LOS 17.1: rights management for multiple users - LineageOS Questions & Answers

I am trying to register Signal for a second user on my LineageOS 17.1 on a Fairphone 3+. It fails, looping me through the process and the Google ReCaptcha. Apparently the registration needs an open port 443 and UDP traffic rights.
Unlike my first user where I sucessfully registered Signal just two days ago, the second user (mainly to be used with the second, professional SIM) appears to lack the corresponding rights. I activated multiple users in Settings --> System --> Advanced --> Multiple users. Yet only the first user is set to have admin rights. This seems to be hard-coded...
At least I couldn't find any way to influence the user rights so far. Though this thread indicates meddling with /system/build.prop could be a solution, I would rather find a solution without rooting the device.
Do you have any ideas?
Essentially, I would love some frontend for an aggregated UserManager. If there is none, could you give some hints as to how to change the variables mentioned in the link when rooted?
--
On a sidenote, the Multiple Users feature traded some of its functionality from Android 9 to Android 10 imho... while before you could grant access to specific apps on the main account, now it's really separated users with separate app installs and such. This is great for some use cases including mine, though in order to be more useful, some more options would be nice (restrictions (think about kids usage), rights management, define locations for shared data, ...).
PS: if this is the wrong forum for such a question, please point me to the right one.

Sounds like a question for stack overflow or signal support.

Related

[Q] Booking system app for Windows Mobile

Hey guys
I'm an entrepreneur from Brisbane, Australia. I'm looking into introducing a new product and am wondering if you guys would be able to help me clarify a few questions. I have to add I have no idea what so ever about programming languages or whats possible or not. I just going to post my vision of the application I will need and hope some of you guys can tell me what of that will be possible, what not and how much effort / money it would take to realise.
Firstly of all and most importantly I need the the Phone application to work with several other systems which would be at the moment : - Iphone, Facebook, Windows Mobile, Blackberry Android, a Website interface, Windows Vista / 7 and Mac OS. I need this to work in two ways. One for the user to sync their data on different apps and secondly for the admin to receive and send data from the main system (that would be working on Windows or Mac)
On first interface the user would have to log in with a username and password, high security would be welcome, after the log in the general interface should be offering the user a booking request form with the ability to use a saved lists of items which have been previously use / prepared but also a interface for add one or editing
It also should offer a open bookings lists and the ability to edit this lists. This should also be able to be synced to the other systems. A third interface showing a history and updates should be also available.
If possible it should offer different accounts and groups where admins can edit the bookings of other users. If this is possible it also should offer a control for the admins which shows bookings and history of other group users.
I would like this obviously to be a professional looking app which offers a good service and is secure and bug free. If anyone has an idea if this is realisable or what parts of it would be difficult or have to be changed please do me the favour and comment.
Thank you for your help in advance.
JPM

GUI For Managing Jelly Beans Multi Account Feature

You may have heard talk of the experimental and unannounced multi-account feature in Android 4.1 that allows you to create multiple profiles on a device. In a nutshell it allows you to use your mobile device in a manner similar to how you are able to use a PC, where separate user profiles can be created. This makes it perfect for a household where multiple people may use a tablet on a daily basis, or simply creating a profile which allows others to use your phone without accessing certain apps like social networks and messaging
This semi-hidden feature is enabled via the terminal emulator application, once a new account is created, it becomes available via the devices power menu. It’s pretty simple stuff. However XDA Forum Member Raghav Sood has taken it upon himself to make this feature more user friendly by creating a GUI that allows you to manage these accounts without the use of the terminal. It performs simple operations such as creating, renaming, and deleting users; viewing all current profiles; and of course, switching between them. The developer also explains what the relevant terminal commands are if you prefer to do things the long way.
It’s important to remember that this new function is far from finished, and there wills be bugs. However, it does look quite promising. If you would like to try this out for yourself then check out the original thread.
http://forum.xda-developers.com/showthread.php?p=29999828
No need to make a thread here as its covered in android development forums.

Favourite / Prudent / Recommended Apps, by Category?

As I understand it, not all apps are suitable for all devices (Thus the device filter drop down on google play.)
For any given search term, play.google will drown you.
Are there (links to?) threads with best of class apps by category?
(Recognizing that this is a moving target / people have their fav's.)
[Otherwise, start one here?]
In some senses, coming from a sysadmin perspective, for the purposes of this thread.
For example, it seems prudent / intuitive to be running a firewall. (iptables, presumably). Yet there are quite a number when one searches for 'firewall'. (Yet until I went looking, I've never seen 'firewall' mentioned in threads, pages, etc., I have come across.)
Or, an ssh client seems useful, yet searching on ssh reveals most need root first. (Not complaining, just haven't gotten that far.)
Links?
----
VNC (Remote control a computer, man, way more viable on Android with pinch zooming screens than I ever would have expected) - android-vnc-viewer
[Seems to 'just work'. Note: Was already set up, across multiple computers/OSs, able to VNC each other.]
You don't need a firewall. Android is a tight ecosystem that doesn't need to be protected from itself. If you really care, most ROMs already have iptables in the kernel and commandline tools already installed; just root. (You'd need to root for any firewall app anyway.)
SSH *clients* generally don't need root. Servers are another matter. Some are server/client bundles but the client part should work just fine without root. I've used ConnectBot in the past and was pleased with it, though now that my server is wrapped in a VPN my phone doesn't support, it doesn't have much use for me anymore.
roothorick said:
You don't need a firewall. Android is a tight ecosystem that doesn't need to be protected from itself. If you really care, most ROMs already have iptables in the kernel and commandline tools already installed; just root. (You'd need to root for any firewall app anyway.)
Click to expand...
Click to collapse
I think perhaps I wasn't clear, or we're forgetting about one aspect of firewalls.
I'll accept your comments (and thank you) with respect to security.
However, what I also meant by firewall was blocking - be it to nefarious sites in foreign lands, or to other unsavoury ip's - be it in, or out.
e.g. A firewall facility utilizing the bluetack lists. (I'll accept if you have a better word for such an 'app' than 'firewall'.)
Thanks for any thoughts.

Android Malware via Ad Networks

Hi all,
I came across this article which explains how malcious code can be pushed on our android phones through malicious ad networks.
I will only highlight the important points and include the countermesaures which I think we can use to atleast avoid/prevent this type of malware.
1) Ads displayed within mobile apps are served by code that's actually part of those applications.
2) Application owners typically include SDK's in the application for various ad network's.
3) Not all developers verify the Ad network and if the developer does not care or simply goes with the highest bidder, then the chances of siding with a malicious ad network are high.
4) If an ad from a malicious network is displayed it can push malicious payload which runs quietly in device memory.
5) Detection by AV's can be difficult as this runs in memory and android AV's mostly verify the apk's only.
Not so good thing:
This is a very elegant approach that doesn’t really require the end-user to do anything “wrong”.
The user could download a valid application from a valid app store, and ultimately be silently infected by a disreputable ad network
--
Countermeasures:
1) Do not install applications from untrusted sources. This is configured by default under :Settings->Security->Device Administration->Unknown Sources.
2) Always verify the permissions the application is requesting.
3) Rooted phones can utilize applications like AdAway which simply block all traffic to known ad networks. (Make sure you update it frequently).
4) Av's help in atleast verifying the apk's and there are applications to detect adnetworks like (Lookout,Symantec,TrustGo Ad detectors, etc).
If I get some time, I will try to get list of known malicious networks so we can manually add them to our host file and block all traffic to these networks.
I know these networks are dymanic but blocking can be helpful even for a short time.
If you think there are more better ways to prevent/detect this then please share and benefit the community.
References:
http://researchcenter.paloaltonetworks.com/2013/08/mobile-devices-new-malware-and-new-vectors/
http://www.businessinsider.com/malware-in-mobile-advertising-2013-8
http://www.google.com/ads/admob/monetize.html

Hidden Google Account + Hidden Systemadminapp in LineageOS | Privacy infiltrated?...

Is the builtin app named "Storagemanager" a hidden system administrator in LineageOS 19.1?
I ask this because in LineageOS 14.1 Storagemanager is a systemadministrator app.
In LineageOS 14.1 under > settings > apps > special app access > deviceadministrators, nothing showed up by default, but then i pressed the three dots on the top right and selected "show system", then storage manager was shown as active system administrator app.
I had the option to disable it, which i did, as i dont want ANY app to be administrator as i consider myself as the device owner being the administrator in place, no need for an app to have any such administrative permissions.
Now in LineageOS 19.1 when you navigate to > settings > apps > special app access > deviceadministrators > the three dots on the top right corner to show system apps ARE GONE.
This makes me think storage manager is a secret/hidden system administrator that cannot be disabled in lineageOS 19.1 because the three dots at the top right have been removed in 19.1 basically making it IMPOSSIBLE to the device owner to remove unwanted systemadministrator apps.
If infact storagemanager is a secret systemadministrator app, why is that so, why was the option to disable this app from being a system administrator removed??
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Another question, in LineageOS 14.1 when i tried to open the calendar app, there was a prompt/popup saying "to use the calendar app you must add atleast one google account to your phone".
To be honest that scared me... considering that i use LineageOS purely for privacy and Google is the opposite of privacy.
That being said please keep in mind (this is very important), in LineageOS 14.1 when i opened the calendar app i was asked to add a Google account...
Here comes the things, in LineageOS 19.1 when i open the calendar app the prompt/popup says this: "before you can use the calendar app you must add atleast one calendar account".
That sounds very suspicious to me, because in 14.1 it was called google account and now in 19.1 its called callendar account, obviously my question is now... is the callendar account a google account just being called out in another way...?? If yes this is obviously a major manipulation because not naming google here will trick most likely any LineageOS user to creating a callendar account without even knowing that in reality what they just did was to create a goolge account on their privacy phone...... what sort of manipulative person would make such a nightmare come true? At this point i must ask if LineageOS even is a privacy option anymore... or has it been inflitrated by google already...
Another suspicous change i detected after switching from LineageOS 14.1 to 19.1 is that under > settings > apps > special app access > useage access, zero apps are listed, but once i pressed the three dots in the top right corner, bluetooth, media storage, nfc service, package installer, permissions controller, phone services, shell, storage manager, and systemui where ALL shown as "access to useage data = allowed". This really makes me woonder what is going on with LineageOS, what reason is there to grant all these apps access to useage data by default?? In LineageOS 14.1 there was not a single app even the system ones, that had useage data access set to allowed, infact in 14.1 all apps where set to be not allowed to access useage data. What is going on here and why??
Another change i noticed from LineageOS 14.1 to 19.1 is that under > settings > privacy, in 14.1 i was able to edit individual app permissions and enable or disable the privacy mode, in 19.1 there seems to be a new service so called "trust" which is responsible for privacy, im fine with that, however i am missing a very important privacy setting that was present in 14.1 but is not in 19.1 and that is "start on boot". On 14.1 i was able to select any specific app and deny or allow it's access to start itself on boot. Why is this important setting not present in 19.1?
In 19.1 under > settings > privacy > permissions manager, there is no option to deny apps to "start on boot".
My guess is, either 19.1 blocks all apps from starting on boot by default, or it allows it by default for all apps and there is simply no option to stop that which would be a major privacy downgrade compared to older versions...
thank you for posting this, my eyes have been opened.
Already 100+ views but only 1 comment, hmm...
Nobody knows anything?
I seriously want to get ansers to the above questions... these are real concerns to me.
My questions don't seem to get to much attention here, not even to mention a reply.
Does anyone know a forum or another place where i can ask what is written above?
I wan't answers, these are real privacy concerns!
Hmmm. I don't have answers to your specific questions. In another thread, you posted, generally, that most people don't care about your concerns. Very true. I wholeheartedly support you advocating your views; however encourage you to tread lightly if you want people to reply to you.
The only sure answer to your situation, and for me, also, is to grab the source of the rom which suits you, one without gapps, and then hire a dev to help go through the source to answer your questions. Then edit as needed and re-compile.
I am familiar enough with the process in general however don't have the skills to do it myself. LOS and its variants are probably a good place to start. I am using a vanilla build of RROS on A10 on a Oneplus8 pro. Since we have tools for A11 that is good but the tools generally aren't available for some time after a new Android release.
Your question might be asked of the Lineage devs, though I am sure they are busy and they are not forcing you to use their (free) product. There are also Linux phones available, although so far the hardware I have seen is not great.
What phone are you using? If you are serious about this, and are willing to support a dev project as above, we would have to settle on one or two similar OSes on the same Android version, and hire someone for a few days. This would be expensive. I, for one, would contribute. If we found 10 or 20 like minded people a crowdfunding page could be set up. If we did not reach the necessary amount then the money could be refunded.
To tell the truth, G keeps putting more obstacles in the way of modders and I am getting to the point where its not worth the trouble. Hopefully the hardware for Linux phones will improve.
Thoughts??
gregpilot said:
Hmmm. I don't have answers to your specific questions. In another thread, you posted, generally, that most people don't care about your concerns. Very true. I wholeheartedly support you advocating your views; however encourage you to tread lightly if you want people to reply to you.
The only sure answer to your situation, and for me, also, is to grab the source of the rom which suits you, one without gapps, and then hire a dev to help go through the source to answer your questions. Then edit as needed and re-compile.
I am familiar enough with the process in general however don't have the skills to do it myself. LOS and its variants are probably a good place to start. I am using a vanilla build of RROS on A10 on a Oneplus8 pro. Since we have tools for A11 that is good but the tools generally aren't available for some time after a new Android release.
Your question might be asked of the Lineage devs, though I am sure they are busy and they are not forcing you to use their (free) product. There are also Linux phones available, although so far the hardware I have seen is not great.
What phone are you using? If you are serious about this, and are willing to support a dev project as above, we would have to settle on one or two similar OSes on the same Android version, and hire someone for a few days. This would be expensive. I, for one, would contribute. If we found 10 or 20 like minded people a crowdfunding page could be set up. If we did not reach the necessary amount then the money could be refunded.
To tell the truth, G keeps putting more obstacles in the way of modders and I am getting to the point where its not worth the trouble. Hopefully the hardware for Linux phones will improve.
Thoughts??
Click to expand...
Click to collapse
My knownledge on programming is very limited, i would not be able to contribute to any meaningful software really. Indeed my language can quickly become not so nice when it comes to privacy, i don't like how the masses throw away their freedom.
Think about it, google chrome holds around 60% market share, then combine all chromium browsers and we are at around 90% while Firefox is at around 4%. Then think about how many people use Gmail and how many use privacy alternatives like Protonmail. Think about how many people use the standard google android os on their phone and how many have iphones and compare that to how many people use a linux phone or a custom os like lineage or graphene...
Anyone can protect their privacy, there are many great videos on youtube.
Here are some examples:
The Hated One
Creating deeply researched and well-sourced essays critiquing some of the most important issues of our time in a non-partisan, non-sectarian way. Mass surveillance is a backdoor into freedom of speech. Knowledge is power. And power corrupts. https://twitter.com/The_HatedOne_...
yewtu.be
Rob Braxman Tech
I'm the Internet Privacy Guy. I'm a public interest hacker and technologist. I use my extensive knowledge of cybersecurity and tech to serve the public good. I care about privacy. I warn you of digital manipulation, disinformation, mass surveillance. I also discuss alternative communication...
yewtu.be
Techlore
Techlore was built to prove privacy & security are not just achievable - but simple and accessible. We manage several projects, communities, and content to spread privacy & security to the masses. Visit our Website: https://techlore.tech
yewtu.be
Mental Outlaw
Only cool people visit https://based.win/
yewtu.be
Naomi Brockwell: NBTV
www.nbtv.media NBTV teaches people how to reclaim control of their lives in the digital age. We give people the tools they need to take back their data, money, and free online expression. - Your Money - Your Data - Your Life Empower Yourself. Created and hosted by Naomi Brockwell Our...
yewtu.be
Louis Rossmann
I discuss random things of interest to me. This is, and always will be, my personal variety show. I teach Macbook component level logic board repair from a common sense, everyman's perspective. I try to make it seem viable, and entertaining. I also go over business concepts & philosophy that...
yewtu.be
The Linux Experiment
Making Linux accessible: no techno lingo, no super technical content. Just Linux desktop news, simple tutorials, application spotlights, and opinion pieces trying to stay positive, without gatekeeping. 👏 SUPPORT THE CHANNEL: Get access to a weekly podcast, vote on the next topics I cover, and...
yewtu.be
I use yewtu.be over youtube.com to avoid google.
See, google chrome and google search know all of your browsing history, there is no privacy, they make a profile of everyone who uses any of their services. Even if you use google without an account chances are they can identify you and your device. Same with gmail... it reads (scans) all of your emails and sell the content to adverstisers. I don't know how people can be ****** enough to use these services when you can simply switch to alternatives that are working perfectly flawless and don't spy on you.
Privacy can be easy.
Instead of google chrome > Firefox or even better Librewolf
Instead of google search > brave search or duckduckgo
Instead of gmail > protonmail
Instead of google android > lineage or graphene
It's not that hard...
Nobody forced me to use lineageos obviously i installed it on my own, i don't like the changes from 14.1 to 19.1 as they seem very suspicious to me, but i will still preffer LOS at any time over the standard google crap.
Before using a google phone id rather not use a phone at all.
Speaking about phones, people who buy iphones have lost their mind, i mean it.
My phone is a samsung S7, as long as it is functional i will not buy a new phone, besides i don't have the money now... your suggestion sounds interesting but i'm not into that really.
In the mean time i will repeat what you said, we can only wait for linux phones to support modern hardware and get one of those in the future.
GrapheneOS seems like the best choice as of now but it's really ironic that it works only on google pixel phones...
Most people don't care that they are been spied on. They are after the they easy life. Want all the mod cons to make things easier. Unfortunately you can't change peoples habits. Have started seen a lot of custom rooms with suspicious files, that makes a person wonder if google is paying the devs to include their software.
ShaunSmit said:
Most people don't care that they are been spied on
Click to expand...
Click to collapse
Well, plenty of people do. For example, just see XDA's thread for FairEmail:
https://forum.xda-developers.com/t/...en-source-privacy-oriented-email-app.3824168/
Privacydroid said:
builtin app named "Storagemanager" a hidden system administrator in LineageOS 19.1?
Click to expand...
Click to collapse
Privacydroid said:
My questions don't seem to get to much attention here
Click to expand...
Click to collapse
Well, I am interested in and have subscribed to this topic... it's just that LOS19 is still not really a hot topic for me yet (still fighting with LOS18, lol).
SigmundDroid said:
Well, plenty of people do. For example, just see XDA's thread for FairEmail:
https://forum.xda-developers.com/t/...en-source-privacy-oriented-email-app.3824168/
Well, I am interested in and have subscribed to this topic... it's just that LOS19 is still not really a hot topic for me yet (still fighting with LOS18, lol).
Click to expand...
Click to collapse
My bet lineage 1.18 is also affected by what i described above.
there might be some privacy oriented custom roms. have you checked ?
e Foundation - deGoogled unGoogled smartphone operating systems and online services - your data is your data
your data is YOUR data
e.foundation
or
Purism– Librem 5
Introducing the – Librem 5 by Purism
puri.sm
Fytdyh said:
there might be some privacy oriented custom roms. have you checked ?
e Foundation - deGoogled unGoogled smartphone operating systems and online services - your data is your data
your data is YOUR data
e.foundation
or
Purism– Librem 5
Introducing the – Librem 5 by Purism
puri.sm
Click to expand...
Click to collapse
Never heared about https://e.foundation/ will have a look at that one.
The librem 5 has outdated hardware and is expensive, but that's not the problem... the shipping times are totally ******. Can take years for you to ever recive that phone.
Besides, that doesn't anser any of my above questions about LOS, guess that wasn't your intention anyways.
Privacydroid said:
Never heared about https://e.foundation/ will have a look at that one.
The librem 5 has outdated hardware and is expensive, but that's not the problem... the shipping times are totally ******. Can take years for you to ever recive that phone.
Besides, that doesn't anser any of my above questions about LOS, guess that wasn't your intention anyways.
Click to expand...
Click to collapse
about your privacy related inquiries, i recon that Lineage, while it used to stand for privacy in the first years, it started to be seen more as a way to get updates on no longer supported devices. and given that almost every user that uses lineage also had flashed gapps, makes sense for them to add gapps in their everyday custom rom as well. Google has its sets of downsides and upsides. Privacy is good, but functionality is more important. a lot of good apps rely on google implemented functionality. Say that i would need to drive around the country. Privacy is my preference, but i need a fully functional bugless waze. Waze without google play services is a mess, if you get it working. Android Auto without gapps isnt possible.
For my devices, at least, Lineage did not have gapps baked in. For me, a good thing. There are a few vanilla roms left out there. Even without gapps, there are still leaks to google (the captive portal connectivity check, for one) but the footprint is much smaller.
For me, I have found open source alternatives to ALL of googles bloat and spyware. Not as convienient, sure. Pain in the a** sometimes, yes. Wayze? Host your own cameras, use openstreetmap (osmand) instead. google has made it very convienient with their ecosystem. I, for one, do not wish to share my life with them.
Fytdyh said:
about your privacy related inquiries, i recon that Lineage, while it used to stand for privacy in the first years, it started to be seen more as a way to get updates on no longer supported devices. and given that almost every user that uses lineage also had flashed gapps, makes sense for them to add gapps in their everyday custom rom as well. Google has its sets of downsides and upsides. Privacy is good, but functionality is more important. a lot of good apps rely on google implemented functionality. Say that i would need to drive around the country. Privacy is my preference, but i need a fully functional bugless waze. Waze without google play services is a mess, if you get it working. Android Auto without gapps isnt possible.
Click to expand...
Click to collapse
No idea why people use gapps or microg, it's anti privacy so i do not ever use any of that.
I do not use any google services in my life and i don't miss them or need them for anything, i have alternatives.
I have to disagree on this phrase "Privacy is good, but functionality is more important".
If you are forced to give up privacy to use a service or product then the service or product is not worth being used.
Privacy is way more important than functionality, besides 90% of the time you can find perfectly working privacy friendly alternatives for almost anything.
Instead of google maps for example i use these:
Map at DuckDuckGo
DuckDuckGo. Privacy, Simplified.
duckduckgo.com
OpenStreetMap
OpenStreetMap is a map of the world, created by people like you and free to use under an open license.
www.openstreetmap.org
Not sure if that is helpful while driving, would be fine for me, never heared about waze.
I banned Google of my life and im happy with that, wasn't that hard after all.
gregpilot said:
For my devices, at least, Lineage did not have gapps baked in. For me, a good thing. There are a few vanilla roms left out there. Even without gapps, there are still leaks to google (the captive portal connectivity check, for one) but the footprint is much smaller.
For me, I have found open source alternatives to ALL of googles bloat and spyware. Not as convienient, sure. Pain in the a** sometimes, yes. Wayze? Host your own cameras, use openstreetmap (osmand) instead. google has made it very convienient with their ecosystem. I, for one, do not wish to share my life with them.
Click to expand...
Click to collapse
My lineage version also doesn't have gapps in it, atleast nothing that is visible or accessable to me..
Not sure about the calendar thing described above..
What do you mean by captive portal connectivity check, what's that?
I beleve LOS uses Googls SUPL Server's too.
Great to meet someone with the same mindset, way to many people throw away their privacy which is equal to freedom, for "convienience"... It's crazy.
What do you mean by captive portal connectivity check, what's that?
I beleve LOS uses Googls SUPL Server's too.
Click to expand...
Click to collapse
Every time your device makes a network connection (wifi or cellular) it pings "connectivitycheck.gstatic.com". Not really a ping, its a http request to check for internet connectivity. Successful completion will remove the "x" by the wifi and/or cell data icon. Although if the address is blocked on your router the "x" will remain, and your device will complain about not having internet access....but it does! (so long as your wifi router/cell net has access). But wifi calling won't work.
For more, go here:
https://forum.xda-developers.com/t/guide-how-to-avoid-the-captive-portal-checkin-to-google.3927561/
You can host your own check server, or....just disable the check.
I have confirmed this works on A9 and A10 AOSP roms. There are different variants of this command for different roms. You may have to try several of them.
From an adb shell: (needs root)
Code:
:/ # settings put global captive_portal_mode 0
***********THIS DISABLES GOOGLE CONN CHECK***** A9 and 10
To verify it is disabled:
Code:
:/ # settings list global | grep portal
Should return "captive_portal_mode=0"
If you do connect to a captive portal page (public wifi, open connection) where the owner wants a login cred then the side effect of this is that it won't work.
The issue is that everytime the check is run, google will get your IP address and browser/OS and can infer your coarse location even if location services are turned off. I have all google domains blocked on my wifi so to keep my wife happy I disable the check on her phone also so she does not get the "no internet" notification.
Another hole is the agps (assisted gps) database downloaded from google or your phone carrier regardless of enabled location. I believe you can edit the server which is contacted, again, will require root.
This post says you can edit the gps.conf file:
https://forum.xda-developers.com/t/a-gps-supl-protocol-and-privacy-breaching.3602863/
Anyone try that? What abour removing "supl" from the apn type?
But I'm not there, yet, I usually have location selected off. Rob Braxman has a good vid here, use freetube:
https://github.com/FreeTubeApp/FreeTube
https://www.youtube.com/watch?v=vbBkZ-MROEk?
Again as stated earlier the best fix is to find a AOSP source of a rom you like, edit (or hire a dev) to edit out all of the bloat and google tracking which may remain, and re-compile.
gregpilot said:
Every time your device makes a network connection (wifi or cellular) it pings "connectivitycheck.gstatic.com". Not really a ping, its a http request to check for internet connectivity. Successful completion will remove the "x" by the wifi and/or cell data icon. Although if the address is blocked on your router the "x" will remain, and your device will complain about not having internet access....but it does! (so long as your wifi router/cell net has access). But wifi calling won't work.
For more, go here:
https://forum.xda-developers.com/t/guide-how-to-avoid-the-captive-portal-checkin-to-google.3927561/
You can host your own check server, or....just disable the check.
I have confirmed this works on A9 and A10 AOSP roms. There are different variants of this command for different roms. You may have to try several of them.
From an adb shell: (needs root)
Code:
:/ # settings put global captive_portal_mode 0
***********THIS DISABLES GOOGLE CONN CHECK***** A9 and 10
To verify it is disabled:
Code:
:/ # settings list global | grep portal
Should return "captive_portal_mode=0"
If you do connect to a captive portal page (public wifi, open connection) where the owner wants a login cred then the side effect of this is that it won't work.
The issue is that everytime the check is run, google will get your IP address and browser/OS and can infer your coarse location even if location services are turned off. I have all google domains blocked on my wifi so to keep my wife happy I disable the check on her phone also so she does not get the "no internet" notification.
Another hole is the agps (assisted gps) database downloaded from google or your phone carrier regardless of enabled location. I believe you can edit the server which is contacted, again, will require root.
This post says you can edit the gps.conf file:
https://forum.xda-developers.com/t/a-gps-supl-protocol-and-privacy-breaching.3602863/
Anyone try that? What abour removing "supl" from the apn type?
But I'm not there, yet, I usually have location selected off. Rob Braxman has a good vid here, use freetube:
https://github.com/FreeTubeApp/FreeTube
https://www.youtube.com/watch?v=vbBkZ-MROEk?
Again as stated earlier the best fix is to find a AOSP source of a rom you like, edit (or hire a dev) to edit out all of the bloat and google tracking which may remain, and re-compile.
Click to expand...
Click to collapse
Thank you for this interesting reply, i will attempt to remove captive portal connectivity check / connectivitycheck.gstatic.com with adb by following your provided command
settings put global captive_portal_mode 0
settings list global | grep portal
However you mentioned this needs root, my device is not root so this basically wont work without root?
I could use magisk for rooting.
Rob Braxman is great, watching all of his content. But i couldn't find any instructions to disable googles SUPL.
I also don't think rob has a video for captive portal connectivity check, or does he?
From my experience with his videos he acts as if degoogled phones with lineage are 90% better than normal phones, so i guess the other 10% are things like SUPL and captive portal connectivity check which are not that easy to disable..? If google knows my locations on a degoogled device with lineageos by using captive portal connectivity check then hell, that#äs really disturbing i had no idea that they still know where my phone is / where i am, very scary...
However you mentioned this needs root, my device is not root so this basically wont work without root?
Click to expand...
Click to collapse
Yes, the command needs root. Also there are some differences based on your version of Android.
The following is old, but has some good stuff:
https://www.reddit.com/r/privacy/comments/cldrym
The biggest help for this is to not install google services, and use a vanilla rom without it.
As far as captive portal, that is fixable.
The DNS servers can be changed from googles, but it is less straightforward.
NLP is not present without gapps, from what I have read
The SUPL issue, for me, is a WIP. I will happily deal with slow GPS TTFF. What I don't know:
1. Editing (removing) the supl entry in the APN file, what affect, if any;
2. Editing /vendor/etc/gps.conf (newer roms have the file in /vendor) to show a non g server;
3. the big question, which GPS radio chips may or may not have SUPL on the hardware level and therefore, if so, we are unable to fix.
gregpilot said:
Yes, the command needs root. Also there are some differences based on your version of Android.
The following is old, but has some good stuff:
https://www.reddit.com/r/privacy/comments/cldrym
The biggest help for this is to not install google services, and use a vanilla rom without it.
As far as captive portal, that is fixable.
The DNS servers can be changed from googles, but it is less straightforward.
NLP is not present without gapps, from what I have read
The SUPL issue, for me, is a WIP. I will happily deal with slow GPS TTFF. What I don't know:
1. Editing (removing) the supl entry in the APN file, what affect, if any;
2. Editing /vendor/etc/gps.conf (newer roms have the file in /vendor) to show a non g server;
3. the big question, which GPS radio chips may or may not have SUPL on the hardware level and therefore, if so, we are unable to fix.
Click to expand...
Click to collapse
I just tried using your solution for the onnectivitycheck.gstatic.com issue by using the provided command
:/ # settings put global captive_portal_mode 0
Before i that i rooted the phone with magisk, the command did not work (i attempted executing the command on cmd in windows inside the adb/fastboot folder, usb drivers are also installed.
I was able to start the daemon by using adb devices but the command you provided didn't work.
The phone was booted normally during the test, maybe i should instead go to downloadmode or recovery mode? The link you send for more instructions says we should use a cmd app on the phone to exectue this command (a pc is not mentioned), however i don't find any cmd app on the phone (lineageos 19.1).
Privacydroid said:
I just tried using your solution for the onnectivitycheck.gstatic.com issue by using the provided command
:/ # settings put global captive_portal_mode 0
Before i that i rooted the phone with magisk, the command did not work (i attempted executing the command on cmd in windows inside the adb/fastboot folder, usb drivers are also installed.
I was able to start the daemon by using adb devices but the command you provided didn't work.
The phone was booted normally during the test, maybe i should instead go to downloadmode or recovery mode? The link you send for more instructions says we should use a cmd app on the phone to exectue this command (a pc is not mentioned), however i don't find any cmd app on the phone (lineageos 19.1).
Click to expand...
Click to collapse
No, the command is made from a root shell on the phone directly, or through an adb shell.
First:
open a cmd window on your pc, cd to your adb folder. Do you have "minimal adb and fastboot" installed on your pc? Its on the forums here.
Plug in your phone to USB, do not boot to recovery or download mode. Just the normal system.
From the open cmd window, issue "adb devices". What appears?
If "unauthorized", you have to enable adb debugging in developer options. You have that enabled, right? If you do you will get a prompt on the phone to allow adb debugging access when you connect over USB.
If you get "device XXXXX", I do not recall the number of characters, then you can proceed.
issue "adb shell"
you should get a shell prompt (your phone cmd shell)
Issue "su"
If you are rooted magisk may prompt you to allow root
issue "whoami", this has to return "root".
Then issue the command I gave you. " settings put global captive_portal_mode 0"
The second string "settings list global | grep portal" is only to verify the success of the first command.
You don't need adb for this, you can also enable the "local terminal" in developer options. Or use your favorite terminal. I like Termux.
Open the terminal from your app drawer
issue "su"
Again, you should get a magisk prompt requesting permissions, allow it
issue "whoami" , verify root
then issue the same two commands.
What version of Android are you on?

Categories

Resources