A failsafe method

[Siyah]

I don't know if something like this is implated, anyway here is my plan.

After boot/while booting

Get Android ID from Xprivacy settings

Request Android ID from Android OS

Compare them

If not the same, send a broadcast or intent. So Llama/Tasker can put device to Airplane mode for owner to review before data leaks.

This idea might need a few tweaks, but I'd love to see something like this to prevent data leaks where owner can't access the device after it has booted. Like putting the device away after an update, while waiting for dalvik to regenerate and forgeting it for an hour.

A down side I've found; This might kill the chance for plausible deniability since it will broadcast xprivacy is not working. A rogue app might be listening for this to get the real data.

[M66B]

There is already a notification XPrivacy is not enabled.

[Siyah]

That is true but I belive only on 4.3 with notification access enabled apps can read XPrivacy is not enabled. So there is no way to let the other apps to know that something is going wrong. It won't protect the data if there is no user available.

[M66B]

IMHO it is not a good idea to send an intent, for the reason you have already given.

[M66B]

Maybe sending an intent that XPrivacy is running, so you can disable air plane mode is a better idea.

[fda77]

If I am a malware app i would:

• create a hashmap
• add on every event i catch your android id to it
• if i get a internet conection (firwall reconfigure/update/whatever) send your personal date to my master
  So I think this does not help.

Just my 17 cent :)