All of the applications below appear to obtain access and information way beyond the needs of a Flashlight. Some appear specifically designed to collect and expose your personal information to cybercriminals or other nation states. In addition, you are at significant risk if you are doing Mobile Banking on the same device as one of these free Flashlight Apps.
Our strong recommendation is to uninstall your flashlight app immediately.
--From SnoopWall's Threat Assessment Report
Click to expand...
Click to collapse
Ok, so we all know that we need to be extra careful with the apps we use and the permissions they demand, at least, if you are here on XDA, I certainly hope you know this! And for many of you it is probably 2nd nature to steer clear of many apps that require too many irrelevant permissions. However, it was just brought to my attention that yesterday SnoopWall released a Threat Assesment Report regarding the top 10 Flashlight/Torch apps in the Play Store, and every one of them can potentially be used maliciously! So I thought I would share this with everyone, first, so that you are aware of it, and second, so you can make others aware! Maybe if we show those stubbornly ignorant people we all know, they will start trying to be a little more careful, and start paying a little more attention to what they are doing!
One important thing to note, as I dont remember seeing it mentioned specifically in the report, is that during their investigation they found a lot of personal information being sent by these flashlight apps to Russia, China and India! Need I say more???
Personally, I have always stayed away from these flashlight apps for several reasons that are mentioned by the report. For example, why would any app that only functions as a flashlight need to be several megabytes in size??? Huge red flag if you ask me!
Anyway, as many of you know here, I do not have a lot of time right now, so I will just post the links you need to educate yourself below. I will try to post more information later on as time allows, but I just wanted to get this out there for anyone who needs to know about it.
SnoopWall's Flashlight App Threat Assessment Report
Fox News report - A Cybersecurity Threat That Could Be Lurking On Your Phone
FTC Sues Brightest Flashlight Developer
SnoopWall's Apps on Google Play
Doc
Reserved
Sent from my SAMSUNG-SGH-I747 using Tapatalk
dont know if this appropriate place to post (and will delete if needed) when i use to use play store , i found this xposed mode
http://repo.xposed.info/module/com.germainz.playpermissionsexposed
and am aware that there are many filter/nets/whatevers. but this one was helpful to me.
good day
err on the side of kindness
This looks and smells like some fear mongering BS.. http://www.snoopwall.com/threat-reports-10-01-2014/ just has a chart of permissions and the ones used on several of the apps are VERY reasonable .
Idk that first app in the grid is vary suspicious alongside some others with same permisions
---------- Post added at 05:57 AM ---------- Previous post was at 05:52 AM ----------
Lol but there recomeded safety precautions are way too exaggerated
I'm definitely glad most Roms come with a simple torch/flashlight app so I've never had to download one from the play store, that's scary stuff!
AddictedToB3er said:
I'm definitely glad most Roms come with a simple torch/flashlight app so I've never had to download one from the play store, that's scary stuff!
Click to expand...
Click to collapse
The thing is, here it is about flashlight apps. But the same threat could eventually apply to any app. Not that I would like people to become paranoid, but a quick read of permissions requests by apps when installing them and evaluate what the asked permissions could do is always a good habit to have. Lots of apps developers publish, on their website or directly on the Play Store, the reasons why certain permissions are requested and how they are used for -- this is an habit I would like to see more often.
Yeah for sure I was reading one of the XDA articles a while back about how many permissions keyboard apps ask for and it seemed a little much to me. I like to just go in and disable permissions I don't think certain apps need like Facebook for example. I never check in anywhere so I disable the location permission.
OK, and would anyone ever recommend one safe privacy-centric flashlight app???? Since my ROM - Lollipop 5.0.1 and Nova launcher simply don't have it built in what am I to do ??? I am switching neither my rom nor my launcher, so as I see it ... I need an app to do it.
unknown404 said:
OK, and would anyone ever recommend one safe privacy-centric flashlight app???? Since my ROM - Lollipop 5.0.1 and Nova launcher simply don't have it built in what am I to do ??? I am switching neither my rom nor my launcher, so as I see it ... I need an app to do it.
Click to expand...
Click to collapse
you can check here. free and open source.
https://f-droid.org/
"err on the side of kindness"
mrrocketdog said:
you can check here. free and open source.
https://f-droid.org/
"err on the side of kindness"
Click to expand...
Click to collapse
OK, I'm acquainted with fdroid, but I was asking for a particular flashlight app, that uses only your camera's flash and nothing else and is kilobytes light ... not 20mb like some other flashlight apps. The closest thing to this description is https://play.google.com/store/apps/details?id=com.android.flashLight however it asks for permissions for the camera not the camera flashlight, which again makes little sense IMO and secondly it causes a screenlock if phone screen is turned off with the app running. U then need only to double tap your screen to check what time it is and you are guaranteed to have your screen locked from then on until your battery dies. Thus this calls for the need of a proper flashlight app ...
Related
I want to be able to granularly set the permissions for each app. From what I understand my options are:
Cyanogenmod - except CM10 for SGS2 is missing this at this time
Pdroid for GB
Pdroid 2.0 - running CM10 only
LBE (from China)
I have had Pdroid 2.0 running on CM10 for a few weeks but CM10 isn't stable - just had it auto-reboot in the middle of a call. Does anybody have any other ideas / suggestions?
On a related note - I'm wondering why it seems that most people aren't bothered with apps monitoring their use and even more important archiving all the data compiled on them?? The only thing that I can think of is that most cell phone / XDA users are really young and just don't know any better??? Didn't they pay any attention in history class?? What am I missing here?
Mrktmind said:
On a related note - I'm wondering why it seems that most people aren't bothered with apps monitoring their use and even more important archiving all the data compiled on them?? The only thing that I can think of is that most cell phone / XDA users are really young and just don't know any better??? Didn't they pay any attention in history class?? What am I missing here?
Click to expand...
Click to collapse
Because phone security is generally easy to manage. Most apps make a good name for themselves. And many people check the security of an app as soon as it were to hit the Play Store. It doesn't mean we are young it means that we aren't dumb and know how modern technology works.
hrffd said:
Because phone security is generally easy to manage. Most apps make a good name for themselves. And many people check the security of an app as soon as it were to hit the Play Store. It doesn't mean we are young it means that we aren't dumb and know how modern technology works.[/QUOTE
I highly doubt that anyone on XDA, regardless of age, is dumb. I do believe, however, that there are quite a few younger members who could be a bit naive due to a lack of experience. Younger folks tend to take most things at face value. Just because something is free monetarily doesn't mean it isn't costing you something. Just because an app is on Play Store doesn't mean it is "secure" - especially since the Play Store (as well as Android, Google, et.al.) operate on the same business model as the apps!
Just a random example - Why would Angry Birds need my Sim Card Serial number to operate properly? Why would it need to know the phone numbers of all my incoming calls? Answer - it doesn't - in fact it doesn't need ANY of the permissions it asks for to operate properly. So why does it ask for these permissions? Answer - it is data mining your phone.
Ok, so I think most XDA members are aware of WHAT these apps are doing. My original question is WHY don't more people seem to care?
Click to expand...
Click to collapse
Mrktmind said:
I want to be able to granularly set the permissions for each app. From what I understand my options are:
Cyanogenmod - except CM10 for SGS2 is missing this at this time
Pdroid for GB
Pdroid 2.0 - running CM10 only
LMB (from China)
I have had Pdroid 2.0 running on CM10 for a few weeks but CM10 isn't stable - just had it auto-reboot in the middle of a call. Does anybody have any other ideas / suggestions?
On a related note - I'm wondering why it seems that most people aren't bothered with apps monitoring their use and even more important archiving all the data compiled on them?? The only thing that I can think of is that most cell phone / XDA users are really young and just don't know any better??? Didn't they pay any attention in history class?? What am I missing here?
Click to expand...
Click to collapse
I believe MIUI is also a viable option for this, no? You can set app permission on a "per-app" basis with MIUI security I believe.
Sent from my SPH-D710 using Tapatalk 2
I tried this app a while back and it basically does what you want but it got annoying https://play.google.com/store/apps/details?id=com.lbe.security.lite
I don't use these because I am very selective about what goes on my phone.
Thanks Luke!
Not very familiar with MIUI ROM's will have to look into them.
someguyatx said:
I tried this app a while back and it basically does what you want but it got annoying https://play.google.com/store/apps/details?id=com.lbe.security.lite
I don't use these because I am very selective about what goes on my phone.
Click to expand...
Click to collapse
Yes, this is the app I listed above - just had the initials wrong! :silly: It is a lot like pdroid but, like you, it scares me.
I have my own small business and run most of it from my phone, in the beginning I used the standard flip phone then graduated on to a touch pro 2 with Windows Mobile 6.5 as I began to accumulate massive amounts of data on my Windows Mobile phone, for some reason I still felt secure in the applications like ActiveSync that I was in control of my data.... A year ago last October I upgraded to the Samsung Galaxy s2.. this was my first real experience with Google's Android operating system. in the first few minutes of using the new phone I could see how deeply the hooks were being placed to data mine my information. I resisted at first but then came to realize if I wanted all the bells and whistles Google was offering I had to play the game... I use the security program mentioned above... maybe they should have an app were you sign a consent of exactly which data you would like to keep on your phone and not share with other people. then when you visit the play store apps that request more of your private data than you're willing to share won't show up? I would like to have an open sourced built firewall that monitors traffic, letting me choose the permissions per app as I see fit.
Mrktmind said:
Thanks Luke!
Not very familiar with MIUI ROM's will have to look into them.
Click to expand...
Click to collapse
I've ran both Adhvanlt's and Lens's JB MIUI Roms, and they're both amazing! The standard MIUI launcher feels a bit like the iphone, and there is no app drawer, but that's easily fixed by downloading [insert favorite launcher here] if you don't care for it. There's hundreds of options for customization. They are literally the most customizable ROMs you'll ever run; All of this on top of the fact that it has the security features I believe you are after baked right in to it.
Sent from my SPH-D710 using Tapatalk 2
Looked at two MIUI ROM's for the E4GT. Both of them have issues with Google Voice. I need Google Voice.
I am also going to try +AF (Droidwall fork) firewall tonight to see if it will work on FK23. It apparently has issues with some ICS/JB ROM's. That will at least give some protection from apps that don't need network access at all. But for apps that need network access to do their intended job it's useless. Just read last night that the developer has added profiles to +AF - that should be really cool.
I guess I'm spoiled a bit with Pdroid - it works so well and is very detailed.
Thanks for all the replies! Other suggestions, ideas, thoughts, opinions welcomed!
Mrktmind said:
I want to be able to granularly set the permissions for each app. From what I understand my options are:
Cyanogenmod - except CM10 for SGS2 is missing this at this time
Pdroid for GB
Pdroid 2.0 - running CM10 only
LBE (from China)
I have had Pdroid 2.0 running on CM10 for a few weeks but CM10 isn't stable - just had it auto-reboot in the middle of a call. Does anybody have any other ideas / suggestions?
On a related note - I'm wondering why it seems that most people aren't bothered with apps monitoring their use and even more important archiving all the data compiled on them?? The only thing that I can think of is that most cell phone / XDA users are really young and just don't know any better??? Didn't they pay any attention in history class?? What am I missing here?
Click to expand...
Click to collapse
As an app developer, I can tell you that there are some shady apps, but if you download from good devs, the permissions are *usually* necessary. Here's some examples that people question the most:
Access to contacts... Assuming it's not a contact or sms app, if any app has a "share" feature needs this permission.
Access to sd card... Any app that saves anything or lets you change a background needs this.
Read phone state... So the app can properly call the "onpause" method when a call comes in.
Access to location... Assuming it's not a location app or game like ingress or zombies!Run!, you'll typically see this on free apps that have ads. Ads allow developers to get paid for their work while keeping the app free. They don't have access to the ad data, though. They just put in the api and the ad company handles the rest.
On top of that, large organizations will seek phone specific permissions like sim card numbers for analytics.
Google makes most of its money from ads, so it reads your usage to better target ads. Google also uses location data to improve location services like maps.
If you're worried about security, don't download a random app that only has 100+ downloads. If an app has 50000+ downloads, you can rest assured that it's already been vetted.
Also if you're downloading pirated apps, you're just a moron who is opening up his world to who knows who. Many (not all) pirated apps have added data mining code.
Sent from my SPH-D710 using Tapatalk 2
Anybody hear about how the new google play services will be able to give itself permissions to do what ever it needs to without the users permission. I dont like the idea of forcing updates and making changes to my phone without my permission. I guess Ill be stuck on jellybean until someone can figure a hack that will allow me disable super user features of the service. Maybe even killl the service but still have a fully functional device! You can read about it on arstechnica. The new play service was introduced at google io.
What kind of BS is this. The thread gets closed for informing members of whats new with google play services. No FUD just the truth. How long did it take for google to patch the last exploit. Something like the play service will be a huge target. Also not wanting to give google or anyone else root access and more to my phone. Yes I know they have access to my gmail and location. Thats not a big deal but to be able to just make changes and god knows what else to your phone and all the information on it without my knowledge is not cool. I love android and think google is a great company but what they have done.....not cool Google!!!
Care to share a link to this? I take it there was a reason the previous post was closed. You seem to be spreading false information.
http://arstechnica.com/gadgets/2013...oems-step-aside-google-is-defragging-android/
I understand why they are doing it but I don't like it.
If I read the article correctly... Seems like they're referring to play services which we have had forever now. Not really sure what the concern is here? Just use common sense when installing apps and not sure if I believe the whole permissions thing because they always list them when installing or updating. I've never heard anything about this before this article. Generally, you can't go by one source before forming a proper opinion or thought. Just seems odd... That's all
sino8r said:
If I read the article correctly... Seems like they're referring to play services which we have had forever now. Not really sure what the concern is here? Just use common sense when installing apps and not sure if I believe the whole permissions thing because they always list them when installing or updating. I've never heard anything about this before this article. Generally, you can't go by one source before forming a proper opinion or thought. Just seems odd... That's all
Click to expand...
Click to collapse
This is a new feature of google play services that is part of kitkat. Yes I have google paly services on my phone now but it cant grant itself permissions as needed and will not auto update unless I tell it to do so. My biggest concern is that we will have a service running granting itself permissions and installing software at will. Great target for exploitation.
tman7510 said:
This is a new feature of google play services that is part of kitkat. Yes I have google paly services on my phone now but it cant grant itself permissions as needed and will not auto update unless I tell it to do so. My biggest concern is that we will have a service running granting itself permissions and installing software at will. Great target for exploitation.
Click to expand...
Click to collapse
Yikes! That does sound crazy... I did reread the article a bit later and did realize they were referring to a new play services like you said. Some people in comments thought it might be more secure this way but I failed to understand their reasoning behind this. I guess were just gonna have to rely on scanning software to am mend these mistakes but I do get that shouldn't have to be necessary bin the first place. Hopefully, it will limit ridiculous permissions some sketchy apps to sneak in but it could just be easily exploitable in the other direction.
Alternatively, if Ur phone is rooted you can just freeze google services... No harm done.
Sent from my SGH-T889 using xda app-developers app
Google Play updates "itself" without any alert to the user's phone.
I'm more concerned about existing apps that have a problem with 4.3,
and then we'll have to wait for corrections - like can happen with any serious
platform upgrade.
Has anyone tried to see what works with some bloatware disabled & what doesn't work? Personally I would like the iris scanner and samsung pay to be enabled and everything else disabled.
Yeah, it's working for me quite well
XavierAD said:
Yeah, it's working for me quite well
Click to expand...
Click to collapse
Glad to hear it,arguably the best feature available for any Samsung device,short of root/ROMs.
Hopefully it'll still work once Android 7.0 rolls out.
KOLIOSIS said:
Glad to hear it,arguably the best feature available for any Samsung device,short of root/ROMs.
Hopefully it'll still work once Android 7.0 rolls out.
Click to expand...
Click to collapse
It will. They use Knox which is a product of Samsung.
Sent from my XT1528 using XDA Labs
I'm rather confused by this thread. Is the poster asking what will 'break' if you disabled all the bloatware? Or asking something else entirely? Cause you can disable everything that comes on any phone and it'll always work just fine.
And I have no idea what Android 7.0 would have to do with bloatware, or what KNOX would have to do with bloatware...
HikariNoKitsune said:
I'm rather confused by this thread. Is the poster asking what will 'break' if you disabled all the bloatware? Or asking something else entirely? Cause you can disable everything that comes on any phone and it'll always work just fine.
And I have no idea what Android 7.0 would have to do with bloatware, or what KNOX would have to do with bloatware...
Click to expand...
Click to collapse
I can't speak for the O.P.,but,my guess is, as with me, just making sure that it works before purchasing the Note 7,especially for those of us with the Snapdragon powered versions that may have no other way to disable bloat.
JMHO, but, the Q&A regarding functionality of PDP, whatever they may be, are of merit & might as well have a thread addressing the subject.
Most realize you can disable the bloat, but,not everyone, including yours truly, understand exactly how it works & why only on Samsung devices.
The Knox tie-in makes sense to me, even without a full understanding of how it works.
KOLIOSIS said:
I can't speak for the O.P.,but,my guess is, as with me, just making sure that it works before purchasing the Note 7,especially for those of us with the Snapdragon powered versions that may have no other way to disable bloat.
JMHO, but, the Q&A regarding functionality of PDP, whatever they may be, are of merit & might as well have a thread addressing the subject.
Most realize you can disable the bloat, but,not everyone, including yours truly, understand exactly how it works & why only on Samsung devices.
The Knox tie-in makes sense to me, even without a full understanding of how it works.
Click to expand...
Click to collapse
KNOX doesn't make much sense to me, because that's just a security platform. It just makes sure you protected from being 'hacked' per say. As in like, it adds an extra layer of security over your phone so someone can't just pick it up and plug it into a computer to gain access to all of your stuff. Though thats only the very loosest of analogies.
But I have to ask what you exactly mean by the "not everyone understands exactly how it works and why only on Samsung devices". Do you mean as in why disabling works? or something else. Because you can disable the bloatware on any android phone so long as the carrier and manufacturer didn't lock the option out. Which most devices will let you do it now because of the whole 'you'll get sued for forcing users to use a specific thing without giving them a way out' (an example would be microsoft getting sued over the bundling of Internet Explorer and Microsoft Office with the earlier Windows OS's).
What I'm wondering is, based on the title of the thread after thinking about it some, does the OP mean an app that disables/uninstalls bloat? Because I'm sure there are plenty of apps out there that do it. But most I think require Root in order to do it properly and reliably. I use Sprint for my service, and its Sprint ID and such are a pain in the ass, and they can't just be 'disabled' easily even though there is the option to (every time you disable it, Sprint just re-installs it the next time you reboot the phone because it thinks it got uninstalled somehow). But to get it to disable properly on my Note 5, I had to install some random app that I think was called App Quarantine. It looked like a bio-hazard symbol for the icon. I haven't re-installed it since this last wipe I was forced to do, so I can't remember exactly lol. But it was the only one that would let me actually disable the Sprint ID stuff and not have it re-install all the time.
HikariNoKitsune said:
What I'm wondering is, based on the title of the thread after thinking about it some, does the OP mean an app that disables/uninstalls bloat? Because I'm sure there are plenty of apps out there that do it.
Click to expand...
Click to collapse
Yes it's an app in the Google Play Store that has the ability to disable literally anything on Samsung devices,WITHOUT ROOT, so, care must be taken to not get carried away & I recommend only disabling, not deleting, in the event of not being able to take an update otherwise.
Not everything can be disabled natively, so, that explains the appeal of the app.
If you used it, you'd see the tie-in with Knox........
KOLIOSIS said:
Yes it's an app in the Google Play Store that has the ability to disable literally anything on Samsung devices,WITHOUT ROOT, so, care must be taken to not get carried away & I recommend only disabling, not deleting, in the event of not being able to take an update otherwise.
Not everything can be disabled natively, so, that explains the appeal of the app.
If you used it, you'd see the tie-in with Knox........
Click to expand...
Click to collapse
Then that makes alot more sense. I originally just thought they were basically asking if there was an app to disable everything instead of having to do it manually. I've always just manually disabled everything cause its not that hard to do. Just find the troublesome things and hit that disable button lol. But if this can do it all in one quick swoop, then I'm all in =O I'll definitely be looking into it later today when my phone finally arrives...
Sprint screwed up my pre-order, and is sending me the wrong device, so I have to take it into a store to get it exchanged because they refused to cancel my pre-order or change the order at all even though I legitimately ordered the dang thing 2 minutes past midnight on the 3rd. So ontop of that, they also didn't ship the phone when they said they would, AND the put restrictions on my package. I normally have to physically go to a UPS location to pick up my packages cause the dumb driver will never deliver to my house... always states that they can't find my house even though its the ONLY house down the ONLY long driveway... heck you can SEE my house above the trees! But nope, the guy wont deliver. But because of the restrictions, UPS wont let me flag the package as 'hold for pickup' like usual, so I gotta stand at the end of my drive way for hours upon hours just to catch the UPS driver. Then I gotta drive all the way into town to HOPEFULLY exchange the phone for the Black Onyx variant that I was supposed to get...
Anyway, sorry for the ramble o-o; didn't realize it was that long XD
HikariNoKitsune said:
Then that makes alot more sense. I originally just thought they were basically asking if there was an app to disable everything instead of having to do it manually. I've always just manually disabled everything cause its not that hard to do. Just find the troublesome things and hit that disable button lol. But if this can do it all in one quick swoop, then I'm all in =O I'll definitely be looking into it later today when my phone finally arrives...
Click to expand...
Click to collapse
It's a nice tool to have, a powerful one.
Just a friendly piece of advice :
Read up on it before using, check the FAQs on the developers site if need be & go conservative at 1st if you're not familiar with what is safe to disable.
The app gives color-coded guidelines per each app on what is known to be safe to disable. You can go above and beyond that, but, mainly, just disable, do not delete anything & leave the stock keyboard alone.
You might be able to disable the stock launcher, provided you have another one installed, but, I'd leave it alone until you're certain one way or the other........
KOLIOSIS said:
It's a nice tool to have, a powerful one.
Just a friendly piece of advice :
Read up on it before using, check the FAQs on the developers site if need be & go conservative at 1st if you're not familiar with what is safe to disable.
The app gives color-coded guidelines per each app on what is known to be safe to disable. You can go above and beyond that, but, mainly, just disable, do not delete anything & leave the stock keyboard alone.
You might be able to disable the stock launcher, provided you have another one installed, but, I'd leave it alone until you're certain one way or the other........
Click to expand...
Click to collapse
Lol I'd only disable the things I already know I need to disable. Like all the Sprint stuff. I leave the Samsung stuff alone cause I actually use alot of Samsung's things. But as for Sprint's stuff? All of that goes bye bye lol. Now that is assuming it doesn't somehow show things that you normally can't see from the applications manager. In which case then I wouldn't bother, cause I don't see much of a point lol.
there are a few package disabler for Samsung out there, which one the best?
amenlo9 said:
there are a few package disabler for Samsung out there, which one the best?
Click to expand...
Click to collapse
Go with either one,the Pro+ has a hardware lockdown feature,otherwise,there two are identical:
https://play.google.com/store/apps/details?id=com.ospolice.packagedisablerpremium&hl=en
https://play.google.com/store/apps/details?id=com.ospolice.packagedisablerpro&hl=en
I'm guessing Samsung still has a partnership w/Cheetah Mobile,which is one of the main reasons I like having this app,Package Disabler Pro,on-board to ward off the data mining/crapware/etc...
However,I'm not seeing anything in the apps,system or otherwise,that's jumping out & identifying itself as CheetahMobile/CleanMaster/etc.......
I'm guessing it's some/all of the apps identified w/the "Smart" moniker,but,I'm not 100% certain on that.
Anyone have an idea on which,if any,of the apps are actual CheetahMobile bloatware?
Thanks In Advance!
Using EZ Disabler here. Works well, but you gotta be careful using "disable bloat" part as it will turn off many useful things. I just went through and picked what i wanted. Very Easy to use though
Thanks for recommending Package Disabler Pro. I was worried Since not rooted. In past had always used TB . This worked Great!!
Sent from my SM-N930P using Tapatalk
Why would you guys use an app for disabling stuff.
Since we're on xda, enable USB debugging and use pm (package manager) cmd from adb shell.
For instance: adb shell pm hide 'package'
There are other interesting options: list, install, uninstall.
Sent from my HTC One using Tapatalk
millicent said:
Why would you guys use an app for disabling stuff.
Since we're on xda, enable USB debugging and use pm (package manager) cmd from adb shell.
For instance: adb shell pm hide 'package'
There are other interesting options: list, install, uninstall.
Click to expand...
Click to collapse
I see your point, but i would also say there is a ease to the app though. Whatever works best for people. Im just glad there are options.
If this is in the wrong thread then please move to correct one.
Has anyone else had issues with this... I'll call it problem, but by the way it behaves, it seems more like its a bug.
It has only been something I've seen on Marshmallow. Try to install an app, and its 50/50 whether or not you get "screen overlay detected"
Try to give an app permission, "screen overlay detected".
I should also point out that it isnt just restricted to HTC. My partners (now apparently ticking time bomb) s7 has also had the issue
You can disable as many screen overlays as you like, it still doesnt go away.
I've noticed now, too, that anytime a chat head from facebook messenger is on screen when I try to do something like install an app, it will spit out that problem until I close the chat head. Which was never an issue, ever, before.
Where has this thing come from and why is it even a problem for Android?
Those chat heads on the messenger as well as light filters, as e.g. CF.lumen, are always screen overlays. Those overlays could read out the whole screen, and thus as well what you're typing into banking apps or similar. Thus Google updated the privacy policy of their devices in Marshmallow, ending up in this specific error message. Sometimes it's enough to just turn the screen overlay of via settings > apps, regarding Apps like FB Messenger, CF.lumen, and the like, on other times and Apps you got to reboot the device after done so, or disable the overlay within the Apps settings as well, and seldomly you got to uninstall such an App to get the problem sorted for the time being. At least that's what I could find out searching the web.
Sent from my htc_pmeuhl using XDA Labs
silegeek said:
Where has this thing come from and why is it even a problem for Android?
Click to expand...
Click to collapse
It's so malicious apps don't replace the install button with something else (like an install button to install something else).
It's quite clever if you think about it.
Lambo_car16 said:
It's so malicious apps don't replace the install button with something else (like an install button to install something else).
It's quite clever if you think about it.
Click to expand...
Click to collapse
In theory I would say it's clever. In practice, it doesn't distinguish between safe apps that are harmless and those that aren't.
silegeek said:
In theory I would say it's clever. In practice, it doesn't distinguish between safe apps that are harmless and those that aren't.
Click to expand...
Click to collapse
How does the system know if an app is safe or not..?
Sent from my E6653 using Tapatalk
Lambo_car16 said:
How does the system know if an app is safe or not..?
Click to expand...
Click to collapse
Since Facebook messenger (and pretty much all my apps, most of which don't even have screen overlays but are in the list for it) was downloaded from Google play, I would imagine it isn't difficult to implement a system that flags it as safe.
If an app is installed via an apk, even if it is safe, I would understand more the need for concern. You never know, etc.
silegeek said:
Since Facebook messenger (and pretty much all my apps, most of which don't even have screen overlays but are in the list for it) was downloaded from Google play, I would imagine it isn't difficult to implement a system that flags it as safe.
If an app is installed via an apk, even if it is safe, I would understand more the need for concern. You never know, etc.
Click to expand...
Click to collapse
It would be difficult to implement a system like that. You never know which app is fake or real. Maybe it was a modified version of the app, you'll never know.
Either way, the feature is there and if you want to install an app just quickly turn off your overlay. Not exactly a big problem.
Sent from my E6653 using Tapatalk
I'm in stock/unrooted phone and I'm looking to disable as many apps as I can without negatively affecting performance.
I've seen lists for other phones but haven't seen one for the M10.
Be grateful if someone could signpost me to a list already made or just start one here.
mwake4goten said:
I'm in stock/unrooted phone and I'm looking to disable as many apps as I can without negatively affecting performance.
I've seen lists for other phones but haven't seen one for the M10.
Be grateful if someone could signpost me to a list already made or just start one here.
Click to expand...
Click to collapse
All the Google stuff really, besides play services and play, gmail and whatever else you use.
The other apps unless identifiable is leave will alone. You could end up with an OS that won't boot and in all fairness the benefits are extremely minimal.
Personally I'm like yourself I don't like bloat, but I'm rooted, so I flash venom and then tick the compete removal of sense then install the pixel launcher. Battery wise there's very little difference though.
dladz said:
All the Google stuff really, besides play services and play, gmail and whatever else you use.
The other apps unless identifiable is leave will alone. You could end up with an OS that won't boot and in all fairness the benefits are extremely minimal.
Personally I'm like yourself I don't like bloat, but I'm rooted, so I flash venom and then tick the compete removal of sense then install the pixel launcher. Battery wise there's very little difference though.
Click to expand...
Click to collapse
Hi thanks for reply, what you said makes sense.
Also, I did find this link on line for another HTC phone and might try to disable some of the system apps outlined there.
mwake4goten said:
Hi thanks for reply, what you said makes sense.
Also, I did find this link on line for another HTC phone and might try to disable some of the system apps outlined there.
Click to expand...
Click to collapse
Yea I've been through this before, I've streamlined my windows installation back when it was a benefit, but even then it wasn't a huge help.
If you ever root, check out apps like autostarts which stop apps from opening and that would probably have a bigger impact, haven't used autostarts for a while, minimal footprint from the app itself, but as I said you would need root access, plus removing ads etc and titanium to remove apps completey, for me rooting gives you the most flexibility and thus the largest benefit to better battery and performance, but again that's down the yourself.
Streamlining apps and removing things you don't need will give you a large benefit, get rid of apps that are intrusive like push ads, even Facebook has a massive impact on battery, Skype, Viber, they're all hogs.
Thanks for taking the time to reply again, I am a bit scared of the whole rooting process.. maybe I could take my phone to a repair shop so they can do it for me?
Sent from my HTC 10 using Tapatalk
mwake4goten said:
Thanks for taking the time to reply again, I am a bit scared of the whole rooting process.. maybe I could take my phone to a repair shop so they can do it for me?
Click to expand...
Click to collapse
It's a couple clicks on your phone, just have to pay up $20. No worries. A phone shop probably won't do it for you
Repair shop will not guarantee anything in case something will go wrong.
Time to post first on topic list:
My personal disabled apps.
- Android Live Wallpapers
- Android Pay
- Docs
- Facebook
- Flashlight
- Google App
- Google Play Movies&TV
- Google Play Music
- Hangouts
- HTC Service DLNA
- HTC Sync Manager
- HTC Sync Manager Package Installer
- Instagram
- Messenger
- News Republic
- Touchpal All unused languages pack
- Trusted Face
- Zoe Video Editor
This list is considered safe to disable by me. No problems at all, everything works like a charm.
afuller42 said:
It's a couple clicks on your phone, just have to pay up $20. No worries. A phone shop probably won't do it for you
Click to expand...
Click to collapse
Ok I guess I'll have to dive head first and learn how to root the phone...I might try it first on my old m8 first just to get confident with it all...
cavist said:
Repair shop will not guarantee anything in case something will go wrong.
Time to post first on topic list:
My personal disabled apps.
- Android Live Wallpapers
- Android Pay
- Docs
- Facebook
- Flashlight
- Google App
- Google Play Movies&TV
- Google Play Music
- Hangouts
- HTC Service DLNA
- HTC Sync Manager
- HTC Sync Manager Package Installer
- Instagram
- Messenger
- News Republic
- Touchpal All unused languages pack
- Trusted Face
- Zoe Video Editor
This list is considered safe to disable by me. No problems at all, everything works like a charm.
Click to expand...
Click to collapse
Thanks for the disabled app list I will get these apps disabled now.
mwake4goten said:
Ok I guess I'll have to dive head first and learn how to root the phone...I might try it first on my old m8 first just to get confident with it all...
Thanks for the disabled app list I will get these apps disabled now.
Click to expand...
Click to collapse
You can usually find some decent bloat removal lists here on XDA. Won't be made for the 10 and a little behind, but should help. I think getting a full updated safe to remove list is a great idea.
As for S-OFF (root), Sunshine crew does an amazing job to make the process as easy and safe as possible and provide really great support, even through phone I believe, as well as there irc channel.
Very good idea to do your M8 first as it can be very easy to permenantly brick your device IF you decide to mess around without research, which from your posts will not be an issue for you.
Basically once you are S-OFF, if you don't know what you're doing, just find a tutorial or ask in the appropriate thread, or create one.
Happy flashing.
mwake4goten said:
Thanks for taking the time to reply again, I am a bit scared of the whole rooting process.. maybe I could take my phone to a repair shop so they can do it for me?
Sent from my HTC 10 using Tapatalk
Click to expand...
Click to collapse
Honestly rooting is a doddle mate. There are guides everywhere, if you don't know just ask.
afuller42 said:
It's a couple clicks on your phone, just have to pay up $20.
Click to expand...
Click to collapse
highly unlikely you'll mess it up. Plus you don't need s-off so it is free. If you need help rooting IM me and i'll help, rooting is a process you want to be familiar with, getting someone to go do it for you isn't helpful because you don't learn anything, the root process isn't hard you'll be fine
dladz said:
Plus you don't need s-off so it is free.
Click to expand...
Click to collapse
I think I thought I was in the Verizon forums when I replied we have to pay extra, can't just simply use htcdev.
afuller42 said:
I think I thought I was in the Verizon forums when I replied we have to pay extra, can't just simply use htcdev.
Click to expand...
Click to collapse
Ah OK, yea I was referring to int unlocked. Provider specific I wouldn't know, I always buy unlocked. Less hassle.