-
-
Notifications
You must be signed in to change notification settings - Fork 178
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Android support? #324
Comments
While this... can be a great idea but this service is never ment to run on mobile devices. |
Maybe a version that uses ADB and a root version also? |
Hi, so we have two ways to go:
So I wonder which option should be more suitable, and what we can do on non-rooted devices with each option. Seems like we can do more with ADB. |
Android user here, |
On desktop version, we can provide a GUI/Wizard to go through ADB process. It may install ADB automatically or guide on how to install, select device, instruct what to do on mobile phone step by step through a GUI. We can run it when the user clicks on "Run" button. How does it sound? On some scripts we can do root check using Is there anything more that we can do through |
Termux can execute shell scripts as root with su. |
ADB can run on Termux. The setup process is clunkier because a ADB/TCP/IP/WiFi connection must be established. This must be done via USB (on older versions), but newer Android versions don't require USB for setup.
Yes, but there's a plugin to access the Android API, although it's much more limited than other apps such as Tasker, Macrodroid, or Llamalab's Automate.
UAD aims to solve this. It doesn't have scripts, but users can select all packages from some category, then disable them all via ADB-over-USB.
Settings. I bet Xiaomi has tons of privacy-invasive settings. Samsung and Google both request usage stats, and have similar tracking settings. Since those settings are tied to the OS instead of an app, debloating alone can't help here. Google Play Services has settings such as "Advertising ID", and that pack can't be disabled safely on some devices. Even when G.P.S. can be uninstalled/disabled, it provides APIs that most Play Store apps depend on. Discord doesn't even work at all when G.P.S. is disabled (which is funny, because WhatsApp works ok, except for background messages), but I would argue that's the devs' fault for purposefully depending on it (the web app works fine without G.P.S.), and Discord+uBO is recommended anyways, so users shouldn't be using the native app |
Shizuku can be ran in termux, but it does the same as executing commands from ADB, just with a computer connected once |
True. There's a button to "use in terminal apps" that provides a script that can be executed by Termux.
Shizuku setup is almost the same as ADB on Termux. There's no need for USB on newer Androids. However, Shizuku makes pairing+connection less annoying:
IIRC, Shizuku has a "keep-alive" feature that keeps Wireless-Debug enabled until the user disconnects (or wifi is turned off). Termux, OTOH, lets the OS disable WD after a period of inactivity. Note WD is the "developer setting", not |
You can add a button to quick settings to toggle Wireless Debugging. |
I'm noob to Android and modding it. So I appreciate all discussions about it. To be able to run Looking at Using ADB we can actually:
ADB on Termux (which I did not know about as @Rudxain mentions) seems to remove the need for USB cable and PC connection and allow us to run In that case we can have some explanation on UI about how to get ADB running and then provide scripts utilizing ADB commands like (examples):
I'm not sure how to utilize Shizuku and if allows adb CLI usage as above. I'm very interested in what other settings we can configure as you mentioned @Rudxain. Does it make sense to create "Android" collection and adding these commands. To start with, we can add a dialog explaining how to get going with ADB using Termux or PC on the UI. |
Yes, but there's tools like Magisk, which allow rooting without sacrificing too much of its benefits.
Well, the
If Termux (or any app) has "Access to all files" permission, its commands have it too. Of course, "All files" refers to user files. It cannot delete the data within other apps (such as cache). Apps can request a "Request delete package" permission. But, as the name suggests, it requires manual user confirmation. Termux doesn't request this permission, but LL-AM does. Termux can communicate with LL-AM in many ways (Tasker plugin, user file-system, etc...), and we just need a "flow" for that.
Sandboxed: yes. Emulated: no. Apps can execute arbitrary programs ( Apps targeting A10 cannot execute writable storage. Basically Android's shell is MKSH, but Termux uses Bash by default.
The script I mentioned should support that. I don't remember how to use it. The Shizuku app documents it. IDK why the docs aren't available online. Here's the developer docs, just-in-case I missed something.
AppOps unlocks many possibilities! Such as disabling clipboard access, background location, etc... Shizuku dev made an app to manage them.
Anything Android-specific should be there. Cross-distro stuff is already handled by the Linux collection |
There are OEM-specific settings. Samsung has had a lot (~200) in the history of Galaxy devices. Apps like LL-AM expose hidden features such as
|
ADB commands🔍🧐 Please provide any docs/projects about what we can configure regarding privacy using I think we decided that we'll provide a script collection based on @Rudxain, I checked @ionuttbara's melody_android and it looks nice and provides some nice tweaks. Mobile app - Packaging@plantindesk suggests in #353 (comment) that:
This is more about providing the Android package rather than the scripts. I checked Nativescript after your suggestion and it will require re-building the app, which would be too much. I think publishing privacy.sexy as PWA (progressive web app) would be the easiest option. A PWA cannot run the scripts as I understand, but it can give more offline experience to copy paste the scripts into Termux. This is sad as desktop version adds desktop-native functionality but mobile version will not be able to do that, but rebuilding a complete new app using Nativescript is too much time consuming and is not on my radar. I read your posts @Rudxain and try to follow. Almost all of this stuff is new to me, so I may be missing some points or misunderstanding stuff. Feel free to guide us through this implementation. |
I'm confident in that being true. AFAIK, PWAs ( BTW, converting the existing website into a PWA should be pretty straight-forward. So the offline experience can be achieved easily |
I just remembered that ADB can work via
And indeed, it does seem like it should work via BTW, last time I checked, Firefox refuses to support |
Changing captive portal check to privacy friendly alternative or deactivating does not require root setting an alternative privacy friendly captive portal check url:
deactivating captive portal checks completely (probably not recommended for most users):
|
Aren't captive-portals supposed to be router-specific? How does that work? |
Sorry might not have formulated it precisely enough (made a small update above). I think, you are correct the captive portal is from the router. This is about the captive portal detection or check which is done by many clients incl. Windows, Android with the aim to detect if there is a captive portal instead of internet access. See also here: "Every time an Android device connects to a Wi-Fi or mobile network, the system performs a captive portal check. This is Android's way of ensuring that a device has not only received an IP address from the access point or Internet service provider, but can also actually reach destinations on the Internet. This is necessary, for example, to recognize portal pages of wifi hotspots (e.g. in hotels). |
Privacy policy of the captiveportal.kuketz.de HTTP/1.1 204 No Content Use of the service is voluntary. No data is collected in any form. After the request has been answered by the nginx web server, all information such as the IP address is immediately discarded and not stored in any log file." Translated with DeepL.com (free version) from https://www.kuketz-blog.de/datenschutzhinweise/ paragraph "2.6 Android Captive Portal Check: captiveportal.kuketz.de" There might/likely are other privacy friendly operators of such services. Never searched for it. |
Speaking of "privacy friendly captive portal", I think this website gets the job done and it's a great choice: |
Problem description
3 OSes is nice, but including Android would be better. Especially considering each OEM has its own "distro", and some of them can be very privacy-invasive (looking at Xiaomi and Samsung)
Proposed solution
A checklist of settings to change manually
Alternatives considered
Automated scripts would usually require
root
access (which is out-of-the-question for users who have fully-locked bootloaders). This is why I propose a manual checklist, as GUI Settings and ADB config cmds are more accessible.Additional information
Some scripts (such as shell history clear) can be executed on Termux without elevated privileges, and those are already included in the "Linux" section
The text was updated successfully, but these errors were encountered: