Related
Hello everyone,
This is my first post, but I have been lurking in the shadows. Thank you for everything you guys have done for the Android community.
I am running CM 4.2.1, and after loading some silly SPL from some guide, messed things up, wiped and reflashed. Having done that I installed only a few programs. SAM (SlideMe Application Manager) gives me the following warning.
"WeatherFirst App warning!"
If you have installed WeatherFirst application, there has been a security warning issued. Recommended to remove
The notification remains there all the time. From the limited info available I have concluded it is a botnet, or some variation used for this website: "wunderground.com," which is where I get my weather on my PC and accessed once on Android. The information I found, and the first result on Google is the following:
hxxp://mobilecomputingauthority.com/?p=111 (sorry I cannot post links, so you'll have to copy/paste and change the x's)
I would like to know how to remove it.
Any help is appreciated.
Funkz
WeatherFirst clarification
Hi Funkz. As the author of your referenced blog post at MobileComputingAuthority,I thought I might chime in and help to clarify the post, this app, and ease your fears a bit; at least as far as I understand it.
In the post I said that the WeatherFirst app was a proof-of-concept application demonstrating how users might be tricked into downloading and installing an application that might be malicious. The app uses the GPS receiver to get your current location, then transmits that information to a server. The server then converts the coordinates into a zip code and submits the weather request to wunderground on your behalf. This interaction is itself harmless, but demonstrates that there is an opportunity to do something malicious on the server or to transmit data (GPS coordinates in this example) without your knowledge or consent. I'm unclear about whether the use of the GPS was disclosed or not.
So the gist of this is that the WeatherFirst application is not a malicious application (ie botnet client). The researchers that made it, DID make a malicious version, but that version was never released to the public according to their statements and I don't have any reason to question that.
Hope that helps clarify things and thanks for reading MCA!
Bill
Greetings everyone.
Ill just start off with asking the question: How many of you give 2nd, 3rd or nth thoughts about using a rooted (or, rooted and ROM'd) phone?
Now, let me explain why I am asking this question.
Earlier this week, my Google account was broken into. The attacker mass-emailed everyone on my contact list a link to a Viagra ad, of all things. It could have been worse, since my contacts and emails were left in-tact. In a furious, chaotic, post-incident rush, I was scrambling in an attempt to figure out how they obtained my password. At the time of this writing, I have come up with nothing. The first thing I thought, naturally, was a worm/trojan/virus on my PC. Several anti-virus / anti-malware / anti-root-kit scans proved to be clean.
So, I turned my sleuthing efforts towards my phone -- a Samsung Captivate, which had been rooted and ROM'd to Captivate 3.04. I had Lookout installed the entire time, and I have been using Cognition ROMs since late December of 2010. In assuming the worst, I nuked my phone, reverted back to stock and re-rooted and re-ROM'd. While rooting my phone, my virus scanner pleasantly informed me that the One Click rooting solution contained an exploit (Lotoor, I believe). Now, I completely understand that its necessary to use these exploits in order to gain access. However, it kinda got me thinking -- what else could be going into the phone that I dont know about?
Note that all ROMs and Rooters were obtained from links available from this website. I did not get them from "shady" locations.
I am realistic about this. I download and install applications from the internet frequently. I put a some faith in my virus scanners / anti-malware applications. This little incident, however, is making me a little more skeptical about what applications I run, as its difficult and time consuming to monitor every application for "phone home" activities.
The bottom line is that I do not want to sound like that I am placing blame on any of the Cognition developers (or any ROM developer). In fact, I am probably going to donate to them because the 3.04 version finally allowed me to use my GPS normally. I honestly feel like I have a smart phone now, as everything works as it should and the phone is alot snappier compared to the stock version. I am saying this even after I tried out the official Samsung Kies Froyo update, which still leaves me hanging for GPS service.
And yes, I completely understand that I could have very well downloaded something on the Android market that was infected. Even though I did not download any of the applications mentioned on the latest hotlist (really, I just dont care about "screaming sexy Japanese girls"), I could have obtained an undiscovered beast. It could also be the case that I have something on my PC that scanners just arent picking up. I may never know.
Where do you all stand on this issue? Do most ROM creators have more than one set of eyes looking at the packages that get deployed, or is that too unpractical?
Thanks in advance!
(P.S. I have searched the forum and looked at the suggested links before posting. I just didnt find anything that quenched my thirst)
nope 10 chars
Mobile security is becoming a concern and should be. Regardless of stock or rooted, there is a risk.
I don't bank on my phone, use my 'real' gmail or put sensitive info on my phone. Mobile is becoming a huge platform to mine information from.
qwertyaas said:
Mobile security is becoming a concern and should be. Regardless of stock or rooted, there is a risk.
I don't bank on my phone, use my 'real' gmail or put sensitive info on my phone. Mobile is becoming a huge platform to mine information from.
Click to expand...
Click to collapse
Isn't that the truth? I definitely have not done any mobile banking over mobile, and I don't think that I ever will. Its just scary that the attacker probably could have dug up more information about me in my emails than I care to think about.
I switched over to Google's 2-step verification system, so hopefully that will deter future attempts. Notice how I didnt say "prevent," as I dont think anything can actually stop a determined attacker short of getting rid of the phone and my gmail account. Obviously, if my phone falls into the wrong hands, I could be potentially hosed.
Check this out
http://www.engadget.com/2011/03/06/google-flips-android-kill-switch-destroys-a-batch-of-malicious/
cappysw10 said:
Check this out
http://www.engadget.com/2011/03/06/google-flips-android-kill-switch-destroys-a-batch-of-malicious/
Click to expand...
Click to collapse
Dilli already released a fix for this vulnerability for his 7.0 ROM. Maybe u cud get a similar one on ur custom ROM too.
While your concerns are rational and I await the answers, I believe they are borne out of a false understanding of what happened to you. When a spam e-mail is sent "from" your e-mail account it is not always the case that the attacker has gained access to your machine or your e-mail account. Most e-mail spam is sent via smtp "spoofing" whereby an attacker can make an e-mail look like it is from anyone else. These are done by automated scripts that can find and/or generate random "from" e-mails and then send to other recipients that have been found or randomly generated. If many of your friends received the e-mail, it IS POSSIBLE your computer or account was compromised, or that other friends' accounts have been compromised such that the automated spam bot gained access to a similar address book to yours.
Just wanted to let you know that you may not have been compromised.
Anyway, I too, am interested in the vulnerabilities of these custom ROMS.
sircaper said:
While your concerns are rational and I await the answers, I believe they are borne out of a false understanding of what happened to you. When a spam e-mail is sent "from" your e-mail account it is not always the case that the attacker has gained access to your machine or your e-mail account. Most e-mail spam is sent via smtp "spoofing" whereby an attacker can make an e-mail look like it is from anyone else. These are done by automated scripts that can find and/or generate random "from" e-mails and then send to other recipients that have been found or randomly generated. If many of your friends received the e-mail, it IS POSSIBLE your computer or account was compromised, or that other friends' accounts have been compromised such that the automated spam bot gained access to a similar address book to yours.
Just wanted to let you know that you may not have been compromised.
Anyway, I too, am interested in the vulnerabilities of these custom ROMS.
Click to expand...
Click to collapse
He said the email was sent to every one if his contacts. He was compromised.
That said. Use a secondary junk gmail account if at all possible on your phone. Don't install any app that asks for stupid permissions. Be very leary of any app that wants internet access regardless of who developed it. Android virus scanners are a joke, do not trust them.
P.s. "(really, I just dont care about "screaming sexy Japanese girls")" = blasphemy
whiteguypl said:
He said the email was sent to every one if his contacts. He was compromised.
That said. Use a secondary junk gmail account if at all possible on your phone. Don't install any app that asks for stupid permissions. Be very leary of any app that wants internet access regardless of who developed it. Android virus scanners are a joke, do not trust them.
P.s. "(really, I just dont care about "screaming sexy Japanese girls")" = blasphemy
Click to expand...
Click to collapse
Point taken. I don't disagree, but the odds say no. I figured he was using hyperbole and didn't really validate with every single person in his address book. The majority of spam e-mails are via spoofing.
sircaper said:
While your concerns are rational and I await the answers, I believe they are borne out of a false understanding of what happened to you. When a spam e-mail is sent "from" your e-mail account it is not always the case that the attacker has gained access to your machine or your e-mail account. Most e-mail spam is sent via smtp "spoofing" whereby an attacker can make an e-mail look like it is from anyone else. These are done by automated scripts that can find and/or generate random "from" e-mails and then send to other recipients that have been found or randomly generated. If many of your friends received the e-mail, it IS POSSIBLE your computer or account was compromised, or that other friends' accounts have been compromised such that the automated spam bot gained access to a similar address book to yours.
Just wanted to let you know that you may not have been compromised.
Anyway, I too, am interested in the vulnerabilities of these custom ROMS.
Click to expand...
Click to collapse
Thanks for the input.
As much as I would like to believe it was spoofed (and inherently making me feel better at the same time), I can say with a high degree of certainty that whoever did this had my password. How can I be somewhat sure of this? The "recent activity" list on gmail.com had an entry from a web browser access in Brazil. I do not have a proxy in Brazil, nor have I traveled there in.. well... ever. Also, the recipients' email headers claimed the email originated from gmail.com. Now, you're completely right that this part could have been spoofed, but I am not so sure about the first part. Upon doing some research, I've found that alot of other people who also had their accounts compromised had the same log entries and same origin in the email headers sent to the recipients.
Digression. Anyways, what they did is not as important as how they did it. Even to this day I am not sure. I really dont want to place blame on the ROM, because honestly the Cognition people did a fantastic job with it.
Bottom line is that I was curious as to everyone's security concerns, or lack thereof, when using custom ROMs.
How can you tell if your phone has been infected? What are some of the signs?
Hondo209 said:
How can you tell if your phone has been infected? What are some of the signs?
Click to expand...
Click to collapse
Well, I am no expert in this area, but the first place to look would be at an anti-virus, anti-malware application (such as Lookout). However, that probably wont do you any good if the virus/trojan/worm/whatever is still unknown.
Second place you might want to look is at your data usage. Excessive amounts might indicate something is up.
Other than that, maybe one of the sure-fire ways is to see which system files have changed and how. For some reason, a software package like Tripwire comes to mind. Although, I dont know how useful something like that would be on a mobile device.
Someone much more versed in this topic should have some better ideas
EggplantWizard said:
Thanks for the input.
As much as I would like to believe it was spoofed (and inherently making me feel better at the same time), I can say with a high degree of certainty that whoever did this had my password. How can I be somewhat sure of this? The "recent activity" list on gmail.com had an entry from a web browser access in Brazil. I do not have a proxy in Brazil, nor have I traveled there in.. well... ever. Also, the recipients' email headers claimed the email originated from gmail.com. Now, you're completely right that this part could have been spoofed, but I am not so sure about the first part. Upon doing some research, I've found that alot of other people who also had their accounts compromised had the same log entries and same origin in the email headers sent to the recipients.
Digression. Anyways, what they did is not as important as how they did it. Even to this day I am not sure. I really dont want to place blame on the ROM, because honestly the Cognition people did a fantastic job with it.
Bottom line is that I was curious as to everyone's security concerns, or lack thereof, when using custom ROMs.
Click to expand...
Click to collapse
Hmm.. Interesting.... I may take back my argument then!
As far as the concerns? I am also on Cognition 3.04 and up until now, I brushed aside the security issues. I had concerns, but hoped the community was strong enough to expose them. There definitely is an inherent risk downloading files authored by the developers. I know that some of them add in their own signature files just to track the programs and see if they are being altered. I'm not sure what can be done. Maybe you can run the ROM zips through a virus scanner on your pc before installing?
whiteguypl said:
P.s. "(really, I just dont care about "screaming sexy Japanese girls")" = blasphemy
Click to expand...
Click to collapse
HA! Now that's just funny.
sircaper said:
I figured he was using hyperbole and didn't really validate with every single person in his address book.
Click to expand...
Click to collapse
Well, I didnt validate with *every* single person in my address book, but I talked with a few that I speak with on a daily basis. They all had the same headers originating from gmail.com
Although, I do have to admit that one of the bizarre after-effects of such a compromise is that I have been "reunited" with people I haven't spoken to in a very long time. Take the good with the bad, I suppose.
I agree that security is a concern especially so when one is rooted. There are so many things to take into account. Even using wifi hotspots where hackers can hijack your logged in sessions whether it be Gmail, websites or banking. There are other methods where they can intercept packets with password and account information. For myself, I try and keep antivirus apps like Lookout running and scan often as well as am very cautious as to what hotspots I connect to. It doesnt look like your virus scanner helped you much. However, there may the possibility that you received malware on your PC where you may also be checking gmail from and it spoofed your account using information from there. Its all a guessing game though as there is probably no way to tell how this happened to you. I'd be thankful that it was just an ad that was sent out and nothing more serious came as a result...and change my passwords damn fast (lol)
Oh yeah, I only use wifi networks that I know. I don't log onto public wireless or random networks...
Excerpt from techwatch.co.uk
HTC's latest Android/Sense software has a vulnerability which collects user data and allows any app to access it.
The hole was brought to light by Trevor Eckhart and can be found on many of the devices such as the Evo 3D and Thunderbolt, amongst others.
According to Android Police, recent updates to the HTC software included the introduction of a suite of "logging tools" which collect information.
This could be used by the phone company to better understand problems that occur with devices, or enable better remote access.
However, it seems that the suite is not properly secured and doesn’t allow users to opt-in or out of the service.
Additionally, any app that can access "android.permission.INTERNET" can also get hold of a whole host of information on the phone's user.
This includes accounts, email addresses, GPS locations, phone numbers, text messaging data and system logs.
This means that any app that requests permissions to access the internet on the device can also, if it wanted to, get this information.
Android Police also found that any app could also access all of a phone's information, such as memory and CPU and IP address.
This, they say, makes it "theoretically possible to clone a device using only a small subset of the information leaked."
Considering the huge rise in malware which has been created for the Android market recently, this would seem to be a glaring error by HTC which needs to be very quickly sorted out.
The problem lies with the HtcLoggers.apk app which has an interface that requires no login or password.
However, AP believe that this is just the "tip of the iceberg" as they have only just begun to look into what other services installed on the phones might be capable of.
They also say that note that only the stock Sense firmware is affected.
Phones currently thought to be affected include: Evo 3D and 4G; Thunderbolt; Evo Shift 4G; MyTouch 4G Slide, some Sensations and the new Vigor. Of course, most of these are US handsets, but there are certainly some in the UK, such as the recently released Evo 3D and Sensation.
Whilst it's quite possible that other models are also affected, these are yet to be tested and confirmed.
no need to post the same stuff in two different threads
as i mentioned in your other thread, there is a fix.
Excerpt from techwatch.co.uk
HTC's latest Android/Sense software has a vulnerability which collects user data and allows any app to access it.
The hole was brought to light by Trevor Eckhart and can be found on many of the devices such as the Evo 3D and Thunderbolt, amongst others.
According to Android Police, recent updates to the HTC software included the introduction of a suite of "logging tools" which collect information.
This could be used by the phone company to better understand problems that occur with devices, or enable better remote access.
However, it seems that the suite is not properly secured and doesn’t allow users to opt-in or out of the service.
Additionally, any app that can access "android.permission.INTERNET" can also get hold of a whole host of information on the phone's user.
This includes accounts, email addresses, GPS locations, phone numbers, text messaging data and system logs.
This means that any app that requests permissions to access the internet on the device can also, if it wanted to, get this information.
Android Police also found that any app could also access all of a phone's information, such as memory and CPU and IP address.
This, they say, makes it "theoretically possible to clone a device using only a small subset of the information leaked."
Considering the huge rise in malware which has been created for the Android market recently, this would seem to be a glaring error by HTC which needs to be very quickly sorted out.
The problem lies with the HtcLoggers.apk app which has an interface that requires no login or password.
However, AP believe that this is just the "tip of the iceberg" as they have only just begun to look into what other services installed on the phones might be capable of.
They also say that note that only the stock Sense firmware is affected.
Phones currently thought to be affected include: Evo 3D and 4G; Thunderbolt; Evo Shift 4G; MyTouch 4G Slide, some Sensations and the new Vigor. Of course, most of these are US handsets, but there are certainly some in the UK, such as the recently released Evo 3D and Sensation.
Whilst it's quite possible that other models are also affected, these are yet to be tested and confirmed.
Just delete HtcLoggers.apk from /system/app.
I checked on mine and couldn't find it. Then again I'm not on stock
Sent from my HTC Incredible S using XDA App
use this to check if this affects you.
after reading this i don't think it's as simple as just deleting htcloggers.apk. there are, however, steps listed to fix this if you feel inclined to do so.
I received my much anticipated OnePlus 6T yesterday. Unboxed it, tapped "Start" button. Scanned through both "Agreements," turned it off, boxed it up, got an RMA and shipped it back. I'm no attorney, I'm a broadcast engineer, but in my job I have to navigate the whole alphabet soup of government agencies red tape so I've learned some "legalese." I' returned the 6T because of the language in the "Agreements". When you tap "I agree" to both, then activate and use the device, your granting OnePlus access to anything on the device or networks on which it connects (condensed Reader's Digest version). Like everybody in the broadcast business I have "a lot of irons in the fire," I make notes about projects and ideas on my phone. There's no way I'm giving anyone permission to cherry pick my creativity or access to my company & networks proprietary information. I'm offering this as my personal observation on this forum and suggest anyone who is just receiving theirs new, read the legalese very carefully before you tap "I Agree."
Who the **** reads those? ?
Still why I don't buy any device that doesn't have Lineage support... However what are you going to replace it with? Going to go buy another flagship? Have you glanced through other's privacy policies? This stuff is pretty boiler plate at this point, it's CYA. Not that I'm defending it, because it shouldn't be like that, but in today's "sue happy world", and "everything needs to be connected", guess what? The solution would be just to remove this these services, there are tons of posts of which OnePlus services to remove if you want to stay on OOS and protect your privacy.
So back to the replacement, lets take a Samsung, those are popular....., have you glanced at their privacy policy, because it's similar link
I didn't go over entirely, and I'm sure there's more details, but I'm guessing OnePlus's blurb, looked something similar to this (From Samsung's Website):
In addition to the information you provide, we may collect information about your use of our Services through software on your device and other means. For example, we may collect:
Device information - such as your hardware model, IMEI number and other unique device identifiers, MAC address, IP address, operating system versions, and settings of the device you use to access the Services.
Log information - such as the time and duration of your use of the Service, search query terms you enter through the Services, and any information stored in cookies that we have set on your device.
Location information - such as your device’s GPS signal or information about nearby WiFi access points and cell towers that may be transmitted to us when you use certain Services.
Voice information - such as recordings of your voice that we make (and may store on our servers) when you use voice commands to control a Service. (Note that if we work with a third-party service provider that provides speech-to-text conversion services on our behalf. This provider may receive and store certain voice commands.)
Other information about your use of the Services, such as the apps you use, the websites you visit, and how you interact with content offered through a Service.
Information from third-party sources
We may receive information about you from publicly and commercially available sources (as permitted by law), which we may combine with other information we receive from or about you. We also may receive information about you from third-party social networking services when you choose to connect with those services.
I'm not new to android or privacy by any means.
This kind of obscure language is no mistake or ctrl c/v standard.
All of these are poored over by lawyers on mass.
.
It is for this reason I exclusively run custom rims & mods and a majority of my devices are root/xposed with multiple layers of privacy in mind.
.
There used to be a much bigger crowd of developers and possibilities...
But we seem to be a dying breed.
.
I'm deeply saddened at the lack of true device level privacy or the concern for it.
And no
You'll not catch me trusting Google or an oem.
I barely trust open source.
.
Any links to further improve safety security and privacy on an Android device would be appreciated
If you think what the 6T collects is bad wait till you hear about Google.. Android is just a glorified data collection OS.. All they care about is profiling from us and learning everything to target ads and sell to 3rd parties after all Google is an Ad company.. If you want privacy compile AOSP and use MicroG avoid all Google services and use as much FOSS apps as possible.
---------- Post added at 10:35 PM ---------- Previous post was at 10:32 PM ----------
OhioYJ said:
Still why I don't buy any device that doesn't have Lineage support... However what are you going to replace it with? Going to go buy another flagship? Have you glanced through other's privacy policies? This stuff is pretty boiler plate at this point, it's CYA. Not that I'm defending it, because it shouldn't be like that, but in today's "sue happy world", and "everything needs to be connected", guess what? The solution would be just to remove this these services, there are tons of posts of which OnePlus services to remove if you want to stay on OOS and protect your privacy.
So back to the replacement, lets take a Samsung, those are popular....., have you glanced at their privacy policy, because it's similar link
I didn't go over entirely, and I'm sure there's more details, but I'm guessing OnePlus's blurb, looked something similar to this (From Samsung's Website):
In addition to the information you provide, we may collect information about your use of our Services through software on your device and other means. For example, we may collect:
Device information - such as your hardware model, IMEI number and other unique device identifiers, MAC address, IP address, operating system versions, and settings of the device you use to access the Services.
Log information - such as the time and duration of your use of the Service, search query terms you enter through the Services, and any information stored in cookies that we have set on your device.
Location information - such as your device’s GPS signal or information about nearby WiFi access points and cell towers that may be transmitted to us when you use certain Services.
Voice information - such as recordings of your voice that we make (and may store on our servers) when you use voice commands to control a Service. (Note that if we work with a third-party service provider that provides speech-to-text conversion services on our behalf. This provider may receive and store certain voice commands.)
Other information about your use of the Services, such as the apps you use, the websites you visit, and how you interact with content offered through a Service.
Information from third-party sources
We may receive information about you from publicly and commercially available sources (as permitted by law), which we may combine with other information we receive from or about you. We also may receive information about you from third-party social networking services when you choose to connect with those services.
Click to expand...
Click to collapse
Lineage also collects weird data like what device you installed on, Carrier etc.. Not sure why it needs this but I don't run it for that reason.
nima0003 said:
Who the **** reads those?
Click to expand...
Click to collapse
people who can read
Lebrun213 said:
people who can read
Click to expand...
Click to collapse
Did you return yours?
liam_davenport said:
If you think what the 6T collects is bad wait till you hear about Google.. Android is just a glorified data collection OS.. All they care about is profiling from us and learning everything to target ads and sell to 3rd parties after all Google is an Ad company.. If you want privacy compile AOSP and use MicroG avoid all Google services and use as much FOSS apps as possible.
---------- Post added at 10:35 PM ---------- Previous post was at 10:32 PM ----------
Lineage also collects weird data like what device you installed on, Carrier etc.. Not sure why it needs this but I don't run it for that reason.
Click to expand...
Click to collapse
So they can get an idea of which devices to develop for and their user base.
liam_davenport said:
Lineage also collects weird data like what device you installed on, Carrier etc.. Not sure why it needs this but I don't run it for that reason.
Click to expand...
Click to collapse
As soon as you install Lineage it asks if you want to share / participate in this program? You don't have to share this information. If you overlooked it the user can disable this sharing in the settings. They don't try and hide it at all.
I also don't know of any Lineage builds / trees that are hidden unlike other ROMs that are popular. So everything is out in the open.
Lineage has always been my first choice, so maybe I'm biased?
Caltinpla said:
Did you return yours?
Click to expand...
Click to collapse
custom OS and MicroG
got rid of oneplus & google spyware without loosing fonctionality (except fingerprint reader obviously)
Lebrun213 said:
custom OS and MicroG
got rid of oneplus & google spyware without loosing fonctionality (except fingerprint reader obviously)
Click to expand...
Click to collapse
So, you really believe custom roms and other phone makers don't spy on you? Good luck with that!!!
Caltinpla said:
So, you really believe custom roms and other phone makers don't spy on you? Good luck with that!!!
Click to expand...
Click to collapse
If you think custom roms (AOSP) are spying on you you're on the wrong website
Intrusive TOS suck big time, but, unfortunately, if you have a email address or cell phone, use the internet in any way shape or form, forget about any sense of privacy..
I make sure I dont do anything "iffy" on my cell phone; never use it for banking or bill paying, so I feel a little less paranoid, but there is really NO WAY, aside from not having an email address/cell phone/internet connection to keep your life from some prying eyes..
Lebrun213 said:
custom OS and MicroG
got rid of oneplus & google spyware without loosing fonctionality (except fingerprint reader obviously)
Click to expand...
Click to collapse
Root and block everything.
Caltinpla said:
So, you really believe custom roms and other phone makers don't spy on you? Good luck with that!!!
Click to expand...
Click to collapse
i trust open source, if there is a doubt with the code, anyone can check (not saying everyone does that).
Google service, oneplus, etc ... on the other hand are completely locked and you have no way to see what it really does.
Btw, i switched because of the much better battery and performance i get without these spyware constantly running, not much about privacy... Still use google.com everyday so they aren't missing anything :laugh:
The only one you have to agree to is the first one. The rest you can decline and still setup your phone. I agree with Micro G but, if go a step further and install NanoDroid. It comes with replacement Google apps and GPS and all sorts of things to disconnect you from Google but have a functioning phone.
Sent from my OnePlus6T using XDA Labs
liam_davenport said:
If you think what the 6T collects is bad wait till you hear about Google.. Android is just a glorified data collection OS.. All they care about is profiling from us and learning everything to target ads and sell to 3rd parties after all Google is an Ad company.. If you want privacy compile AOSP and use MicroG avoid all Google services and use as much FOSS apps as possible.
---------- Post added at 10:35 PM ---------- Previous post was at 10:32 PM ----------
Lineage also collects weird data like what device you installed on, Carrier etc.. Not sure why it needs this but I don't run it for that reason.
Click to expand...
Click to collapse
False. Google does not sell user data to third parties, or to anyone. It's never even been considered. Unfortunately due to a mix of people not understanding how technology works and assuming that every "tech company" operates in exactly the same way this particular piece of fake news just won't die. There are plenty of terrible things they actually do nowadays, better to focus on those anyway
tech_head said:
Root and block everything.
Click to expand...
Click to collapse
so much this
every manufacturer has some sort of logging / reading data.
root, and monitor everything that leaves your phone - block apk's that shouldnt be running - or create firewall rules in the iptables to block applications from accessing certain sites / internet.
partcyborg said:
False. Google does not sell user data to third parties, or to anyone. It's never even been considered. Unfortunately due to a mix of people not understanding how technology works and assuming that every "tech company" operates in exactly the same way this particular piece of fake news just won't die. There are plenty of terrible things they actually do nowadays, better to focus on those anyway
Click to expand...
Click to collapse
This argument would make Kellyanne Conway proud. Yes, Google does not sell user data directly. But it does so indirectly every day it is in business. By allowing advertisers to target ever smaller slices of the population and track them across websites they ARE providing advertisers with user data.
GroovyGeek said:
This argument would make Kellyanne Conway proud. Yes, Google does not sell user data directly. But it does so indirectly every day it is in business. By allowing advertisers to target ever smaller slices of the population and track them across websites they ARE providing advertisers with user data.
Click to expand...
Click to collapse
A truly moronic reply that shows you have no idea what you are talking about. Have your even seen the advertising interface to Google's ad products? Obviously not because you just described Facebook's, not Google's! ?????