Giving people the option to change permissions is good, but they have the permissions very vague and people never read it. A better way would be to automatically classify apps into certain permission groups. There should also be permissions for Internet access as well, so users can actively block apps from the internet entirely. Thats the easiest way to stop unnecessary ads and data mining
For example,
flashlight apps and otjher useless gunk? no pernissions with no way of requesting anything beyond flash itself and backgrounding permission. no internet access
Games? backgrounding, sensors and nothing else. No account access, all accounts are stored by the game locally. internet access only for multiplayer games, or maybe access to just the games account.
social media? allow them to request some permissions but deny permanent acess. Make it ask each time its using something less important, like microphone or call logs. make sure they fully and clearly disclose what they use it for. Also, maybe have some sort of way of telling when its accessing certain data, similar to what iphones can do in iOS11.3 with the privacy status icon.
Something like this. There really is no reason why a fart app should have accessto call log history.
Also, android permissions is definitely a joke. Many OEM apps and system apps request permissions and then give you no option to disable them, or even uninstall the app entirely. Xprivacy (when it was still being developed) was an amazing tool for managing low level permissions.
AV on android is practically useless since they dont have any low level access beyond their own appspace and seeing what other apps are doing. Itâs really only useful against some user-installed keyloggers for example, but basically useless against root level apps.
also
Root + system-wide adblocker + firewall + xposed + xprivacylua + disable all unnecessary permissions >>>> AV
Câmon now, no one is actively forcing no. Indirectly forcing, well kind of yes, it gives you results based on a lot of things, business topping the chart. Not based on quality of code, for example, which a freaking hardware/software company canât even think of. There is a reason why the first 2-3-4-5 results are what they are or you canât find what youâre looking for in the first search, like you could in pre what year 2000?
I get it, itâs business as usual, if there were real alternatives to the ones at hand, we would likely already have fully open source pcâs and laptops that people would game newest triple aaa titles on, do we? Nope. Are we even getting there? Nope.
AFwall for me. root access means i can block many system apps as well. only annoying part is that it sometimes groups apps into a single settings, so i cant stop some from being blocked. Lightningwall was great because it let you do it individually but lightningwall isnt supported on Oreo
Well, I was searching for something non-root specifically since I havenât rooted (yet). Still looking for a way to properly transfer settings before rooting ⌠But thatâs another story for another time I guess.
Not to be rude but I firmly believe that if one cannot maintain something as simple as a smartphone oneself without an IT department to come to the rescue, one should not have one to start with.
I am always of the opinion of yes ⌠you need certain things like an antivirus scanner and something that scans downloads for malware. Malware bytes ect⌠Antivirus always running on the other hand is something I do not require.
Linux would not have clamav if it was not needed.
The whole just use common sense is more hipster nonsense than pratical. The truth is we are not all security experts and people download whatever.
I really donât think so, last time i tried an Android antivirus was back in Android 2.1 with âZoner Antivirusâ which didnât do anything other than slow my phone down and just eat ram and battery all the time.
I also keep my phones for a while, usually 2 and a half to 3 years in the least, my last Android phone, a Motorola Moto X Play never had any antiviruses installed and it always performed as well as the day it left the store, even when i ditched the stock ROM and installed LineageOS (actually ran a tad better with Lineage).
I see where youâre coming from. However I think this is also the responsibility of the manufacturers. The average user cannot (and should not) be expected to be able to compile and flash a custom ROM just because the manufacturer canât even be bothered to update through warranty period. Because quite frankly most people donât have that knowledge, and even if they do itâs a pain in the ass to do. Itâs time consuming, someone has to maintain it, and if noone does you gotta compile yourself. Not to mention that a lot of manufacturers arenât exactly root friendly.
That manufacturers donât do version upgrades is bad enough, but most of them donât even provide the security patches. Neither monthly nor in any other capacity. Which is just⌠this shouldnât be allowed. And those are multi-billion dollar companies, how can this be allowed.
I have that, and itâs starting to act weird lately q,q Just today it decided to turn off because low power on 30% battery But⌠different story and such.
Letâs have @wendell and the others make a video about Android Anti-Virus and malware. It can have their thoughs and options. Also, could try some test too if possible.
Weird indeed, but again these phones are weird, the only reason i had to replace mine (other than already wanting a smaller phone) was to due to random black and white spots that showed up on the screen.
I went to sleep, no spots, i woke up, screen was littered with spots, since i already wanted a smaller phone, i ended handing it over to my mom who sent the phone for a screen repair, sheâs still using it with LineageOS 7.1 .
Common sense plays a huge role but relying solely on it is a bit ignorant.
Sure Android has some features limiting what apps can do like namespace isolation and SELinux policies but theyâre quite loose for the sake of convinience.
Security is layers, thereâs no silver bullet for everything. that being said itâs not a bad idea to run additional programs to further improve the security of any device, whatâs more important tho is what kind of precautions you implement. 3rd party âAntivirusâ apps are mostly limited apps made by software companies, Google or factory-installed scanners can scan your phone for harmful apps if you so wish, and those are system processes which Iâd assume has higher privs than user-installed apps.
There are some apps that I can get behind tho, like F-Secures Freedome as 1 example, which tunnels all your traffic via their servers for analysis, and Fsec being a security company, not just a software house, they know what theyâre doing.
Ofc using a VPN is a matter of personal trust, or again, âcommon senseâ.
Security-wise my biggest gripe with Android is maybe that youâre able to install stuff without any kind of authorisation, and the default Play repo is a hot mess.
In the past android permissions were absolute garbage, you either allowed everything or nothing. The latest flavors have mitigated permission issues for the better. Not perfect but much better. Thereâs also some best practices that one should follow, though most donât, that would keep you mostly safe. So long as one uses the play store only there shouldnât be any need for AV. You have to enable 3rd party app installation.
I think those that modify their phones (me included) are most at risk here. Were intentionally bypassing the baked in security for root and apps that may or may not do what we think they are doing. To hide under the veil of xposed framework and call yourself secure is laughable in my opinion. When you choose to modify your device you are choosing to give up certain securities, thatâs the risk you take, period. Whoâs to say you are not opening up more vectors for exploitation?