More restrictions: nfc

[unclefab]

Could you add more restrictions?
Like modify phone state, change network state, change wi-fi state, read/write user dictionary, read/write settings, write call log (read call log is already covered but write doesn't seem to be), read/write media storage, read/write secure settings, get tasks, send sticky broadcasts, nfc, get data, write data, call privileged, all sync related perms, read/write profile, access location extra commands, write apn settings, access all downloads, read privileged phone state, vibrate.
I guess you don't want to add all the above mentioned perms, I just gave this list of non xprivacy covered perms in case you want to allow xprivacy to spoof or disable some of them...

[28Black]

👍

[M66B]

Nothing to do with privacy:

• modify phone state
• change network state
• change wi-fi state
• write user dictionary
• read/write settings
• write call log
• write media storage
• write APN settings
• read privileged phone state
• vibrate
• write profile

Already realized:

• read media storage
• read secure settings (serial number)
• get tasks
• access all downloads (needs to be checked)
• access location extra commands
• read profile (contacts)
• call privileged (calling)
• read user dictionary

Why should be blocked:

• send sticky broadcasts

To be realized:

• sync
• nfc

[M66B]

LocationManager.sendExtraCommand will be restricted in the next release

[unclefab]

Thanks!
I knew that some of the perms I mentioned had not much to do with xprivacy (you talked about it in the faq), but I mentioned them anyway, one never knows:-)
Read media storage is not restricted. SD card access is, but media storage is different, it's for the system and data files. I've noticed that some apps could access it, even with external storage disabled.
Get tasks and access downloads, I didn't see them in xprivacy.
Send sticky broadcasts should be restricted to my opinion cuz it uses memory and can make the phone slow, the same for sync related perms (not to mention battery, and privacy issues because if it's ok for apps like let's say yahoo or gmail to read and write sync settings, read sync stats etc., it's not for some other apps that ask for these perms eventhough they don't need it).
NFC, because I don't want my phone to be hackable from outside (the same with bluetooth).
Get/write data I dunno what it is, but it seems suspicious to me. They are system apps related perms, and so far I've blocked them with permission denied, just in case:-) The way I understand it is that it's more or less similar with read/write profile, see below.
Call privileged, it says: "allows the app to call any phone number, including emergency numbers, without your intervention". It's a different perm than call phones (this one allows to call regular phones but not emergency numbers).
Get/write profile enables the app to read and write personal profile information stored on the phone, such as your name and contact information. And it adds: "this means that the app can identify you and send your profile information to others".

[M66B]

Can you give a link to the original texts?

[unclefab]

I read about these perms directly from my phone.
I made a quick search and I found this:
http://techblogon.com/android-permissions-list-example/
and here there are more, there are two pdf that may help you:
http://www.google.com/m?q=list+of+android+permissions&client=ms-opera-mini-android&channel=new

[M66B]

XPrivacy is not about permissions, but about privacy.
See also the FAQ, question 20.

[unclefab]

Yes, I know, that's why I previously said that some perms are not xprivacy's job.
But perms like media storage, get/write profile, call privileged, read sync stats, read/write call log are.
It's up to you of course:-)

[M66B]

User dictionary can be restricted in the next release.

[M66B]

Media storage is protected by Linux file permissions. No application can see the data of another application.
Read profile is restricted by the category contacts.
Call privileged is restricted by the category phone.
I don't see how the sync stats can be privacy sensitive.
Read call log is restricted by the category phone.

[M66B]

Access to the media storage can be restricted in the next release.

[unclefab]

Ok, thank you very much!

---

Pada Sab, 29 Jun 2013 11:41 Waktu Terang Hari Pasifik Marcel Bokhorst menulis:

Access to the media storage can be restricted in the next release.

---

Reply to this email directly or view it on GitHub:
#89 (comment)

[unclefab]

Thanks for the precisions.
Sync stats is not privacy related, but read/write sync stats is.
Note that it's not for me that I pointed those perms but for the other people , my phone is not linked with any account.

---

Pada Sab, 29 Jun 2013 09:40 Waktu Terang Hari Pasifik Marcel Bokhorst menulis:

Media storage is protected by Linux file permissions. No application can see the data of another application.
Read profile is restricted by the category contacts.
Call privileged is restricted by the category phone.
I don't see how the sync stats can be privacy sensitive.
Read call log is restricted by the category phone.

---

Reply to this email directly or view it on GitHub:
#89 (comment)

[M66B]

http://developer.android.com/reference/android/content/SyncStats.html

[M66B]

Sync of contacts can be restricted by restricting contacts, etc.

[M66B]

NFC can be restricted in version 0.40

[unclefab]

Yep, I just downloaded version 0.40...
Thanks a lot!