P
proph

  • Nov 30, 2022
  • Joined Sep 6, 2022
  • In Other User Profiles

    matchboxbananasynergy

    That is a great read thank you.
    If I understood it correctly, each profile has its own encryption and everything in the profile is encrypted on disk at rest. When the profile is deleted though is the data simply left encrypted and the keys discarded or is it actually purged with random 1s and 0s?
    Also, if there is no PIN or security given to the user profile does it still get encrypted with a random key or something of the sort?
    Thank you!

    • In Other User Profiles

      Hi. I was wondering if anyone could help me with a question about the multiple user profiles?

      When you make a second user and use the profile for a time then delete it what happens to the storage? Is it deleted completely? Is it marked deleted and left on disk? Is it encrypted or is it still accessible through some sort of data scrape?

      What happens to the storage contents once the profile is deleted?

      • In Wireless Emergency Alerts app

        unwat

        Thanks unwat. I'm just hoping to avoid having nearby devices sent back somewhere and this being used to track my location without location services.

        Thank you!

        • In Wireless Emergency Alerts app

          Hi. I was wondering if anyone know if we could disable or control the wireless emergency alerts app. This app has permission to view nearby devices and I don't really want that information to be used or seen by anyone.

          Can this be turned off? Thank you.

          • In Network Permission question

            Hulk
            When you are in the permissions of an app that has network permissions you can see it.

            Apps > (select an app) > Permissions > click 3 dots in top right > All Permissions > tap on 'have full network access'

            It will show you this message in a pop up window.

            Edit: The features page you linked says that an app has NO network permissions if this permission is denied. That is how I thought the Network permission worked which is why the popup notification in android is confusing.

            • In Network Permission question

              Hulk
              Hey Hulk thanks for the reply.

              The response by strcat makes sense but doesn't seem to line up with the android notification above. He discusses data leaks through things like audio broadcasting or sharing a file or an api that could leak on behalf of another app and things like that. He doesn't mention that there is a specific and seemingly common use of a browser api to transmit/receive internet traffic. That is what the android notice is specifically referencing.

              The orgzly app has no permissions granted. Do you know if apps can use inter app communication with the browser to send and receive internet traffic? I'm assuming http or https is what is being referred to as internet traffic.

              Thank you again.

              • Hulk replied to this.
                • In Network Permission question

                  Hello. I'm trying to come up with a smart way to install apps and keep as much security and privacy as I can. The thing I think I've settled on is downloading apps I would like to use which I consider at least mildly safe directly from their githubs and then installing them through the apks which Vanadium does. One such app that I've done this with is Orgzly.

                  In the process of doing this and stripping back all permissions to the app I noticed the following quote when looking at all app permissions then full network access:

                  "Allows the app to create network sockets and use custom network protocols. The browser and other applications provide means to send data to the internet, so this permission is not required to send data to the internet."

                  Does this mean that effectively disabling the network permission is not really stopping the app from using the network? That there is some kind of workaround through using the browser? I was under the assumption that the Network permission was the primary way we controlled this and that it took the place of a proper Firewall. Is that not true? Can anyone please help me understand what is going on and if I can deny all external communication to an app?

                  Thank you

                  • Hulk replied to this.
                  • In Study of tracking behaviour on Android
                  • In Study of tracking behaviour on Android

                    abcZ OK thank you for that info. How does Graphene show on this chart? The same as Lineage or something different?

                    • In Study of tracking behaviour on Android

                      Hulk I know that it is based on AOSP but so is Lineage. Do you know if Graphene is based on Lineage at all like Calyx or just AOSP and nothing else. Also, I don't think AOSP is shown on here unless we can assume Lineage or /e/ represent AOSP in some fashion.

                        • In Study of tracking behaviour on Android

                          Is GrapheneOS based on Lineage at all? How would it show in this graph?

                          • Hulk replied to this.
                          • In Understanding Sandboxed Google vs MicroG

                            [deleted] What about the services framework and/or the play store itself? If it's running in sandbox will it start reporting data from the container back to google servers like location or whatever other data it wants to report?
                            How about Signal? If I sandbox g services and Signal to get the push notifications working then what data am I leaking to google with push notifications?

                            Edit: I hope I'm not coming across as obtuse or intentionally daft. I'm hoping to get specific information on what data is moving across with different services and permissions. It's not my intent to be contentious but rather to hopefully answer some direct questions. Thanks :)

                              • In Understanding Sandboxed Google vs MicroG

                                [deleted] Hey thanks for the response.

                                The problem is that I don't know what's "regular" in the first place. I don't know what specific data is being sent so I don't know how to acknowledge whether or not I'm OK with that.

                                  • In Understanding Sandboxed Google vs MicroG

                                    Hi All. I was wondering if someone could help me or point me in the direction of help regarding the sandboxed google services and microg. I get the basic concepts I think but there are a lot of details I don't understand. I get that sandboxed google services including play store will have its own environment and that apps in that environment can take advantage of it but what are the consequences of that?
                                    What information is going to google? Pictures? Files? Metadata? Web searches done on any browser? Location tracking? If you sandbox it does this information still go to google? How would that help with privacy?
                                    How does this compare to microG? It is supposedly redirected to other sources like Mozilla location services. Is this better?
                                    What about push notifications for things like Signal? How much information is going back to google for push notifications?
                                    What kind of info does microG leak to google and others? What kind of info does sandboxed google link to google?

                                    There are a lot of details that I don't understand and would like to learn about. Thank you for any direction or help you can give on this subject!