I am asking myself - specifically for the G5 Plus, but probably in a more general sense - where the huge advantages and disadvantages of rooting are, considering that the G5 plus comes with a relativly clean Android 7.XXX and a not an old overloaded android version, which didn't use to have many of the capabilities that Android 7 offers. I know that my questions might particularily overlap with questions in other topics, but for sure not every question, especially specific G5 Plus questions.
Overall I am interested in the topics security and product-experience, if you want to call it like that. I ask myself: Is root still worth losing warranty or is it not? Keywords or keyquestions that cross my mind are:
OTA updates: I guess those won't be possible anymore?
Encryption: Will it still work and increase security if the phone is lost?
Backup functionality, especially in combination with cloud services: Is there something like -backup my whole phone down to the very core on some google server (best proteced with a password and some AES256 encryption)- so that I can restore it some day in an easy manner? How would you backup your phone and settings, etc. with and without root?
Safety: What could happen if I lose my (bootloader unlocked and) rooted phone: Will someone be able to read my passwords (e.g. google...) and other sensitive information directly from the phone, even if it was locked, in the moment I lost it? What is the worst thing that could happen?
Root Functionality: How does the root access / superuser specificly work, e.g. if I'd accidentally install an app or similar, which might contain a virus: Is an app like this instantly capable of messing my whole system or will I be able to manually confirm specific security related changes, especially system changes, that an app might try to do? With other words: Does root mean that the system will be wasted by even the tiniest mistake or is there some security buffer?
Unlock Bootloader only: Is it an option (or make any sense to you) to just unlock the bootloader and install a the G5 Plus TWRP recovery without rooting the phone and does this give any advantages or is this just a totally nonsensical option, which is maybe not even possible? If I got it right, rooting does not necessarily need to reset the phone in any way, while unlocking the bootloader enforces to do a reset, right? In this context I was also asking myself if unlocking the bootloader (now that I don't have wasted precious time on customizing my phone, yet) right now is a useful option (without any disadvantage besides losing the warranty) and if I ever experience the necessity to root, I will only need like 2 commands and it is done - without having to reset my phone again?
Root Must Have: Is there any specific functionality or reason - you would say - one should definitly root the phone for, as it is a must have functionality, which would be locked without root?: I only have virtual examples, e.g. if Nougat would prevent me from changing the volume to a level higher than 50 % and the absolute exclusive possibility to change this was to get root access. Another example , although really not that critical one, could be: I noticed that I am only allowed to install 5 different finger prints... root could give me the possibility to install infinite finger prints?
Feature Loss: Does one lose some other neat features or functionality that is usually provided by Google or Motorola if the phone is not rooted but not possible anymore if it is rooted?
Third Party Trust: How can you people trust the TWRP Backup or custom ROMs? Don't you fear that there might be a virus or trojan horse within?
Best regards and thanks in advance for your patience with a newbie
No response?
172 view, no answers :-/. Guys tell me: Is it due to the length of the text? Is it something else? I could split it up in several questions, but I though that this would be unwanted.
And I will be thankful for every help on either of the bold buzzwords, it is not like you need to comment on everything
Must have for me: correct timestamps when moving or copying files using TC. Only possible with root.
Unlock only: yes makes sense. Unlock is the part where you lose all data, and then you can use fastboot boot to make backup. Rooting itself should not lose any data, so it is advantageous to unlock early. Root has time.
Lost functionality: on most devices using Magisk 12 you can pass SafetyNet, which means you can use Android pay, play Pokemon go etc, but the apps trying to detect root/unlocked devices get changed and may not work anymore at some time. Probably you will have lost this possibility when starting with unlocked bootloader and need to install Magisk to get green SafetyNet. Magisk hides the unlocked bootloader.
OTA: do a backup of boot partition before rooting, do no modifications on other partitions than data, cache and boot and you should be fine restoring boot partition to do OTA. It's easy to overlook some app using root to write system, logo, recovery, something, but backup should help. Or install complete firmware, then OTA is possible again.
Note: I do not have the device, just saw the questions which have the same answers for all current Motorola Android devices - you may search in general forums or forums for similar devices for answers
OTA updates: if you are rooted you have tempered with the system partition and therefore ota are not easily installed
Encryption:it is possible to wipe the phone and use if you are unlocked
Backup functionality Google already does backup some settings natively. you can still do an adb backup even without root
Safety: if they are techies they know how to access files via twrp etc. but worst thing is they just wipe it and use the phone
Root Functionality: root gives some apps access to the system partition which is not possible normaly. if you installe some dubious app which wants access to root to mess with your system you are lost.
Unlock Bootloader only: you need to unlock the phone to root it. by unlocking your phone is wiped clean. than you can root it. the advantage of installing twrp are the "easy backups" and installing custom roms or even root. there are no real advantages or disadvantages anymore. earlier you had to unlock/root/install custom rom to have some extra functionalities but android did mature and has most functions built in
Root Must Have: there may be some system limits which you can bypass with root like headphne volume limit, reading wifi passwords or/and having systemwide adblock. I personally do not see a benefit anymore. I used to root for having system-wide adblock but I can achieve it with rootless apps like adguard.
Feature Loss: you will lose android pay. you can not use some apps like mario run or pokemon go. you will lose OTA feature.
Third Party Trust: actually I dont know. with the custom rom base growing I only trust official lineageOS as it is review by many people before building. therefore the chance is reduced to have some spyware feature in it
I too would like to know, has the source code to ANY custom ROMs been reviewed by third party to verify no malicious code?
Although I worry that some ROMs could violate my data privacy, root is something that I simply cannot willingly go without - if I don't have root access, it's simply not *MY* phone, it's a phone that is configured to someone else's [some company's] desires and priorities.
I'm disappointed that the built in tethering does an "entitlement" check - AFAIK it's actually illegal (or, at least against contracts the companies signed with the FCC) for the cell phone provider to attempt to control what a user does with their allotted amount of cell data. Yes, the cell provider company can decide how MUCH data you are allowed based on what plan you pay for, but they are not supposed to restrict HOW you use YOUR data. Therefore, I demand unrestricted "tethering" from any smart phone that I use.
There are other apps I like to use that require root access: Root file explorers, Titanium Backup, Smarter WiFi Manager, Greenify/Servicely etc., but most of all, I CANNOT STAND the intrusive obnoxious awful ads which seem to be prevalent these days! A good ad blocker is an absolute must! The blame rests squarely on the shoulders of the websites which allow such awful advertisements such as "pop behind" windows and particularly, ads which cause the web page scroll to constantly keep jumping away from what you are trying to read making the site basically unusable. There is also lately a prevalence of "click bait" ads/links which brings you to malicious/obnoxious websites which popup dialogs trying to stop you from closing the web page or navigate away - they put up big flashing red letters and say things like "We have detected a virus on your computer do not close this window or your passwords will be stolen and your data lost" and when you try to close the page it keeps popping up a dialog making it difficult. Sorry, but, such ads simply can't be tolerated - even this [xda] website sometimes has unpleasant ads, or at least there were times when I really regretted turning off my ad blocker when visiting this site in the past, that is for sure!
I usually use a "custom ROM", I miss exposed very much, but, I suspect there are too many malwares in the xposed repository these days? (I'm not sure of this, just suspicious).
I like to be able to change the color of my status bar clock to green and position it in the center as that is easier for me to use (see it quickly when I want). However, the standard launcher is far too limited in how customizable it is, so I use a combination of Nova Prime (requires root for some features) and Chronos Weather/Clock/Calendar widget which puts a larger clock right in the upper middle of my desktop so I turn off the status bar clock (Nova Prime feature, one that requires root).
Oh, and I like to use a custom "System Font", I'm not sure if we can do that without root? It really makes the phone feel like MY phone and look (and operate) how I want it to.
critofur said:
[...]
I'm disappointed that the built in tethering does an "entitlement" check - AFAIK it's actually illegal (or, at least against contracts the companies signed with the FCC) for the cell phone provider to attempt to control what a user does with their allotted amount of cell data. Yes, the cell provider company can decide how MUCH data you are allowed based on what plan you pay for, but they are not supposed to restrict HOW you use YOUR data. Therefore, I demand unrestricted "tethering" from any smart phone that I use.
There are other apps I like to use that require root access: Root file explorers, Titanium Backup, Smarter WiFi Manager, Greenify/Servicely etc., but most of all, I CANNOT STAND the intrusive obnoxious awful ads which seem to be prevalent these days! A good ad blocker is an absolute must! [...]
[...]
Click to expand...
Click to collapse
Could you explain the entitlement check a little further? Does it mean that with the current Android version and an unrooted/locked G5 plus it is impossible to use the Smartphone Mobile data connection, e.g. on a notebook via wifi tethering? This would be a real argument to root.
Did you try adguard, as ckret suggested? Is there a huge difference between an adblocker with root or an adblocker like adguard without root on the phone? I basically assume that with nougat it is possible to grant apps access to almost anything (except for root) - including to block features other apps use, e.g. advertisements. But I am actually not sure.
Maybe ckret knows more on this aspect, as he seems to know both adblock concepts - the rooted and the unrooted one with adguard?
Comparing DNS66 (local DNS server without root) with adaway (root):
+ You can select blocking per app with DNS66, adaway modifies hosts file which always is valid for all apps and system services
- You can not use another VPN while DNS66 is active
- You need to disable VPN under Nougat while using Download Manager (bug in Nougat, for all VPN services)
Personally I have root, but use DNS66. I don't need adblock when connecting to my computer at home (that's when I need to use another VPN) and am using Marshmallow ATM, but probably would continue using DNS66 when on Nougat. For PlayStore there is a workaround implemented, and if some download fails I'd know I need to disable VPN.
This is why I only said Total Commander copying timestamp is my only real killer app (besides Titanium Backup) which makes me need root. Android O is supposed to change the behavior implementing SDCardFS which shall allow setting timestamp without root.
sky-head said:
Could you explain the entitlement check a little further? Does it mean that with the current Android version and an unrooted/locked G5 plus it is impossible to use the Smartphone Mobile data connection, e.g. on a notebook via wifi tethering? This would be a real argument to root.
Did you try adguard, as ckret suggested? Is there a huge difference between an adblocker with root or an adblocker like adguard without root on the phone? I basically assume that with nougat it is possible to grant apps access to almost anything (except for root) - including to block features other apps use, e.g. advertisements. But I am actually not sure.
Maybe ckret knows more on this aspect, as he seems to know both adblock concepts - the rooted and the unrooted one with adguard?
Click to expand...
Click to collapse
adaway:
adaway replaces the hosts file in your system with a custom hosts file which redirects some requests to 127.0.0.1 which results in ads not being shown
since it is deeplevel change of the hosts file the app requires root to change the file
pro:
* ads are blocked when resources are requested
* it is system-wide and everything is checked on demand
con:
* system slows down with big hosts file as every request must be checked everytime a site/app is opened
* if a wrong request is blocked your app/site might not show/work at all since it is a system-wide check
adguard:
this app has two different ways of blocking ads
vpn: a local vpn server is created on the system and all requests are rerouted through it. works the same way as adaway but without a root access.
pro:
* rootless method
* you can create a bypass for different sites/apps
con:
* you can not use a 2nd vpn connection while the app is active
* it may use a bit more battery as it creates a server but this should be negligible
proxy: this is nearly the same as vpn just you should be able to use a vpn connection
so big pro and con for me is that i do not have to reroute all apps through the adblock check
important apps (banking e.g.) are free to use the connection without being rerouted.
I know it might seem like a stupid question, but how often (and for which reason) do you use/need a(nother) VPN connection?
Does this also mean things like tethering or a WLAN access like eduroam - or is this something different?
I am actually not sure if I ever needed VPN on my smartphone
sky-head said:
I know it might seem like a stupid question, but how often (and for which reason) do you use/need a(nother) VPN connection?
Does this also mean things like tethering or a WLAN access like eduroam - or is this something different?
I am actually not sure if I ever needed VPN on my smartphone
Click to expand...
Click to collapse
you need a vpn connection if you want to access the intranet without being physically there
e.g. intranet of a company to access emails or if you are a student and got some special tool/e.g. which can only be accessed through the university connection
most times you will only use vpn on a notebook or pc but I hardly doubt most people will use it on their phones
ckret said:
you need a vpn connection if you want to access the intranet without being physically there
e.g. intranet of a company to access emails or if you are a student and got some special tool/e.g. which can only be accessed through the university connection
most times you will only use vpn on a notebook or pc but I hardly doubt most people will use it on their phones
Click to expand...
Click to collapse
... exactly what I was thinking about it. I've never been needing a VPN on my phone. On the notebook I need it on a regular basis, thats true.
I should have been asking "I know it might seem like a stupid question, but how often (and for which reason) do you use/need a(nother) VPN connection on your smartphone?", to state my question more precisely.
Using AVM Fritzbox as router makes it possible to use the standard phone via SIP. This only does work when you're in your intranet, directly or via VPN. Also I need to access my documents on my computer, my media library at home, to configure the router and more and therefore I use VPN on a regular basis. Yes, I do these things using the smartphone. But when using VPN, I do not need adblock.
Related
Sorry to be so dense, but I have no idea what this is.could some one explain please. Isit similar to jail breaking of an iphone?
Because I already have downloaded games on my phone that I should of paid for and the it works perfectly fine.
Sorry for the dumb question again
alpystar said:
Sorry to be so dense, but I have no idea what this is.could some one explain please. Isit similar to jail breaking of an iphone?
Because I already have downloaded games on my phone that I should of paid for and the it works perfectly fine.
Sorry for the dumb question again
Click to expand...
Click to collapse
Google banned you or what? O_O
http://android-dls.com/wiki/index.php?title=Why_Root#You_never_know
Well "rooting" can be considered like jailbreaking but their are a few key differences (I have rooted and jailbroke before). Since Android offers many of the features iPhone doesent offer without jaybreak, rooting and Android allows the user to access many of the hidden features like setting the speed of the CPU. Rooting also allows custom roms to be installed on your phone. Roms are basically a moded version of the software your phone runs. A popular type of Rom called "Cyanogen" is available for a wide variety of Android devices. Rooting also allows free wireless tethering to your phone. What that means is that your phone emits WiFi and and of your WiFi powered devices such as an ipod or laptop can connect to it. Since rooting allows full user access to the processes of the Android phone, you warentee is also voided. But if you know what you want and how to keep your phone running then give it a shot. If you are new to the field rooting I would read more about it and how to fix it in recovery mode if you want to unroot your phone. I hope this helps.
Sent from my ADR6300 using XDA App
Its a reference to the underlying linux system, and goes back to Unix. Root was the primary user or superuser, and so root level access was the key to full admin control.
Your phone by default presents you with a limited user access, generally for your own good, by protecting access to files and folders you shouldnt normally access. Rooting refers to achieving full unrestricted access to the phone, thus enabling you to go beyond the normal user and start mucking about under the hood.
Quick question, since i stumbled upon this thread:
- Have there been cases of attempts at rooting carrier locked phones that resulted in bricks? Or is it generally safe to root carrier locked devices (if any Frenchies see this, i'm talking about SFR, Orange... more specifically.)
Cheers
Hello,
Our school district is looking into getting some Android Powered Tablets for us, the techs to use. We need to be able to lock them down (school policy and if the teachers eventually get them), from app installs to wifi usage. We have iPads restricted using the iPhone configuration tool.
anyways, I found online the Device_Admin code/api but I have no idea how to implement it or get it to work. In Android 2.2 there's the option under Settings/Location and Security to set the Admin but nothing is in there.
I have no idea how to code and neither does the other guy I'm working with on this. Is there an easy way to get this setup and configured so we can manage Android Devices on our Network?
Any help would be appreciated. Thanks.
Do you mean this API: http://developer.android.com/guide/topics/admin/device-admin.html ?
As far as I understand it allows to manage password strength, lock timeout, immediate lock and device wipe only. So no restrictions for "app installs, wifi usage" etc. Maybe I'm wrong.
IF that's all it does then maybe that's not what we want.
Is there software/API..etc... that we can use to "lock" the devices down?
Interesting question, could you specify exactly all features you need?
We're thinking to develop some kind of parent control app for Android, so your request for app is looking very similar.
Correct me if i'm wrong, but isn't locking down an android device pretty much impossible?
You can lock down the ROM (probably) but that wont stop someone flashing a custom recovery image, backing up the data, then flashing a new ROM (provided the tablet can be rooted).
To fully lock it down wouldn't you have to lock the bootloader and recovery image so that they need a password to be used? I'm not sure that's possible.
We're not so much looking to completely lock down the device. Honestly if the Teachers get these I doubt they'll try and mod the Bootloader or load ROM's. But we are looking to, if the teachers get them and even other techs get them to use we want to lock them down in a way that prevents them from install unapproved apps, restrict purchasing apps and accessing Wifi/Marker.
We have 10 or so iPads in our district, they are locked down by a policy we push to the pad when WE set them up. It restricts the App Store, removes Safari Browser and doesn't allow app install. It also uses our LightSpeed browser settings so that they can't get to "naughty" or other such sites.
After quick research it seems that you need custom ROM or at least rooted phone where standard browser, market etc are removed and some configuration parameters are hard coded. Also keep in mind that there's no lightspeed guide browser app for android, only for ipad, iphone. I would say there's a lot of work.
The question is more along the lines of what's the benefit of installing a custom rom? or rooting the device. I'm an iphone user right now, but i've been following this forum and reading posts cause I definitely wanted to buy an android and this is the one im getting. I was gonna get the GS3 and I understand why you would wanna install a custom rom on a GS3 (to get rid of touchwiz and have stock android) but what's the benefit of having a custom rom on an already stock android cellphone like Nexus 4 or Galaxy Nexus. :fingers-crossed:
Options and more control over the phone. Ability to over clock/under clock.
Titanium Backup, Light Flow, ES File Explorer, Ad Block... a few other awesome apps that need root to work..
This question is hardly specific to the N4. But a quick Google search will yield you lots of reasons and/or benefits if you will.
Sent from my GT-I9300 using Tapatalk 2
Customizability. You can make the phone fully yours, have it run how you want it to run, to include faster or more efficiently. In theory, anyone can learn to dev and make exactly what they want their phone to be. Though in practice we usually just settle for whichever devs' preferences match our own, and are extremely thankful that somebody made it happen.
Consider my sister's phone, actually a nexus S, unrooted. I'm on a galaxy S and I'm running the 4.2 camera and keyboard. I showed those to her and she was so stoked, but she refuses to root, so I can't install them on her phone.
There is considerably less reason to root with such a device as this, but you do need root access to install some really cool and useful apps, especially Ti Backup as mentioned above. Don't forget that rooting is nothing like jailbreaking, as the latter is way more intrusive, that is, jailbreaking can indeed potentially render the iphone less stable. However, root access is simply elevated rights to the ROM (system) partition. But, you don't really need it. Just enjoy the phone and don't sweat the need for it.
Indeed. I think people equate rooting to jailbreaking but it's very different. Even with root access, apps need permission from you to run at root level. The first time you run them a message will ask you if you want to grant them permission (you can then tick an 'always allow' box for that app). If anything nasty tries to run at root level you will be prompted about it and if you aren't expecting it, you can just deny it.
I have rooted every android device I've owned, mainly for apps like Titanium Backup, AdFree, Game Guardian but also for customisations like different status bars or modded system apps.
You don't NEED to root, Android is more open than iOS out of the box. For example you can have different keyboards, messaging apps, diallers, alarms, calendars, navigation etc without needing root.
Basically gaining full access to the system. Some "programs" require modifying/accessing the system stuff. The best root app I think of is Tasker, which allows you to create almost any scenario to associate with an action. For example, disable sync between 12am to 7am, also mute all notifications. Also, if you open Maps/Navigation/tracking applications, automatically turn on GPS and turn off GPS when you exit. Also, when I plug in earphone ask to open either Phone app or Google Music. Also search for wifi ssid, if it matches my school's wifi, then connect to wifi and turn the phone to vibration. When leaving school turn off wifi and turn on ringtones. If ssid matches home's ssid, then disable lockscreen, turn on ringtone and connect to my home wifi. All of those require root access.
It's the same as the root access as in any other Linux system. Think Administrator privilege on Windows. However, it does come with some risk of others accessing your information/password. But as others have said, be careful about which app you grant root access. I only grant root access to those well-trusted apps.
coming from an iPhone, you wont really need root access. you can still do much more than iOS without root. I don't think you should also be getting into customization and stuff as a new android user, as the Nexus 4 is already stock android. Just enjoy the stock experience and you can root later once you have more knowledge of android and want to start doing more complex tasks.
AdFree and DroidWall. Along with many other things like flashing ROMs.
jsapp said:
AdFree and DroidWall. Along with many other things like flashing ROMs.
Click to expand...
Click to collapse
AdAway ftw
I'm hoping someone can point me in the right direction after spending a day reading about mobile phone security. I'm still confused as to what an app can do and how I can limit access. Some answers or a point in the right direction for more information would be helpful.
Apps that are granted permission "Modify/Delete SD Card" can pretty much read/write anything on my device? Could an app go through my sd card and see files, for example, music, movies, other data from different apps; file names/content? I have about 35 apps running on my phone with this access. I'd rather not leave it to "how much I trust the developer" and have some means to limit access to data.
I don't keep national security secrets on my nexus but there is work and personal information that is sensitive and I wouldn't want shared. It looks like if I use android to encrypt my data it only encrypts the /data folder and there doesn't seem to be much in there.
What about securing contact and calendar data? Is this possible? Not as critical as guarding my file data, but still important to me. Thanks.
Yes, files on the external sdcard are not protected, I.e. all apps which have the right to read/write sdcard can read/write everything there. One reason is just the filesystem type: on FAT you don't have access rights. On internal /sdcard it's a bit different, because it's using ext4 as a filesystem, so principally not all apps can read everything, but also here you have the problem that for example the camera, the gallery app, ... need access to the same files and directories. So at the moment you need to trust the apps in a certain way or not to install it at all.
Sent from my Nexus 7 using xda app-developers app
While it is difficult for someone with limited tech experience, it is plausible to protect your data with measures like XPrivacy or PDroid.
However, if you're looking for an answer without jumping through a few technical hoops, there aren't many good ones unfortunately. The best bet is as you already suggested, that is to be smart about where you browse the net, and only install trusted apps. Always think twice and review permissions carefully for any app even if it's from the Play Store.
And don't forget encryption only works similar to a house door. It's only good if you keep it locked. But if you let the bad guys into your house (i.e., installing a naughty app), it doesn't protect you much. It only keeps them out so long as you don't let them in (physical access). P.S. I'm assuming you're talking about the stock android encryption not actually having individual encrypted files on your device if not then ignore this paragraph (although I'm sure some will disagree that even having SHA-512 AES encrypted files with a extremely complex and long passwords is still not enough to protect data once a malicious user gets their hands on that file.)
Even on the internal SD card, it looks like once I give an app access to "modify/delete" the entire sd card is exposed; did I understand that correctly? It looks like grant access to everything or nothing.
After reading this:
http://appanalysis.org/
It seems that even trusted developers can't be trusted. I don't consider myself a novice user but I'm really surprised at how exposed the data is on phones and tablets. Its like leaving money on your front porch and hoping it isn't too tempting for someone to walk though a broken gate and grab.
Any idea what WP, iOS or BB10 offer in the way of data protection?
TheAltruistic said:
While it is difficult for someone with limited tech experience, it is plausible to protect your data with measures like XPrivacy or PDroid.
However, if you're looking for an answer without jumping through a few technical hoops, there aren't many good ones unfortunately. /QUOTE]
XPrivacy looks good, might be worth rooting for that app.
I'm not as concerned with an app downloading files and using a high level attack on my data. I am concerned about an app where the developer decides to go through my contacts, photos, and files which are unlocked and easily viewed. Then sell the data to whomever that can do whatever. No effort required, no ability to know the data was even accessed and no ability to lock the data. I think like most things, if there is more than a slight effort needed to access the data, they'll move on to something else.
I see Google offers encryption but I can't find information on exactly what is encrypted and if I install an app with say permission to contacts does that give them encrypted access to all contacts? For example, a program that can add a contact via sms I don't want to allow it to read all my contacts, just add a new one.
Maybe Android isn't the right platform for me.
Click to expand...
Click to collapse
mgerbasio said:
TheAltruistic said:
While it is difficult for someone with limited tech experience, it is plausible to protect your data with measures like XPrivacy or PDroid.
However, if you're looking for an answer without jumping through a few technical hoops, there aren't many good ones unfortunately. /QUOTE]
XPrivacy looks good, might be worth rooting for that app.
I'm not as concerned with an app downloading files and using a high level attack on my data. I am concerned about an app where the developer decides to go through my contacts, photos, and files which are unlocked and easily viewed. Then sell the data to whomever that can do whatever. No effort required, no ability to know the data was even accessed and no ability to lock the data. I think like most things, if there is more than a slight effort needed to access the data, they'll move on to something else.
I see Google offers encryption but I can't find information on exactly what is encrypted and if I install an app with say permission to contacts does that give them encrypted access to all contacts? For example, a program that can add a contact via sms I don't want to allow it to read all my contacts, just add a new one.
Maybe Android isn't the right platform for me.
Click to expand...
Click to collapse
Heh don't give up. To be honest at least android tells you when it grants a program certain permissions unlike some other OSes where you're in the dark in terms of security.
As far as I know, and I'm assuming we're talking about the same thing, the type of encryption Android offers only prevents people from gaining unauthorized access to your data if your device is mounted or accessed when your lock screen is up. (I'm sure someone will correct me if I'm wrong--please do). But if your device is not password protected (e.g., you set lock password to lock every hour and they get it when it's unlocked) then your data can potentially be compromised.
This encryption does not, however, protect your data as you're browsing the internet, or running apps like facebook.
If you're looking for something to protect your data from say facebook finding your GPS location without your permission, or accessing your contacts and doing God knows what with it, then XPrivacy and PDroid (links above) is your answer, and I'd say that's awesome.
I may not play around with an iPhone / iOS enough, but I'm confident enough to say that they don't offer the same privacy protection even from Cydia that you can get from communities like here on XDA. Perhaps for iOS users, ignorance is bliss?
Click to expand...
Click to collapse
TheAltruistic said:
mgerbasio said:
Heh don't give up. To be honest at least android tells you when it grants a program certain permissions unlike some other OSes where you're in the dark in terms of security.
Click to expand...
Click to collapse
Thanks again. I appreciate the comments.
All I'm really looking to do is prevent an app downloading all my contacts, photos, movies, files, etc. I have some work data on my tablet that isn't confidential but it is what I would call sensitive. Actually, I rarely use external memory, mostly just use in internal sd card.
It seems all the "good apps" grab more permissions than they need or, the permission they do need to operate gives them way more access than I'd like. I'm not so concerned that I'd start using Tor or duckduckgo, but just trusting a developer with an open door to data is more than I can to leave to chance.
From what I've been reading the sandboxing in iOS and WP provide good security and in BB you can remove permissions from apps; BB10 is still the most secure if you can believe the internet articles. I'd like to see Google make it more clear as to what encryption actually allows and prevents.
There seems to be apps that button up a lot of holes, like photos, but there still are gaping holes.
Click to expand...
Click to collapse
Hi guys,
Any progress? I use PDroid on my smartphone and find it unnerving to see how much and how often data is accessed not only by third party apps but by Google itself. With PDroid you can restrict permissions without bricking the app because it can provide fake data rather than none. I have to say that I am not entirely happy with it though. I hope that Firefox OS will have success in stopping the appification of our devices. Data wise, it is much safer to use web-based services than app-based services.
I think Google's Android is so successful with developers (also) because they can gather so much data. Our smartphones are unfortunately "data gold mines" for the ICT industry.
If you have any progress in improving privacy, safety and security of the Nexus 7 than I'd be happy to read about it.
Hello xda
I turn to you, as I have great trouble in my project.
I work at a beer distributor / wholeseller in Denmark.
We have 8 trucks and a few vans.
We are in process of upgrading our ERP to Dynamics Navision and for that we need new hard-terminals for our drivers.
We want to go next-level and our hand-terminals will be on smartphones using an app / service called Movilizer.
In theory, it should work on any distro and phone.
I am now in the process of finding the correct setup, so that these work phones stay professional and won't be used to install various apps or tampered with.
Through a contract with our phone-company, we've got 11 Huawei P9 Lite - these are the subject of setup.
Now for my challenges:
I want anti-virus on the phones, for good purpose and I plan on using ESET.
I want to support the phones in the field and I plan on using Teamviewer for that.
What I am in search for is the following:
Block use of various non-work-related stock apps
Block the ability to close the apps I install (so they won't close Teamviewer, for example)
Block install or uninstall of any app.
Million-dollar wish: I would love to be able to deploy that automaticly - most perfect would be through a MDM or by cable to a computer through some software.
I am open to rooting and even flashing roms.
I have tried Cisco Meraki MDM, but the blocking didn't seem to go into effect.
I hope someone has some experience to share - I have used the last week trying out MDMs and configuring them.
Heck, might just be me being a noob. But trust me, I've tried :/
Kind regards,
Christian Sjobeck
To block any apps you can use Greenify, witch hibernate every app you want and has the automatic hibernation function. It is one of my favorite app, and with root and Xposed framework, it is very fast.
To uninstall every app, even system app, I use Link2SD witch has a couple of function including uninstalling system apps. It is simple and fast.
To keep the apps you want, there should be already a whitelist in EMUI where you add the apps that you want to protect.
Hope to be helpful
Hello Potato997
Thank you a lot for your recommendations.
It gives me something to persue.
Do you have any recommendations for pin locking the apps I install? (Anti-virus, mdm, teamviewer for example) it would be prevent changes in settings.
Would it be viable to set one phone up with everything (app whitelisting, system app uninstalls, pinlock, etc.) and then do an android backup and restore that onto the other phones?
For easy deployment, instead of manual handling.
In CyanogenMod and AOSP based ROMs the pin to open the apps is already integrated in the system, I don't know on EMUI since I'm on RR.
For the backup, if the phones are the same model you can do a backup in TWRP and restore it on every phone so you only have to set up the phone one time
They are needed, unlocked bootloader, custom recovery and root.
the problem with pinning apps in cyanogenmod, is that you can only pin 1 app, and it will stay on the foreground untill it's no longer pinned (kinda like a kiosk mode). and the whitelist in emui only prevents the apps that are whitelisted from being closed automatically, but they can still be closed by the user.
without creating your own rom, i think most android phones won't be able to fulfill your needs