Develop Bugs

[TUT] Android Security

This thread is meant for all new Android Users, unsure about the security of their phone and their personal data in this operating system.
Please feel free to contribute all kinds of security related information (anti-virus, firewall, theft protection but also viruses, data harvester apps...).
The structure of this thread:
1. Common Sense / Permissions
2. Security Software
3. Dangerous Software
4. FAQ
1. Common Sense / Permissions
In contrast to what you might be used to from Windows Mobile, Android informs you about the permissions, an app requests, when installing it, either through the Android Market or through an .apk file.
It is important to read these permissions and be reasonably suspicious, when an app requests permissions, that seem inappropriate. But some common sense is also needed to understand that some apps need permissions, you cannot understand immediately.
Here is an example of the permissions, you have to accept before installing an app:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
What do these permissions mean?
I will not list all the permissions here, some are self explanatory and for everything else, you can read up on them here.
In general, you can trust Google with all their apps and permissions. Voice Control apps and Siri clones also in general require a lot of permissions, which makes sense, as they should be able to call your contacts, send emails and sms, etc. Install those apps only by developers you trust!
1.1 Permissions you can do nothing about
- Hardware controls, such as disable sleep mode etc.
mostly required by games, that want to keep the display on. Nothing to worry about.
- Write to your sd card
Apps that edit files (e.g. photo editors, office apps, ...), download files (Dropbox, Download all files, Wallpaper or ringtone downloaders, ...) and games, that require additional data to be played (e.g. Gameloft games or other graphics intensive games) need to be able to write files to your sd card, either after you created those files yourself or downloaded files.
- reading imei / phone state
many apps require this permission. while, technically, with a security app, you could disable this permission for the apps, it is not such a bad thing.
this permission is needed to identify the phone. commercial software might determine your valid purchase status through the imei.
the phone state also gives apps the possibility to react to incoming calls and go into standby for the duration of the call.
1.2 Permissions that invade your privacy
- access SMS inbox
necessary for Try 'n' Buy Apps (e.g. Gameloft Games), Apps with in-App purchases, and some apps, that require sim identification (whatsapp, Dailyme...)
For everything else, you should be suspicious.
- access contacts/ call logs
necessary for communication apps with contacts sync (twitter, facebook, skype, ...), also every app which has to do with ringtones (zedge, mp3 ringtone maker, ...) and online games, where you can invite friends to play with you (mostly card and board games and MMOs). Everything else might be a data harvester.
- your current location (network based or gps)
necessary for navigation apps, photography apps and communication apps that allow you to share your location.
Other apps, especially games, should not have this permission.
1.3 Permissions that might cost you money
- make outgoing phone calls
necessary for google apps, voice control apps and name lookup/caller id/phone book apps (for Germany dasTelefonbuch, dasOertliche and klicktel).
This permission should generally not be found in games and small info apps.
- send SMS
necessary for apps with sim activation (Try 'n' Buy Games, apps with in-app purchases, whatsapp, ... (see "access SMS inbox")).
For everything else, when in doubt, google the name of the permission or ask here, what it means and whether the app is trustworthy.
So, what can you do about these permissions?
There are basically 2 options:
1. Don't Install an app that seems suspicious for requesting too much information.
2. Install security software to block certain permissions.

2. Security Software
Here we gather general information and reviews on different security apps.
2.1 LBE Security
LBE Security is a very powerful Security Suite. It can be found here (XDA) and here (Market).
It requires root.
With this app you can regulate permissions given to all the apps you have installed. you can set Internet Access (separated by 3G and Wi-Fi), IMEI, SMS, contacts, location... for all your apps. Also, there is an app monitor, that gives you a notification icon for newly installed apps, so you can comfortably set its permissions. Also, it comes with a traffic monitor, that tells you, how much of your monthly plan has been used. Its statistics can also show you, which app used up what amount of traffic and how many calls and sms were caused by each app. Also, besided permanently forbidding or allowing something, you can set it to ask you each time, as you might want to allow an app to send an SMS once (for verification), but not anymore after that.
Forbidding all unnecessary permissions for apps (including Internet), this is the only software I currently use, as, when set up right, it effectively works as firewall, traffic monitor, virus protection and privacy protection.
2.2 ???
As mentioned above, I only use the one app, but feel free to post basic information and/or reviews of other apps, like kaspersky or avg or droidwall or whatever comes to mind and I will post them here.

3. Dangerous Software
In this portion of the thread, I will list all apps, that have been posted as data harvesters, viruses or generally harmful to your device.

4. FAQ
Here we collect the Questions and Answers worth mentioning.

Let me start of with a few questions on specific permissions:
1. Two out of the three Angry Birds versions on the market require "Positioning". I denied this through LBE and it works just fine, I don't see, what the app would need that for.
2. While I understand that the official Facebook app would need the permissions for contacts and Location, I wonder why it wants to read my SMS inbox and sent paid SMS. I also denied this through LBE. Doesn't seem to be necessary.
3. could someone send me the correct names for all the permissions?

This is interesting but it would get far more coverage in one of the general forums.
Sent from my R800i using Tapatalk

that is true. but the information here is meant for new android users, and there are very few around the general section, while i think, that many of the blackstone users just recently started working with android.

Chef_Tony said:
that is true. but the information here is meant for new android users, and there are very few around the general section, while i think, that many of the blackstone users just recently started working with android.
Click to expand...
Click to collapse
I think he means general Android sections of XDA, not just the Blackstone area .
Your tut applies to all Android, y'know?

yeah, I understand he was talking about the "general general section", but again, don't all noobs just look at their own device's sections? I mean, I don't even look into the general sections, only the devices I own and/or moderate. However, I believe there is something to it, so I moved it to "Android General" and back, leaving a permanent redirect, so this thread is found there as well which will hopefully draw some attention and also contributors here.
Btw. if there were several contributions that concern blackstone specific security, I'd be fine with that as well. Most important thing is that someone posts more content for me to add. I'm not exactly an expert on the topic, just wanted it covered because I believe it is important and has come up recently.

Chef_Tony said:
yeah, I understand he was talking about the "general general section", but again, don't all noobs just look at their own device's sections? I mean, I don't even look into the general sections, only the devices I own and/or moderate. However, I believe there is something to it, so I moved it to "Android General" and back, leaving a permanent redirect, so this thread is found there as well which will hopefully draw some attention and also contributors here.
Btw. if there were several contributions that concern blackstone specific security, I'd be fine with that as well. Most important thing is that someone posts more content for me to add. I'm not exactly an expert on the topic, just wanted it covered because I believe it is important and has come up recently.
Click to expand...
Click to collapse
Ah, yes I do get your point as well... But honestly, Blackstone Android is a very small subsection of Android - I just wanted your (honestly well-written) tutorial to reach a larger audience - that's all .

What about a piece on the NSA'S SEAndroid? I haven't really done much looking into it but there is a wiki page over on the selinux site. Although it's more protecting you personal data than anything else I think.
Sent from my R800i using Tapatalk

Great information I recently started doing some research on this subject matter and started a survey over at bit.ly/infolookup I am compiling security related tips that I can then point users too that have questions about their privacy and security.
I second LBE, I also use Droidwall firewall great app and Lookout along with Cerberus for tracking. Feel free to checkout the survey I will also link back to this resource once I have the completed blog posting on my findings.
Thank you.

[Q] JB: "Complete action using" behaviour adding an extra click?

So far the land of JB offers lots of goodies. I'm thinking of staying here but there is one big challenge for me - the new way "Complete action using" behaves. I need to select the app then I need to do an "extra click" to pick "Always" vs "Just once". That's the reverse behaviour from anything below 4.1 that I've seen in may years of flashing. Any chance to set this to reduce that extra click, ie toggle for making an app the default one for the action?
IE. I get a link, I click on it, it prompts me which browser I want to use and if I select Firefox from the list, I'd like the page to open in FF, no extra selection. I go back, out of FF, select the same link, the same list pops up and I select Chrome, again without having to do the extra click "Just once"?
TIA, Marv
GNex with bigxie's [ROM][GSM]Jellybean 4.1 JRN84D

Click always instead of just once...
Sent from my Galaxy Nexus using xda premium

It's the same as it has always been. Just choose the app you want to keep using and click always.
Sent from my Galaxy Nexus using xda premium

DirgeExtinction said:
It's the same as it has always been. Just choose the app you want to keep using and click always.
Sent from my Galaxy Nexus using xda premium
Click to expand...
Click to collapse
No, it's not. I agree with the OP. It is a very annoying and backwards feature. In ICS and below, the menu that popped up, you could click your suitable app and it would know it was "just once" but now we have to click the suitable app and click also just once. I use stuff where I don't want it to always remember, I always want the choice, whether to use Root Explorer or Gallery, whether to use stock browser, or Chrome, and whether to use Google Music, Youtube, or Poweramp (etc. you get my point). And yes, when you're using that many "hotlinks" often enough, it can get very tedious and annoying. Sorry for my mini-rant, it's just stupid. But OP, I think there might be an apk you can flash that will revert it to ICS... or flash an ICS apk over. I will look for it.

This sounds really annoying. I have many apps that I don't set a default, like browser for example I use different browsers all the time so I don't set a default. Its currently just one click. If JB adds a second confirmation pop up then that is really dumb.

anton2009 said:
No, it's not. I agree with the OP. It is a very annoying and backwards feature. In ICS and below, the menu that popped up, you could click your suitable app and it would know it was "just once" but now we have to click the suitable app and click also just once. I use stuff where I don't want it to always remember, I always want the choice, whether to use Root Explorer or Gallery, whether to use stock browser, or Chrome, and whether to use Google Music, Youtube, or Poweramp (etc. you get my point). And yes, when you're using that many "hotlinks" often enough, it can get very tedious and annoying. Sorry for my mini-rant, it's just stupid. But OP, I think there might be an apk you can flash that will revert it to ICS... or flash an ICS apk over. I will look for it.
Click to expand...
Click to collapse
Thank you anton2009 for not only reading my question but understanding it! With 99% of the "smart" users in forums never bothering to read the question I had given up on posting. But I almost always found the answers to my questions before even needing to post one. In this case, I was puzzled no one talked about JB doubling the number of clicks vs ICS and below when one simply wants to run different apps in different situations from the same link. Like you, I test links with different browsers when I develop mobile sites/apps and listen to music with different apps, some times I use youtube to play on my devices, some times I use youtuberemote to beam it to my TV. This "just once" kills me and I'm almost ready to go back to AOKP or give CM9 (now with JB kernel) another run.
If anyone finds an apk, or prop or anything that reverts the Complete action using behaviour, please please pleeeease let me know
Happy Canada Day for those up here and those who celebrate or care.
Marv

I think I'm getting close:
public static final String ACTION_CHOOSER
Since: API Level 1
Activity Action: Display an activity chooser, allowing the user to pick what they want to before proceeding. This can be used as an alternative to the standard activity picker that is displayed by the system when you try to start an activity with multiple possible matches, with these differences in behavior:
You can specify the title that will appear in the activity chooser.
The user does not have the option to make one of the matching activities a preferred activity, and all possible activities will always be shown even if one of them is currently marked as the preferred activity.
This action should be used when the user will naturally expect to select an activity in order to proceed. An example if when not to use it is when the user clicks on a "mailto:" link. They would naturally expect to go directly to their mail app, so startActivity() should be called directly: it will either launch the current preferred app, or put up a dialog allowing the user to pick an app to use and optionally marking that as preferred.
In contrast, if the user is selecting a menu item to send a picture they are viewing to someone else, there are many different things they may want to do at this point: send it through e-mail, upload it to a web service, etc. In this case the CHOOSER action should be used, to always present to the user a list of the things they can do, with a nice title given by the caller such as "Send this photo with:".
If you need to grant URI permissions through a chooser, you must specify the permissions to be granted on the ACTION_CHOOSER Intent in addition to the EXTRA_INTENT inside. This means using setClipData(ClipData) to specify the URIs to be granted as well as FLAG_GRANT_READ_URI_PERMISSION and/or FLAG_GRANT_WRITE_URI_PERMISSION as appropriate.
As a convenience, an Intent of this form can be created with the createChooser(Intent, CharSequence) function.
Input: No data should be specified. get*Extra must have a EXTRA_INTENT field containing the Intent being executed, and can optionally have a EXTRA_TITLE field containing the title text to display in the chooser.
Output: Depends on the protocol of EXTRA_INTENT.
Constant Value: "android.intent.action.CHOOSER"
Click to expand...
Click to collapse
Link
I just need to find where the UI is for the standard activity picker, so we can replace it with an older version
public static final String ACTION_PICK_ACTIVITY
Since: API Level 1
Activity Action: Pick an activity given an intent, returning the class selected.
Input: get*Extra field EXTRA_INTENT is an Intent used with queryIntentActivities(Intent, int) to determine the set of activities from which to pick.
Output: Class name of the activity that was selected.
Constant Value: "android.intent.action.PICK_ACTIVITY"
Click to expand...
Click to collapse
Link

This is how it used to be:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
If just clicking on "just once" bugs you, then geez.
Sent from my Galaxy Nexus using xda premium

I agree it's super frustrating having to do this every time, i had hoped a double tap or something would have been baked in as an alternative.

DirgeExtinction said:
This is how it used to be:
View attachment 1169697
If just clicking on "just once" bugs you, then geez.
Sent from my Galaxy Nexus using xda premium
Click to expand...
Click to collapse
That's exactly how it's always been. You're provided with a list of possible apps and you click the one you like to use that one time. If you find you keep using that one only, you could make this permanent and you're no longer prompted.
The behaviour I was hoping to see in JB4.1 was to still have the list of apps but to have it focused on the one I used the most or the last time. In 90% of the time I'd use YouTube to listen on my devices but in 10% of the time I'll use YouTubeRemote or TwonkyBeam or something else. If the list is long, I'd love to see it scrolled to the point where YouTube is in the middle and has the focus. The "Always" check-mark or selection is not even needed. One could long-touch the app they want to make favorite and be prompted if "Always", "Remove Always" or "Something else" would be the chosen behaviour from now on.
Thanks Android gets lots of attention from smart Devs and I'm sure someone will "fix" this soon.
Marv
I still can't believe Google devs made such a bad choice and probably 4.1.1 will correct this. Butter made tons of stuff smoother and faster but to add a double selection to every app start is baaaad :crying:

I personally enjoy this way of choosing a default app better than previous versions.
Sent from my Galaxy Nexus using xda premium

Could there be legal reasons for this? As I recall, the HTC One X was stopped by Apple regarding a patent on this action chooser when clicking on phone numbers.

Apple "invented" hotlinking it seems (to wich it holds a patent), just like they invented everything since the wheel, and google decided to work around this, as to avoid another pointless lawsuit from apple for something apple didn't even come up with, but holds the patent to.
Sent from my Galaxy Nexus.

Melhouse said:
Could there be legal reasons for this? As I recall, the HTC One X was stopped by Apple regarding a patent on this action chooser when clicking on phone numbers.
Click to expand...
Click to collapse
Definitely a good thought. Does this even solve the problem as a work around? Maybe...

Copearch piger,
We all hear that Apple invented everything... it's ugly. The whole patent thing needs to go away, or I can't go to the washroom at the cottage - the sliding door opener has been there since late 1880-ies but now I know Apple invented it.
Back to my issue - I don't see how this is different in Linux, or even Windows 3.1 from last century. You click on a file with some .ext and you get to choose which app opens it from a list or possible ones and you might select one of them to be the default. I can't think of any other OS where you get the list, have to select the app and yet, have to make one more selection/click to say "just once". It just doubles the effort which was not a goal of Butter.
And to admin how much I hate that behaviour. After 4 days on JB4.1, I flashed CM9-nightly-Jul.1st last night.

Just relax. Once official code is released and custom roms are being created im sure someone will mod it.
DO YOU JELLY?

It seems that opening a new thread about this has caused way more unneeded clicks than you'll ever rack up by this change.

kevinjgray88 said:
Just relax. Once official code is released and custom roms are being created im sure someone will mod it.
DO YOU JELLY?
Click to expand...
Click to collapse
That's what I see happening once the source code is released
Sent from a mostly harmless planet

So, when I was in looking at one of the cards (for train times) I was presented with a number of options (maps, chrome, something else) I clicked chrome (and selected always). What I really wanted to do was select maps!!
Is there anyway to go back and change this for this specific action?

redmongoose said:
So, when I was in looking at one of the cards (for train times) I was presented with a number of options (maps, chrome, something else) I clicked chrome (and selected always). What I really wanted to do was select maps!!
Is there anyway to go back and change this for this specific action?
Click to expand...
Click to collapse
You have to go into the app's (Chrome) settings and clear defaults. This app makes it a little quicker https://play.google.com/store/apps/details?id=pxlib.android.defaultappset

[HOWTO][4.2]Now there's an app for that. Enable Multiple Users in Android

For Android 4.2 Try this:
mildlydisturbed said:
FYI, since I stumbled across this looking for 4.2 and it came up because *not 4.2* is in the title, in case it's not here - 4.2 how to (possibly depending on build)
adb shell
su
pm get-max-users (should show 1)
setprop fw.max_users (some number above 2, I chose 7)
pm create-user someusername here
repeat the create-user as wanted.
That popped up a "Users" tab for me after creating 1 that allowed me to create more.
Your mileage may vary, and I did this on a different device so I may just be useless
Click to expand...
Click to collapse
Or this:
SferaDev said:
For those who doesn't to worry to do it wrong I've coded a app of this procedure.
Link: http://forum.xda-developers.com/showthread.php?t=2187934
See you!
Sent from my GT-I9000 using Tapatalk 2
Click to expand...
Click to collapse
Only bug I noticed was that in order to switch from any non primary user back to the primary(as far as using a visual UI), your lock screen *has* to be in landscape mode. Easy enough I guess so have at it!
Thanks to everyone keeping the info flooding in on this subject. Hopefully KLP will have this baked in for phones as well.
Original Method for 4.1 below:
Been featured on the below sites!
XDA Portal
http://www.xda-developers.com/android/switch-user-profiles-on-jelly-bean/
XDA TV
http://www.youtube.com/watch?v=MLdt973MToM&feature=youtube_gdata_player
Phandroid
http://phandroid.com/2012/08/02/and...but-confirmed-for-future-versions-of-android/
The Verge
http://theverge.com/2012/8/2/3216403/android-multi-user-feature-shown-off-developers-video
AndroidCommunity
http://androidcommunity.com/multi-u...ndroid-tweaks-enabled-in-jelly-bean-20120802/
Android Central
http://androidcentral.com.feedsport...s0Edefinitely0Enot0Efinished0Eyet/story01.htm
Slashgear
http://www.slashgear.com/android-multi-user-support-uncovered-in-jelly-bean-02241519/
OS News
http://www.osnews.com/story/26244/Android_4_1_has_rudimentary_multiuser_support
Phone Arena
http://www.phonearena.com/news/How-...unts-on-a-Jelly-Bean-device-right-now_id33001
Android Headlines
http://androidheadlines.com/2012/08...-multi-user-accounts-in-jelly-bean-video.html
PhoneDog
http://www.phonedog.com/2012/08/03/...r-accounts-on-android-was-a-long-time-coming/
Boxden(?)
http://slumz.boxden.com/f244/androi...-but-confirmed-future-versions-andro-1793277/
Geeky Gadgets
http://www.geeky-gadgets.com/androi...ple-user-accounts-in-action-video-03-08-2012/
DroidDog
http://www.droiddog.com/android-blog/2012/08/root-set-up-user-profiles-in-jelly-bean/
Pocket Droid
http://www.pocketdroid.net/simple-multiuser-environment-hidden-android-41-jellybean/
*Insert Disclaimer Here*
Also, I have navigation bar mod on my 7/30 build of CM10, so ignore those.
This should work on any Jellybean Android 4.1.x ROM built from AOSP, like CM10, AOKP, etc.
Please read this entire post before doing any of this!
This feature is now in AOSP fully as of Android 4.2!!
After reading about the recent discovery of multiple user code being in JB, I decided to mess with it.
Here's a video:
http://www.youtube.com/watch?v=OfHWV_-X3a8&hd=1
Manual method(fun, makes you feel like a hacker):
First, we need to enable this.
Go to Terminal Emulator and type these in:
Code:
su
Code:
pm create-user test
Hint: "test" being the name of the 2nd user. You can change that to a name, or whatever.
Now, we've created a 2nd User on your JB 4.1 device. Hold the Power/Lock button to bring up the power menu, and you should see this:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
From here, you can switch to the 2nd user, which will have a fresh homescreen, and show you the tutorial. Settings are limited to this user, as seen here:
mantian said:
In case someone hasn´t figured out how to rename/change any usename, it's pretty easy.
You only have to go to /data/system/users and edit the "userX.xml" file, where X is the user numer(0,1,2,...). The change the name between and to any other you like. For example, from guest to invitado. Save the file and reboot. It work well for me.
P.S: If you don't know which user number has the one you wanna change, check out the userlist.xml file, which has the same path above.
Click to expand...
Click to collapse
To remove this 2nd user from your phone, switch back to the primary user via the power menu, and go back to Terminal Emulator.
Type this in:
Code:
su
Hint: only if it isn't still running from before
Code:
pm remove-user 1
Hint: primary user in this case is 0, 2nd is 1, so on and so on.
Now you should only have one user, and your Power Menu should not have the ability to switch to a new user anymore.
To double check, go back to the Terminal Emulator and type this:
Code:
su
Code:
pm list-users
Should say:
Code:
Users:
UserInfo{0:Primary:3}
Easy Method:
XDA member Raghav Sood has an app that does all of the above for you.
http://forum.xda-developers.com/showthread.php?t=1824066
At the moment, this isn't extremely usable, ie texts from the primary user's still show in the 2nd test account. But, with the right launcher installed, and hiding the apps from the drawer on the 2nd account, this can still be usable in its current form.
My suggestions:
1.) Label the 2nd user Guest
2.) Use Nova or Apex as the launcher for the Guest user, and hide all of the apps you want(texts, social media, email, etc) from the app drawer.
3.) Setup a security lockscreen on the primary user to prevent Guests from gaining access(each user has different lockscreen settings)
You can read more about this here:
http://phandroid.com/2012/07/31/cod...oid/?utm_medium=referral&utm_source=pulsenews and on their source link.
Feedback:
cdesai said:
http://goo.gl/AnXT7
P.S. - This was done by modifying code in the Settings app, and i did submit the patch to CM Code-Review(http://goo.gl/PU4wQ), it ins't in yet as it's buggy.
We've tested it pretty extensively, and it's insanely broken.
I also submitted a patch to AOSP related to this(http://goo.gl/u0WbN), and it got rejected, due to what i said.
The below line comes a developer at google, who's been working on this since more than a year:
"Multi-user feature is not ready for deployment. Bad things will happen if you use it in its current state!"
Click to expand...
Click to collapse
Roodborstje said:
I have it working om my GSM GN.
I found that in the second account there are apps that I don't have in the primary account, for example: Google Wallet, Play Magazines, Play Books and Play Films. (I'm from Belgium)
Oh, they disappeared as soon as I signed in with my Google account.
If you are on the second user, most of the data from the primary user is hidden (you can not acces it).
For example:
- photo's
- unlocked levels in Angry Birds
- music
- contacts
- google account
- clipboard
- home screen
But there are a few exceptions:
- all the apps are there, as if they were just installed
- the recent apps menu
- the use-app-as-default-setting (I don't know the official name). For example: if you set Apex as default in the Guest account, it will also be default in the primary account.
- your messages (!)
Ps: this was my first post on xda
I hope you find it usefull.
Sent from my Galaxy Nexus using xda app-developers app
Click to expand...
Click to collapse
Sent from Mr. Z's Galaxy S3.

It. just. Looks. So .
Sexy :')
Great tut btw!!! I shall do this
Sent from my SPH-L710 using xda app-developers app

Dude, just awesome! This will come in very handy for my 2 year old! Thanks!

Uploading a video now of it.
Edit: Video https://www.youtube.com/watch?v=OfHWV_-X3a8&feature=youtube_gdata_player
Sent from Mr. Z's Galaxy S3.

this would be epic if this could work.
you could probably make some serious change in the marketplace also lol

Great! Also works in adb shell.

cypressious said:
Great! Also works in adb shell.
Click to expand...
Click to collapse
i get 'stopped(sigsstop)' what wrong?

great! will come in very handy since im always working with Ethiopian children and trust me they're pretty smart they always blackmail me saying they'l send my contacts dirty pictures and messages. now its all going to be stopped ! thanks bro

NeoNikon said:
great! will come in very handy since im always working with Ethiopian children and trust me they're pretty smart they always blackmail me saying they'l send my contacts dirty pictures and messages. now its all going to be stopped ! thanks bro
Click to expand...
Click to collapse
Good luck with that.... 0.o
Sent from my SPH-L710 using XDA App

This is fantastic. I hope that there is more exploration of this. Would be perfect for tablets.

http://goo.gl/AnXT7
P.S. - This was done by modifying code in the Settings app, and i did submit the patch to CM Code-Review(http://goo.gl/PU4wQ), it ins't in yet as it's buggy.
We've tested it pretty extensively, and it's insanely broken.
I also submitted a patch to AOSP related to this(http://goo.gl/u0WbN), and it got rejected, due to what i said.
The below line comes a developer at google, who's been working on this since more than a year:
"Multi-user feature is not ready for deployment. Bad things will happen if you use it in its current state!"

cdesai said:
http://goo.gl/AnXT7
P.S. - This was done by modifying code in the Settings app, and the patch is on cm gerrit, just not ready to be let out yet.
I've also had a build up with that for quite a few days now, it's just that i didn't release it as it's unstable and not intended to be used now.
Click to expand...
Click to collapse
One more reason to go cyanogen on tablets

Just tested with team eos jelly bean rom and it worked, on the motorola xoom MZ601

This is really cool. Now I just need Jelly Bean

I have it working om my GSM GN.
I found that in the second account there are apps that I don't have in the primary account, for example: Google Wallet, Play Magazines, Play Books and Play Films. (I'm from Belgium)
Oh, they disappeared as soon as I signed in with my Google account.
If you are on the second user, most of the data from the primary user is hidden (you can not acces it).
For example:
- photo's
- unlocked levels in Angry Birds
- music
- contacts
- google account
- clipboard
- home screen
But there are a few exceptions:
- all the apps are there, as if they were just installed
- the recent apps menu
- the use-app-as-default-setting (I don't know the official name). For example: if you set Apex as default in the Guest account, it will also be default in the primary account.
- your messages (!)
Ps: this was my first post on xda
I hope you find it usefull.
Sent from my Galaxy Nexus using xda app-developers app

Roodborstje said:
I have it working om my GSM GN.
I found that in the second account there are apps that I don't have in the primary account, for example: Google Wallet, Play Magazines, Play Books and Play Films. (I'm from Belgium)
Oh, they disappeared as soon as I signed in with my Google account.
If you are on the second user, most of the data from the primary user is hidden (you can not acces it).
For example:
- photo's
- unlocked levels in Angry Birds
- music
- contacts
- google account
- clipboard
- home screen
But there are a few exceptions:
- all the apps are there, as if they were just installed
- the recent apps menu
- the use-app-as-default-setting (I don't know the official name). For example: if you set Apex as default in the Guest account, it will also be default in the primary account.
- your messages (!)
Ps: this was my first post on xda
I hope you find it usefull.
Sent from my Galaxy Nexus using xda app-developers app
Click to expand...
Click to collapse
That is really useful information
Just goes to show just how usable or unusable it can really be in its current state.
Sent from Mr. Z's Galaxy S3.

Can we do this with ICS?

Thank You...Works perfectly on my Galaxy Ace running maclaws JellyBean Beta1 4.1.1

BetoFlakeS said:
Can we do this with ICS?
Click to expand...
Click to collapse
No. The code required wasn't implemented until Jellybean.
Sent from Mr. Z's Galaxy S3.

Great

xiaomi spying

just read this article, whats your opinion.
https://www.dailymail.co.uk/science...rowsing-data-millions-people-web-browser.html

meanwhile Google (Android OS), Apple, Amazon + basically any company which sells any item with a camera or microphone which connects to the internet
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}

bluefender said:
just read this article, whats your opinion.
https://www.dailymail.co.uk/science...rowsing-data-millions-people-web-browser.html
Click to expand...
Click to collapse
I'm already aware of it not only xiaomi if you have FB installed it does so same for google apps or almost any apps, Im using some tool to monitor my network and im not even using my phone and I see that it's always exchanging data on the internet just to know that I didn't enable any cloud thing or any sync also I have put some Data on my phone when I was away from home and it went out so fast after I checked the apps that used it I found that almost 200 Mb of data is missing but it wasn't used by any app so there is an exchange but it's hidden, im thinking of using another rom and check

bluefender said:
just read this article, whats your opinion.
https://www.dailymail.co.uk/science...rowsing-data-millions-people-web-browser.html
Click to expand...
Click to collapse
that's why i tell people to use gappless custom roms ...
brownm121 said:
What about the apps described here https://realspyapps.com/phone-tracker/? How to protect your data from such spy apps? They can get all your data as I've understood. Is it possible to protect a phone from hacking and data theft?
Click to expand...
Click to collapse
don't give apps data permission
and restrict all from internet access
if you have an app that need both ensure it dosn't have trackers
if you still don't trust use riru storage isolation ...

Agree generally @loopypalm however I have been using AFWall+ and whitelisted (allowed) supposedly only 4 installed apps - but no system stuff. According to the logs it is blocking literally 000's of requests from the kernel/system and others. However I installed GlassWire the other day and it is showing it exchanging data in and out daily for "Android System".......... :-(
If accurate not sure there is any way to stop that as it must be buried very deep?

loopypalm said:
that's why i tell people to use gappless custom roms ...
don't give apps data permission
and restrict all from internet access
if you have an app that need both ensure it dosn't have trackers
if you still don't trust use riru storage isolation ...
Click to expand...
Click to collapse
Karma Firewall, freeware that uses almost no battery.
China and the CCP are one in the same. The risk of embedded hardware, firmware and software spyware or back doors is high.
The CCP is insidious and nefarious... if you haven't noticed it already

sabei said:
However I installed GlassWire the other day and it is showing it exchanging data in and out daily for "Android System".......... :-(
If accurate not sure there is any way to stop that as it must be buried very deep?
Click to expand...
Click to collapse
there is an app+process called 'NetworkStack' , that is responsable for app to use internet and it's consomation is counted under "Android System"
blackhawk said:
Karma Firewall, freeware that uses almost no battery
Click to expand...
Click to collapse
i read that it dosn't require root, so i'm not sure if it operate at a system level or just does this :

loopypalm said:
i read that it dosn't require root, so i'm not sure if it operate at a system level or just does this :
View attachment 5356179
Click to expand...
Click to collapse
It's a VNP based firewall. It runs best on Pie or lower. With Q and above you lose it's logging function. I'm running Pie so I haven't tested that... and don't plan too anytime soon

loopypalm said:
there is an app+process called 'NetworkStack' , that is responsable for app to use internet and it's consomation is counted under "Android System"
Click to expand...
Click to collapse
yes that shows as a separate process on mine (1073) and is blocked/not allowed along with the rest
(I am still running AEX 7.3 - thanks again for the original recommendation)

sabei said:
yes that shows as a separate process on mine (1073) and is blocked/not allowed along with the rest
(I am still running AEX 7.3 - thanks again for the original recommendation)
Click to expand...
Click to collapse
you can block the package ,yes but not the process
it's the one thing that make you able to connect to wifi/4g ...

{Mod edit: Quoted post has been deleted}
You have quoted an article written by someone selling spy apps...............hardly the most credible and has nothing to do with what I was referring to.

i think people should start editing the apps they work with to remove trackers and useless stuff ...
if you don't have the skills you can use the "mobilism" or "4pda forums" releases, i don't think i have the right to post their links here
other than that nobody can spy on you unless you r an idiot or if they use "Pegasus"

loopypalm said:
i think people should start editing the apps they work with to remove trackers and useless stuff ...
if you don't have the skills you can use the "mobilism" or "4pda forums" releases, i don't think i have the right to post their links here
other than that nobody can spy on you unless you r an idiot or if they use "Pegasus"
Click to expand...
Click to collapse
Easiest thing to do is either don't load crapware or firewall block it.
Amazon, WhatsApp, FB, Instagram, LinkedIn etc never are installed on my device.
Lots do then wonder why their battery life sucks and they have no privacy

blackhawk said:
Easiest thing to do is either don't load crapware or firewall block it.
Amazon, WhatsApp, FB, Instagram, LinkedIn etc never are installed on my device.
Lots do then wonder why their battery life sucks and they have no privacy
Click to expand...
Click to collapse
well , It is easier to escape from a problem than to solve it ...
lot of people can't live without wsp and fb,and i agree, that's a problem ...
that's why i suggested to use storage isolation
(you give an app just one folder to access instead of the whole SD)
and use mod like fouadmod for wsp and cleaned Friendly for Facebook ...
and for identity i don't think there is much you can do unless feed it fake info or create a new identity ...
and if you are a government target just destroy your phone and don't even think ...

loopypalm said:
well , It is easier to escape from a problem than to solve it ...
lot of people can't live without wsp and fb,and i agree, that's a problem ...
that's why i suggested to use storage isolation
(you give an app just one folder to access instead of the whole SD)
and use mod like fouadmod for wsp and cleaned Friendly for Facebook ...
and for identity i don't think there is much you can do unless feed it fake info or create a new identity ...
and if you are a government target just destroy your phone and don't even think ...
Click to expand...
Click to collapse
The problem with those social apps is two fold. All the personal data the user willingly supplies that can then be weaponized against them is the primary issue.
People shouldn't know everything you do and think.
These virtual trash apps have ruined many careers and lives. They are now a source of disinformation and are heavily censured unless you think "correctly". It is a means of controlling the masses by a few.
You're not the customer... you are the product.
Fk that $hit.

loopypalm said:
i think people should start editing the apps they work with to remove trackers and useless stuff ...
Click to expand...
Click to collapse
I've been using some (very few) mobilism apps for years without any ill effects.
Even if you don't use FB yourself, that by itself doesn't exempt you from its tracking, as you'll notice if you follow the tip below.
If you're rooted, another way (which doesn't always work, sadly) would be to get OSS App Manager from F-Droid, see what trackers are there for any given app (you're clear if none are listed) and block some or all of them... YMMV.

pnin said:
see what trackers are there for any given app (you're clear if none are listed) and block some or all some of them... YMMV.
Click to expand...
Click to collapse
Anybody else tried using Warden - app on XDA to remove trackers/beacons etc?

pnin said:
I've been using some (very few) mobilism apps for years without any ill effects.
Even if you don't use FB yourself, that by itself doesn't exempt you from its tracking, as you'll notice if you follow the tip below.
If you're rooted, another way (which doesn't always work, sadly) would be to get OSS App Manager from F-Droid, see what trackers are there for any given app (you're clear if none are listed) and block some or all some of them... YMMV.
Click to expand...
Click to collapse
If FB, Amazon etc is preinstalled either package block it or firewall block.
I prefer using Package Disabler to kill them although you can use ADB to do it.
I keep locations disabled unless I need maps which is rare. Helps battery life too.
Lol, FB is pure poison...

blackhawk said:
Package Disabler
Click to expand...
Click to collapse
Is this the paid for app?

sabei said:
Is this the paid for app?
Click to expand...
Click to collapse
Yes, annual subscription. Use the none Samsung variant. I can't say how well this variant works. The Samsung version works well but won't block Google play Services. I've been using it for over 2 years.
They do respond to emails promptly.
{Mod edit: Link to paid app removed @blackhawk )

App named 10550 in Wireless data usage?

Hi good people.
I have an app in my wifi data usage list by the name of 10550. I've contacted Samsung and they have now idea what it is. How can I find out?
I have attached a screenshot of it.
I have a Anroid 10 with UI 2.1 Exynos version of Note10+.

LaMpiR said:
Hi good people.
I have an app in my wifi data usage list by the name of 10550. I've contacted Samsung and they have now idea what it is. How can I find out?
I have attached a screenshot of it.
I have a Anroid 10 with UI 2.1 Exynos version of Note10+.
Click to expand...
Click to collapse
Upload online* to Virus Total:
https://www.virustotal.com/gui/
Scan the whole thing with Malwarebytes and Trojanscanner.
If your using a package blocker like PD MDM you can disable it there to test and see if it's even needed.
*use the app APK Export to copy the apk for upload.

blackhawk said:
Upload online* to Virus Total:
https://www.virustotal.com/gui/
Scan the whole thing with Malwarebytes and Trojanscanner.
If your using a package blocker like PD MDM you can disable it there to test and see if it's even needed.
*use the app APK Export to copy the apk for upload.
Click to expand...
Click to collapse
Thank you for the quick reply. I have download apk export but cannot find the app 10550, it's not listed.
I have scanned the phone with Kaspersky internet security and nothing. I have downloaded Malwarebytes and scanned and nothing.
I have never used PD MDM. Installed and will try, but the app 10550 is not there. It is only shown in wireless data usage list.
Any more advices?

APK Exports shows all systems apks, make sure show systems apps is toggled on it.
F it otherwise delete it. Although it be better to ID in case it's malware and more is hidden in the system.

it might refer to apps you removed at some point. what would be the meaning of the word underneath it?

raul6 said:
it might refer to apps you removed at some point. what would be the meaning of the word underneath it?
Click to expand...
Click to collapse
If so... a bad uninstall ie trashware.
SD Maid could probably snuff that reminant even if not rooted.

raul6 said:
it might refer to apps you removed at some point. what would be the meaning of the word underneath it?
Click to expand...
Click to collapse
Bixby Vision says the word (when translated into English) is "Restricted"

scottusa2008 said:
Bixby Vision says the word (when translated into English) is "Restricted"
Click to expand...
Click to collapse
thanks. that's then for the app that has restricted mobile data access. Removed apps come under removed apps heading. hunt is on
@LaMpiR if you click on that entry does it show additional info?

Google "apk 10550"
Urge to kill rising... Los Digit the Pirate says; "tis malware off the port side!"

blackhawk said:
APK Exports shows all systems apks, make sure show systems apps is toggled on it.
F it otherwise delete it. Although it be better to ID in case it's malware and more is hidden in the system.
Click to expand...
Click to collapse
I have activated the function (Advanced mode) and still nothing.
raul6 said:
it might refer to apps you removed at some point. what would be the meaning of the word underneath it?
Click to expand...
Click to collapse
Restricted
blackhawk said:
If so... a bad uninstall ie trashware.
SD Maid could probably snuff that reminant even if not rooted.
Click to expand...
Click to collapse
Will try it now. Thank you.
raul6 said:
thanks. that's then for the app that has restricted mobile data access. Removed apps come under removed apps heading. hunt is on
@LaMpiR if you click on that entry does it show additional info?
Click to expand...
Click to collapse
It shows the data usage from the app.
Total: 0 B
Front: 0B
Background: 0B
Then I have two options with allowing the background data(that is off) and the allowing the Data usage bei Data saving option(don't have that anyway.
I have googled apk 10550 and the only APP I had was from Payback, but the App is updated to 20.08.10630 version. It is a small coupon app.
Mine has transferred since 16.05. - 13.06. 5,81GB and after it's saying that it's restricted.

SD Maid can't touch that... if it's an uninstallable app.
APK Exports, hit the inverted triangle of bars in the right hand corner. Punch to show system apps.
It better be there. Copy the package and Scan it.

Hi. I have somehow missed your answer.
Anything else what I could try? I have no idea anymore
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}

Did Apk Extractor copy it?
Try safe mode, it still running?
If it's listed on PD MDM; package blocker you can kill it or if not try a manual disable by entering the full app name, not just 10550.
Go in using ADB and tract it down.
Call your carrier tech support.
I can't find it doing a Google search which is disquieting.
It's not on my 10+
Nuke option...
If the load is old, backup and do a hard reset.
Make sure this bugger isn't in the backup data.
After reset check to see if present; it may be legitimate apk or added adware on the original OS load.
If still clean restore data and apps, check for it again.
Keep checking... once bitten, twice shy. It maybe on one of your 3rd party apps. Have any chat apps loaded?
Always look through your downloads especially after a go around on a naughty or misbehaving site for rogue downloads, delete any asap.
Use Gmail and never download unknown anything!!!
Avoid side loading apks unless you trust the site and scan them first with online Virus Total.
Check that all your apps don't have permission to install unknown apps!!!
Androids are generally hard to infect unless you do something stupid. I've ran dinosaur Androids for years with no infections that costed a reload*.
*Malwarebytes did catch 2 trojan preloaders a little less then a year ago though... in downloads.
Also downloaded an infected jpeg that cost me all of my pics in downloads and damaged other files in the download folder in the last year.
Delete, delete, delete... I got lucky it died there..

I cannot find the app with APK Extractor.
I cannot find the app running, only it is shown in Wireless data usage, so running in safe mode would help if I could run it for a month.
PD MDM is not showing any app with 10550 name.
blackhawk said:
Did Apk Extractor copy it?
Try safe mode, it still running?
If it's listed on PD MDM; package blocker you can kill it or if not try a manual disable by entering the full app name, not just 10550.
Go in using ADB and tract it down.
Call your carrier tech support.
I can't find it doing a Google search which is disquieting.
It's not on my 10+
Nuke option...
If the load is old, backup and do a hard reset.
Make sure this bugger isn't in the backup data.
After reset check to see if present; it may be legitimate apk or added adware on the original OS load.
If still clean restore data and apps, check for it again.
Keep checking... once bitten, twice shy. It maybe on one of your 3rd party apps. Have any chat apps loaded?
Always look through your downloads especially after a go around on a naughty or misbehaving site for rogue downloads, delete any asap.
Use Gmail and never download unknown anything!!!
Avoid side loading apks unless you trust the site and scan them first with online Virus Total.
Check that all your apps don't have permission to install unknown apps!!!
Androids are generally hard to infect unless you do something stupid. I've ran dinosaur Androids for years with no infections that costed a reload*.
*Malwarebytes did catch 2 trojan preloaders a little less then a year ago though... in downloads.
Also downloaded an infected jpeg that cost me all of my pics in downloads and damaged other files in the download folder in the last year.
Delete, delete, delete... I got lucky it died there..
Click to expand...
Click to collapse

How much data is it using?
Try Data Couter Widget>apps
See what this shows and if you can access mystery apk from there.
This is a useful tool. Thanks for reminding me

I looked for that "10550" app, but could not find it anywhere, could it be some carrier thing? Your carrier, I mean, I have a carrier branded 975F, and nothing

Any more advices on this topic? The app is still there...
All security scans show nothing and I cannot click on the app. I will either root the phone to find out or I don't know what to do. Which rooted app could show me the required info? I really don't want to root my phone.

Bump

winol said:
I looked for that "10550" app, but could not find it anywhere, could it be some carrier thing? Your carrier, I mean, I have a carrier branded 975F, and nothing
Click to expand...
Click to collapse
It's the UID number, the unique number your Android designates apks by. Sometimes Karma will show the actual and sometimes the UID.
When Karma shows the UID number it's always a system apk... if that helps.
What is UID on Android?
What is UID on Android? Is it ID of a particular user or of a particular application?
stackoverflow.com
You'll need to figure it out by trial and error. I've seen the UIDs listed for a Sony phone but not Samsung. Some correspond as the same, others not. The biggest connector at idle by far is Google Play Services... gather data no doubt.