Wednesday, 2 April 2014

Freshly updated list of Android bloatware that's safe to delete, or not. You decide!

Your Android phone or tablet came with so many preloaded apps that you only get to use half of the advertised memory. And most of the junk starts up all by itself as soon as you think about looking at your phone.

If your Android is rooted, it's time to clean up the junk. And not only if you run a stock ROM, because custom ROMs come with lots of junk too. Yes, even CyanogenMod.

But what to zap and what to leave alone? You don't want to brick your phone, you don't want bootloops on your tablet, and you don't want to delete something that you can only get back aboard if you reflash your ROM. And the names of the bloatware apps are so cryptic that even Google doesn't know what they're doing. Yes, really. Google for "somecrypticjunk.apk" and you'll find it back in hundreds of "safe to remove" list just because removing it didn't kill the phone of someone out there. Needless to say, deleting it will turn your phone into a paperweight, but don't ask forums like xda what the app is for. If you do, you'll get one of two equally useless answers:
1) "Google it." [If Google knew I wouldn't be asking, duh!]
2) "Just delete it. I don't know what it does, but trust me, it's safe."

So here's a list of apps that are safe to remove. Or not. Only you can decide if your gadget needs it, so it's not just a list of apps, but also a list of what those apps do and what might break without them. Have a click:

The android underground Android system APK list

If you spot any errors or have something to add to the list please hit the contact link on the bottom of the page or leave a comment on this blog post.
tweet this reddit digg this StumbleUpon digg this digg this

Saturday, 15 March 2014

WhatsApp or Android, who's to blame for appgate?

Hang 'em high!

Scandal! Stop the presses! Any app on your Android phone can steal all your WhatsApp messages from your SD card. Facebook didn't have to waste 19 billion dollars to read your chats. They could just have made the Facebook app grab your WhatsApps off your card. Someone's gotta get fired over this, right?

But who?

Let's blame WhatsApp

WhatsApp stores its message database and nightly backups thereof in plain sight on your memory card, no matter if your memory is built-in or added on a microSD card. That's great if you want to mix'n'match your WhatsApps and SMSs with apps like Backup Text for WhatsApp and SMS to Text, but not so great if you want to keep nosy apps out of your texts. Anything with SD card access can read along.

WhatsApp could easily have prevented this by encrypting your messages. They gave it a shot after the shit hit the fan, but so far without success. That's because WhatsApp used the same key to encrypt all messages from everyone. Yep, that's almost impossible to believe, but they really used a skeleton key to lock up your private chats.

So here's what WhatsApp should do: use a proper full-blown encryption method to protect the database that holds your messages. While they're playing with encryption anyway, full end-to-end encryption to keep Facebook and the NSA out of our chats would be most welcome too.

Of course WhatsApp should provide a method to let other apps into your messages if you allow them to. I don't want to lose Backup Text for WhatsApp and SMS to Text, and the long overdue multi-network app that includes WhatsApp needs access to your WhatsApps too. To cut a long story short: WhatsApp should encrypt its database and let us decide for ourselves who gets the keys and who does not.

Let's blame Android

Android treats your memory card the same way your computer treats your hard drive. Apart from a tiny bit of protected storage (that mysterious ".android_secure" folder that tops the list in your file browser) anything on your card can be read, altered, deleted, stolen, smeared, raped, and tinkered with by any app that has the "storage" Android permission. Most apps have that permission, so anything on your memory card that is not encrypted is up for grabs. That includes all those naked selfies that you shot after emptying the final bottle.

But what about sandboxing? That works for the app-specific internal storage that you can only get at if you root your phone. It doesn't work for the storage that you can see on your computer when you hook it up with your phone's USB cable. If you give an app access to your memory card, it gets access to all of your memory card, including your private collection of wildlife movies.

But that's changing.

Let's blame Google

Recent editions of Android lock down your memory card, because Google hates microSD. They'd rather have you store all your data in their cloud services so their advertisers can take a peek. Starting with Android 4.4, apps can only read the "public" parts of your SD card, and they can't write anything outside their tiny little sandboxed piece of storage space.

That's good for privacy reaspons, and bad for other reasons.

The good news is that this could prevent future WhatsAppgates. The bad news is that it will break a lot of useful things too. Save your email attachments with your mail app and edit them with another app? Forget it. Delete a picture from an alternative gallery app like QuickPic? Forget it. Zap old Nandroid backups with ES File Explorer? Forget it. The sledgehammer approach to SD card security is a disaster for cross-app access to files and folders.

Now what?

Locking down your external storage is a bad idea. It breaks too much, and forces us to move our data to the cramped and expensive built-in storage, or send it to the cloud and burn up our data and battery for no good reason.

Keeping everything wide open is a bad idea, because I don't want Obama snooping around in my WhatsApps.

Solution? Fix the broken Android permission system so we can decide for ourselves what app can access what. The "external storage" permission should be split into two permissions: "access to folders created by my app" and "access to the rest of the memory card." Anything that's too sensitive for the second permission should be encrypted by the app that made it, and then the user should decide who gets the keys.

Until then, lets hope an Xposed module will fix what Android 4.4 broke.

Update: the Xposed module to fix external SD cards on KitKat is ready. It's called HandleExternalStorage. Grab your copy from the Xposed installer.

tweet this reddit digg this StumbleUpon digg this digg this

Sunday, 2 March 2014

Multi-network chat app imo commits suicide, Trillian is still alive

Remember back when you had to use a different app for each and every chat network? And then came apps like Trillian, Nimbuzz, fring, imo, etc. One app to talk to all your friends, even if they were scattered over different chat networks.

But multi-network chat apps are like lemmings. They bundle different chat networks, then they build their own, then they cut the other networks out, and then they die.

Nimbuzz dropped almost all third-party networks, and fring and eBuddy thought it was time to plug their own networks by yanking all the other chat networks out of their apps. Does anyone know if fring and Nimbuzz and eBuddy still exist?

And now imo decided to dig a grave for itself and jump right into it. There was a time back when imo connected to no less than 12 different networks, but I just received this farewell note from them:

Date: March 2, 2014
Subject: imo discontinuing support for all third-party messaging networks
To: android underground

On March 3, 2014, we will start discontinuing support for all third-party instant messaging networks. We know change isn't always easy, but we hope our users will trust that this will make imo an even better service. You will be able to download your chat history on from third-party networks until March 7, 2014.

Yep, you read that right. I got a mail from imo late in the evening on March 2 telling me that the one and only reason why I use imo will be axed the next day. And I get less than a week to download a copy of my chat history. Guess what? When I tried to download my chats imo gave me an empty file!

First they rake in customers using Facebook, Google Talk, MSN/Windows Live/whatever M$ calls it now, VK, etc. as bait, then they spit out an app update that forces all users to make an imo chat account, and then they make that forced chat account the only network left in the app...

Bye imo.

They must be popping open the champagne at Trillian HQ now that their main competitor decided to kill itself.


tweet this reddit digg this StumbleUpon digg this digg this

Monday, 24 February 2014

CyanogenMod for Nokia?

Finally! Nokia has seen the light and made some Android phones!

They're low-end models, they're made to look like Windows Phones, and they have a watered-down version of Android with a Nokia app store that's as empty as the Windows Phone software shop, but it's a start. Because they have all the Android drivers built in, it shouldn't be too hard to make custom ROMs with the full Google Play Store and all its apps and Google syncing options.

Back when Nokia wouldn't even look at Android there was a CyanogenMod port for the Nokia N9, but that phone got abandoned real quick. But the new Nokia Android phones should have a longer lifespan, and maybe Nokia will add a few better-specced Androids later on?

Nokia hardware with the flexibility of Android... sounds like a promising alternative for when your Samsung needs replacement.

Update: Done! Nokia X rooted and filled with Google apps.
Google apps on Nokia X at xda

tweet this reddit digg this StumbleUpon digg this digg this