Thursday 2 October 2014

Xposed modules on my Android phones and tablets (as of October 2, 2014)


Xposed makes your Android yours

Custom ROMs? Nice, but with the Xposed framework you can turn any stock ROM into your own personal custom version. It has countless modules that let you customise just about everything you want to tweak, and more. Of course your phone or tablet needs to be rooted. It also needs Android 4+ (that means Ice Cream Sandwich, Jelly Bean, KitKat, or newer), but there is a version for Android 2.3 (Gingerbread) with limited functionality.

Xposed can do so much that xda gave it its own forum!

The Xposed Installer has a built-in app store full of Xposed modules, but some require a trip to the xda forums. Some modules are in the Google Play Store, but because of the way they interfere with the way Android and its apps work they have a high risk of getting booted out of Google's app store sooner or later.

With so many modules to choose from, some rather silly, many with overlapping functions, choosing the right Xposed modules can take a lot of time, trial, and error. Here's what I picked for my Android gadgets:


Alternate App Picker

Android Jelly Bean came with a few annoying "features," and its app picker is one of them. The old app picker (up to Ice Cream Sandwich) lets you tap the app name, and off it goes. There's a checkbox to remember your choice, but you can leave it unchecked to stay flexible and just launch the app you want with one single tap on the screen.

Enter the new app picker. It makes you tap the app, and then it makes you tap an "just once" or "always" button. Result: what you could do with one tap now takes two.

The alternate app picker module pus the old picker back, and can save you gazillions of taps and eons of your time.

Alternate App Picker on xposed.info


App Settings

This module lets you set a couple of preferences per app instead of system-wide. Screen resolution, fullscreen behaviour, show app when your Android is locked, a way to remove ongoing notifications without killing the entire app, and more.

I use App Settings to run my camera, clock, Here Beta, seNotes, Timers4Me, Google Maps, and some other apps over the lockscreen, and to keep DeSpy Camera out of my recent apps list.

App Settings on xposed.info
App Settings at xda


Disable Clear Defaults Dialog

If you set a default app on a Samsung phone with TouchWiz, it pops up an annoying reminder to tell you that you can clear the default behaviour in the Application manager. Nice to know, but nobody needs to be told over and over again.

This module gets rid of the popup message once and for all.

Disable Clear Defaults Dialog on xposed.info
Disable Clear Defaults Dialog at xda


Disable Google Network Location Consent

Another annoying popup message that believes once is not enough. If you enable Network Location, Google asks for permission to use your location to build its database of cell tower and WiFi router locations.

Of course Google needs to ask, but does it really need to ask the same question over and over again whenever you toggle Network Location back on? My corrupted mind believes that Google did this on purpose to stop you from switching Network Location off when you're not using it.

Until Network Location gets a "don't ask me again" option, this Xposed module does the job that Google didn't do.

Disable Google Network Location Consent on xposed.info
Disable Google Network Location Consent at xda


Downloads2SD

Have a little bit of internal storage and a biiiiiig external microSD card? Android has the annoying habit of trying to cram every download, picture, podcast, ringtone, movie, and song on your tiny internal storage space instead of on your giant memory card.

Downloads2SD tells Android to put your stuff where you want it. Internal or external storage, the choice is yours.

This is especially useful for pictures: if you drop your phone in the pool you can simply pull out your microSD, dry it, and save your shots on any computer without having to wait for the repair shop to revive your drowned phone.

Sending big downloads to your external storage instead of squeezing it into your overflowing internal memory chip is very useful too.

Downloads2SD on xposed.info
Downloads2SD at xda


Force FastScroll

Does your favourite app show loooooong lists without a scroll thumb? The Force FastScroll module lets you drag the scrollbar in apps that don't let you do this themselves.

This saves you a lot of scrolling up and down in WhatsApp, Dood's Music Streamer, Liquid Bear, the SMS app that came with my Samsung phone, the Xposed installer download list, and many other apps.

It doesn't work for every app, and it makes Facebook Messenger, Google Play Music, and a few other apps force-close. The author of the module made a list of incompatible apps. Have a look if Force FastScroll breaks your Android app before you hit the Force FastScroll settings.

Force FastScroll on xposed.info
Force FastScroll at xda
Force FastScroll list of incompatible apps


GoogleOfflineVoice

Google's voice recognition feature can work offline, but it goes online whenever there is a live connection, whether you want it or not. Slow internet, expensive roaming data, Google doesn't care.

GoogleOfflineVoice lets you force it to use offline voice recognition.

GoogleOfflineVoice on xposed.info
GoogleOfflineVoice at xda


Greenify

Android task killers are sometimes useful, but are often abused to the point of slowing down your device and burning up your battery.

Greenify has a better way to tame your apps. It hibernates them after your screen switches off, and wakes them up again when you want to use them. Much better than bluntly killing them!

Greenify in the Google Play Store
Greenify at xda


Message Delivered Toast Notifications

When you send an SMS from your Samsung and it gets delivered to the intended recipients network, Samsung throws a notification on your status bar. That wouldn't be so bad, except that it triggers the same ringtone as if you received a message yourself.

This Xposed module turns the delivery report into a popup ("toast notification" in Android-speak) that doesn't make any unwanted noise. It doesn't shake your phone either.

Message Delivered Toast Notifications on xposed.info
Message Delivered Toast Notifications at xda


Notification Mod

If you lock your Android with a PIN, pattern, or password, you probably can't pull down the notification bar on your lockscreen anymore.

Notification Mod fixes that for you. It lets you choose between notifications, quick settings, or both, and you can have a notification pulldown without the settings button.

If you tap a notification to open an app, you still have to unlock your phone or tablet. But there's a way around that: you can tell the App Settings module which apps can run over your lockscreen sans PIN or password.

Notification Mod on xposed.info
Notification Mod at xda


Per App Hacking

Want to set a proxy server for an app, but not system-wide? Want to feed a fake date and time to an app, for example to make the expired Nokia Here Maps app work again? Want to prevent wake locks so an ill-designed app won't suck your battery dry? Per App Hacking lets you tame your apps!

Per App Hacking on xposed.info


PlayPermissionsExposed

Android's permissions system is a mess that Google refuses to clean up. Dangerous permissions are mixed in with the harmless ones, so you'll never know what hit you if you don't pay attention.

Google "simplified" the permissions list in the Play Store, so now many permissions are completely hidden from you.

Even worse, Google decided not to list the internet access permission anymore, probably because of all the Play Store comments from people who wondered why things like launcher themes and battery widgets need to go online (answer: to show Google ads and let Google Analytics spy on you). That's a downright irresponsible move by Google. If an app can read my contacts list or find out my email address, I definitely want to know if it can go online or not.

PlayPermissionsExposed forces the Play Store to list all permissions that an app asks for, and requires your permission before installing any app with changed permissions.

PlayPermissionsExposed on xposed.info
PlayPermissionsExposed at xda


RootCloak

Just because you rooted your phone doesn't mean you want every app to know about it. For example, many games refuse to run on a rooted Android, or demand root access themselves to check if you don't use root to cheat.

RootCloak lets the apps of your choice apps think your phone or tablet is not rooted. Note that app developers can fight back. Some banking and online tv apps detect root with a method that RootCloak can't stop. RootCloak Plus is better at hiding root access, but it uses Cydia Substrate instead of Xposed.

RootCloak on xposed.info
RootCloak at xda


Samsung Multiple Widgets

Locking up your lockscreen with a PIN, pattern, or password is a good idea if you want to keep the unwanted out of your Android.

Unfortunately Samsung decided to kill your lockscreen widgets if you secure your lockscreen. Want to shoot pictures with your camera? If you set a PIN, Samsung keeps your camera closed. Firing up your web browser without entering your lock screen password? Samsung says no.

The Samsung Multiple Widgets module lets you put widgets on your lockscreen no matter if you set a PIN or not. Your music player, navigation app, or any widget you can cook up in Widgetsoid, it can all go on your locked lockscreen.

Firing up an app from a lockscreen widget only works if you allow that app to run over your lockscreen. Fortunately there's an app Xposed module for that. Samsung Multiple Widgets works great in combination with the App Settings module.

Samsung Multiple Widgets on xposed.info
Samsung Multiple Widgets at xda


SwypeTweaks

Typing Swiping with Swype? Swype is great, but its voice recognition sucks. The SwypeTweaks module forces Swype to use Google's voice recognition instead, which works much better than Swype's built-in Dragon voice recognition.

Works great in combination with the GoogleOfflineVoice module!

SwypeTweaks on xposed.info
SwypeTweaks at xda


Wanam Xposed

This is the Samsung-centric version of Wanam Kit.

Wanam Xposed does lots of things. You can tweak your notifications panel in many ways, hide unwanted items from your lockscreen, kill the camera shutter sound and other unwanted noise, change the looks and colors of your staus bar icons, notification panel, quick settings notification widget, restore read/write access to your external microSD card in KitKat (why did Google have to kill this?), and much more.

Some things I tweaked with Wanam:

- Killed the airplane mode and bluetooth scan dialogs.
- Made the volume panel auto-expand (show all volume sliders) upon hitting the volume button.
- Silenced the camera, disabled the boot and low battery sounds, and killed those annoying volume button beeps.
- Enabled my camera to shoot pictures during a call.
- Told my home button (yes, Samsungs still have one) not to wake up my phone.
- Long-pressing the back button kills stuck apps, but I told it to ignore some apps that I don't want to kill by accident.
- Made my status bar icons blue again, because I don't like them in white.

Wanam has ads, but you can use Wanam to switch them off. Yay!

Wanam Xposed on xposed.info
Wanam Xposed at xda
Wanam Xposed in the Google Play Store


XBlast Tools

The XBlast module duplicates many of Wanam's features (see above), but it does some things that Wanam doesn't do, and vice versa.

Some of my XBlast tweaks:

- No gaps between quick settings tiles.
- Stop sending system usage data to Google.
- Enabled all display rotation angles, including upside down.
- Advanced power-off menu, with buttons to boot into recovery mode, and a screenshot button.
- Switched off the low battery warning, which always pops up when you're busy doing something else.
- Removed restrictions on bluetooth file types; now I can send and receive everything.

XBlast can do a lot more, but I already did those things with Wanam.

XBlast Tools on xposed.info
XBlast Tools at xda


XPrivacy

LBE Privacy Guard is dead. It stopped working since Android Jelly Bean, and its successor is only available in chinese (unless you let Xposed translate it for you with one of the LBE translation modules). Even if you can run LBE, it uses a lot of resources and doesn't give you fine-grained control over what your apps can do.

XPrivacy does much more. It lets you control just about every Android permission your apps ask for, and it has close to zero impact on the performance of your device. If your Android is old, don't worry, because there is a version for Gingerbread too.

This powerhouse of an app lets you allow, deny, or spoof access to your accounts, location, contacts, messages, MAC address, Android ID, calendar, and many other private bits of information.

Don't want an app to receive push notifications, access your microphone or camera, or check which other apps are running? XPrivacy has a switch for all of those, and more.

Xprivacy can keep apps offline too, but a real firewall like AFWall+ gives you many more options. For everything else, give it a shot.

XPrivacy on xposed.info
XPrivacy at xda
XPrivacy in the Google Play Store


Get it

There are many more Xposed modules. Go grab the Xposed installer and play around!

Xposed framework
Xposed modules at xposed.info
Xposed at xda
Xposed for Gingerbread at xda

• The competition:

Cydia Substrate in the Google Play Store
cydiasubstrate.com

tweet this reddit digg this StumbleUpon digg this digg this

Wednesday 1 October 2014

Nokia Here Maps Beta expired: Here's how to fix it


Un-expire Here Beta

Nokia Here Maps isn't officially released yet, but the leaked beta test version is already the best free offline navigation app for Android.

Why? Check this review here.

Unfortunately the leaked beta test version had a time bomb in it. Starting the 1st of October, it pops up a very annoying message: "this version has expired."

But you can un-expire it!

Method 1

Tell your phone or tablet to go offline (no WiFi, no mobile data), fire up the settings, and set the date back to September 29, 2014.

Now open the application manager and wipe the data of Here Beta.

This un-expires Here Beta. You can go back online (necessary for public transport navigation, among other things). As long as the date is set back, Here Beta keeps running OK.

Method 2

If you're reading this, your Android is probably rooted. Instead of changing the date of your phone or tablet system-wide, you can change it for Here Beta only.

Get the Xposed installer, grab the Per App Hacking module, tap the "Time Machine" entry, and set the date and time for Here Beta to 2014-09-29 12:00 to fool it into non-expiry.

Method 3

Grab nambavuong's modded version with the expiration code yanked out. No root required, no need to mess with the date settings.

Get it all here

Here Beta (need to set back date to make it work)
• Here Beta (modded, doesn't expire) on Google Drive and MediaFire

Xposed Installer
Xposed forum on xda
Per App Hacking module for Xposed

tweet this reddit digg this StumbleUpon digg this digg this

Tuesday 30 September 2014

Free offline navigation: Nokia Maps is Here


Nokia Maps is Here

Does anyone still remember Symbian? One of its great features was Nokia Maps, a great free offline navigation app that Android never managed to copy. It's also the reason this blog exists, because it all started as a collection of links to offline Nokia Maps files for those without Nokia Map Loader.

Android didn't have a good free offline navigation app yet. Sure, there are expensive navigation apps like Navigon, Google Maps that only lets you store tiny little offline map snippets that won't hold a city, and apps like OsmAnd that run on the often inadequate maps from OpenStreetMap.

Enter Nokia Maps, renamed to Ovi Maps, renamed again to Nokia Here. Oh wait, now it's just called Here, sans Nokia. But for now it's called Here Beta.

Here is not officially available yet. Planned release: end of the year. Real release: right here, right now. Because the beta test version is out here there for everyone and it's already better than the competition.

What's in Here?

The maps are really good, but some countries are missing from the list of downloadable maps. No Mongolia, no Sierra Leone, no Haiti, to name a few. Tibet and Palestine are missing from the list of countries because Nokia believes they're part of China and Israel. On the bright side, Here lists Taiwan as a separate country. On the politically correct but rather stupid side: Vatican City and San Marino are separate downloads instead of enclaves within Italy.

You'll want a phone or tablet with an external memory card to do all of Route 66 or navigate your band's entire european tour. A 32 GB memory card will fit the entire planet, but you're gonna have to store your music elsewhere if you really want to carry the whole world with you. A more efficient map compression format would be welcome.

Here Beta lets you drive, walk, and ride the subway. It doesn't have a bike mode and it doesn't show bike lanes, so your bike still needs Google Maps. The public transport info in Here is outdated: extended lines are still short, zapped lines are still running, and rerouted lines still run along their old tracks.

Offline maps or not, even if you set the app to offline mode and switch off all data collection options Here still phones home to spy on you. If you're roaming abroad, make sure to tell your firewall not to let Here use any roaming data, or your next phone bill will bring a nasty surprise. Taming Here with an app like XPrivacy is a good idea too.

On the bright side, setting up a route to navigate is really easy. Here lets you choose many alternative routes if you don't like its first choice. The app insists on using its own voices instead of your Android's built-in TTS voices, but voice navigation works pretty well and covers many languages.

Get it Here

Here is not in the Google Play Store yet, but the beta test version is ready for grabs if you want to take it for a test drive. You need to make a Here account (yes, they want your email or Facebook) before you can download any maps.

Nokia Here on MediaFire
Update: This version now pops up a message "this version has expired." Here's how to un-expire it.


tweet this reddit digg this StumbleUpon digg this digg this

Monday 4 August 2014

Why my Google Maps is old


Google Maps from way back then

Google updates its Maps app every once in a while, adding new features, upgrading existing functionality, and squashing the occasional bug.

But I haven't updated my copy of Google Maps for Android for over a year. Not on my phone, not on my tablet. Here's why:

Maps without paying for data roaming


A great feature of an ancient Google Maps update was the ability to store maps on your memory card for offline use. Mapping out a route still requires a live internet connection, but route planning only uses a tiny fraction of the data that the maps themselves gobble up.

That's not much of an issue on WiFi or an unlimited data plan, but what if you're roaming in a country where data costs a fortune and free WiFi is non-existant in most places?

If you're just using the app as a city map the answer is easy: download the map when you're on WiFi or before you leave your country, then use it for free as you walk the streets

If you're driving in a country with expensive data and no free WiFi on the highways (that's just about every country on the planet if you cross the border), you can download the route over WiFi in your hotel, or grudgingly pay the international bytes for grabbing the route, and then hit the road without paying anything extra.

But all of this only works if you store the maps you need onboard.

Google gives, Google takes

Three years ago Google Maps for Android finally offered the possibility to download maps for offline use. At first, it was limited to tiny little blocks of 15x15 miles, but since you could download ten of them you could easily fit an entire metropolis on your phone.

And then things got better. Two years ago the download limit increased to about 80 MB (enough for really big cities). Instead of ten maps you could only download six, but the increased size per map meant that you could fit small countries on your phone's memory card.

Too bad that a later update cut things back down again. Sometime last year the maximum download size reduced to the point where large cities wouldn't fit on a map.

London and Paris are too big

Try to download a map of all of London within the M25 with a recent version of Google Maps and you'll face with the message: "Area too large. Zoom in." That sucks big time if you want to move between Central London and your friends place out in the suburbs.

Compare that to the old Google Maps which would hold the Greater London Area including the airports, all the way from Luton and Stansted to Heathrow, City, and Gatwick.

Paris? Same problem. Recent editions of Google Maps won't store Charles de Gaulle airport and Versailles on the same map, whereas the old version holds all of Paris and its distant suburbs all away to the far-out Beauvais airport, deceptively labeled "Paris" by unscrupulous discount airlines like Ryanair.

Good old Google Maps stores Brussels and Antwerp and the highway that connects them in a single download, new Google Maps won't.

And in The Netherlands a single old Google Maps download gets you the four biggest cities of the Randstad conurbation. Use your quota of six stored maps and you can put the entire country on your Android gadget. The new Maps app doesn't get anywhere near that.

Check the screenshots in the picture for the difference between old and new. It makes a world of difference, or at least a city or two.

Newer is not always better

Sure, I could store much larger parts of the world in apps that use OpenStreetMap (e.g. OsmAnd or MapFactor), but those maps often fail to deliver outside the major cities in Europe and America, especially on the navigation part.

So that's why I keep a copy of good old Google Maps v6.14 on my Androids, and not the current version (v8.20.0 as of August 4, 2014). The features in the update just can't compete with the extra onboard storage of my vintage Google Maps.

• Big maps: Google Maps 6.14.x on xda (scroll through the pages, there are many different versions)
• Small maps: latest Google Maps in the Google Play Store

tweet this reddit digg this StumbleUpon digg this digg this

Saturday 21 June 2014

Live football and match highlights on Android: dodge the scams and see the goals


5PA1N

The Dutch kicked Spain in the cojones, Costa Rica surpised everyone, and the English wish they were never born. The 2014 World Cup couldn't have had a better start.

And there's more to come. Lots more.

But what if you're trapped at work, stuck on the beach, locked in a train, or anywhere else with no tv in sight?

Then you pull out your phone or tablet and watch the games on your Android, of course!

The minefield of the Play Store

The Google Play Store is full of apps to watch live football streams. Missed the game? Plenty of apps to watch the highlights too, so if you didn't see Ghana tame the Germans you have a second chance.

There's a tiny little problem.

Most football streaming apps and highlight viewers bomb your screen with popup ads that won't go away. Tap the tiny little "close" button and they dump even more annoying spam on your display. And when you finally killed the last ad, the video won't play.

So you download another app, only to find out that's it's the same worthless app with a different name, a different icon, and a different developer account from the same scammer.

But what about the Play Store ratings? Forget about them! You can be sure that 99,9% are from the app developers themselves. And most of the one star ratings come from the makers of competing apps.

Many football streaming apps are not worth their electrons, some work to some extent, and a few of them are really good.


Football+

This app has live streams and match highlights. Sometimes they work, sometimes they don't. If big teams are involved, there's usually a stream or two. Or more. Small teams from small leagues often have to do without. Unfortunately you'll only find out when you click the match. Football+ doesn't have an option to filter streamless games out of the list.

Football+ (Google Play Store)

Football live stream (R.I.P.)

This app from aufaitgroup.com/download/fls.apk used to be my favorite. It worked really well, and had a no-nonsense clean interface. Too bad its servers stopped responding a long time ago. I really want this app to score again.

Football Soccer Highlights and FootyGoal

These two apps have no live matches, but they are are a good source of game highlights after the match.
FootyGoal is listed in the Play Store as Football Highlights World Cup, but it appears as FootyGoal in your app drawer.
FootyGoal and Football Clip Highlights show the same clips from the same source. FootyGoal has a better user interface, but Football Clip Highlights starts its clips directly in full screen mode.

Football Soccer Highlights (Google Play Store)
FootyGoal (Google Play Store)

Football Highlight

I just removed this app from my phones and tablets. Its match list hasn't been updated in months, and the old videos don't even load anymore. The app disappeared from the Play Store too. Bye bye.

• Gone.

Shadow TV

This general internet tv app has lots of channels from all over the world. Plenty of sports channels too, and some of them show live football. You have to try 'em too see what's on, because that's the only way to find out which of the many channels have a game on. Or look 'em up in an online tv guide.

Shadow TV (Google Play Store)

Soccer Live Streaming

Anyone who calls football "soccer" should be hanged, diced, and fed to the crocodiles. With that out of the way, on to the app itself.
Soccer Live Streaming lists lots of live matches ranging from the big leagues to the lower divisions of countries that nobody ever heard of. Just because a match is listed doesn't mean it has a live stream. You won't know until after you try to open it, because the list itself won't tell you. The bigger the teams, the more chance that there's a stream available.

Soccer Live Streaming (Google Play Store)

SopCast

This bittorrent-like peer-to-peer streaming video app is filled to the brim with high quality live tv streams. There's plenty of live football in SopCast. The app has its own built-in list of channels, but this only shows a tiny fraction of what's available. Too bad SopCast has some spam streams too. Some big league streams are nothing but a static image pointing to a spammy website. To find all the matches live on SopCast you have to search sites like voetbal.site666.info.

SopCast (Original version. It's not in the Play Store, so you need to sideload it.)

SopCast Android

Did I just write that SopCast is not in the Google Play Store? It is in there, sort of. Someone called mrGhost2014 took the official version of SopCast apart, added his own ad screen, and shoved it into the Play Store. It's no different from the real SopCast, except for the extra ads.
Stay away from this ripoff. Sideload the real thing and report mrGhost2014 to Google to get this clone pulled out.

SopCast Android (Google Play Store ripoff clone. Sideload the real thing instead!)


Streams

This app, listed in the Google Play Store as Live Streams, has a clean user interface and live streams that work, although many of them look very pixelated on a tablet. Streams doesn't just play football, it has other sports too. Too bad it doesn't handle transitions from landscape to portrait mode very well. If you tilt your screen it says "source streams not found." Fortunately you can get them back by returning to the game list and opening the streams again.

Streams (Google Play Store)

Watch Football Live

This app is packed with tv streams, including football. Sometimes the back button won't work, and then the only way to stop a stream is to kill the app.

Watch Football Live

Watch Football Live Stream

This is just a frontend for a website with streams in Flash format. Sometimes the streams work, often they don't. Either way, most streams are full of incredibly annoying popup ads that refuse to go away. If you dare to click the "close" button you're punished with even more ads.

• Kicked from the Play Store. Nobody will miss you.

#1 CL Live

This app appears as "Football Stream World Cup Live" in the Google Play Store, and as #1 CL Live on your home screen. It used to be in the Play Store as #1 Football Live, but that version is gone. I'm sure it will be pulled from the Play Store again in the near future, and then it will come back with yet another name. Even with an ad blocker running this app throws ads all over your screen. It shows streams in Flash and other formats, but you only get to see them after you've chased all the ads away and then some more. To be honest, this is a horrible app. The only reason I didn't throw this (cr)app out yet is that it sometimes plays streams that all my other streaming apps won't play.
Warning: this app has push notifications. Enter the settings screen and switch them off! While you're at it, open your autorun manager and kill all its autostart triggers too. And don't forget to fire up your permissions manager and chain down everything but internet access.

#1 CL Live (Google Play Store)


Play it safe

Be careful with apps like these. They're in it for the money and their business ethics are often questionable. Make sure to use an electronic condom on them. I wouldn't run any of the apps above without an ad blocker like AdAway. Use a good permissions manager like Xprivacy to take away all the Android permissions that they can do without. They need internet access, and some apps need permission to launch your video player, but that's all you have to give them.

Apps like these come and go. They're often pulled from the Play Store, and then they return with a different name. Shady developers copy them to slap their own ads on. Football streaming is a bit like music downloading back in the days of Kazaa. Don't forget to switch your brain on when you play with these apps.

tweet this reddit digg this StumbleUpon digg this digg this

Tuesday 3 June 2014

Play Store hides internet permissions: what was Google smoking?


The Google Play Store changed a bit last week. Not just the app, but the mobile website too. Some of these changes are good, some are incredibly stupid. Whoever is responsible for "simplifying" the app permissions should be forced to eat a dozen iPhones.

Play Store mobile website

Opening the Play Store in your mobile web browser used to be horrible. You'd get the desktop layout, an overload of crazy scripts slowed things down to a Nokia N95 on GPRS (that's the old mobile version of a dialup modem), and every tap would spawn a popup with most of the information out of sight beyond the edge of the screen.

But now the Play Store website has a real mobile version. It's still clumsy and slow, but at least you can see most of the information without scrolling your thumbs to pieces.

But why would anyone care about a mobile site if you've got the Play Store app on your Android already? There are two good reasons:

1) Sometimes the Play Store app spits out an inexplicable error with a cryptic number. Installing the app from the mobile website usually fixes things.
2) The website makes it easy to install or update apps on different Android phones and tablets, without having to open the Play Store app on each of your devices.

Some info in plain sight

When the Play Store app started to show whether an app had "in-app purchases," it did so where the app update date used to be. Wanted to find out when the app was updated? You had to expand the description and scroll all the way down to find out. Some app store descriptions are really long. Twenty testimonials followed by thirty competing app names and fifty spammy keywords means a lot of scrolling to get to the info you want.

The new Play Store puts version number, update date, app size, and a link to the app permissions together at the bottom of the screen without need to expand the entire app description. That makes it a lot easier to see if the update is really new, and not an old update that you skipped because it broke the app.

Permissions? Just bend over and spread 'em!

When you hit "install" or "update," the Play Store pops a list of app permissions in your face. If you know what's good for you, you read them. If you've traded your brain for a free McJunk Happy Meal, you click "I agree" on everything and pay the price.

Most people take the Happy Meal, and Google likes it that way.

The new simplified app permissions screen looks like a good idea at first glance. But when you try to expand the permissions you don't get the full list. Instead, you get a heavily dumbed down version that doesn't tell you anything useful.

For example, when you expand "Location" the extra info reads: "uses the device's location." Duh! Does it use network location, GPS, or both? When you expand "Identity" you get the similarly useless "uses one or more of: accounts on the device, profile data." What's that supposed to mean? Can an app with access to "profile data" read my phone number and email address, yes or no?

It gets worse! When you allow an app to auto-update, it used to ask you if you'd accept any new permissions. But not anymore. If the new permissions are in the same "permissions group" as a previously granted permission, Google assumes that you'll accept any new permission from that group. It won't even tell you about those new permissions. If an app was allowed to read your texts, an update can grab permission to send them too without your knowledge. If you allowed an app to get your rather course network location, a new permission that lets the app drain your battery to pinpoint you by GPS is granted automatically without notice. Yes, that's creepy indeed.

And the internet permission is missing!

Google believes you don't need to know about internet permissions

According to Google:

"These days, apps typically access the internet, so network communication permissions including the "full internet access" permission have been moved out of the primary permissions screen."

Whoever is responsible for that deserves a slow and painful death. Really.

When I install an app that can read my contacts list I definitely want to know if it has internet permission, because the combination of access to contacts and internet can bomb you and everyone in your contacts list with unstoppable spam.

When I install an app that encrypts my passwords and credit card number, I definitely don't want that app to have internet access.

There are plenty of other reasons why "network communication permissions" are the most important on the list. Any app that can go online should have that permission displayed in big bold type on top of the permissions list!

Of course Google doesn't want that. "These days, apps typically access the internet" indeed, and often for the sole purpose of downloading ads and sending data to Google Analytics. Collecting data for online advertising and throwing banner ads on your phone or tablet is the reason why Google made Android, so obviously they'd rather not have you wondering why an icon pack or a battery widget wants to go online. Just buy the Happy Meal. No need to ask questions, Big Google knows what's good for you.

You can still see whether an app grabs internet permissions or not, but now you have to scroll to the bottom of the Play Store listing, tap "view details" under the permissions header, and look for your reading glasses. The "full network access" permission is hidden in tiny small light grey print under the heading "Other," as if the most important permission of them all is not important at all.

Grab back the keys

The Android permissions system is a broken mess. If you don't want to say "OK Google" to anything but voice search, you have to wrestle the keys back into your own hands. Here's how:

XPrivacy, Android's most comprehensive permissions manager

AFWall+, the best firewall for Android

AdAway and other Android ad blockers

Why Google should make its own ad blocker
Addons Detector exposes spyware and adware

Stop Google, Facebook, and other Big Brothers from tracking everything you do on your Android

Dump the Happy Meal. Root your phones and tablets and pick your Android permissions à la carte.


tweet this reddit digg this StumbleUpon digg this digg this

Tuesday 29 April 2014

NFC apps: when are they gonna grow up?


If your phone is fairy recent (and it's not an iPhone), there's a good chance that it has a Near Field Communication chip. Your Android tablet probably has one too.

But is it good for anything else than reading public transport chipcards?

Things to scan that you already have

Your passport probably has an RFID chip in it. And your ATM card, your credit card, your drivers license. Grab NFC TagInfo from the Google Play Store, scan your cards, and see a bunch of numbers that don't make any sense to you. Get NFC Passport Reader and you can see what your passport is hiding in its chip.

That was useful, wasn't it?

Share your WiFi password, but not by NFC

An NFC sticker on your wireless router, or on the wall, and you don't have to tell your guests your WiFi password anymore, and they don't have to type it into their gadgets either. Just a tap on the NFC tag and they're connected. Cool, no?

There are plenty of apps out there to share your WiFi data. NFC Wifi, Instant NFC WiFi, NFC Wifi Reader, WifiTap WiFi NFC, InstaWifi, just to name a few. There are plenty of apps out there to share your router password to your visitors.

And that's where the trouble starts.

You can write an NFC tag with your WiFi details in it, but your friends can't read it unless they have the same app installed. If they have another app the tag pretends there's no app at all and pops a link to the Play Store where your guests can download the WiFi share app... after manually setting up the WiFi connection that they tried to set up automatically with your NFC tag.

There seems to be a universal format that should be independent of the app itself. Your tag writer should know about that universal format, and their tag reader should know it too. In real life you're better off dropping the data in a QR code. No matter what QR scanner your friends use, they'll be able to read your universally coded router credentials.

Hand out your contact info

How many business cards have you thrown away already? Put a few hundred people together in a meeting and they'll waste a tree on business cards alone.

Now here's where NFC could save the day (and the planet). Because there is a universal contact format called vCard. It's been doing the rounds since Fred Flintstone was a young boy and Dino was a puppy. Even my ancient Nokias could handle vCard, and that was way before the smartphone rage started. Every device with an address book in it can read it.

Again, plenty of apps out there to do the dirty work. NFC Business Card is one of them. Just make sure that you choose the universal vCard format, and not a proprietory knockoff layout.

Too bad you need an NFC tag with enough storage to hold your collection of middle names, phone numbers, emails, URLs, home address, business address, etc. The cheapest tags barely hold your name and email.

Keep it secret

An NFC tag can work like a key. For example, you could encrypt notes on your Android with a key stored in an NFC tag glued to your wallet.

Crypto NFC does just that.

It doesn't do it very well, though. The app is clearly a work in progress with a long way to go. You can write notes with it, and edit them later on, but you can't delete them. You can't back 'em up either. As for sharing them with other devices, maybe sometime in the future?

And the color scheme is terrible, with no way to change it.

But the number one reason for not using the app (yet): there's no fallback mechanism if your tag gets lost or damaged. No password you can enter just in case. The only way to protect yourself against tag loss is to make a bunch of key tags and hope that at least one of them survives your violence and sloppiness.

Wake up!

NFC Alarm Clock should get you out of bed like a bucket of cold water can. Write a tag, set an alarm with the app, and now it won't stop making noise until you tap your phone against the tag, which you glue to your coffee machine, bathroom door, or another strategic location far away from your bed.

Great idea, if it works. The app can be buggy, so check for missed alarms before you use it to wake up for your own wedding. It won't do repeat alarms. You can't even set your own alarm tone or alarm volume.

And it's too easy to cheat the alarm and stay in bed anyway. You can shut it up by switching off your phone, or rebooting it, or killing the app from Androids built-in app manager, or by long-pressing the back button if you're using the most popular custom ROM out there.

So have your mom keep that bucket of cold water ready anyway.

Or use Puzzle Alarm Clock. It comes with NFC tagging too (and QR codes), and is way more developed and way less buggy. And it's got recurring alarms too. The increasing alarm volume option alone makes it better than the alarm clock app with NFC in its name.

Get paid to tap

Billing your work by the hour? By the minute? No need to watch the clock because NFC Time Tracking does that for you. Just write NFC tags for your billable projects and tap your timesheet together.

Automate things

Silencing your phone or switching to airplane mode by tapping a tag on your desk is not useful. It's micromanaging to the extreme, because a long-press on your power button doesn't take much longer and you don't even have to be anywhere near your tag for that.

Come to think of it, most location-based actions are better done with Llama. No need for any tags at all, just set and forget and walk into the right place. Done.

The one useful static location tag is the sticker next to your bed that lets you tap silent mode on at night and off in the morning. Although the "off in the morning" part would be better suited for an NFC-less out-of-WiFi-range trigger so you can have your morning coffee without hearing your boss call to ask why you're late again.

It gets different for things that move around a lot, like your car, passport, shoes, or computer.

An NFC tag on the dashboard is a great way to autoswitch from WiFi to mobile data, turn on your GPS (if your phone is rooted), launch your navigation app, and fire up your music player all with a single click on the but... err I mean a single tap on your NFC sticker.

Tap your passport (if it has an RFID chip) and auto-launch your mobile boarding pass, turn up the brightness, and disable auto-rotation to speed you past the bagage dropoff machine, the security checkpoint, and the gate.

Tap the NFC tag on your sneakers and get your running tracker rolling.

Do you often tether your laptop or tablet to your phone? Stick a tag on your computer and one tap gets your phone hotspot running. It saves you a tap on your hotspot widget. Yep, that's not much, but with a rooted phone it can also save you the trouble of unlocking your phone and swiping to the screen with the hotspot widget. Oh wait, we're micromanaging the taps again.

Location-based If This Then That app Llama reads NFC tags too, but if you want a dedicated NFC task runner there are plenty of apps to choose from. Here they come:

NFC apps

General tag reader
NFC TagInfo

Passport reader
NFC Passport Reader

WiFi password taggers
Instant NFC WiFi
InstaWifi
NFC Wifi Reader (companion app: NFC Wifi Writer)
WifiTap WiFi NFC
They're not compatible with each other. Yes, that sucks!

vCard writer
NFC Business Card

Note encrypter
Crypto NFC

Alarm clock
Puzzle Alarm Clock
NFC Alarm Clock

Time tracker
NFC Time Tracking

If This Then That apps
Llama (cell location and NFC tags)
AnyTAG NFC Launcher
NFC Tasks and NFC Tools
Trigger
NFC Actions
NFC Tag Control
NFC TagWriter by NXP
NFC Smart Q

tweet this reddit digg this StumbleUpon digg this digg this

Wednesday 2 April 2014

Freshly updated list of Android bloatware that's safe to delete, or not. You decide!



Your Android phone or tablet came with so many preloaded apps that you only get to use half of the advertised memory. And most of the junk starts up all by itself as soon as you think about looking at your phone.

If your Android is rooted, it's time to clean up the junk. And not only if you run a stock ROM, because custom ROMs come with lots of junk too. Yes, even CyanogenMod.

But what to zap and what to leave alone? You don't want to brick your phone, you don't want bootloops on your tablet, and you don't want to delete something that you can only get back aboard if you reflash your ROM. And the names of the bloatware apps are so cryptic that even Google doesn't know what they're doing. Yes, really. Google for "somecrypticjunk.apk" and you'll find it back in hundreds of "safe to remove" list just because removing it didn't kill the phone of someone out there. Needless to say, deleting it will turn your phone into a paperweight, but don't ask forums like xda what the app is for. If you do, you'll get one of two equally useless answers:
1) "Google it." [If Google knew I wouldn't be asking, duh!]
2) "Just delete it. I don't know what it does, but trust me, it's safe."

So here's a list of apps that are safe to remove. Or not. Only you can decide if your gadget needs it, so it's not just a list of apps, but also a list of what those apps do and what might break without them. Have a click:

The android underground Android system APK list

If you spot any errors or have something to add to the list please hit the contact link on the bottom of the page or leave a comment on this blog post.
tweet this reddit digg this StumbleUpon digg this digg this

Saturday 15 March 2014

WhatsApp or Android, who's to blame for appgate?


Hang 'em high!

Scandal! Stop the presses! Any app on your Android phone can steal all your WhatsApp messages from your SD card. Facebook didn't have to waste 19 billion dollars to read your chats. They could just have made the Facebook app grab your WhatsApps off your card. Someone's gotta get fired over this, right?

But who?

Let's blame WhatsApp

WhatsApp stores its message database and nightly backups thereof in plain sight on your memory card, no matter if your memory is built-in or added on a microSD card. That's great if you want to mix'n'match your WhatsApps and SMSs with apps like Backup Text for WhatsApp and SMS to Text, but not so great if you want to keep nosy apps out of your texts. Anything with SD card access can read along.

WhatsApp could easily have prevented this by encrypting your messages. They gave it a shot after the shit hit the fan, but so far without success. That's because WhatsApp used the same key to encrypt all messages from everyone. Yep, that's almost impossible to believe, but they really used a skeleton key to lock up your private chats.

So here's what WhatsApp should do: use a proper full-blown encryption method to protect the database that holds your messages. While they're playing with encryption anyway, full end-to-end encryption to keep Facebook and the NSA out of our chats would be most welcome too.

Of course WhatsApp should provide a method to let other apps into your messages if you allow them to. I don't want to lose Backup Text for WhatsApp and SMS to Text, and the long overdue multi-network app that includes WhatsApp needs access to your WhatsApps too. To cut a long story short: WhatsApp should encrypt its database and let us decide for ourselves who gets the keys and who does not.

Let's blame Android

Android treats your memory card the same way your computer treats your hard drive. Apart from a tiny bit of protected storage (that mysterious ".android_secure" folder that tops the list in your file browser) anything on your card can be read, altered, deleted, stolen, smeared, raped, and tinkered with by any app that has the "storage" Android permission. Most apps have that permission, so anything on your memory card that is not encrypted is up for grabs. That includes all those naked selfies that you shot after emptying the final bottle.

But what about sandboxing? That works for the app-specific internal storage that you can only get at if you root your phone. It doesn't work for the storage that you can see on your computer when you hook it up with your phone's USB cable. If you give an app access to your memory card, it gets access to all of your memory card, including your private collection of wildlife movies.

But that's changing.

Let's blame Google

Recent editions of Android lock down your memory card, because Google hates microSD. They'd rather have you store all your data in their cloud services so their advertisers can take a peek. Starting with Android 4.4, apps can only read the "public" parts of your SD card, and they can't write anything outside their tiny little sandboxed piece of storage space.

That's good for privacy reaspons, and bad for other reasons.

The good news is that this could prevent future WhatsAppgates. The bad news is that it will break a lot of useful things too. Save your email attachments with your mail app and edit them with another app? Forget it. Delete a picture from an alternative gallery app like QuickPic? Forget it. Zap old Nandroid backups with ES File Explorer? Forget it. The sledgehammer approach to SD card security is a disaster for cross-app access to files and folders.

Now what?

Locking down your external storage is a bad idea. It breaks too much, and forces us to move our data to the cramped and expensive built-in storage, or send it to the cloud and burn up our data and battery for no good reason.

Keeping everything wide open is a bad idea, because I don't want Obama snooping around in my WhatsApps.

Solution? Fix the broken Android permission system so we can decide for ourselves what app can access what. The "external storage" permission should be split into two permissions: "access to folders created by my app" and "access to the rest of the memory card." Anything that's too sensitive for the second permission should be encrypted by the app that made it, and then the user should decide who gets the keys.

Until then, lets hope an Xposed module will fix what Android 4.4 broke.

Update: the Xposed module to fix external SD cards on KitKat is ready. It's called HandleExternalStorage. Grab your copy from the Xposed installer.

tweet this reddit digg this StumbleUpon digg this digg this

Sunday 2 March 2014

Multi-network chat app imo commits suicide, Trillian is still alive



Remember back when you had to use a different app for each and every chat network? And then came apps like Trillian, Nimbuzz, fring, imo, etc. One app to talk to all your friends, even if they were scattered over different chat networks.

But multi-network chat apps are like lemmings. They bundle different chat networks, then they build their own, then they cut the other networks out, and then they die.

Nimbuzz dropped almost all third-party networks, and fring and eBuddy thought it was time to plug their own networks by yanking all the other chat networks out of their apps. Does anyone know if fring and Nimbuzz and eBuddy still exist?

And now imo decided to dig a grave for itself and jump right into it. There was a time back when imo connected to no less than 12 different networks, but I just received this farewell note from them:

Date: March 2, 2014
From: imo.im
Subject: imo discontinuing support for all third-party messaging networks
To: android underground

On March 3, 2014, we will start discontinuing support for all third-party instant messaging networks. We know change isn't always easy, but we hope our users will trust that this will make imo an even better service. You will be able to download your chat history on o.imo.im from third-party networks until March 7, 2014.

Yep, you read that right. I got a mail from imo late in the evening on March 2 telling me that the one and only reason why I use imo will be axed the next day. And I get less than a week to download a copy of my chat history. Guess what? When I tried to download my chats imo gave me an empty file!

First they rake in customers using Facebook, Google Talk, MSN/Windows Live/whatever M$ calls it now, VK, etc. as bait, then they spit out an app update that forces all users to make an imo chat account, and then they make that forced chat account the only network left in the app...

Bye imo.

They must be popping open the champagne at Trillian HQ now that their main competitor decided to kill itself.

Trillian
IM+

tweet this reddit digg this StumbleUpon digg this digg this

Monday 24 February 2014

CyanogenMod for Nokia?


Finally! Nokia has seen the light and made some Android phones!

They're low-end models, they're made to look like Windows Phones, and they have a watered-down version of Android with a Nokia app store that's as empty as the Windows Phone software shop, but it's a start. Because they have all the Android drivers built in, it shouldn't be too hard to make custom ROMs with the full Google Play Store and all its apps and Google syncing options.

Back when Nokia wouldn't even look at Android there was a CyanogenMod port for the Nokia N9, but that phone got abandoned real quick. But the new Nokia Android phones should have a longer lifespan, and maybe Nokia will add a few better-specced Androids later on?

Nokia hardware with the flexibility of Android... sounds like a promising alternative for when your Samsung needs replacement.

Update: Done! Nokia X rooted and filled with Google apps.
Google apps on Nokia X at xda


tweet this reddit digg this StumbleUpon digg this digg this

Thursday 20 February 2014

Facebook buys WhatsApp: good news for Telegram



Facebook wants your phone number

Facebook often asks you to give them your phone number so they can spam you send you your password in case you forget. If you're like me, you keep your phone number away from Facebook. You don't put it in your Facebook profile, and you make sure that the Facebook app on your phone (whether it's the official app or an alternative client) can't read your number. That's what apps like Xprivacy and LBE are for.

But now Facebook bought WhatsApp for almost 20 billion dollars. And that money has to come back somehow. How? Not by piling up the few cents that a small fraction of WhatsApp users pay for the app. Facebook got rich by selling you, and it doesn't look like they're gonna change their business model anytime soon.

So why did Facebook spend all those bucks? They went shopping because WhatsApp has to do for Facebook what Facebook Messenger failed to do. For example, Facebook is losing the young at a slow but growing rate (do teens want to be on the same social network as their grandmother?). By buying WhatsApp Facebook reeled all those kids back in. And there's more: Facebook just bought the phone numbers of every WhatsApp user. WhatsApp may stay free of ads, but that doesn't mean your WhatsApp data won't be used to target Facebook ads. Can Mark Zuckerberg resist the temptation to milk your WhatsApp chats to feed his Facebook ads? Sounds scary, no?

Which is good news for alternative chat clients. Viber could grow faster, Skype might make a comeback. But for now the most obvious candidate to profit from WhatsApp's sellout is Telegram. They've already seen their signups skyrocket since the news of Facebook buying WhatsApp got all over the web. They may be small now, but that's how Facebook and WhatsApp started just a couple of years ago.

Telegram is what WhatsApp should have been

Telegram looks like a carbon copy of WhatsApp. Same tab layout, same smilies, same functions, same look and feel. But Telegram is not exactly like WhatsApp.

For starters, Telegram lets you sync your chats across devices. And they don't all have to be phones. Tablets and PCs can send telegrams too.

Of course your Telegram chats are encrypted. In the standard setup they're encrypted between you and Telegram's servers, but you can activate a full end-to-end encryption mode called "Secret Chats" which makes your chats so secret that not even Telegram can read them. You can make your Secret Chats self-destruct after reading, but I guess it won't be long before someone will make a Telegram version of Keepchat, the Xposed module that lets you keep Snapchats.

According to Telegram's Play Store description:

"Unlike WhatsApp, Telegram is cloud-based and heavily encrypted. As a result, you can access your messages from several devices (including desktops!) and share an unlimited number of photos, videos and documents (doc, zip, mp3, etc). Thanks to our multi-data center infrastructure and encryption, Telegram is also faster and way more secure. On top of that, Telegram is free and will stay free — no ads, no subscription fees, forever."

No ads, no subscription fees? Then what keeps Telegraph alive? Philantropy.

"Pavel Durov, who shares our vision, supplied Telegram with a generous donation through his Digital Fortress fund, so we have quite enough money for the time being. If Telegram runs out, we'll invite our users to donate or add non-essential paid options."

Sounds good, right? And there's more good stuff:

"Telegram is open, anyone can check our source code, protocol and API, see how everything works and make an informed decision."

The API part sounds especially appealing, because it allows developers to add Telegram to multi-network chat apps and help us get rid of the chat and VoIP fragmentation that gets worse with every new proprietory communication app that hits the app stores.

Spread the word

Telegram has one problem. A big problem. Your friends are not on Telegram. Of course, that problem can be fixed. By you.

Telegram lets you invite your friends to join the network. And for all the fans of irony out there: Telegram allows you to invite your friends to ditch WhatsApp and Facebook Chat through WhatsApp and Facebook Chat. Yep, that Android share menu is a great thing!

Telegram (Google Play Store)
Telegram website


tweet this reddit digg this StumbleUpon digg this digg this

Monday 10 February 2014

Yet another free year (yay!): did anyone ever pay for WhatsApp?


Cheap

WhatsApp is a great service. OK, it doesn't have an off switch, but anyone with a rooted phone can fix that. That's a small price to pay, considering that WhatsApp can do a lot more than SMS and MMS.

How small of a price to pay? It's supposed to be a little under a euro per year. For me it's a lot under a euro per year. In fact, I never paid for WhatsApp, and it seems that they don't even want my money.

What's that?

Free

I've been using WhatsApp for years. And all those years there were rumors floating all over the world wild web claiming that some day I'd have to throw WhatsApp a few coins to keep apping.

And then WhatsApp extended my free trial. And again and again and again. To date they never ever asked me to pay. Just now I received a notification that I have another free year. My free trial got extended to 14 March 2015.

What?

There are a few methods to hack your way into using WhatsApp for free. You can delete your WhatsApp account, then set it up again after (re)downloading the app with a new Play Store Gmail address, then restore your old WhatsApp messages from a backup. This way WhatsApp thinks you're a new user with a recycled phone number. Popping your SIM card into an old Symbian phone (and then putting it back into your Android) is another way to extend your free trial.

But what's the point of tricking WhatsApp if it sends you a message every year telling you that they don't want your money? I don't know anyone who ever had to pay for WhatsApp. It seems that everybody gets their trial extended year after year. A quick Google search digs up lots of people who keep getting their trial renewed for free. Some get a renewal 'till next year, some until 2022, some for life. People who really had to pay are few and far between.

Why?

Why do so many people get their free WhatsApp trial extended over and over again? Is it because there are so many free alternatives (Viber, BBM, Hangouts, Skype, ChatOn, etc.) that making people pay for a chat client is no longer a viable business model? WhatsApp has the "System (installed apps)" Android permission, so if WhatsApp sees you have a few competing chat apps installed it may decide that making you pay will just encourage you to use competing apps instead. Or maybe I just got another free year because I popped my SIM card into a shiny new phone with a shiny new Google account a few months ago? My phone number didn't change, though.

That makes me wonder how WhatsApp is ever going to make money. After all, they promised they would never ever pollute their app with ads. Will they finally start charging when they run out of money, or will they break their promise and add ads anyway, like so many other online services did despite their promises?

Who?

Did anyone out there ever pay for WhatsApp because their free years didn't get extended anymore? Did anyone switch to the competition when their trial really ran out? Leave a comment below to let us know if your free trial got extended again or not.

WhatsApp


tweet this reddit digg this StumbleUpon digg this digg this

Sunday 9 February 2014

Carrier IQ has to die: tell your Android phone and tablet manufacturers that you don't want their spyware


Remember the Carrier IQ scandal? Quick memory refresher: Carrier IQ is a rootkit (something really bad, worse than a virus) that spies on you, and sends lots of stuff to the computers at Carrier IQ HQ that you'd rather keep for yourself. Your location, the websites you visit, who you call and text, that sort of stuff. It infects many Android phones, and was found on iPhones too.

Carrier IQ forwards your private data to phone manufacturers and carriers without asking you first, and without letting you opt out.

For example, Carrier IQ can tell your carrier which websites you surf to, even if you use WiFi to avoid your carriers data network.

When Carrier IQ was caught with their pants down they denied everything, fired legal threats at the man who exposed their crimes (Trevor Eckhart, the Ed Snowden of Android), and only backed down when they found the whole world against them.

But Carrier IQ didn't die. It still pollutes our gadgets, even if you buy an unbranded phone or tablet to avoid the bloatware slapped on by your carrier.

When I went into the shortcut menu of my Samsung Galaxy S4 mini I found the entries highlighted in the screenshot above. Four pointers to Carrier IQ junk, and no way to remove them because they are integrated into essential system processes in the same way the AIDS virus puts its genes into your DNA.

Most apps meant to detect Carrier IQ were unable to find the infection, but after testing a few apps from the Play Store I hit Disable Carrier IQ Mod by Pavel Valenta. This app found Carrier IQ, but was unable to do anything about it. Of course I could get rid of it by switching to a custom ROM like CyanogenMod, but to date the custom ROMs for my phone have too many bugs to dump the stock ROM.

Maybe Carrier IQ on my Samsung is dormant, waiting for a trigger. Maybe it is sending all sorts of stuff home to its makers. Either way, I don't want any junk from Carrier IQ on my phone, so I'll keep looking for a way to get rid of it. Meanwhile, I told Samsung that if they won't let me remove Carrier IQ from my Android my next phone will not be a Samsung. If all of you speak out they might get the message. Samsung is not the only one who puts the Carrier IQ spyware on its gadgets, so if you find Carrier IQ on your non-Samsung Android or other device, tell its manufacturer that they'll lose a customer if they don't clean up their act.

CIQ discussion on xda (warning: full of geekspeak and raw code)
The Rootkit Of All Evil: CIQ (xda on CIQ in non-geekspeak)
Carrier IQ on Samsung Galaxy S4 mini (xda thread)
Disable Carrier IQ Mod by Pavel Valenta (detected Carrier IQ on my phone, but couldn't do anything against it)\

tweet this reddit digg this StumbleUpon digg this digg this