Conversation
Notices
-
BTW, does anyone know why Lollipop (Android 5) is disabling so many apps, or making them fail or malfunction?
-
@mk it may be because lollipop uses selinux in enforcing mode http://officialandroid.blogspot.co.uk/2014/10/a-sweet-lollipop-with-kevlar-wrapping.html
-
@boneidol hmm, so using selinux that way makes it less, not more secure? I mean I noted this in all kinds of security-related apps. And since Android also removed AppOps there are few ways to remove dangerous permissions from apps!
-
@mk @boneidol indeed one comment confirms my feeling: "How about bringing App Ops back? It is not android that makes me feel not secure, it is the inability to restrict the access apps have." [Johnny Falconi]
-
@mk I would have thought that selinux made things more secure, as it will stop apps reading and writing data from locations they should not. If you have root I #guess you could control the selinux profiles yourself.
-
@mk http://m.pocketnow.com/2013/12/17/app-ops #randompageontheinternet
-
@boneidol selinux won't stop apps access to your contacts if it claims it needs it. Or phone's ID, etc. With no AppOps permissions are hard to remove, often requiring reboot or reinstallation of the apps. From the reports of apps no longer working on Lollipop it's clear that it makes permissions restriction harder, not easier.
-
@mk yeah but one could alter the selinux profile that the app has to get that control? #guess
-
@boneidol yes, yes. But I don't agree that Google made the right decision by pulling App Ops. Lots of apps used an interface to it, all apps that I've seen managing permissions warn that an app may crash or stop working if you remove a permission. Or warn that only advanced users should use it. Now, those users need to use much more involved methods to deny permissions that an app should not have in the first place.
-
@mk opportunity to create an app to do that?
-
@boneidol maybe - that's a totally different approach (and an extra step needed). Haven't seen any app yet that has done this though. Basically removing permissions works by editing a file within the APK - that's why it needs uninstall/reinstall (and sometimes reboot), or one app that just changes an APK *before* you install the app.
-
@boneidol but I don't know enough about selinux to know whether it's even possible to alter the profile you are *running* with already. I guess that would require root, at least.
-
@boneidol given howo many apps I've already seen that 'stopped working' I'm guessing it's not all that easy or they would have come with an update already, or announce they're working on one at least
-
@mk yeah... I can't get ad block plus to work on lollipop any more
-
@boneidol ...and there you go. all sorts of security and privacy (and related) apps that no longer work in the name of security. And I guess lots of things that were possible would now require root - which may also be more difficult to get.
-
@mk Are you still using the LG P999 phone, or do you have a new phone? I didn't think any new !Android versions past 2.3.7 (Gingerbread) were available for the P999
-
@bobjonkman no, I have a new one (LG is Korean, not Chinese): it's a (rooted) THL T100s (dual-SIM) with Android 4.2.2; this 'incompatible ROM' is the first problem I encountered with it, it's been quite reliable and stable so far - it seems to use an incompatible 'just-in-time compiler' which it may, or may not, be possible to work around (I'm not goingto try).
-
!Replicant seems to have a very limited number of supported devices. I wanted to install it on a Samsung Galaxy S3, but there's only an image for the i9300 model, not the SGH-777V that I needed. I don't think there was ever a Replicant image for the LG P999
-
@bobjonkman I can't even remember what Replicant is! I've heard of it but... anything to do with security or privacy? (yes I can search but I'm having a brain shut down after all of today's #yakshaving and I've just started my second Gulpener Wintervrund (8.5%) to wind down :D
-
!Replicant is alternate firmware for !Android devices, with a focus on !security and !privacy http://replicant.us
-
@bobjonkman by 'firmware' do you mean a ROM?
-
Yes, "firmware" ~= "ROM" but since it's replaceable it's not really Read-Only
-
@bobjonkman thanks - I doubt there would be (or ever will be) a version for my THL device - it's just too obscure ;-) I chose it for the dual SIM capability (essential for me) and other advanced features related to the MTK chipset like being able to edit the IMEI (both, even), which I used in practice to be able to use a Turkish SIM in Turkey on an "imported" phone for more than a week.
-
@bobjonkman Found this: http://www.hongkiat.com/blog/cyanogenmod-alternatives/ I'll have to page through these before I get my next phone.
-
@bobjonkman Many ROMs can be flashed - not just on Android devices, also devices like routers and BIOSes - and they're still called ROM because you cannot modify them - only replace.
-
As a compu-duffer I still think ROM means a piece of hardware, not the software that's stored on that hardware
-
@bobjonkman the term firmware is equally annoying. Firmware upgrade is proprietary name for 'yum update' AFAICT
-
@andresinmp understood, I didn't even expect that to be available for Chinese phones ;-) Dual-SIM was an absolute necessity, and for that the Chinese market is way ahead of western phones.