m familiar with software dev (windows developer for 20 years with some work on unix) and customization/modding/flashing process (mostly for satellite receivers). However this is my first tablet and my first Android device so I could use some help 
I successfully unlocked, rooted and installed custom recovery on my N7. I would like to get to a bare bones state of the N7 and then slowly add new features/programs to it when it becomes necessary for me. So I would like to remove all non essential parts that were preinstalled on my N7.
I was under impression that I could uninstall programs using N7 UI after device gets rooted. However it seems that for majority of the apps I still only have an option to disable.
I shelled into N7 and looked around. It seems that all (majority?) of the apps are in /system/apps folder. Can I simply remove the apps and their files from that folder? Does this folder only contain user apps or does it also have system apps that are essential for N7 to function? Is there a chance to brick it by removing something (everything?) from that folder?
I searched on a forum for a list of apps that are safe to remove. I thought it would exist since it seems to be something many of us would be interested in doing. I didn’t find the list. If there is such a thing and someone could direct me there, it would be great!
Given that I can remove apps by deleting them from that folder safely, I still have a question what each app does and how important it is. Is safe to assume that any app that has a wheel with a drive belt on it as an icon in apps screen on N7 is system app and has to stay?
I have two keyboard app installed – one is Android keyboard and one is ASUS keyboard. Judging by the name 2 of these are essential since Android is the OS and ASUS is the manufacturer. But do I really need two of them?
If there is a resource/thread that discussed something similar, please let know. I look forward to learn from anyone on this forum! 

_Diver said:
Hi, a new guy here!
I recently became a happy owner of 32Gb wi-fi only N7. I’m familiar with software dev (windows developer for 20 years with some work on unix) and customization/modding/flashing process (mostly for satellite receivers). However this is my first tablet and my first Android device so I could use some help 
I successfully unlocked, rooted and installed custom recovery on my N7. I would like to get to a bare bones state of the N7 and then slowly add new features/programs to it when it becomes necessary for me. So I would like to remove all non essential parts that were preinstalled on my N7.
I was under impression that I could uninstall programs using N7 UI after device gets rooted. However it seems that for majority of the apps I still only have an option to disable.
I shelled into N7 and looked around. It seems that all (majority?) of the apps are in /system/apps folder. Can I simply remove the apps and their files from that folder? Does this folder only contain user apps or does it also have system apps that are essential for N7 to function? Is there a chance to brick it by removing something (everything?) from that folder?
I searched on a forum for a list of apps that are safe to remove. I thought it would exist since it seems to be something many of us would be interested in doing. I didn’t find the list. If there is such a thing and someone could direct me there, it would be great!
Given that I can remove apps by deleting them from that folder safely, I still have a question what each app does and how important it is. Is safe to assume that any app that has a wheel with a drive belt on it as an icon in apps screen on N7 is system app and has to stay?
I have two keyboard app installed – one is Android keyboard and one is ASUS keyboard. Judging by the name 2 of these are essential since Android is the OS and ASUS is the manufacturer. But do I really need two of them?
If there is a resource/thread that discussed something similar, please let know. I look forward to learn from anyone on this forum! 
Click to expand...
Click to collapse
I don't have the energy right now to address every app one at a time, but I'll nudge you in the right direction. That should help you start tinkering.
The Nexus 7 is very popular in this community because it's intentionally more open, and less bloated, than much of the competition.
That being said, sure there are apps you could uninstall if you decide to. Some of the custom ROM's will have probably already have done this for you, but may create little unexpected quirks here and there.
The first thing you'll want to do is backing everything up thoroughly. I would use Titanium Pro (you'll see it referred to as Tibu a lot), to backup all apps and settings. Then I would use the Google Nexus 7 toolkit (found in the forums here) to do a backup, as well as make a nandroid backup.
Ok, so you're ready to tinker. Well, if you bought Titanium Pro from the app store, you've already got all you really need. First, use titanium to freeze an app you don't feel you need, and don't think is required. Re-boot, go about your daily routine, and see if all is ok. Continue on in this manner. Once you've frozen everything you're interested in, and made sure all is well, you can probably go ahead and uninstall them through Tibu. Freezing them should generally make them not start up anyways, so unless the tiny amount of space they take up is a concern, that's really all you generally need to do *.
* Ok, sometimes you have to fully uninstall things you don't want, but this should get you plenty to tinker with for now.

bladebarrier,
Thanks for your response. I understand the approach you suggested – disabling apps one at a time and then when they all disabled and device is working to my liking for a while I could uninstall them.
However, I’m somewhat frustrated with a sheer number of apps that I have out of the box and I can’t find a good description of what they do. For example:
Mobile Network Configuration
Google Partner Setup
Google Services Framework
Searching online doesn’t yield definitive answers if it’s something I need or will N7 work without them. I have google play store and google play services installed – does store app require services? Reading a bit about it doesn’t make it seem so, but I’m not 100% sure. So I was wondering if there is a list of apps that are required for N7 well being and that cannot be removed no matter what.
For example, Black Viper has an excellent example of what I’m looking for but for windows nt services: (can't post a link)
This page explain what each service is, what it does and if it’s safe to disable it depending on configuration you’re seeking – minimal set, typical, out of box of experimental. I would love to find something like that for N7 system apps 
I installed CWM recovery when I rooted and as far as I can understand I does NAND backups. I plan on moving the backup file from the device to my desktop and keeping it there for safety reason.
The Tibu process that you described, as far as I understand (and I might be wrong here) is basically equivalent of disabling the apps using native N7 setting app, rebooting, using it for a while and then removing .apk and .odex (or simply app_name.*) files from system/apps folder. Tibu just makes it easier. Did I get that right?
And it’s still removing one app/widget at the time. I’d like to clean it out completely first and start from that point. So Tibu will probably not help me there. So my main Q is still out there – can I brick it by removing everything from system/app? Are there only user apps there or essential system apps as well? With CWM back up file on hand will I be able to recover if my experiment goes bad? 
> * Ok, sometimes you have to fully uninstall things you don't want, but this should get you plenty to tinker with for now.
One of the reasons I want to have them removed is to clean up the list of apps I have on N7. Right now I have 5 pages of apps and I have little idea what they do and if I need them – I had Korean keyboard installed for example.
As I mentioned I’m a newb in this area, so maybe my approach is a bit dumb, so please be patient with me

_Diver said:
bladebarrier,
Thanks for your response. I understand the approach you suggested – disabling apps one at a time and then when they all disabled and device is working to my liking for a while I could uninstall them.
However, I’m somewhat frustrated with a sheer number of apps that I have out of the box and I can’t find a good description of what they do. For example:
Mobile Network Configuration
Google Partner Setup
Google Services Framework
Searching online doesn’t yield definitive answers if it’s something I need or will N7 work without them. I have google play store and google play services installed – does store app require services? Reading a bit about it doesn’t make it seem so, but I’m not 100% sure. So I was wondering if there is a list of apps that are required for N7 well being and that cannot be removed no matter what.
For example, Black Viper has an excellent example of what I’m looking for but for windows nt services: (can't post a link)
This page explain what each service is, what it does and if it’s safe to disable it depending on configuration you’re seeking – minimal set, typical, out of box of experimental. I would love to find something like that for N7 system apps 
I installed CWM recovery when I rooted and as far as I can understand I does NAND backups. I plan on moving the backup file from the device to my desktop and keeping it there for safety reason.
The Tibu process that you described, as far as I understand (and I might be wrong here) is basically equivalent of disabling the apps using native N7 setting app, rebooting, using it for a while and then removing .apk and .odex (or simply app_name.*) files from system/apps folder. Tibu just makes it easier. Did I get that right?
And it’s still removing one app/widget at the time. I’d like to clean it out completely first and start from that point. So Tibu will probably not help me there. So my main Q is still out there – can I brick it by removing everything from system/app? Are there only user apps there or essential system apps as well? With CWM back up file on hand will I be able to recover if my experiment goes bad? 
> * Ok, sometimes you have to fully uninstall things you don't want, but this should get you plenty to tinker with for now.
One of the reasons I want to have them removed is to clean up the list of apps I have on N7. Right now I have 5 pages of apps and I have little idea what they do and if I need them – I had Korean keyboard installed for example.
As I mentioned I’m a newb in this area, so maybe my approach is a bit dumb, so please be patient with me
Click to expand...
Click to collapse
Removing Google framework services is a big no-no. To be honest, the easiest way to accomplish what you want is installing a custom ROM like CyanogenMod, especially since you've done all the prep work for such a thing.
Once you install any official CM build it is as close to app-less as you can get on a modular OS like this.

littleemp said:
Removing Google framework services is a big no-no. To be honest, the easiest way to accomplish what you want is installing a custom ROM like CyanogenMod, especially since you've done all the prep work for such a thing.
Once you install any official CM build it is as close to app-less as you can get on a modular OS like this.
Click to expand...
Click to collapse
that's what i suspected! i thought that google framework would be something essential, but there is not much easily available information there to arrive at that conclusion
since i'm new to this, i thought i should stay away from any rom flashing until i get a bit more familiar with a device, terminology and stuff like that. i'm looking at the "[ROM] CyanogenMod 10.1 [OFFICIAL]" thread and i'm not sure about half of the terms - GAPPS, PSA, Nightlies i do know what ROM is, I do know what kernel is, virtual machine, etc. But it's applied to the platform that I have little experience with, so it makes me a little bit uneasy

_Diver said:
bladebarrier,
Thanks for your response. I understand the approach you suggested – disabling apps one at a time and then when they all disabled and device is working to my liking for a while I could uninstall them.
However, I’m somewhat frustrated with a sheer number of apps that I have out of the box and I can’t find a good description of what they do. For example:
Mobile Network Configuration
Google Partner Setup
Google Services Framework
Searching online doesn’t yield definitive answers if it’s something I need or will N7 work without them. I have google play store and google play services installed – does store app require services? Reading a bit about it doesn’t make it seem so, but I’m not 100% sure. So I was wondering if there is a list of apps that are required for N7 well being and that cannot be removed no matter what.
For example, Black Viper has an excellent example of what I’m looking for but for windows nt services: (can't post a link)
This page explain what each service is, what it does and if it’s safe to disable it depending on configuration you’re seeking – minimal set, typical, out of box of experimental. I would love to find something like that for N7 system apps 
I installed CWM recovery when I rooted and as far as I can understand I does NAND backups. I plan on moving the backup file from the device to my desktop and keeping it there for safety reason.
The Tibu process that you described, as far as I understand (and I might be wrong here) is basically equivalent of disabling the apps using native N7 setting app, rebooting, using it for a while and then removing .apk and .odex (or simply app_name.*) files from system/apps folder. Tibu just makes it easier. Did I get that right?
And it’s still removing one app/widget at the time. I’d like to clean it out completely first and start from that point. So Tibu will probably not help me there. So my main Q is still out there – can I brick it by removing everything from system/app? Are there only user apps there or essential system apps as well? With CWM back up file on hand will I be able to recover if my experiment goes bad? 
> * Ok, sometimes you have to fully uninstall things you don't want, but this should get you plenty to tinker with for now.
One of the reasons I want to have them removed is to clean up the list of apps I have on N7. Right now I have 5 pages of apps and I have little idea what they do and if I need them – I had Korean keyboard installed for example.
As I mentioned I’m a newb in this area, so maybe my approach is a bit dumb, so please be patient with me
Click to expand...
Click to collapse
Tibu requires root access, in order to perform what we're discussing. I'm relatively new to JB, but I can't imagine any stock settings replicating its capabilities.
As far as a whole bunch of apps being in your list, that's sort of the way Android works. Think of it like "superfetch", or whatever that term was in Windows Vista. Basically, two things happen when you boot. Android looks at a list of apps that are designed to start on boot, and also apps that it expects you may want to run in the future. Both of these are designed to make the device run smoother overall, and it will kill apps if extra ram is required and they are not in use. Certain Android apps require themselves to run at all times. Some of these are apps like Tasker (if you're using tasker profiles), some of these are system apps that make the device function, some of these are apps that maintain widgets or background monitoring (weather apps, gmail, calendar).
Now, there are two ways to go about sorting what is bloat, and what is there because Android decided to load it. You can install an app called Autostarts, that will give an insight into apps that start up when certain criteria are met. You can also use it to stop those apps from queuing up at those trigger points. This is another root required app, and while I purchased it long ago, may have a free version as well. It's time consuming to use, and not perfect, which is why Tibu is better for flat out locking down unwanted apps.
Back to my initial thoughts though, you will see apps in your system list that you haven't touched since boot, because Android tries to anticipate your needs. People used to use "task killers" to close the apps, and came to realize that unless one is causing a real problem, it's just going to go back into the cached app list again anyways, thus reducing battery life when it has to load it over and over again. "Task killer" is a dirty word around XDA, unless you're using it to close an app that doesn't just go into the background like a good little app should.
Basically, you're going to start playing whack-a-mole if you want your list to remain as small as possible, at all times, and yet still actually use the device for anything interesting. You can reduce it, via various methods, and if this were a device from say "insert-name" brand, and was loaded with bloat apps, by all means you should clean those out. However, I think you'll find that while google does install things that aren't needed, or even used by everyone, it's mostly not a big issue.
Check out Better Battery Stats, in the XDA forums. It's an app that shows a pretty good picture of what is actually going on when you're not looking, and can provide data on how to improve your performance. It's probably a better way to start delving into what processes are actually being used, and which ones are just basically harmless. You'll also learn a good bit about how Android works from the Dev's explanations of many of the processes.
---------- Post added at 08:36 PM ---------- Previous post was at 08:32 PM ----------
_Diver said:
that's what i suspected! i thought that google framework would be something essential, but there is not much easily available information there to arrive at that conclusion
since i'm new to this, i thought i should stay away from any rom flashing until i get a bit more familiar with a device, terminology and stuff like that. i'm looking at the "[ROM] CyanogenMod 10.1 [OFFICIAL]" thread and i'm not sure about half of the terms - GAPPS, PSA, Nightlies i do know what ROM is, I do know what kernel is, virtual machine, etc. But it's applied to the platform that I have little experience with, so it makes me a little bit uneasy
Click to expand...
Click to collapse
Make sure whichever ROM you use, if you decide to, supports your HSPA+ model. There is a separate development section in the Nexus 7 forums, for those of us that have the HSPA+ version. We are the minority, as the Nexus 7 was initially released as a wifi only tablet.

bladebarrier said:
Tibu requires root access, in order to perform what we're discussing. I'm relatively new to JB, but I can't imagine any stock settings replicating its capabilities.
Click to expand...
Click to collapse
i do have SU privileges, so what i was talking about was disabling an app thru N7 setting screen and then when i deem the app ok to remove, going to adb shell and removing the actual file.
i just did this:
mount -o remount rw /system
rm iWnnIME_Kbd_White.apk
rm iWnnIME.apk
and it removed the japanese keyboard. however when i go back to app screen under settings, i still see it but now it has a grey icon with a SD symbols in the corner. so it appears it recognizes that the app is gone, but it's still referenced in the list. i pushed the files back using NRT and it all back to the way it was. so looks like my idea of cleaning the list by removing the apk might not fly.
and now I wonder how Tibu uninstalls the apps.
bladebarrier said:
People used to use "task killers" to close the apps, and came to realize that unless one is causing a real problem, it's just going to go back into the cached app list again anyways, thus reducing battery life when it has to load it over and over again.
Click to expand...
Click to collapse
I understand the notion of apps being in the cache and being removed when more RAM is needed, however the purist in me just doesn't want the junk apps to be there in first place However there is a lot of validity to these of your words:
bladebarrier said:
Basically, you're going to start playing whack-a-mole if you want your list to remain as small as possible, at all times, and yet still actually use the device for anything interesting.
Click to expand...
Click to collapse
My wife got Kindle Fire HD recently and she's been using it happily. While I was thinking why would anyone want a closed up system (well, more closed up system then Nexus), she's been using it and I've been frustrated with my N7 so i might just let it go and enjoy the japanese and korean keyboards anyway
bladebarrier said:
Make sure whichever ROM you use, if you decide to, supports your HSPA+ model.
Click to expand...
Click to collapse
i'm wifi only

ngshniq every
i think i found what i was after: http wiki.cyanogenmod.org/wiki/barebones (url modified since i still can't post urls). this wiki page has the list of app with a short description and if it's safe to remove. it also has additional information that explains why i still saw the reference to the app in the list when apk file was deleted:
looks like i need to pay attention to 2 additional files:
/data/system/packages.xml
/data/system/packages.list
i bet I would find a reference to the apps in these and i would need to remove it in order to have the app disappear from the app list. i'll play around a bit more and report back

One thing, could you explain your reasoning behind wanting to delete everything but the essentials? Do you have a particular goal in mind or is it because of your windows background? Because if so, you should know that android operates very differently when compared to windows, and such, the requirements to keep your device working in tip top shape vary greatly.
In my opinion, with your current limited knowledge of each process/app inner workings, what you're trying to do surefire way to break something beyond repair and needing to use a factory image to get back to zero. A custom ROM will be much safer and yield the exact same results that you're looking for. (Eventually, once you understand what each thing does, then this manual approach could satisfy your needs)
Note: GApps are the basic Google apps to flash on top of the barebones system. Gmail, Play store, and the framework.
Nightlies are experimental builds compiled nightly by a bot with the latest CyanogenMod code available.
Sent from my Nexus 7 using Tapatalk HD

My goal was to simplify my approach to N7 by removing anything that I don’t need now and slowly adding all necessary components as I get familiar with it. But it seems at this point that this approach is a bit more complicated as thought it would be.
So I think I would leave it alone for now and revisit this later 

_Diver said:
My goal was to simplify my approach to N7 by removing anything that I don’t need now and slowly adding all necessary components as I get familiar with it. But it seems at this point that this approach is a bit more complicated as thought it would be.
So I think I would leave it alone for now and revisit this later 
Click to expand...
Click to collapse
From what you've done manually, you're clearly far ahead of a new user when it comes to understanding linux/unix.
If you want to lock down parts of what google implements, purely to keep it minimalistic, I would agree with the above poster. Go for one of the popular ROM options that are available, like CM, and work your way backwards. The Nexus 7 only has as much bloat as you allow it to have via the settings. This is another reason why Better Battery Stats is an excellent way to make sure your device isn't draining battery, yet isn't locked down. The other day I noticed an app that kept fetching my position, even though the case was closed (magnetic sleep mode). It turned out I forgot to disable the tracking in google maps (why it was defaulted to ON, I have no idea). BBS showed me what was running during the sleep phase, and I fixed it when I woke up the next morning after wondering why my battery dropped.
The Kindle Fire is a great option, because it doesn't require any of this fussing about. My woman loves hers. LOVES IT. Personally, I like to tinker a bit, and I'm too invested in Android apps to not have access to the play store. The Nexus 7, is for people like what you find here. We like to tinker, and make everything custom. At the same time, you could spend all day trying to figure out why EntriesRefresh_wakelock is your highest partial wakelock count, at 60seconds per 7 hours, or you can find that you just went 7 hours and only used 6% of the battery, even though you've been connected to wifi, texting, emailing, and checking the weather and news, the whole time. Not bad, honestly.
The biggest investment you can do for your Nexus, is probably getting a case that magnetically puts it to rest when you close it. After that, learn about the settings that drain battery in the background. Then, get Tasker and play around that (it's like programming, without the need to learn the code). After that, go to a custom ROM, or dig out Tibu, and basically start customizing which apps you will use. If that doesn't pass the time long enough, you can literally make your own ROM and put together exactly what you want. Whether the performance will be that much better or not, and whether you'll spend most of your day trying to look for coding errors, is up to you. I don't have the patience to code, but you're a coder, so what is broccoli to me, may be bacon to you.

[Q] Nexus 4 (or Android in general) Privacy from Google

Hi,
Is it possible to completely stop information leakage to google from my telephone, such as contacts or even aps purchased?

Oxy20 said:
Hi,
Is it possible to completely stop information leakage to google from my telephone, such as contacts or even aps purchased?
Click to expand...
Click to collapse
some options:
work without google apps! most custom roms come without it! GApps package is a additional zip!
many custom roms included privacy manager from cm. you define what the app is allowed to. for example read contacts yes or no
In AOSP Android (I think since 4.3 or 4.2) is app ops included. It's like privacy manager with detailed options.
hope it hepls. What rom you are using?

carepack said:
some options:
work without google apps! most custom roms come without it! GApps package is a additional zip!
many custom roms included privacy manager from cm. you define what the app is allowed to. for example read contacts yes or no
In AOSP Android (I think since 4.3 or 4.2) is app ops included. It's like privacy manager with detailed options.
hope it hepls. What rom you are using?
Click to expand...
Click to collapse
I am on 4.3 stock ROM. The phone is unlocked and rooted.
I tried CM Rom as part of 2 way call recording patch trial but had to revert back to ROM due to stability problems. But the problems were due to the trial nature of the patched ROM http://forum.xda-developers.com/showpost.php?p=45730852&postcount=47 I tried rather then general CM problems. So I suppose could try a stable, up to date version of CM ROM.
I suppose without Google Play I can not have paid apps like skvalex call recorder? If I have to leak some info to Google can I ensure no call details, contacts, calendar etc are shared / backed up etc to Google?

Oxy20 said:
I am on 4.3 stock ROM. The phone is unlocked and rooted.
I tried CM Rom as part of 2 way call recording patch trial but had to revert back to ROM due to stability problems. But the problems were due to the trial nature of the patched ROM http://forum.xda-developers.com/showpost.php?p=45730852&postcount=47 I tried rather then general CM problems. So I suppose could try a stable, up to date version of CM ROM.
I suppose without Google Play I can not have paid apps like skvalex call recorder? If I have to leak some info to Google can I ensure no call details, contacts, calendar etc are shared / backed up etc to Google?
Click to expand...
Click to collapse
try a look at here:
http://www.androidpolice.com/2013/0...ager-control-permissions-for-individual-apps/

Technically yes, but practically no. Even if you stop now, you probably have used Google services in the past and they already have those info. Even if you do not use Google apps, there are lots of way for your phone to connect to Google server (various core Google apks). Lots of apps and websites use Google Analytic as well, although that info is supposed to be anonymous, or apps that utilize Google services in some way or purchased apps that required verification. You basically have to micromanage the permission of every app and this isn't exactly easy and is time consuming, slips up are easy too.
My recommends are:
Most effective: Be lke Richard Stallman, stop using internet completely, except for devices that isn't your. Don't use telephone at all. Have no WiFi running in your house and remove your address from Google Maps, then move to South Georgia and the South Sandwich Islands.
Less effective: Don't use 'gapps' and Google apps at all. You can use Amazon AppStore to download apps. Or use Firefox OS or Ubuntu Touch instead.
Less effective alternative: Use permission management. There are many ways to do this. Android 4.3 have AppOps and there are shortcut apps to let you access to the hidden menu, however it's not very convenient to use. It's better to use CM or SlimRoms which in addition have the Privacy Guard toggle feature (Settings -> Security-> bottom of list). SlimRoms let you turn it on for installed apps by default. It blocks access to contacts and location. I'm not sure if it block network and phone IDs info though.
For more refined permission management, there is the Xposed Framework module called XPrivacy. It has a high learning curve and blocking the wrong permission will cripple your apps or make it not working. There is also LBE Security Master and OpenPDroid, but I much prefer XPrivacy.
You can also use AFwall+ which modify the Linux kernel's iptables to block internet connection, this is the most assured method to block internet connection access for apps imo.
If you still need to make use of Google apps or services, such as facelock and photosphere, but want to avoid installing 'Google services framework', you can use these gapps packages and not install the core package. Keep in mind, 'Google services framework' is important for connecting to Google server and without it some 'find your phone' apps won't work like Cerberus.
You can see if your phone is connected or syncing to Google server by the color of the WiFi icon color, gray means no, and blue means yes.

I have always wondered about why someone would buy a smartphone, Android or iOS and then worry about security? Why not just buy a simple TracPhone or something similar?
Not trying to knock on anyone, just wondering.
Sent from the Far Reaches Of The Earth!

[Q] Virus or Android now Untamed?

Hello Good People of XDA
I have been a i9506 owner for quite long, had a 9100 before,
I am used to root and mess with apps to customize things to my wim,
at the best of my knowledge (I lack android programming skills, but I can do things with terminal and filesystems).
All that before to say I am not totally a noob, but my lack of technical knowledge might bite me there.
System wise, I am under 4.2.2, rooted, unknow sources are not allowed, system check for apps is allowed,
I have an antivirus (more than one, but only one works each day, just to be sure I don't miss things)...
My problem is that I recently found out that some apps, actually system apps, blocked
with Titanium backup, or with gemini app manager, or app quarantine,
were actually running anyway.
They are marked as blocked in my app manager, but can still be force closed,
and they appear in battery displays (most of these under the android system block, in the list of services/apps used),
and in process running when using Ccleaner apps.
Also, my battery display show GPS is activated, while when I go into options, all boxes are off or unticked.
I thus wonder what's happening?
How is it possible to have these schrödinger apps tamed and blocked like I want them.
I want these to shut down and only work when I DO ALLOW these, for them not to suck my battery or do unauthorized chores like tracking me when I don't want.
How is it possible that they even behave like that? In i9100, I never observed that in Android 4.0.
I wonder if Google didn't change the workings for making us unable to disactivate what we don't want to work, which was pissing them off.
They already change the permissions displays in the market so permissions as intrusive as "contacts/sms message/USB stockage" are considered "not relevant/important",
while they are depending on the announced display of the app.
But I don't want to go on the "conspiracy route" (I am not like that, I am a pragmatist and I just observe facts, like these apps, with sensitive access, not being able to be deactivated), so let's focus on the technical part:
such apps were Maps, Samsung sync adapters, NFC service , Google Agenda/Contact synchronisation, sysscope, context provider, etc.
That's a lots of things that are supposed to communicate to cloud or other devices, with feels lot like a gaping flaw in the armor...
I want a phone and a tool, not something that track me or put me at risk of being stolen by somebody with technical knowledge.
Am I alone?
Thanks for any insights.

Blocked apps still working
I don't know if my title was too unclear, so I would like to change the title but am unable to do so?
Is it please possible for a moderator to do it (with the title of this post)?
Thanks by advance.
I feel like it is a true problem not being able to block some apps,
or even more, to believe they are blocked while they perfectly perform in the background,
and display activity only in secondary reports, not under their respective "buttons"/information tabs.
I wonder abourt the technical reason to such behavior.

Then delete those apps or block some of the permissions with an app (eg Privacyguard).
It's my opinion that an antivirus app (at the moment) is a waste of resources. Just think before you install something. Also if you are worried about security, you should always run the latest version of Android. 4.2.2 is an old version.

Lennyz1988 said:
Then delete those apps or block some of the permissions with an app (eg Privacyguard).
It's my opinion that an antivirus app (at the moment) is a waste of resources. Just think before you install something. Also if you are worried about security, you should always run the latest version of Android. 4.2.2 is an old version.
Click to expand...
Click to collapse
Thanks for your answer.
Well I don't want to delete system app when they might be useful at time.
I just want them to behave correctly, that is, not work when they are blocked.
That is not a solution to say "uninstall this", while the true problem is Android general behavior here.
I didn't installed system apps, they came with the thing, and all of them are not bloatware.
"NFC service" is something I want to keep for when I am ready to use it,
but I don't want to let it free and unleashed because of the opening it leaves on my phone.
Same goes for bluetooth, synced backups and so on.
I don't want backups on the cloud, so I deactivated the options, and blocked the apps.
Why are they running? It is not normal!
And my old version is maybe not secure, but actually trying 4.3 hasn't changed anything,
and I only suspect this to be some "new feature".
The antivirus is a waste for scans, I agree, still it has useful firewall features that justifies in itself its uses.

Setting up CyanogenMod with maximum privacy (no more Google)

I'll try to make it as simple as I can.
Here is what I want:
CyanogenMod with root privileges
Full control over which app, service or system component can access my data and the Internet.
(at the moment for instance I can't alter the "network access" privileges of my apps)
Safe to use speech recognition software
Safe to use, sophisticated navigation software
My questions:
Is that even achievable without a ton of work?
Is there a simple way to flash CyanogenMod without pre-installed bloatware? (e.g. Google apps, Skype, Cortana, ...)
Which tools should I use to make sure that apps can only access what I want them to?
Is there speech recognition software for Android that doesn't require Internet access?
Is there a navigation app that is capable of using the offline maps of Google Maps without requiring an Internet connection?
(e.g. Google Maps makes itself useless if you don't update from their servers every 30 days)
From your experience, do apps refuse to work when you deny certain privileges?

ferivon said:
I'll try to make it as simple as I can.
Here is what I want:
CyanogenMod with root privileges
Full control over which app, service or system component can access my data and the Internet.
(at the moment for instance I can't alter the "network access" privileges of my apps)
Safe to use speech recognition software
Safe to use, sophisticated navigation software
My questions:
Is that even achievable without a ton of work?
Is there a simple way to flash CyanogenMod without pre-installed bloatware? (e.g. Google apps, Skype, Cortana, ...)
Which tools should I use to make sure that apps can only access what I want them to?
Is there speech recognition software for Android that doesn't require Internet access?
Is there a navigation app that is capable of using the offline maps of Google Maps without requiring an Internet connection?
(e.g. Google Maps makes itself useless if you don't update from their servers every 30 days)
From your experience, do apps refuse to work when you deny certain privileges?
Click to expand...
Click to collapse
Dude- You should start developing your own rom in this case.
But consfused here and at this point i think you dont know.
CyanogenMod & Cyanogen OS
Assuming- when you said, cortana etc etc--- i think you are on cyanogen OS.. Which is the original OS for 1+1.
1- To achieve, you need to work.
2- Some optimized COS builds in XDA one android dev section- try a search. but not latest 13.1.2-ZNH2KAS3P0. Root using SuperSU. and use system app uninstaller to remove apps you dont need. Some debloater zips also lurking around in XDA. If you install CyanogenMod, then no need of gapps flashing if you dont use google account.
3. you can stop background data for the apps you dont want. Settings in most roms.
4. Speech recognition can be used offline after u download all languages of your choice. Not 100% and dont use it.
5. Try Maps.me. i didnt know google map needed to be force updated every 30 days unless some one restructures the entire landscape and routes.
6. Certain apps refuse to work if you dont grant permission. yes. its like telling some 1 without hands to eat from hand,.
:good:

Thank you so much for your reply. I indeed did not know that there is a difference between Cyanogen OS and CyanogenMod. But if I understood you correctly, CyanogenMod comes without gapps. (I hope it also comes without Google Play Services?)
The offline speech recognition you linked to seems to be from Google. I bet it will require Google Play Services and an Internet connection after some time, just like Google Maps does and I'm really afraid of that.
I might give Maps.me a try, but I think Google Maps still has by far the best most detailed and correct maps especially when it comes to POIs.
I would consider using official Google Maps, if there was a 100% safe way to wipe all the data the app collects before I allow it to update the maps. Alternatively, maybe I could download the apps from a second device and just copy the map data over to my main device every once in a while.
An even more crazy approach might be to spoof the time/date data for Google Maps so that it thinks the 30 days haven't been reached yet.
But I would still be very concerned about Google Play Services. Would microG be sufficient for my purposes to replace Google Play Services?
edit:
Okay, I have a rooted CyanogenMod without gapps now on my OPO.
edit2:
I have Xposed with modules "Xprivacy" and "Per App Hacking" installed now.
Xprivacy is an app permission manager and "Per App Hacking" can be used to spoof the system time an app will see. Hopefully I'll be able to fool Google Maps with it.
edit3:
I have microG installed now. Hopefully this will be enough to run Google Maps.
I really need to make sure I understand Xprivacy before that though.

My recommendations:
1. I recommend full device encryption with long and secure boot password and easy to use pin lock screen password. Here's more info: http://forum.xda-developers.com/general/security/guide-separate-passwords-encrypted-t3048072
2. Get an email address from a provider that respects user privacy i.e. Riseup. https://riseup.net/
This is one the most important things to do if you don't want google / yahoo / microsoft scanning your email for surveillance / marketing purposes.
3. Use apps from F-Droid. It's an app "store" for open source apps.
4. Always use Afwall+ to have control over which apps have access to internet. Even better if you use Afwall with combination of Orbot. This way you can route some apps through tor (need a custom script though). Orwall does the same thing more easily.
5. Instead of closed source Supersu, use open source superuser http://forum.xda-developers.com/android/software-hacking/wip-selinux-capable-superuser-t3216394
6. For maps I recommend openstreetmap. Download Osmand from F-Droid. It has navigation too.
7. For cellbased location provider, use unified location provider found from F-droid. It's connected to microg projects.
8. For encrypted SMS use Silence from F-droid (recipient needs the same app if you use encryption).
9. For encrypted instant messaging use Conversations (XMPP client) from F-DROID. Or Riot (which will soon have strong encryption).

Hey tofu thanks for your answer, I appreciate it!
I'm only really concerned about my phones software spying on me.
About the email thing: I'm running my own email server for that.
But I'm still looking for a way to anonymously creating a google account without providing my phone number.
I'm using F-Droid already and it's great.
I'll never go back to the play store that's for sure.
And for anyone else reading this, please don't touch the amazon app store, it's pure poison.
I'm also using AFWall+ already, but I'm not satisfied at all. The creator doesn't really seem to care about ensuring that no data gets leaked ever. I read a lot of reports that data was being leaked every once in a while, especially during system boots.
This is really scary to me... I'd really like to have a safer firewall.
Blocking Internet/networking permissions directly just causes apps and the system to become extremely unstable. I soft-bricked my phone like 5 times while playing around with it the last few days.
I was not aware supersu was closed source. I'll switch to the open source alternative soon.
I just installed OsmAnd~ and I'm not very satisfied. Navigation was ok, the tts voice was absolutely terrible and I wasn't able to find a single POI, I wouldn't even be surprised if it would fail to find the next McDonald's to my place. Google Maps just seems completely unmatched to me.
And about that: I was actually able to get Google Maps running without Google Play Services installed and I was able to successfully use it offline, spoofing the system time for that app, so that my maps would never become outdated. I notices a few downsides though, for example it only works for car navigation (bicycle mode etc are not available). After completing the installation of all the microG components I wasn't able to get it to work anymore though (I couldn't download the offline maps, because I couldn't enter my google account data anymore...).
But I'll figure out how I did it and go with Google Maps then.
To complete the microG installation I installed unifiedNlp with GSMLocationNlpBackend.
For encrypted messaging I'll probably be forced to stay with WhatsApp, as I can't possibly convince all of my friends to switch. But hey at least WhatsApp claims that your messages are end-to-end encrypted.
But obviously WhatsApp will always know who I know... that problem seems pretty much unfixable to me though...
I have btw also tried to get Google Now (speech recognition) to work offline. But I was unsuccessful. I have read reports of others getting it to work for literal voice to text applications... it won't take voice commands though. So that's not very useful... unless there was a way to define your own voice commands somehow.
But my biggest worry at the moment really is the firewall. I feel like there is nothing that you can really trust to work reliably.
And also the fact that Xprivacy can't restrict file access to certain folders... it's either all or nothing.
The worst of all might actually be IPC though (inter process communication) which a lot of apps require permissions for. And from what I understand any app with that permission could use another app as a sort of proxy to access the Internet.

I'm using a Google-free device with maximum privacy, so maybe I can not answer all your questions but I can give you an idea. First of all - disclaimer: I'm here because my girlfriend has an Oneplus One (OPO), but I do not have one. I use her old Nexus 5 (N5), but you will get the general idea. You already noticed there is a difference between CyanogenOS (COS) and CyanogenMod (CM). It also took me a while to figure out that difference. If you still have a stock Android in your OPO, it should be a COS 13.1 which is based on Android 6.0.1 and comes with alot of bloatware from Google and Microsoft.
1. First step is to find a suitable ROM for your needs. If you are used to COS and have not much experience in chosing custom ROMs, you should give CM a try. Here is the official wiki which includes Download links and installation instructions: https://wiki.cyanogenmod.org/w/Bacon_Info
2. The 2nd step after installing CM is the full device encryption, can be found in Settings > Security. If you do it on a clean phone without any apps and data it only takes a couple of minutes and chances of breaking stuff are low at this step.
3. Now I usually root it (with SuperSU) and install some magic which is called XPOSED framework. It's something which allows you to install modules on your phone on system level, not like an Appstore, but rather like a Tweakstore. There are a lot if chances you break stuff and most of the modules do not work with CM, however, one module to beat them all is the XPRIVACY module. It gives you back full control on everything. You can manage App permissions, you can fake permissions or if apps do not want to run with your set of permissions, you can even feed fake data (like wrong GPS signals, etc.). Read more here. http://repo.xposed.info/module/biz.bokhorst.xprivacy
4. F-Droid, yeah, the one open-source repository for your new apps. I'll install it at this point.
5. Now, that the device is flashed with CM, probably rooted and with a custom recovery, you have to flash a stock recovery again and lock the bootloader. Stock recovery because it does not allow any malicious party (hacker with physical access, police, intelligence services, etc.) to deploy any code to your phone which compromises your privacy. Locked bootloader is important to disallow any malicious party to boot anything they want which also compromises your privacy.
And this is pretty much what you need to get started, a rock solid environment free from Google. Make sure you have a strong PIN, I also use randomized screen locker, so people can not "observe" the way you enter your PIN.
For encrypted calls and SMS there is Signal, but that does not work without Google services and LibreSignal, the Websockets version, was discontinued just recently. For encrypted IM use ChatSecure rather than Conversations. Both are XMPP clients, but Conversations does not allow you to import or export OTR keys, which is very annoying for an Jabber client. For not so sensitive chats, I use telegram.
Finally, not having Google Play and Google Services available, makes the experience a totally different for the android device. Apps like Snapchat which do not require Google, but still do for some unknown reasons checks for Google, wont run. Also, a lot of apps work without Google, but you can't install them without downloading suspicious APKs from dubious websites. Be very carefull from where you download and install software if you can not find what you need in F-Droid.
I hope that helps you for your considerations.
---
Edit, one more final note. I also use OsmAnd and have to say it never let me down on any occasion (except when I forgot to download the maps before going somewhere remote without internet). The geodata quality is excellent in most urban areas, but the interace and usability are a mess. If you find your way around in the interface, the navigation works out pretty well. I sometimes have issues calculating very long routes, but you start to live with that.

Thanks for your input 5chdn! Most of the stuff you mentioned it already on my phone.
I made some progress yesterday and I'd like to share my current configuration:
All the apps I mention in this post are (at the time of writing) available in F-Droid, unless stated otherwise.
Everything I mention in this post is free and open source, unless stated otherwise.
Recovery Image: TWRP
ROM: CyanogenMod
'Apps' that have to be flashed:
SuperUser (this roots your phone which means you can grant root access to apps)
Xposed (provides a lot of important privacy tools)
Apps:
F-Droid (app store that provides free open source apps)
AFWall+ (manage which app can access the Internet)
Autostarts (manage triggers that apps can use to start themselves)
AdAway (can remove ads from apps)
Xposed Modules:
BootManager (manage which apps can start on boot)
Xprivacy (manage/spoof app permissions for privacy)
Safely using Google Maps offline permanently:
Please note: Google Maps is not open source.
Install microG (open source alternative to Google Play Services)
The installation complete installation consists of:
'microG Services Core' (aka 'GsmCore') (app)
At the time of writing this app is NOT available in F-Droid. This app also automatically installs 'µg unifiedNlp (NO GAPPS)' for you.
'microG Services Framework Proxy' (aka 'GsfProxy') (app)
'FakeGapps' (Xposed module)
'FakeStore' (app)
'XposedGmsCoreUnifiedNlp' (Xposed module)
'LocalGsmNlpBackend' (app)
'NominatimNlpBackend' (app)
'µg unifiedNlp (NO GAPPS)' (app) (will be installed automatically!)
Install 'Per App Hacking' (Xposed module)
Use this module to spoof the system time/date that Google Maps sees e.g. to '2016-10-14 10:00' so that offline maps don't become outdated. The feature to spoof the time is called 'time machine'.
I would really like to improve what I got so far and share it with the community.
If you know of anything that could help improve privacy please tell me.
I do not mention things like device encryption, passwords, lock screens etc, as these are a separate issue.

why developers are not focusing more in sailfishOS?

I was just wondering why sailfishOS has still really bad apps.
and why is not developers are doing more apps for this amazing OS?
just wondering

it's very simple: no market.
In general you make apps to earn money. perhaps you'll find some developer or group of developers that will port a popular app as a hobby, student project, or simply because they are using sailfish and want an specific app.
so basically, if there is no market, there is no money. therefore no apps

Actually I have just bought xperia 10 plus to move away from toxic android ecosystem (from google to all the app junk), after I have figured out that I could delete 90% of application on my android phone and I would never miss them.
If you are using sailfish phone, you have an option to run apks there is no real need for native applications. Quite frankly in last few years I could hardly find any application that was something that "I have to have". All the really needed applications were added to the first smartphones: email, gps, browser, sms, mms, calls, video player, music player, camera, contacts, text editor, sound recording... and I am already stretching it with last two, I cant remember when I have last time wrote high volume of text on those tiny useless on screen keyboard or had a need to record some sound.
There is one app on android which I will need (access to online banking) and I hope it will work, it didnt work even on my previous android until I have reversed it and change some code to stop verifying for root and safetynet, so it should work here too.
Everything else is... more a toy than useful or actually some security application to prevent all others doing something that you don't want, from rolling ads to stealing data. I am waiting for this mobile application market to slowly collapse, there is no more value in it except maybe games. Everything else is just wasting time in the least constructive way.
And not having market is a huge bonus, if you check sailfish apps (jolla store and openrepos) you will find that you have everything you need for having a great phone, made by enthusiasts not people that want to become rich. And no one is making useless junk as, as valthunder said, there is no market. And this is fine. Actually great.

root said:
There is one app on android which I will need (access to online banking) and I hope it will work, it didnt work even on my previous android until I have reversed it and change some code to stop verifying for root and safetynet, so it should work here too.
Click to expand...
Click to collapse
Great to read about your decision!
For banking apps that require Google Services you could try to tweak your Sailfish Alien Dalvik with Signature Spoofing and a GServices replacement like MicroG.
The SafetyNet replacement here is the DroidGuard Helper that should be installed alongside GmsCore.

eltmosen said:
Great to read about your decision!
For banking apps that require Google Services you could try to tweak your Sailfish Alien Dalvik with Signature Spoofing and a GServices replacement like MicroG.
The SafetyNet replacement here is the DroidGuard Helper that should be installed alongside GmsCore.
Click to expand...
Click to collapse
Naah, I am having my own "cracked" apk build from previous phone, I have removed all checks to root and safetynet and it works fine, no need to change it. Since the app is just front end for web interface it works since forever, I have also removed version matching with server. Took a day or two but worth it
But I have one question: I am trying to integrate xposed framework (last version as there si no boot/recovery img to try with magisk) into system.img (8.1). And same goes for su. Is there any "official" way how to do it without unpacking system.img, adding binaries, repacking it...

root said:
But I have one question: I am trying to integrate xposed framework (last version as there si no boot/recovery img to try with magisk) into system.img (8.1). And same goes for su. Is there any "official" way how to do it without unpacking system.img, adding binaries, repacking it...
Click to expand...
Click to collapse
Following all things sfos quite closely i did not witness anyone get xposed framework to work. (at least no public report) That might be due to sfos users generally are not Android wizards. The matter might still be a low hanging fruit to anyone with deeper knowledge
Whenever rooting/xposed/su is brought up, much more competent guys then me hint at Alien Dalvik just being an AOSP tailored to run inside LXC on non android kernel plus filesystem integration, Intents integration, shared clipboard etc.
quoting my friend olf:
"Jolla uses many modern measures to confine the Android container: at LXC level, with cgroups, firewall rules, SElinux policies etc.
You may configure additional measures at all these levels, it is just a Linux machine and you are the administrator!"
So maybe what you want to achieve practically is even possible using a whole set of different tools then available in Android?
And yes, my vague explanation hinting at me being a simple user having no clue and just putting things together from forum posts is a correct observation