[ROM][N8000] Una ROM, Private, Fast, And Good Looking:) - Galaxy Note 10.1 Android Development

After weeks of hard work we (uncle Fab and Setmov) proudly present you the first Una ROM for the Galaxy Note 10.1 N8000, based on 4.1.2 XXCML2.
DISCLAIMER​
As usual, your phone your responsability, we won't take any responsability if it flies out of the window or if your girlfriend/boyfriend runs away with it.
PLEASE, DO READ OP COMPLETELY AND CAREFULLY BEFORE ASKING ANY QUESTIONS, ANSWERS TO MOST PROBLEMS ARE HERE​
WHAT IS UNA?​
Una is a new concept that takes security to a new level.
Are you tired of seeing so much blatant, outrageous and shameless invasion of your privacy and data mining hidden behind nice sentences like "enhanced use experience" or "complete integration with the system"? We decided to develop secure ROMs where privacy means just that – Private!.
It’s free of charge, we are a non profit structure and we are not here to make big bucks
WHAT UNA ISN'T​
UNA isn't a way to help you to stealthily buy massive destruction weapons to foment a coup d'etat in your favorite banana republic or to prepare the third world war.
UNA secures what leaves from your phone (ie your personal data doesn't leak and no app can look over your shoulder to spy your activities), but it can't completely secure what comes into your phone.
Why is that?
Because it's just not possible to fully secure a phone from what comes into it, and anyone claiming to be able to do it is either a liar, or an ignorant, or both.
There are too many attacks, some not well documented, if documented at all, and some unknown to the public, and there are too many ways to hack a phone, especially if the user doesn't use his/her common sense.
If you are the type of person that installs apps from shaddy source and/or warez web sites (sites offering cracked paid apps) chances are that at some point you will unknowingly install a malware or a spyware. The same applies if you click on any link, specially on SMS' and emails, if you let any pop out window appear or if you don't protect your lockscreen with a password/pin/pattern and let anyone get physical access to your phone.
A bit of judgment and common sense can save you a lot of trouble, but there's unfortunately nothing UNA can do about it.
Then, if you use your phone to call through GSM your provider will know where you are. If he didn't you wouldn't be able to make any call, the signal has to find you and there's nothing UNA or anyone can do about it.
The only way to prevent that is to disable the phone functions (but then your phone will turn into a wifi only device) and reenable them when needed, head to the scripts section to learn how to do it.
Last but not least, bear in mind that the agencies have armies of tech savvy henchmen and 10 storeys computers, and tricks we can't even imagine, so think twice and use your brain before you attempt to outsmart them...
UNA IS FOR YOU IF:​
. You are willing to learn how to use an unconventional ROM and generally speaking to understand how things work, even if it sometimes requires a little effort to fix this or that little problem (bear in mind that it took us a lot of work to develop Una to where it is now),
. You don't mind a few little occasional bugs here and there that come from all the restrictions the ROM contains,
. You want to take back ownership of your phone from google’s claws.
UNA IS NOT FOR YOU IF:​
. All that you care about is the latest gimmick in the latest OS,
. You can't live without the google’s apps,
. You are the kind of person that never reads through the OP and only scroll down to the download section, and then complain that things don't work and/or ask stupid questions that have already been answered in OP.
An example? One guy makes a mod and writes clearly in OP that it's specifically for 4.2.2. Then some people complain: "it doesn't work on 4.4.2"...
ARE WE PARANOID TIN FOIL HATS? OR TERRORISTS? OR CARTEL BOSSES?​
Nope, we only are people that don't see why we shouldn't be in control of our phones. Or why our phones can be wiped remotely, why apps or updates or who knows what can be downloaded and installed without asking for our consent, why SMS' can be sent without us to know, why we should pay for the bandwidth used for data mining and unwanted downloads, and why all those activities should deplete our battery and kill our RAM.
You think we are overreacting here?
You don't have to take our word for it, just download and install Network Log from here:
https://f-droid.org/repository/browse/?fdfilter=network+log&fdid=com.googlecode.networklog
Give it root permission, start logging and open some web pages. Come back to Network Log after a few minutes and see for yourself, you'll be surprised (or maybe horrified?) to find out that your android system, your settings, your kernel etc. connect to all sorts of funny IPs, including and foremost google’s.
Now you see what we mean?
It's time to go for Una
UNA'S FEATURES​
. Rooted.
. Deodexed.
. Zipaligned.
. Busybox and sqlite installed.
. Init.d support and scripts.
. Auto start disabled for most apps.
. About 100 system apps and 40 framework jars removed, plus files here and there.
. Very low RAM and CPU consumption.
. Heavily and extensively modified system, in order to make it secure and prevent it from leaking your data.
. App Settings, Firewall and Xprivacy built-in, and already applied out of the box to make sure you are well protected.
. Xprivacy is a fantastic tool but it has one big limitation, it can't restrict the Android System from accessing your serial numbers and leaking it. For that reason these IDs have been edited as follows:
ro.serialno is set to "1",
build.serial has been scrambled so that the system can't read it anymore and shows an empty value instead,
android id is set to "android".
. Serial_number, model_number, model_name, manufacturer and device_name in wpa_supplicant.conf all show an empty value (check the screenshots).
These fields normally show values that identify you and the system sends them home everytime you connect to the internet, Xprivacy can't do anything about it but Una can.
. USB ID (iSerial) set to 1.
. Vulnerabilities patched thanks to Master Key Multi Fix and Fake ID Fix.
. ADB disabled (can be re-enabled, see below).
. By default ADB and all google access (including youtube, blogspot and google search) are disabled. You can re-enable some or all of them, instructions are in the "HOW TO USE THE ROM" section.
. Plenty of under the hood modifications to make the ROM fast and fluid.
. Call button in contacts.
. Lollipop HD wallpapers.
. All apps can be opened in floating or static multiwindows mode.
. Heaps of hand picked and carefully scrutinized open source apps.
There are 2 non open source apps (Greenify and Quick Pic) but they are safe, believe me, I have thoroughly examined them. Still, you can always uninstall them if you feel like it.
In time we will develop our own apps, but first we want to see how people respond to the Una concept...
INSTALLED APPS/TOOLS​
. 920 Editor, to create and edit scripts or text files.
. AF+ Firewall.
. Alarm clock.
. APG, to encrypt messages.
. App Settings, to restrict apps' permissions, change DPI on a per app basis and more.
. Arity, a calcultor.
. Conversations, a secure and encrypted chat, modded by uncle Fab for increased security.
. Fdroid, an alternative to the Play Store, and all the apps are open source!
. Floating stickies, to make small notes on the fly.
. FTP Server, to copy files to/from your phone wirelessly.
. Ghost Commander, a very powerful dual panel root file manager.
. Gravity Box, a theming engine.
. Greenify, to make apps behave by hibernating them when not in use.
. K9 Mail, an email client.
. Kernel Adiutor, if you feel like playing with kernel tweaks (but you have to know what you are doing).
. Lightning, a fast and light weight browser.
. Master Key Multi Fix, a patch to some vulnerabilities.
. Network Log, to check where your apps connect and chase unwanted connections.
. Open Camera.
. Tor (Orbot) for Android, modded by uncle Fab for increased security.
. Orweb, a browser designed to work along with Tor.
. OS Monitor, to monitor and kill your phone's processes, and more.
. Pale Moon, based on Firefox for Android, for a full desktop experience with Mozilla add-ons preinstalled for enhanced security.
. PDF Reader.
. Preferences Manager, to edit the otherwise difficult to read shared_prefs files in data/data.
. Quick Dic, a good selection of free dictionaries.
. Quick Pic, a Gallery app.
. Rmaps, a maps app where you can download maps from various sources for offline use.
. Terminal Emulator, fire up your commands and show your phone who is the boss!
. Text Secure, a secure and encrypted SMS app, modded by uncle Fab for increased security.
. Tint Browser, another fast web browser.
. Urecord, to record sounds with different sample rates.
. USB Mass Storage Enabler, to connect your phone to any computer (note that it only mounts the external SD).
. Viper4Android FX, a powerful sound enhancer.
. Viper4Android XHiFi, some more sound enhancements.
. VLC, a video and music player favourite.
. WI-Fi Privacy Police, to secure your connections even better than they already are.
. Xposed Installer, a great framework that enables apps like App Settings or Xprivacy to work.
. Xprivacy, last but not least, the best privacy app.
INSTALLATION​
As usual, make a backup first!
Do backup your contacts and whatever is important because all your apps and data will be erased (your sd card contents won't be deleted though).
Do backup your /system/csc folder, in case you need it for later.
Do backup your efs folder (VERY IMPORTANT).
Open the android terminal on your phone and type:
su
enter, then type:
busybox dd if=/dev/block/mmcblk0p3 of=/sdcard/efs.img
enter, this will create an efs backup called efs.img in your sd card.
To restore it, first make sure the efs.img is in your internal sd card, then type:
su
enter, then type:
busybox dd if=/sdcard/efs.img of=/dev/block/mmcblk0p3
enter, your efs will be restored in no time.
If that sounds like too much work you can use the scripts provided to backup/restore your efs, instructions are in the scripts section.
To install the ROM you need a Custom Recovery and Philz' comes highly recommended.
We chose Philz since AFAIK it's the only one that allows you to lock you recovery with a password (if your recovery is not password protected it wouldn't take more than 2 minutes for someone to disable your pattern or pin protected lockscreen and access all your personal data on the phone).
Alas, we didn't find any working Philz recovery for the N8000 so for now we'll use High On Android (based on CWM).
Get it from here (credits @Koush and @zedomax):
http://forum.xda-developers.com/showthread.php?t=1831173
Now, download Una for N8000 from here:
http://unaos.com/
Head to the DOWNLOAD section and chose the N8000 model.
After the download, unzip the file and copy the folder that's inside into your sd card.
Boot into recovery.
Go to restore from sdcard, and go for it!
Once it's done reboot, congratulations, you have installed Una ROM on your phone!
HOW TO USE THE ROM​
. Swipe down to access the applications drawer.
. Swipe up to open notifications.
. Press on the home button to turn off the screen
. Go to settings and set a stong password/pin/pattern protected lockscreen (recommended).
. Go in recovery and set a recovery password (recommended).
. Long pressing the back key brings you back to the last application (convenient to switch from one app to another).
. Press the reboot menu in the home screen to reboot/shutdown/boot into recovery or bootloader (note that there's an option to take screenshots in the reboot menu).
. Go to /system/etc/security/cacerts, check the certificates that are there (you'll find the certificate's name approximately by the middle of the file), and erase the ones you don't need/like.
When you want to transfer files to/from your phone open the USB Mass Storage Enabler app and enable mass storage, that's it. When you are done, don't forget to eject your phone from the computer and to reenable MTP from the app.
. When you install a new application, by default it will be fully restricted in both Xprivacy and the Firewall.
Before you open the newly installed app wait until the Xprivacy icon appears in the status bar, then and only then can you open it.
Most likely the app will crash.
Go to Xprivacy, open its settings and then usage data, you will see what restrictions caused the crash. Re enable some, provided that they are not too invasive.
Many apps require "load.Library" to be allowed in the shell section, that's ok.
Others may need to access the sd card, that's in the storage section and it's ok to allow it for apps that really need to access the storage, like players, cameras or file managers (for other apps try to keep it restricted).
Root apps obviously need "su" and/or 'sh", and sometimes "exec", in the shell section.
Always try to enable as few fields as possible, and bear in mind that data requested by an app is not necessarily needed for that app to work (especially true for identification, internet and mcc/mmc access).
Lastly, give the app internet access in the Firewall if, and only if, it needs it, and restrict some more permissions in App Settings.
If you can't tame the app consider uninstalling it and look for a similar one that has less built-in spyware.
SCRIPTS​
. As said above, by default ADB and all google access (including youtube, blogspot and google search) are disabled.
If you want to re-enable some or all of them, open the script folder located in system/etc.
Click on the desired script and choose edit.
Copy the whole text and paste it into the Android Terminal, voila, the script is automagically executed.
. You will see more scripts to disable/enable the Bluetooth, the Media Storage/Provider, the MTP Application and the Phone.
If you disable the Phone and later want to re-enable it do as follows:
untick App Settings in Xposed's modules section, re-enable Phone, reboot, then enable App Settings again.
. I forgot to put the scripts to backup/restore your efs partition, let me know if you need them and I'll add them.
. Other scripts can enable/disable am and pm, but don't play with it unless you know what you're doing.
. You can uninstall the Wallpaper Chooser and the Media Storage/Provider if you want, or keep them disabled and resurrect them when needed.
. If you are very privacy concerned you should consider using the "uncle's phone lite" mod because it enables you to call with only the Phone and the Telephony Provider apps (CSC, Contacts, Contacts Storage, Logs Provider and STK are completely de-activated). That's the method I use to make calls, but you have to know that the dialler forces close after you complete the call (not a big deal in my opinion but still, I may look into it one of these days). You'll find the mod in the add-ons section.
ENCRYPTION​
If encryption is your thing we have you covered with the following installed apps:
APG, Conversations, K9 Mail and Text Secure.
BUGS​. Quick Dic won't download any dictionary, it's actually not a bug but a Una restriction since the app downloads from a google owned web site.
If you need to download dictionaries, temporarly enable google by running the "enable_google" script (don't forget to disable it again when you're done). After you've run the script go to the firewall, open its settings, go to "Set custom script" and click "OK" (do the same if you decide to disable again google's stuff).
. You can't download anything from Lightning and Tint Browser, that's because the Download Manager and the Download UI have been uninstalled. If you need to download something, copy the link and paste it in Pale Moon, it has its own download engine.
. I haven't been able to test properly the Phone/3G Features because the tab I used to make this ROM was in a rather poor shape and had its SIM card slot broken. I set restrictions the best I could by taking examples from other ROMs I made, but you may have to fine tune the Phone and Telephony Provider apps in Xprivacy, sorry about that .
. All the installed apps work, but other apps you install may crash. I call that kind of apps "google’s henchmen", they only work if the play store services or the bla bla app are installed and of course they won't on Una since all that garbage has been removed.
If I install your app, why do you want to force me to install your boss' app too? Forget about those apps and search Fdroid, you'll find what you need...
. Depending the way you use your phone you may have to fine tune Xprivacy and reenable some permissions, I'm sorry for the inconvenience but it's impossible to set Xprivacy for all users since we all have different ways to use our phone.
ADD-ONS​
. Sony Xperia Keyboard, flash it in recovery.
Credits KristianCarl for porting it, and unclefab for theming it in green.
It's not open source and that's why it's not included in the rom by default, but it's my every day keyboard because it works fine and because I themed it to make it look nice.
Don't give it internet access in the Firewall.
In Xprivacy, only allow "loadLibrary" in the shell section. You may have to enable a few fields in the contacts section depending your phone's configuration.
In App Settings, restrict "Read_Phone_State" and "Record_Audio".
I removed the Chinese Keyboard, tell me if you want it and I'll readd it.
. HD Wallpapers
. Universe Wallpapers
http://romcook.com/?d=550FEB5C16
If there are enough users' requests then I'll upload the following:
. Uncle's phone lite (with clipboard and dialer) for hardcore users. It's safer than using the regular phone configuration, but the dialer forces close when you hang up the call. Flash it in recovery, wipe dalvik-cache, reboot.
. Completely disable internet access for the Android System. Lightning and Tint Browser won't connect anymore since they use the same web engine as the Android System, but Pale Moon still works thanks to its build-in web engine. Flash it in recovery, wipe dalvik-cache, reboot.
RECOMMENDED NON OPEN SOURCE APPS​
. Pri-fy, from chainfire the root master:
http://forum.xda-developers.com/showthread.php?t=2631512
. Logging Test:
http://androidsecuritytest.com/
UPDATES?​
I'm working on some improvements on kernel and system level to make Una even more secure, but I will release them for the N8000 if, and only if, there are enough users' feedback for the current version, because it's a lot of work to implement such stuff in a ROM moreover that I don't own this tab.
No ETA though, you'll have to be patient because now we have to design and release Una for many other phones.
Still, any suggestions/comments/bug reports are welcome, help us to improve Una!
FEATURE REQUESTS​
Yeah, sure, we'll see what we can do but we don't promise anything
That's all for now, enjoy the ROM!!!
The Una team
CREDITS​
Big thanks to:
F-Droid
M66B (Xprivacy)
Rovo89 (Xposed)
Tungstwenty (App Settings, Master Key Multi Fix, Fake ID Fix)
Ukanth (AF+Firewall)
Jecelyin (920 Editor)
Kraigsandroid (Alarm Klock)
Thialfihar (APG)
Arity (Arity calculator)
Siacs (Conversations)
Ppareit (FTP)
Ghost Squared (Ghost Commander File manager)
Mohammad Adib (Floating Stickies)
C3C076(Gravity Box)
Oasisfeng (Greenify)
K-9 Dog Walkers (K9 Mail)
Grarak (Kernel Adiutor)
Anthonycr (Lightning)
Xperiacle (Multiwindows Manager)
Pragmatic Software (Network Log)
Mdwh2(Open Camera)
The Guardian Project (Orbot and Orweb)
Eolwral (OS Monitor)
Moon Child and Cyansmoker (Pale Moon)
Droidapps (PDF Reader)
Simon Marquis (Preferences Manager)
Thad Hughes (Quick Dic)
Q-Supreme team (Quick Pic)
Robert.Developer (Rmaps)
Search Light (Search Light)
Jackpal (Terminal Emulator)
Anasthase (Tint Browser And Tint Browser Adblock Addon)
Thomasebell (Urecord)
Mohammad Abu-Garbeyyeh (USB Mass Storage Enabler)
Zhuhang (Viper4Android FX and Viper4Android XHiFi)
Videolan.org (VLC)
Brambonne (Wi-Fi Privacy Police)
NOTE:​Screenshots:
We don't owe the device so we didn't have the time to make screenshots. The rom is very similar to the UnaOs ROM for the Galaxy Tab 7, so if you want to see how it looks like, please head to our website http://unaos.com and check the gallery section.

I dont suppose this might work on the wifi only version n8013?
If this were art, una would be a masterpiece
Just the right kinda of attitude and work towards privacy and security, ......having xprivacy preinstalled and pre-configured is one of those little things i like to call, "ahead of the game"
All the right ingredients here, you have my tip of the hat sirs........

banderos101 said:
I dont suppose this might work on the wifi only version n8013?
If this were art, una would be a masterpiece
Just the right kinda of attitude and work towards privacy and security, ......having xprivacy preinstalled and pre-configured is one of those little things i like to call, "ahead of the game"
All the right ingredients here, you have my tip of the hat sirs........
Click to expand...
Click to collapse
@banderos101 thank you for your support. We truly appreciate it.
On another thread for the SM-T111 (3G and Wifi) rom HERE, it seems someone has managed to install our rom on the SM-T110 (Wifi only) model. So, since your tab (the N8013) has (or it should have) the same hardware of the N8000 except for the 3G, you can always give it a try. Of course, if you do, make a full backup of your current system, so in case of failure you can go back and restore it. If you are going to give it a try, please let us know.
Thank you

Thanks for this amazing rom
any hope that you guys could make this available for the note 2 as well
specially for the LTE GT-N7105 Note 2

How to install when I installed kit kat 4.4.2 Greetings

So I installed it on my n8013, but there was an error when restoring the data and whatever else comes after that. It booted fine though and WiFi worked out of the box. The lack of a terminal app made it hard to do anything right off the bat. I'll check out some more of it later on and report back. Just wish I could have experienced this how it was intended.
Sent from my GT-N8013 using Tapatalk

electrikjesus said:
So I installed it on my n8013, but there was an error when restoring the data and whatever else comes after that. It booted fine though and WiFi worked out of the box. The lack of a terminal app made it hard to do anything right off the bat. I'll check out some more of it later on and report back. Just wish I could have experienced this how it was intended.
Sent from my GT-N8013 using Tapatalk
Click to expand...
Click to collapse
There s a terminal app in the Rom, or maybe it has been wiped away with the rest of the data?
If you want to try again what you can do is downloading aroma fm from here:
http://forum.xda-developers.com/showthread.php?t=1646108
Put it somewhere on your internal sd.
Now, reflash una rom.
Do not boot but flash aroma fm.
Once aroma is opened go to system/apps and delete the following apps:
contacts, contacts provider, csc, logsprovider, phone, telephony manager.
Clear cache and dalvik cache, reboot.
Hopefully this time the data will restore properly
@theonepharaoh:
unfortunately we don t have any Note II at hand, so we can t make a Una rom for that model

unclefab said:
@theonepharaoh:
unfortunately we don t have any Note II at hand, so we can t make a Una rom for that model
Click to expand...
Click to collapse
well I happen to have one
I can test the rom for you
plus it has the same chip that is in the note 10.1 and the S3

Is stagefright Vulnerable with this rom?
If not
Assuming theirs no flashable zip or installable app in the future, will you guys be patching your roms against stagefright if a method comes out?
Android security is surely lacking, the ratio of devices that have a chance of getting a HINT of a patch, and those that wont is kinda staggering........i find myself hoping for the next competitor to come along already, that actually implements from the ground up, a RESPECTABLE security and privacy implementation
or, somesort of fork of android or maybe even another OS......something that either has really strong security/privacy from the get go, or has good devs maintaining very well, for patching the new stuff i.e. stagefright...........one of the missing ingredients.......one of the few things that has had me keep my current device for the best part of 4 years, and no plans to change.........i am keeping an eye out for ara though........interested to see how that plays out.......imagine any propriety components being switched out for open source componants with driver/kernel/i.e support..........the fact that someone doesnt have to spend the time and resources to create a WHOLE phone to replace the gpu/cpu/storage/camera/mic, assuming one can.........very interested to see how ara plays out
Sorry for the off topic'ish

We want it on 8010 too!

Can this encrypt the external sd card too like Samnsungs vanilla rom?

Can I install this on the N8010?

The description is good, but then I head to the site... Which relies on javascript and several third-party requests (including google and vimeo), and doesn't contain any download links anywhere in sight. Well, thanks.

Related

[App] SwitchMe - Share Your Device - MULTIPLE USER SPACES

Hi guys Im one of the developers of SwitchMe - an app that creates multiple user spaces. We have just released a new build which should fully support the T2s. Please have a look and let me know if everything is working as it should!
Thanks in advance, PR after the break:
.................................................................................................
SwitchMe - share your device!
SwitchMe is a unique application for root users that allows you to log in and out of multiple installations of Android just as you would on a desktop computer.
SwitchMe is a unique application for root users that allows you to log in and out of multiple user spaces just as you would on a desktop computer, with each profile having its own separate system settings, apps and data.
Some of the benefits of this technology:
Privacy
Securely share one device among many users, protect your accounts with passwords and log out automatically.
Kids
Create a profile for the kids, with only the apps and access you feel comfortable with.
Gaming
Overclock your profile for maximum performance in intensive games
Speed
Imagine a buttery smooth profile, with no kids games, messengers or bloatware to slow things down.
Testing
Create a sandbox profile to easily test applications and themes - no more nandroid nightmares!
Battery
Switch to a profile which only contains the essentials to save power through brute force.
Critical usage warning:
Incorrect use of this application can potentially harm your device. Before proceeding with use we strongly recommend that you perform a full nandroid backup through the device recovery.
READ THE HELP FILE CAREFULLY TO AVOID ISSUES
Without the Key, this application allows a maximum of 2 profiles and no security features.
Only the standard Android implementation of Apps2SD is currently supported. Use all others at your own risk.
Most devices should be compatible as long as they have enough free internal memory to create secondary profiles. The application will warn users if available memory is low.
These of course are only suggestions - there are plenty of other uses for the functionality SwitchMe offers.
Market link:
https://market.android.com/details?id=fahrbot.apps.switchme
The free version allows the creation of two profiles and has no security features.
Screens:
Looks cool. I'd try it out but I hate crippled apps that need a key to work properly.
Good luck.
scottx . said:
Looks cool. I'd try it out but I hate crippled apps that need a key to work properly.
Good luck.
Click to expand...
Click to collapse
And yet there you are, trying it out.
Also, the free app already gives you everything. You just have to use you brain to make it work.
Attitude... it affects the best of us.
Anything to report?
oh, this is great, now you can share the tablet with family members
R1kARD0 said:
oh, this is great, now you can share the tablet with family members
Click to expand...
Click to collapse
Yep, it does that.
Hi
very helpful app for a family with only one tablet, works almost 100% OK for us.
everytime i switch profile a android OS update is done, and after a few seconds im loged out again, after second logon it's OK
Galaxy Tab 2 10.1 GT-P5110 4.0.4 XXBLH4
Installed it on my GT2 3113 this morning and have been playing around with it. I do get the same android OS update thing as listed above when switching users. Also sometimes when the app opens it is a blank screen with no profiles or details listed. Running RomsWell V1.1 stock rooted/deodexed 4.0.4 rom
gooffeyguy said:
Installed it on my GT2 3113 this morning and have been playing around with it. I do get the same android OS update thing as listed above when switching users. Also sometimes when the app opens it is a blank screen with no profiles or details listed. Running RomsWell V1.1 stock rooted/deodexed 4.0.4 rom
Click to expand...
Click to collapse
Write through the app please.
ftgg99 said:
Write through the app please.
Click to expand...
Click to collapse
Will do
Thnks....
I love this app
I've noticed that if I don't use the switch screen options then the app works fine and doesn't give me the blank main page that I was experiencing previously.
---------- Post added at 01:14 AM ---------- Previous post was at 01:02 AM ----------
Also, what folder are the additional users profile/apps installed to?
Sent from my GT-P3113 using xda app-developers app
Im looking into it.
/DATA/.PROFILES is where everything is kept.
Guys there have been reports of the app being blank sometimes. Im trying to work out if this is something to do with superuser vs supersu. If youve experienced this, please let me know and be sure to tell me which of the two youre using...
I haven't been having that problem since I disabled the "switch screen functionality" in the settings. I do use the "fast switch" option and just open the app when I want to switch profiles. I am using SuperSU v0.96
gooffeyguy said:
I haven't been having that problem since I disabled the "switch screen functionality" in the settings. I do use the "fast switch" option and just open the app when I want to switch profiles. I am using SuperSU v0.96
Click to expand...
Click to collapse
You disabled the two main functions just because you sometimes couldn't see the statistics page? That seems a little extreme...
ftgg99 said:
You disabled the two main functions just because you sometimes couldn't see the statistics page? That seems a little extreme...
Click to expand...
Click to collapse
No, not just because it didn't show statistics, but I wouldn't be able to switch users unless I rebooted the device. When the problem would occur it also wouldn't bring up the switch user screen on the lock screen after waking up. If the icon notification was enabled it just opened up the statistic screen, not the user switch screen. I would get stuck in the current users profile until I rebooted and hoped the switch user screen would show after start up.
I like the functionality of the switch user screen but with it glitching like that on my device the only sure way to be able to switch profiles is to disable all that and just go into the app/statistic screen and click switch at the bottom.
I just noticed that there is a widget for this app that allows switching profiles without opening the app.
gooffeyguy said:
I just noticed that there is a widget for this app that allows switching profiles without opening the app.
Click to expand...
Click to collapse
I think your problem is with supersu (if thats what youre using). If possible, change it to superuser or at least make sure that youve set supersu up to always grant and whatever.
Supersu is very green and i wouldnt recommend it to anyone.
I have used this app for awhile now and really love it as it allows both my girlfriend and I to separately use my nexus 7 without interfering with each others settings. However, I recently flashed a CM 10 nightly (which i really like) and the switcher no longer works, freezing during each switch attempt.
I know it says CM 10 is not supported at the current time on the app page, but are there an plans to include this support in the future? Any info is appreciated and thanks for your work.

Windows phone security- is there one and if so, how does it work?

Hi,
So, Android has a permission system which albeit somewhat flawed (malware can gain permissions not intended for it) and not very suitable for laymen (non rooted phones have to either accept all permissions or be denied from the app. In many programs people don't have the luxury of not using them) theoretically has merit. IOS has...well actually I'm not sure how it works security wise but I pressume it creates sandboxes for each app, layman wise it is reasonable since you (theoretically) can deny access for all programs to certain components (no need to jailbreak).
How does WP works?
Thank you.
Security is different, apps can't do as much as on android. But iOS is better in this, because capabilities are like in Android: you can see what the apps want prior to installing them, but blocking some of them isn't possible.
I am very saddened to hear this.
Is there an ability in place similar to Androids rooting?
Also, what do you mean by "apps can't do as much as on android"?
Thank you!
@th0mas96's post is technically *mostly* accurate but very confusing and doesn't actually answer your question at all.
The short version is that WP apps use a capability-and-sandbox system much like iOS and Android, with each app getting a sandbox that gives it read-only access to the app-specific install directory and the global system directory, read/write access to the app-specific data directory, and access to whatever other stuff is specified in the capabilities. Capabilities are currently all-or-nothing; you can't reject or disable any capability except by just not installing the app.
I could go into the technical implementation of the system a bit, but the short version is that WP8 apps use fairly standard NT (as in the NT kernel that is at the core of PC Windows versions) security features: each app has a unique token (rather than inheriting the token of the process that crated it, the way it normally works on PC but very much like how Windows Store apps work on Win8) which contains the app-specific Security IDentifier (SID) that gives access to the app directories, plus the SIDs of the various capabilities that the app has.
What @th0mas96 was talking about is that WP capabilities usable by third-party developers are much more restrictive than they are on Android. For example, Android allows an app have full read-write access to your contacts or to send SMS directly. WP8 doesn't allow that unless you use capabilities that are normally neither allowed on the store nor allowed in sideloaded apps (Microsoft's code can have them, of course - that's how the built-in SMS app works - but not Joe Random Dev). The downside of this is obvious; some app behaviors (like a full replacement for the SMS app or phone dialer) are not possible. The upside is that apps are *way* more limited in how malicious they can be; the most common way that Android malware makes money (remember, the vast majority of malware is for profit) is by sending SMS to "premium" numbers. On WP8, an app could *compose* such a message, but it couldn't *send* it for you (unless it had a capability that third-party apps normally can't have) so you'd have a chance to see what the app was doing and decide not to send that message after all.
This means that the ability to disable capabilities is much less important on WP8 than on Android.
Oh, then those restrictions are actually good news.
Aside from from your typical run-of-the-mill malware my main concern was actually privacy. I have a huge displeasure from apps like Whatsapp which on android takes a whole plethora of liberties and was hoping that perhaps some other system may contain their user data voracity and their ability to control the divice their on.
Is there any link in which I could see the full list of those restrictions?
I'm still downhearted from not having a more fine grained control of the system but maybe it still has it uses in some scenarios...
Also, thank you very much for your comprehensive explanation!
i found a tiny file stored inside some of the unbranded htc accord RUUs. its call disablewriteprotect.test. the only thing the file contains is a sentence stating write protection will be disabled until this file is removed. followed by a music note and some other symbol. so there you go thats how you make your entire htc 8x read and write. one file less than 1kb in size. ROOT!
but how can we flash this file. im still working on it. this file is located within the efi partition which also houses the ffuloader.efi, and severl other efi executables. check this post http://forum.xda-developers.com/showthread.php?p=53687985#post53687985
you wont find that on google search.
Sent from my Galaxy Nexus using XDA Free mobile app
Window phone Security Issues
Your Windows Phone is secure by design. Many security features are turned on by default. For example, apps you download from the Windows Phone Store are tested by Microsoft and encrypted to make sure you don't accidentally install malicious software on your Windows phone.
Set a password
Setting up Kid's Corner
If you've ever handed your smartphone to a child, you know that they can quickly get into all sorts of apps and settings they shouldn't. No such worries with Kid's Corner, a place on your phone where your child can play with the games, apps, music and videos
Use the free Find My Phone service
Say yes to updates . check out more at Master Software Solutions - Windows Phone Update
grilledcheesesandwich said:
i found a tiny file stored inside some of the unbranded htc accord RUUs. its call disablewriteprotect.test. the only thing the file contains is a sentence stating write protection will be disabled until this file is removed. followed by a music note and some other symbol. so there you go thats how you make your entire htc 8x read and write. one file less than 1kb in size. ROOT!
but how can we flash this file. im still working on it. this file is located within the efi partition which also houses the ffuloader.efi, and severl other efi executables. check this post http://forum.xda-developers.com/showthread.php?p=53687985#post53687985
you wont find that on google search.
Sent from my Galaxy Nexus using XDA Free mobile app
Click to expand...
Click to collapse
Sounds interesting.
Not something I'd try )) but interesting.
Aman Raien said:
Your Windows Phone is secure by design. Many security features are turned on by default. For example, apps you download from the Windows Phone Store are tested by Microsoft and encrypted to make sure you don't accidentally install malicious software on your Windows phone.
Set a password
Setting up Kid's Corner
If you've ever handed your smartphone to a child, you know that they can quickly get into all sorts of apps and settings they shouldn't. No such worries with Kid's Corner, a place on your phone where your child can play with the games, apps, music and videos
Use the free Find My Phone service
Say yes to updates . check out more at Master Software Solutions - Windows Phone Update
Click to expand...
Click to collapse
I pressume this is an advert for Master Software Solutions, but nevertheless I did google the term you suggested and got nil results. I also browsed the main site of the company itself but haven't found anything related, nor did I find anything on their facebook page.
Regardless, I checked out this Kids corner thing, it's cute but not really security related...
Thx anyway.

Alternative to xprivacy if I go to 5.0 LP ROM

Hi,
As Xposed apparently won't be ported soon to LP if ever, I was wondering if I update to LP (Galaxy S4 got GE LP), what options I have to protect my privacy and manage those permissions? I am too much spoiled by Xprivacy I doubt if there is anything as good as Xprivacy but need at least something that can do a minimum job to block and deny some permissions.
Thanks for all your suggestions
P.S I was also thinking of making a post to list all alternatives to different xposed module, what do you guy say ? I can keep the OP uptodate if you share your alternative Mods/Apps to xposed modules
Alternative solution I am personally using right know which serve me quite well till we have some real privacy mod/tool :
You will need 2 apps :
- AFWall+ (open source firewall) : https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall
- App Ops : https://play.google.com/store/apps/details?id=com.findsdk.apppermission
Ideally to prevent leaks, install them before installing or restoring any data after flashing your ROM
1- In AFWall+
- Enable the Firewall by pressing 3 dot menu and Enable firewall,
- Then for apps which you want to grant access Check the Icons First is for LAN Network acces, 2nd is for Wifi Internet, 3rd is your Mobile Data (some system apps like Media server, download etc.. must have internet access other wise Youtube, or downloading in browsers wont work, read the FAQ question for more info.)
- Once all app you want to grant access are checked, click on 3 dot menu and click Apply. (each time you change permission don't forget to apply).
2- App Ops : This one is very easy all Apps installed are organized by Type of permissions you go in and then uncheck the permission to to Block it, once ou are in App you will see all blockable Permissions that this app is asking not only of that category and that is handy
Please Note that App Ops don't list and block each and every permissions, but most essentials are there. Combined with AFWall you are good to go to protect your privacy till some good Mod or Xposed for LP come out.
Now instead of being fully naked without Xprivacy on LP, now we are at least in Bikini
App ops? https://play.google.com/store/apps/details?id=droidmate.appopsinstaller
Nothing as good as Xprivacy. I'm still on KK and I'll stay on this version for a while I guess.
FYI: http://www.xda-developers.com/android/protecting-your-privacy-app-ops-privacy-guard-and-xprivacy/
not as good as xprivacy
frigidazzi said:
App ops? https://play.google.com/store/apps/details?id=droidmate.appopsinstaller
Click to expand...
Click to collapse
App ops deny permission per app basis, but sometimes denying permission break the app, xprivacy instead send fake data to the app, so you can still use the app without giving your real info
Xposed and Xprivacy are just the single best privacy guards
I know but how long can we stay on KK at one point we need to update or when we buy future devices there won't be any choices. So we need to find alternatives to all those xposed modules
Netuser said:
I know but how long can we stay on KK at one point we need to update or when we buy future devices there won't be any choices. So we need to find alternatives to all those xposed modules
Click to expand...
Click to collapse
From what I can see, devs are more interested in custom roms/kernels rather than in security/privacy purposes.
Marcel (M66B) is almost ready for Lollipop. We 'just' need Xposed. He is also working on another project which could have the same goal (no available information).
I really hope that rovo89 have enough motivation and will be successful in developing Xposed for Lollipop.
I don't want to loose control because of Google updates. Future devices is another subject and I think there is still a long way to go before not being able to use a KK device.
i really think that a moderator should open a thread for indexing all of the 'Alternative to xposed mod *name* for LP 5.0.*'
just until we will have xposed or something else for android L...
There is "privacy guard" by cyanogenmod in cm12, I think it sends fake data too instead of just block the permission. But you have to install custom rom for this.
haimn said:
There is "privacy guard" by cyanogenmod in cm12, I think it sends fake data too instead of just block the permission. But you have to install custom rom for this.
Click to expand...
Click to collapse
This does not offer the same level of protection. I would not call Privacy Guard an alternative of Xprivacy.
There is no real alternative for Xprivacy, but at least it is something
I won't stay on a old version of Android only because one developer is going like "i'm god, don't ask me questions" ... we will never see xposed for LP, get used to it and move on.
I have moved to LP as I couldn't just leave my self open to all privacy leak, I came up with a solution while waiting for Xposed or any other other Mod to come out.
I have updated the OP with my solution . here is what i am doing :
Alternative solution I am personally using right know which serve me quite well till we have some real privacy mod/tool :
You will need 2 apps :
- AFWall+ (open source firewall) : https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall
- App Ops : https://play.google.com/store/apps/details?id=com.findsdk.apppermission
Ideally to prevent leaks, install them before installing or restoring any data after flashing your ROM
1- In AFWall+
- Enable the Firewall by pressing 3 dot menu and Enable firewall,
- Then for apps which you want to grant access Check the Icons First is for LAN Network acces, 2nd is for Wifi Internet, 3rd is your Mobile Data (some system apps like Media server, download etc.. must have internet access other wise Youtube, or downloading in browsers wont work, read the FAQ question for more info.)
- Once all app you want to grant access are checked, click on 3 dot menu and click Apply. (each time you change permission don't forget to apply).
2- App Ops : This one is very easy all Apps installed are organized by Type of permissions you go in and then uncheck the permission to to Block it, once ou are in App you will see all blockable Permissions that this app is asking not only of that category and that is handy
Please Note that App Ops don't list and block each and every permissions, but most essentials are there. Combined with AFWall you are good to go to protect your privacy till some good Mod or Xposed for LP come out.
Now instead of being fully naked without Xprivacy on LP, now we are at least in Bikini
Thanks pal, I'll give it a try later
Sent from Tapatalk 4 Android
I've installed LBE Security Master, which finally has Lollipop support. Search xda for translated version.
CptChaosNL said:
I've installed LBE Security Master, which finally has Lollipop support. Search xda for translated version.
Click to expand...
Click to collapse
Yes! the bootloop problem is finally solved hahaha
nEUTRon666 said:
I won't stay on a old version of Android only because one developer is going like "i'm god, don't ask me questions" ... we will never see xposed for LP, get used to it and move on.
Click to expand...
Click to collapse
Well, the saying goes "Do Not Feed The Trolls", yet here I am, feeding one: He does not play "god". He has a valid point by saying that it is his hobby, and should stay his hobby. If he feels like it, he could leave XDA and the whole Android-platform completely, and I would be fine with this decision and others should be, too! It is and has to be his choice, and if he does not find the time, muse, etc., then it is how it is.
You clearly have no idea how coding works, how Lollipop works, how the xposed framework works, else you would shut up and be patient.
If you are so much better than him, do it yourself. Everything you need is just a few clicks and downloads away. All his work is on github, and Anrdoid itself is open source. Go understand how xposed works, go understand how Dalvik works/worked, go understand how ART works, and then write it yourself.
Unless you really are better, and can do this, just wait silently. Don't be yet another huso cancerous forum member. There are enough of them as it is. Don't be ungrateful. Especially now!
For f* sake, I shouldn't even have to "defend" his choices.
Netuser said:
I have moved to LP as I couldn't just leave my self open to all privacy leak, I came up with a solution while waiting for Xposed or any other other Mod to come out.
I have updated the OP with my solution . here is what i am doing :
Alternative solution I am personally using right know which serve me quite well till we have some real privacy mod/tool :
You will need 2 apps :
- AFWall+ (open source firewall) : https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall
- App Ops : https://play.google.com/store/apps/details?id=com.findsdk.apppermission
Ideally to prevent leaks, install them before installing or restoring any data after flashing your ROM
1- In AFWall+
- Enable the Firewall by pressing 3 dot menu and Enable firewall,
- Then for apps which you want to grant access Check the Icons First is for LAN Network acces, 2nd is for Wifi Internet, 3rd is your Mobile Data (some system apps like Media server, download etc.. must have internet access other wise Youtube, or downloading in browsers wont work, read the FAQ question for more info.)
- Once all app you want to grant access are checked, click on 3 dot menu and click Apply. (each time you change permission don't forget to apply).
2- App Ops : This one is very easy all Apps installed are organized by Type of permissions you go in and then uncheck the permission to to Block it, once ou are in App you will see all blockable Permissions that this app is asking not only of that category and that is handy
Please Note that App Ops don't list and block each and every permissions, but most essentials are there. Combined with AFWall you are good to go to protect your privacy till some good Mod or Xposed for LP come out.
Now instead of being fully naked without Xprivacy on LP, now we are at least in Bikini
Click to expand...
Click to collapse
Can you fake your IMEI with one of those?
Here's the link to LBE Privacy Guard (english):
http://forum.xda-developers.com/showthread.php?p=46695347#post46695347
And yes, you can block IMEI, I'm not sure if you can fake it.
Grinface
I'm also awaiting an updated version of Xposed and Xprivacy for my incoming M9, but it seems a 64bit version is a long way off.
What do you guys know about this? Looks to be developed by faculty and students at Carnegie Mellon University.
Protect My Privacy (PMP)
http://www.appbrain.com/app/protect-my-privacy(pmp)/com.synergylabs.pmpandroid#descriptionsection
In the Google Play store here:
https://play.google.com/store/apps/details?id=com.synergylabs.pmpandroid

First week with Windows

Hello
And happy new year to everyone!
This is my first week on Lumia 735 after being 6 years with Android.
I like very much it's desktop, but there are some simple things that I thought until now I would figure out but I cannot find a solution....
1. How can I download a PDF from an email and then attach it to another email?
2. Is there a way to have a shortcut on notification bar for data connection?
3. Is there a way to remove Bing and get Google as default engine?
4. Is there a way to tide up settings? I feel that are randomly scattered...
5. Is there a way to open a new tab in internet explorer, but open in background? Cause we are always transferred to the new tab.
Thanks!
I'm on the same phone since about 4-5 days, so I have not yet answers for you, but another question to add:
- why on some apps the keyboard doesn't turn in landscape mode when I flip the phone? I found it working on some apps only, but in Bing search (just an example) it remains in portrait
EDIT: a bit of googling partially answers to 3: I'm a newbie so I don't know if I can link external sites here, but it seems you can change the default search engine in Internet Explorer in the browser settings (so when you type words in the address bar, it uses Google instead of Bing). Regarding the phone search button, maybe the trick is not so easy...
1. did you see download in email message? click on that link to download file to your phone.
2. with latest WP OS 8.10.14219.341 you can add mobile data shortcut in action center
or use Quick Launch app from store
3. settings - applications - internet explorer, select advanced settings and change to google
4. no... latest updated is always at end of list...
5. not exactly... try UC Browser 8.1, maybe you like it better than IE
Download a app named File attacher,it can help you to attach any files into outlook client.
Sent from my AT&T Nokia Lumia 920 using Tapatalk for Windows Phone
1) Download the file to your phone. You can then open it from the email (which will let you choose what PDF viewer to open it with, if you have more than one installed; some of them directly support sharing) or you can then switch to a file manager app (Files, Pocket File Manager, Aerize Explorer, etc.), go to the Downloads directory, and share the file from there. When "sharing" the file, one option will be to use email; this will attach the file to the email. This approach also works for other file types, by the way.
2) As dxdy says, you need to be on a new OS version (you may need to be using the "Preview for Developers" app) to get the ability to add mobile data specifically to the Action Center (swipe-from-top notification area thing) but there are lots of other ways (tons of free apps, for example) to pin a link to it on your Start screen. You can also have both WiFi and Airplane Mode toggles on the Action Center, even in less-than-newest versions.
3) Not unless you're in Russia, I think? You may be able to change the IE default search engine using the method dxdy posted above, but if you want to change the search button behavior, that's trickier. I think in Russia (or possibly just tell your phone you are), if you have the Google app installed, it may run that... haven't tried, though.
4) Settings are, unfortunately, not directly orderable. The default order for Microsoft-provided settings is basically "what MS has found people use most often", thus things like visual and audio customization are at the top, WiFi is on the first page, and stuff like Backup requires scrolling down a bunch. There's also OEM customizations, which are technically just Store apps that are pre-installed and use the Settings hub instead of the normal app list; those are always listed underneath all the Microsoft settings, and (as dxdy says), the one that was most recently installed/updated is at the top of that section ('top of the bottom of the list' if you will).
5) Doesn't seem to be any such way in IE, but there's lots of other browsers. Most of them just wrap the IE rendering engine, so pages will look the same as on IE but the UI can be totally different. This includes changes to tab management. They won't sync with your other devices, at least not by default, though. There's also a beta of Opera for WP8; it still has some bugs but mostly works and has a very different UI from IE. Annoyingly, though, Microsoft doesn't allow any of those apps to be set as the default browser (you can't change the URI association for http:/https: for example).
@axxel84: It depends on whether the app supports landscape mode. That requires work from the developer, since they have to change the layout of everything, so a lot of apps don't support it. If the app doesn't support it, then it will be locked in one orientation no matter how you turn it, keyboard included. Some apps (mostly games) are also locked in landscape mode only, and don't support portrait.
Hi guys, thanks for the help but I am still finding difficult to compose with windows after coming from fully updated Android phones.
- pdf attachments, not possible. You can see that you download files but no where to be seen in order to attach them in another email! What????
- the option to change Bing to Google was in the past, but they don't have it on new phones. And this is the company that wants to increase market share? With these kind of acts I don't think they will last many years...
- I found a way to have a shortcut on desktop that takes me to settings and there to click on for data. But why don't they include this in notification option? How difficult is this?????
- the other frustrating thing I am feeling, is that most other times when resuming an app when I go out and then in, it starts the"resuming" screen and takes 5 seconds to load... For example viber, I can't chat instantly with someone, I have to leave the program on continuously to do this
- no led notification. I should have known earlier by reading reviews, but there is no led notification!!
- no major apps as official pinterest, dropbox, instagram, sms backup to gmail. My biggest disappointment is Dropbox... I am thinking of selling the phone now and going back to Android. Having two small twins, I take continuously videos and photos, and I don't want to think about backup. I found another application but doesn't sync videos automatically. And also the backup app of windows doesn't do automatically the job... If I was windows I would hire people to help these companies develop the "big" apps...
- notification center doesn't always work. for example when a new app is downloaded, nothing comes app on notification. Or in viber you might get 10 messages on notification, if you click one and then in viber you read all, they remain on notification
Nobody seems to have emailed me a PDF recently, but I can download them from the web and they show up in my Downloads folder (on my SD card, since that's where I told Storage Sense to put new downloads). From there, I can see it in Aerize Explorer, select it, Share it, and choose an email account; a new message is created with the file attached.
Some new phones have the option for Google search, but it's not in all regions.
As you have ALREADY been told, the option to toggle data service from the Action Center is available in the latest version. It's also largely un-needed; Data Sense and related settings should give you enough control over your data usage to make it fairly unimportant. Mind you, I agree that it should have been there from the start, but asking rhetorical questions isn't actually helpful.
The "Resuming..." screen can come up for two reasons (or a combo thereof):
1) Badly-coded app that does a bunch of stuff immediately on resume, before it lets you use the app.
2) Your phone ran low on RAM and removed the app from background execution ("tombstoned" it, sort of like hibernating a laptop), so it needs to be restored from the Flash storage and then resumed.
Lots of phones don't have notification LEDs. That's not a WP8 thing, that's a "if this feature is important to you then you ought to buy a phone with that feature" thing. My HTC has a notification LED, my Samsung did not. Both are/were WP8 devices.
Automatic backup of photos and videos is included in the OS, has been included since WP7 actually, but it goes to OneDrive (formerly SkyDrive) instead of Dropbox. Microsoft software uses Microsoft services; this isn't really surprising.
SMS is automatically backed up as well, just not to Google. Why would Microsoft include a feature to back up your messages to a competitor's service?
Lack of official apps is somewhat annoying/disappointing, but you could have easily enough checked that before buying, and the apps will come in time. In the meanwhile, there's usually third-party versions of those apps.
App downloads are fast, and you know when you started them. Why would you need a notification for that? As for the thing with Viber, it's not the OS' fault that the app doesn't report when a message is read. Notifications are really easy to clear though, just swipe them to the right and all notifications for that app will clear (or hit the "clear all" button to get rid of all of them at once).

UNA ROM, Private, Fast, And Good Looking:)

After weeks of hard work we (Setmov and uncle Fab) proudly present you the first Una ROM for the galaxy Grand I9082, based on 4.1.2 XXAMF7.​
DISCLAIMER​As usual, your phone your responsability, we won't take any responsability if it flies out of the window or if your girlfriend/boyfriend runs away with it.
PLEASE, DO READ OP COMPLETELY AND CAREFULLY BEFORE ASKING ANY QUESTIONS, ANSWERS TO MOST PROBLEMS ARE THERE
WHAT IS UNA?​Una is a new concept that takes security to a new level.
Are you tired of seeing so much blatant, outrageous and shameless invasion of your privacy and data mining hidden behind nice sentences like "enhanced use experience" or "complete integration with the system"? We decided to develop secure ROMs where privacy means just that – Private!.
It’s free of charge, we are a non profit structure and we are not here to make big bucks.
WHAT UNA ISN'T​UNA isn't a way to help you to stealthily buy massive destruction weapons to foment a coup d'etat in your favorite banana republic or to prepare the third world war:silly:.
UNA secures what leaves from your phone (ie your personnal data doesn't leak and no app can look over your shoulder to spy your activities), but it can't competely secure what comes into your phone.
Why is that?
Because it's just not possible to fully secure a phone from what comes into it, and anyone claiming to be able to do it is either a liar, or an ignorant, or both.
There are too many attacks, some not well documented, if documented at all, and some unknown to the public, and there are too many ways to hack a phone, especially if the user doesn't use his/her common sense.
If you are the type of person that installs apps from shaddy source and/or warez web sites (sites offering cracked paid apps) chances are that at some point you will unknowingly install a malware or a spyware. The same applies if you click on any link, specially on SMS' and emails, if you let any pop out window appear or if you don't protect your lockscreen with a password/pin/pattern and let anyone get physical access to your phone.
A bit of judgment and common sense can save you a lot of trouble, but there's unfortunately nothing UNA can do about it.
Then, if you use your phone to call through GSM your provider will know where you are. If he didn't you wouldn't be able to make any call, the signal has to find you and there's nothing UNA or anyone can do about it.
The only way to prevent that is to disable the phone functions (but then your phone will turn into a wifi only device) and reenable them when needed, head to the scripts section to learn how to do it.
Last but not least, bear in mind that the agencies have armies of tech savvy henchmen and 10 storeys computers, and tricks we can't even imagine, so think twice and use your brain before you attempt to outsmart them...
UNA IS FOR YOU IF:​. You are willing to learn how to use an unconventional ROM and generally speaking to understand how things work, even if it sometimes requires a little effort to fix this or that little problem (bear in mind that it took us a lot of work to develop Una to where it is now),
. You don't mind a few little occasional bugs here and there that come from all the restrictions the ROM contains,
. You want to take back ownership of your phone from google’s claws.
UNA IS NOT FOR YOU IF:​. All that you care about is the latest gimmick in the latest OS,
. You can't live without the google’s apps,
. You are the kind of person that never reads through the OP and only scroll down to the download section, and then complain that things don't work and/or ask stupid questions in which are answered OP. An example? One guy makes a mod and writes clearly in OP that it's specifically for 4.2.2. Then some people complain: "it doesn't work on 4.4.2"...
If you are that type of person, please do yourself and us both a favour, and close this window now.
ARE WE PARANOID TIN FOIL HATS? OR TERRORISTS? OR CARTEL BOSSES?​Nope, we only are people that don't see why we shouldn't be in control of our phones. Or why our phones can be wiped remotely, why apps or updates or who knows what can be downloaded and installed without asking for our consent, why SMS' can be sent without us to know, why we should pay for the bandwidth used for data mining and unwanted downloads, and why all those activities should deplete our battery and kill our RAM.
You think we are overreacting here?
You don't have to take our word for it, just download and install Network Log from here:
https://f-droid.org/repository/browse/?fdfilter=network+log&fdid=com.googlecode.networklog
Give it root permission, start logging and open some web pages. Come back to Network Log after a few minutes and see for yourself, you'll be surprised (or maybe horrified?) to find out that your android system, your settings, your kernel etc. connect to all sorts of funny IPs, including and foremost google’s.
Now you see what we mean?
It's time to go for Una
UNA'S FEATURES​. Rooted.
. Deodexed.
. Zipaligned.
. Busybox and sqlite installed.
. Init.d support and scripts.
. Auto start disabled for most apps.
. About 120 system apps, 40 framework jars, 30 permissions xmls and 25 libs removed, plus files here and there.
. Very low RAM and CPU consumption, more than 8 hours screen time with the WIFI on, 1% battery decrease every 10-12 hours while in stand by.
. Heavily and extensively modified system, in order to make it secure and prevent it from leaking your data.
. App Settings, Firewall and Xprivacy built-in, and already applied out of the box to make sure you are well protected.
. Xprivacy is a fantastic tool but it has one big limitation, it can't restrict the Android System from accessing your serial numbers and leaking it. For that reason these IDs have been edited as follows:
build.serial (androidboot.serialno) and ro.serialno are both set to "1",
android id is set to "android",
net.hostname is set to "1".
. Wlan serial number set to "00000001" (this number identifies you everytime you connect to the internet, and Xprivacy can't do anything about it).
. USB ID (iSerial) set to 1.
. Unreadable cp access.
. Vulnerabilities patched thanks to Master Key Multi Fix and Fake ID Fix.
. ADB disabled (can be re-enabled, see below).
. By default ADB, all google access (including youtube, blogspot and google search) and the Media Storage are disabled. You can re-enable some or all of them, instructions are in the "HOW TO USE THE ROM" section.
. Plenty of under the hood modifications to make the ROM fast and fluid.
. Multi-purpose navigation keys.
. Call button in contacts.
. Because secure doesn't mean ugly, the whole ROM has been themed with a beautiful green color (if there are enough requests other themes will follow), transparency, and Lollipop HD wallpapers.
. KK style pop-up toasts.
. Multiwindows have been revamped, they are no longer only static in Samsung style but now they can float and be resized too, like on a computer.
. All apps can be opened in floating mode.
. Possibility to choose between different multiwindows layouts in KK's style.
. Heaps of hand picked and carefully scrutinized open source apps.
There are 2 non open source apps (Greenify and Quick Pic) but they are safe, believe me, I have thoroughly examined them. Still, you can always uninstall them if you feel like it.
In time we will develop our own apps, but first we want to see how people respond to the Una concept...
Installed apps/tools​. 920 Editor, to create and edit scripts or text files.
. AF+ Firewall.
. Alarm clock.
. APG, to encrypt messages.
. App Settings, to restrict apps' permissions, change DPI on a per app basis and more.
. Arity, a calculator.
. Conversations, a secure and encrypted chat, modded by uncle Fab for increased security.
. Fdroid, an alternative to the Play Store, and all the apps are open source!
. Floating stickies, to make small notes on the fly.
. FTP Server, to copy files to/from your phone wirelessly.
. Ghost Commander, a very powerful dual panel root file manager.
. Gravity Box, a theming engine.
. Greenify, to make apps behave by hibernating them when not in use.
. K9 Mail, an email client.
. Kernel Adiutor, if you feel like playing with kernel tweaks (but you have to know what you are doing).
. Lightning, a fast and light weight browser.
. Multiwindows Manager.
. Network Log, to check where your apps connect and chase unwanted connections.
. Open Camera.
. Tor (Orbot) for Android, modded by uncle Fab for increased security.
. Orweb, a browser designed to work along with Tor.
. OS Monitor, to monitor and kill your phone's processes, and more.
. Pale Moon, based on Firefox for Android, for a full desktop experience with Mozilla add-ons preinstalled for enhanced security.
. PDF Reader.
. Preferences Manager, to edit the otherwise difficult to read shared_prefs files in data/data.
. Quick Dic, a good selection of free dictionaries.
. Quick Pic, a Gallery app.
. Rmaps, a maps app where you can download maps from various sources for offline use.
. Search Light, a torch.
. Terminal Emulator, fire up your commands and show your phone who is the boss!
. Text Secure, a secure and encrypted SMS app, modded by uncle Fab for increased security.
. Tint Browser, another fast web browser.
. Urecord, to record sounds with different sample rates.
. USB Mass Storage Enabler, to connect your phone to any computer (note that it only mounts the external SD).
. Viper4Android FX, a powerful sound enhancer.
. Viper4Android XHiFi, some more sound enhancements.
. VLC, a video and music player favourite.
. WI-Fi Privacy Police, to secure your connections even better than they already are.
. Xposed Installer, a great framework that enables apps like App Settings or Xprivacy to work.
. Xprivacy, last but not least, the best privacy app.
WHY IS THIS ROM 4.1.2 BASED AND NOT 4.2.2?​
Because Samsung did a complete failure with its 4.2.2 version for Galaxy Grand.
High RAM consumption, no floating windows, bugs.
Plus, the newer the android version the more spying there is, despite google's sweet talk about "enhanced user's experience", the infamous Fused Location being a good example.
INSTALLATION​As usual, make a backup first!
Do backup your contacts and whatever is important because all your apps and data will be erased (your sd card contents won't be deleted though).
Do backup your /system/csc folder, in case you need it for later.
Do backup your efs folder (VERY IMPORTANT).
Open an android terminal from your phone, first type "su" (without the quotes), enter, then type:
busybox dd if=/dev/block/mmcblk0p17 of=/sdcard/efs.img
This will create an efs backup caled efs.img in your sd card.
If you need to restore it type:
busybox dd if=/sdcard/efs.img of=/dev/block/mmcblk0p17
Before you install the ROM, download Philz recovery from here:
http://forum.xda-developers.com/showthread.php?t=2452985
We chose Philz since AFAIK it's the only one that allows you to lock you recovery with a password (highly recommended, if your recovery is not password protected it wouldn't take more than 2 minutes for someone to disable your pattern or pin protected lockscreen and access all your personal data on the phone).
Philz' installation instructions
You need to have Samsung drivers installed.
Boot your phone into download mode (press volume down and power at the same time).
Open Odin 3.07 and connect your phone.
Click on the PDA slot, navigate to where the Philz recovery is located and select it.
DOUBLE CHECK AND MAKE SURE THAT "RE-PARTITION" IS UNTICKED (only "Auto Reboot" and "F.Reset Time" should be selected).
Click start and wait while Odin flashes Philz.
If everything went well your phone will now auto-reboot into the system. Go into recovery, you should see your brand new Philz.
If you are still on stock recovery then repeat the above steps, but this time untick “Auto Reboot” in Odin.
When in recovery, if before you reboot you see a text on the screen displaying “yes – disable flash recovery”, select it to avoid stock recovery overwriting Philz.
Now, download Una from here (scroll down until you get to the download section):
http://unaos.com/
Unzip the ROM and copy it to the backup folder that is inside the clockworkmod folder in your sd card (if there's no backup folder create it by choosing "mkdir" in Ghost Commander).
Boot into recovery.
Go to restore from sdcard, choose 2015-03-23.10.56.05, and go for it!
Once it's done reboot, congratulations, you have installed Una ROM on your phone!
The screenlock password is 23052015​
IMPORTANT!!!​I haven't tried the latest 4.2.2 ROMs and I don't know if they have Knox or not (the earlier versions hadn't).
If they have it and if you are on such a ROM you'll have to choose custom restore and uncheck boot in the menu, because since the bootloader you have is Knoxed you may get a brick if you downgrade it to a pre-Knox version, don't play with that!
If you choose to proceed, you do so at your own risk, but in any case look first on the internet to find out if it's doable.
If it doesn't work for you then I'm sorry, you are out of luck, shame on you Knox...
If it works please report it here so that other people will know, thanks in advance!
HOW TO USE THE ROM​. Swipe down to access the applications drawer.
. Swipe up to open the notifications.
. Go to settings and set a stong password/pin/pattern protected lockscreen (recommended), default password is 23032015.
. Go in recovery and set a recovery password (recommended).
. Long pressing on the menu key toggles expanded desktop (full screen, no more navigation bar and no more status bar).
. Double pressing the menu key kills and hibernates the current application.
. Long pressing the recent key brings you back to the last application (convenient to switch from one app to another).
. Between the home and the back key there's a supplementary key that can display up to 12 apps (editable in gravity box).
Double pressing that key shows the sound panel, long pressing it shows the reboot menu (note that there's an option to take screenshots in the reboot menu).
. When you open an app you'll see a cascade icon at the top or the bottom right, press it and the app will turn into a floating window like on a computer. Now, open the notifications and check the 4 icons at the top, click any of them and the currently opened floating window (s) will be reorganised according to the layout you chose.
. Go to /system/etc/security/cacerts, check the certificates that are there (you'll find the certificate's name approximately by the middle of the file), and erase the ones you don't need/like.
When you want to transfer files to/from your phone open the USB Mass Storage Enabler app and enable mass storage, that's it. When you are done, don't forget to eject your phone from the computer and to reenable MTP from the app.
. When you install a new application, by default it will be fully restricted in both Xprivacy and the Firewall.
Before you open the newly installed app wait until the Xprivacy icon appears in the status bar, then and only then can you open it.
Most likely the app will crash.
Go to Xprivacy, open its settings and then usage data, you will see what restrictions caused the crash. Re enable some, provided that they are not too invasive.
Many apps require "load.Library" to be allowed in the shell section, that's ok.
Others may need to access the sd card, that's in the storage section and it's ok to allow it for apps that really need to access the storage, like players, cameras or file managers (for other apps try to keep it restricted).
Root apps obviously need "su" and/or 'sh", and sometimes "exec", in the shell section.
Always try to enable as few fields as possible, and bear in mind that data requested by an app is not necessarily needed for that app to work (especially true for identification, internet and mcc/mmc access).
Lastly, give the app internet access in the Firewall if, and only if, it needs it, and restrict some more permissions in App Settings.
If you can't tame the app consider uninstalling it and look for a similar one that has less built-in spyware.
SCRIPTS​. As said above, by default ADB, all google access (including youtube, blogspot and google search) and the Media Storage are disabled.
If you want to re-enable some or all of them, open the folder on your home screen called "scripts". Click on the desired script and it will be automagically executed.
If you choose to enable/disable google access you ll have to go to the Firewall to reapply its script. Open the firewall, go to settings, choose set custom script, click OK.
. You will see more scripts to disable/enable the Bluetooth, the FM Radio and the Phone.
If you disable the Phone and later want to re-enable it do as follows:
untick App Settings in Xposed's modules section, re-enable Phone, reboot, then enable App Settings again.
. Some scripts will enable you to backup/restore your efs partition and flash a recovery.img (to restore or flash an .img, make sure it's in your internal sd and execute the script).
. Other scripts can enable/disable am and pm, but don't play with it unless you know what you're doing.
. You can uninstall the Wallpaper Chooser and the Media Storage if you want, or keep them disabled and resurrect them when needed.
. If you are very privacy concerned you should consider using the "uncle's phone lite" mod because it enables you to call with only the Phone and the Telephony Provider apps (CSC, Contacts, Contacts Storage, Logs Provider and STK are completely de-activated). That's the method I use to make calls, but you have to know that the dialler forces close after you complete the call (not a big deal in my opinion but still, I may look into it one of these days). You'll find the mod in the add-ons section.
BUGS​. For some reason the ADW Launcher doesn't allow transparency in the navigation bars while in portrait, I'm working on that.
. You can't download anything from Lightning and Tint Browser, that's because the Download Manager and the Download UI have been uninstalled. If you need to download something, copy the link and paste it in Pale Moon, it has its own download engine.
. Part of the lockscreen and the dialer don't show in landscape mode, it's because the DPI has been modified in order multi layouts floating windows to work.
. All the installed apps work, but other apps you install may crash. I call that kind of apps "google’s henchmen", they only work if the play store services or the bla bla app are installed and of course they won't on Una since all that garbage has been removed.
If I install your app, why do you want to force me to install your boss' app too? Forget about those apps and search Fdroid, you'll find what you need...
. Depending the way you use your phone you may have to fine tune Xprivacy and reenable some permissions, I'm sorry for the inconvenience but it's impossible to set Xprivacy for all users since we all have different ways to use our phone.
ADD-ONS​. Uncle's themed Sony keyboard, flash it in recovery. It's not open source and that's why it's not included in the rom by default, but it's my every day keyboard because it works fine and because I themed it to make it look nice.
. HD Wallpapers
. Universe Wallpapers
http://unaos.com/addons
If there are many users' requests then I'll upload the following:
. Uncle's phone lite (with clipboard and dialer) for hardcore users. It's safer than using the regular phone configuration, but the dialer forces close when you hang up the call. Flash it in recovery, wipe dalvik-cache, reboot.
. Completely disable internet access for the Android System. Lightning and Tint Browser won't connect anymore since they use the same web engine as the Android System (that is anyway not very safe in 4.2.2), but Pale Moon still works thanks to its build-in web engine. Flash it in recovery, wipe dalvik-cache, reboot.
UPDATES?​There will be some, but no ETA, you'll have to be patient because now we have to design and release Una for three other phones.
Still, any suggestions/comments/bug reports are welcome, help us to improve Una!
FEATURES REQUEST​Yeah, sure, we'll see what we can do but we don't promise anything
That's all for now, enjoy the ROM!!!
The Una team
CREDITS​Big thanks to:good::
F-Droid
M66B (Xprivacy)
Rovo89 (Xposed)
Tungstwenty (App Settings, Master Key, Fake ID Fix)
Ukanth (AF+Firewall)
Jecelyin (920 Editor)
Kraigsandroid (Alarm Klock)
Thialfihar (APG)
Arity (Arity calculator)
Siacs (Conversations)
Ppareit (FTP)
Ghost Squared (Ghost Commander File manager)
Mohammad Adib (Floating Stickies)
C3C076(Gravity Box)
Oasisfeng (Greenify)
K-9 Dog Walkers (K9 Mail)
Grarak (Kernel Adiutor)
Anthonycr (Lightning)
Xperiacle (Multiwindows Manager)
Pragmatic Software (Network Log)
Mdwh2(Open Camera)
The Guardian Project (Orbot and Orweb)
Eolwral (OS Monitor)
Moon Child and Cyansmoker (Pale Moon)
Droidapps (PDF Reader)
Androguide.fr (Pimp My Rom script)
Simon Marquis (Preferences Manager)
Thad Hughes (Quick Dic)
Q-Supreme team (Quick Pic)
Robert.Developer (Rmaps)
Search Light (Search Light)
Jackpal (Terminal Emulator)
Anasthase (Tint Browser And Tint Browser Adblock Addon)
Thomasebell (Urecord)
Mohammad Abu-Garbeyyeh (USB Mass Storage Enabler)
Zhuhang (Viper4Android FX and Viper4Android XHiFi)
Videolan.org (VLC)
Brambonne (Wi-Fi Privacy Police)
Did I forget someone?
If that's the case let me know and I'll put your name here.
reserved
No screens?
ishmeet1995 said:
No screens?
Click to expand...
Click to collapse
Here you go
I like the effort but there are seriously some thinks you may not know what you are talking about, maybe because lack of knowledge.
Did I mention that I found google’s DNS in Tor (Orbot)? Pretty bad but fear not, I've patched it...
Click to expand...
Click to collapse
Most DNS lookups are local to the exit node with occasional use of Google DNS, changing a DNS itself is no guarantee for more security since the data needs to be anonymize too, that's possible if we use I2P together with TOR (because it's impossible to surf the web secure since not all provider/sites using a strong encryption for all stuff like content, external content and the whole site).
Open source vs closed
Click to expand...
Click to collapse
Well, mostly I agree open not automatically means it's safe at any time (see opensll and other popular projects) but here it would be help to see some source because you talking about trust and how can we trust you without looking in the code? Is there are proof for all your changes you done?
I've explored deep into the hidden depths of this Samsung ROM, and I didn't find anything questionable (but I had already removed around 150 apps, so there wasn't much left) from Samsung's side
Click to expand...
Click to collapse
How you do that if you don't have the source for e.g. the radio modem or other closed parts from a stock rom? Via reverse engineering? - You must have spent a lot of time for this ... I was not able to do it and not even any expert here on xda, it's impossible to one man to reverse and understand all stuff it would take years, even with good tools like IDA and 20 years of knowledge. You can maybe, maybe! only see some parts ... but not inspecting all aspects and since there is no reference I guess nobody can't say what's really secure.
Encrypting would only attract suspicion - why does he encrypt his messages? He must have something to hide!
Click to expand...
Click to collapse
Sure you have no idea what you talking about, this shows it. It's not about "..but I have nothing to hide!" it's a common thing, maybe you should read this first.
To tag something with secure is very easy but to proof that without anything is almost impossible. One of the benefit you mentioned is to hardening the OS but that also could be done with scripts/binary's or other stuff without downloading the whole rom, xda is full of it - but sadly most of all "security" things here are never really tested or under the scope from known experts. - but people always believe in the hype and the myths!
Don't get me wrong but maybe you think about it and release something we all can work with (especially the changes only as a diff or something).
CHEF-KOCH said:
I like the effort but there are seriously some thinks you may not know what you are talking about, maybe because lack of knowledge.
Most DNS lookups are local to the exit node with occasional use of Google DNS, changing a DNS itself is no guarantee for more security since the data needs to be anonymize too, that's possible if we use I2P together with TOR (because it's impossible to surf the web secure since not all provider/sites using a strong encryption for all stuff like content, external content and the whole site).
Well, mostly I agree open not automatically means it's safe at any time (see opensll and other popular projects) but here it would be help to see some source because you talking about trust and how can we trust you without looking in the code? Is there are proof for all your changes you done?
How you do that if you don't have the source for e.g. the radio modem or other closed parts from a stock rom? Via reverse engineering? - You must have spent a lot of time for this ... I was not able to do it and not even any expert here on xda, it's impossible to one man to reverse and understand all stuff it would take years, even with good tools like IDA and 20 years of knowledge. You can maybe, maybe! only see some parts ... but not inspecting all aspects and since there is no reference I guess nobody can't say what's really secure.
Sure you have no idea what you talking about, this shows it. It's not about "..but I have nothing to hide!" it's a common thing, maybe you should read this first.
To tag something with secure is very easy but to proof that without anything is almost impossible. One of the benefit you mentioned is to hardening the OS but that also could be done with scripts/binary's or other stuff without downloading the whole rom, xda is full of it - but sadly most of all "security" things here are never really tested or under the scope from known experts. - but people always believe in the hype and the myths!
Don't get me wrong but maybe you think about it and release something we all can work with (especially the changes only as a diff or something).
Click to expand...
Click to collapse
I’m sorry you feel that way. Did you install the rom at all?
Dear Dev,
Thanks for the ROM for our grand community, but after 5.0 Lollipop do you think people will shift to 4.1 ICS again?
Anyways very nice effort for great customization.
:good::good::good::good::good:
unclefab said:
UNA IS FOR YOU IF:​. You are willing to learn how to use an unconventional ROM and generally speaking to understand how things work, even if it sometimes requires a little effort to fix this or that little problem (bear in mind that it took us a lot of work to develop Una to where it is now),
. You don't mind a few little occasional bugs here and there that come from all the restrictions the ROM contains,
. You want to take back ownership of your phone from google’s claws.
UNA IS NOT FOR YOU IF:​. All that you care about is the latest gimmick in the latest OS,
. You can't live without the google’s apps,
. You are the kind of person that never reads through the OP and only scroll down to the download section, and then complain that things don't work and/or ask stupid questions in which are answered OP. An example? One guy makes a mod and writes clearly in OP that it's specifically for 4.2.2. Then some people complain: "it doesn't work on 4.4.2"...
Click to expand...
Click to collapse
hemant4409 said:
Dear Dev,
Thanks for the ROM for our grand community, but after 5.0 Lollipop do you think people will shift to 4.1 ICS again?
Anyways very nice effort for great customization.
:good::good::good::good::good:
Click to expand...
Click to collapse
I think everything is quite well explained and your question answered in the OP. Thank you for your interest.
hemant4409 said:
Dear Dev,
Thanks for the ROM for our grand community, but after 5.0 Lollipop do you think people will shift to 4.1 ICS again?
Anyways very nice effort for great customization.
:good::good::good::good::good:
Click to expand...
Click to collapse
No ..never
Edit: and 4.1 is not ICS
I expected that kind of reply, from you or from one of the forum's security experts, the same people that ignored me when I offered to share knowledge and to give advices/opinions on the security thread.
CHEF-KOCH said:
Most DNS lookups are local to the exit node with occasional use of Google DNS, changing a DNS itself is no guarantee for more security since the data needs to be anonymize too, that's possible if we use I2P together with TOR (because it's impossible to surf the web secure since not all provider/sites using a strong encryption for all stuff like content, external content and the whole site). .
Click to expand...
Click to collapse
I m not the guy that developed Tor, what you are talking about is his business, not mine.
All what i did was to change google's DNS in Tor's code, period.
Well, mostly I agree open not automatically means it's safe at any time (see opensll and other popular projects) but here it would be help to see some source because you talking about trust and how can we trust you without looking in the code? Is there are proof for all your changes you done?
Click to expand...
Click to collapse
Nobody needs to trust me.
As I wrote in OP (did you read it?):
You don't have to take our word for it, just download and install Network Log from here:
https://f-droid.org/repository/brows...ode.networklog
Give it root permission, start logging and open some web pages. Come back to Network Log after a few minutes and see for yourself, you'll be surprised (or maybe horrified?) to find out that your android system, your settings, your kernel etc. connect to all sorts of funny IPs, including and foremost google’s.
Now you see what we mean?
It's time to go for Una
Click to expand...
Click to collapse
Install the ROM, and see by yourself how it behaves.
Another thing is that all the installed apps in the ROM are open source, apart from 2 that I have reverse engineered, inspected and restricted (Greenify and Quick Pic), and as I said in OP people are fee to uninstall them.
To be honest, on my daily ROM I do use some closed source apps that are very good, that only have legit permissions, that don t spy on me whatsoever, and that dont connect anywhere.
But sadly I couldn t include them in this ROM, because I knew that if I had done it people like you would have criticized me.
How you do that if you don't have the source for e.g. the radio modem or other closed parts from a stock rom?
Click to expand...
Click to collapse
Radio modem and the like are closed source, and I never said that I did anything there.
But that s the same in an AOSP or CM ROM, and the only way to overcome that problem is either replicant (but they don support many devices) or baseband isolation.
I have full baseband isoltaion on my daily ROM, but hey, do you think that i could make such a ROM for public release? Do you think that people would like a ROM that transforms their phone in a wifi only device, and need to connect to a modem to have data connection and to call or receive sms'?
Still, people can achieve baseband isolation on this Una Rom, instructions are in OP.
Anyway, all what I said, again in OP is that :
spying that is present on AOSP too since it's google’s material as well (compare the apps' permissions and the network connections in an AOSP/custom ROM and in a stock ROM, it's more or less the same, or better, look at the code).
You can't do everything you want on a closed source ROM (I bet you can't on AOSP either), but to edit and clean the system you don't need the full source code.
Click to expand...
Click to collapse
You see?
I have removed over 100 system apps, dozens of jars, some xmls and libs, then I have cleaned the remaining apps and jars, then I have set very carefully and very restrictivey the firewall, App Settings and Xprivacy, then I have applied other security related tweaks and yes, Una is secure.
No more data mining, no more unwanted internet connections to google, amazon and who knows where, if that s not secure for you then I don t know what can be called secure.
To tag something with secure is very easy but to proof that without anything is almost impossible
Click to expand...
Click to collapse
.
Once more, you don t need to trust me.
Install the ROM, open Network Log, look at the Task Manager etc., and see what happens.
maybe you think about it and release something we all can work with (especially the changes only as a diff or something).
Click to expand...
Click to collapse
Why do you need to get anything from someone like me?
You said that I don t know what I am talking about, that I have a lack of knowledge etc., so why would such an expert like you benefit from it?
By the way, did you try the ROM?
BTW again, thanks for the link but sorry, I still don't feel concerned.
I don t use my phone for bank transactions, I m not working on big secret projects, I have blocked adds in the host files and I never get any spam.
Still, thanks for remembering me about encryption, I had forgotten to add in the encryption chapter in OP that Una has encryption apps (APG, Conversations, K9 Mail, Text Secure).
@hemant4409
First, the galaxy Grand will never get Lollipop from Samsung.
From custom ROMs, maybe, but that s not the point.
If people like more gimmicks and fancy transitionts than security it s their problem....
Congrats to all your work and the time spent on the Security subject and thanks for taking the time to share your work. This is the first time I see such a custom rom on XDA (on Internet I'd say) so I wanted to express my gratitude.
Hats off.
You provide a lot of information about security and privacy and the first question is 'No screenshots?' lol
Primokorn said:
Congrats to all your work and the time spent on the Security subject and thanks for taking the time to share your work. This is the first time I see such a custom rom on XDA (on Internet I'd say) so I wanted to express my gratitude.
Hats off.
You provide a lot of information about security and privacy and the first question is 'No screenshots?' lol
Click to expand...
Click to collapse
Here's screenshots
http://forum.xda-developers.com/showpost.php?p=59640778&postcount=4
oskar01 said:
Here's screenshots
http://forum.xda-developers.com/showpost.php?p=59640778&postcount=4
Click to expand...
Click to collapse
OMG!! He was kidding:cyclops:
I’m sorry you feel that way. Did you install the rom at all?
Click to expand...
Click to collapse
I'm dl'ed the rom and see what whas changed because a friend asked me to make a statement if this rom really secure anything. Btw no need to quote all stuff over and over again and again.
All what i did was to change google's DNS in Tor's code, period.
Click to expand...
Click to collapse
You can't change something you don't have access to or something that is important if we talking about DNS, you can't change the exit nodes. And as mentioned changing a DNS server is no guarantee since they also can log your stuff - it's all about trust, sure - but an OpenNIC without logging (that's proofed) would more help. For more security related stuff about DNS please first read this and this. DNS is not secure anymore, no matter which provider and according to the NSA they have some techniques to identify and infiltrate some servers.
Nobody needs to trust me.
As I wrote in OP (did you read it?):
Click to expand...
Click to collapse
Sure, nobody force anyone to install and use your stuff, that's what I'm not saying - but to say x and y was removed or changed is very hard to trust without anything except your words. It's no offensive at all.
Another thing is that all the installed apps in the ROM are open source, apart from 2 that I have reverse engineered, inspected and restricted (Greenify and Quick Pic), and as I said in OP people are fee to uninstall them.
Click to expand...
Click to collapse
I simply not care about the apps, no matter if it contains malware or not, as long they not have any root access or internet connection is simply has no effect. Most apps today do not want to destroy the hardware, they just want to collect and grap your private data and send them back if you turn wifi on (which makes t harder, because without deep package inspection you won't ever notice that there are some wired behaviors with app xy.
... people like you would have criticized me.
Click to expand...
Click to collapse
If you just one of the people that can't handle valid arguments or is unable to accept any other arguments we can just stop the whole discussion. - What I've learned from xda is that some people are unable to discuss and calling the moderator instead (for no reasons). It's not against your work, it's to inform and to show others if it's really offers that what you promise here or not. I really hope you understand it.
But that s the same in an AOSP or CM ROM,..
Click to expand...
Click to collapse
No it's not some roms use (outdated) open source modem sources, like CM which is always a big discussion because people "always" complaining about signal related stuff and possible battery drains. Or in other words some people say that with a stock modem/radio they have a better signal compared to CM.
I have removed over 100 system apps, dozens of jars, some xmls and libs, then I have cleaned the remaining apps and jars, then I have set very carefully and very restrictivey the firewall, App Settings and Xprivacy, then I have applied other security related tweaks and yes, Una is secure.
Click to expand...
Click to collapse
Installing security apps is the last line of defense, not the first. Read more about here. I guess you not touched the network code (because it's closed) so that won't change anything at all.
Install the ROM, open Network Log, look at the Task Manager etc., and see what happens.
Click to expand...
Click to collapse
Same again that won't change something on application layer, tor is also affected.
.. so why would such an expert like you benefit from it?
Click to expand...
Click to collapse
I not use it, as said a friend asked me because he usually like your work.
.. I have blocked adds in the host files and I never get any spam.
Click to expand...
Click to collapse
Blocking ads via hosts file not works if you change your mobile connection from e.g. 2G/3G/wifi/lan since on most roms the hosts never gets a re-apply. If you not getting any ads you are a lucky boy but it's very decency on which www your are or which addon you use. If you use Firefox/Plae Moon just use uBlock and configurate the filter list (so no ads at all too) but that not works for apps (but there are also minminguard or adaway [hosts] for it. Sad think about the hosts seems that it coasts more battery and usually takes longer to boot - but okay, anyway matter of taste which stuff you prefer.
Text Secure
Click to expand...
Click to collapse
Better link or integrate the SMSSecure it's based on Text Secure but encrypts SMS (since Text Secure removed that for some reasons).
.. security related tweaks
Click to expand...
Click to collapse
Which one? TCP/IP stack hardening, protocol changes like only forcing to use latest TLS or what? You see some important details are missing.
I expected that kind of reply, from you or from one of the forum's security experts, the same people that ignored me when I offered to share knowledge and to give advices/opinions on the security thread.
Click to expand...
Click to collapse
Yes, I reply'ed to this thread but my answer was way to long so I got a loading problem (the reasons I asked a mod to remove my post). I'm working on something but it's not fully done yet. The problem is that it will be the longest post here on XDA ever (if I release it here - I'm not really a xda fan) and it's very complicated so there will be a lot of people that may possible will never understand all stuff.
So, sorry if you feel that I "ignored" your post. But feel free to visit my Github stuff or just visit infosec institute to read my other stuff.
So the main question is here if you show us your mods or not? Or if you plan to release a "hardening package" or not? That's all I want to talk about.
@CHEF-KOCH
You came out of the blue on this thread, basically saying that I'm a moron that doesn't know what he's talking about and implying that this ROM is garbage, then you said you will download the rom and make a statement about whether it's secure or not.
And...?
Nothing, but you edited your post with the following:
So the main question is here if you show us your mods or not? Or if you plan to release a "hardening package" or not? That's all I want to talk about.
Click to expand...
Click to collapse
Is that fair?
Seriously, what would you think and what would you do if you were me?
If this ROM is garbage, prove it.
Otherwise, go polluting another thread...
unclefab said:
@CHEF-KOCH
You came out of the blue on this thread, basically saying that I'm a moron that doesn't know what he's talking about and implying that this ROM is garbage, then you said you will download the rom and make a statement about whether it's secure or not.
And...?
Nothing, but you edited your post with the following:
Is that fair?
Seriously, what would you think and what would you do if you were me?
Click to expand...
Click to collapse
Don't bother with @CHEF-KOCH. He just want you to share your knowledge with him, so he can "use" it and make you look like an idiot! Also, he is a liar, he didn't come here because of a "friend" but because of my post on your security thread. When he had some strange "loading issues" I also asked him very politely where was the problem....he never bother to reply, and he deleted the post, so what kind of person he is? He is a hater, and a spitter and "no constructive help" from him, so don't lose your time with him!
I'm giving up, useless to talk here.
CHEF-KOCH said:
I'm giving up, useless to talk here.
Click to expand...
Click to collapse
Thank you mister know it all, and please don t come back, there are plenty of other threads to pollute...
Too bad that you couldn t prove that this rom is garbage
And too bad that you are too arrogant to admit that you were wrong when you implied that I m an idiot and that this rom is garbage...
i can only post one :thumbup: per post , but if i could then ........... :thumbup::thumbup::thumbup: , at least some knowledgeable people are trying.
"all I can really do , is stay out of my own way and let the will of heaven be done"
Awesome thread
I do not have Grand but my brother has it. I was searching a rom for him and found your thread. I must say I did not find any thread like you in at least Samsung area. You people did a great work. Security is a great concern and if you secure the system then it itself become light weight because you take out spyware craps out of it. I appreciate your work. Good job man. Pleas e develop something in Note 3 LTE section as well.

Categories

Resources