XPrivacy - Xposed Framework Module

About XPrivacy

In  earlier post, I had explained about Xposed Installer and OpenPDroid. The former explaining about modifying your ROM without modifying an APK or flashing a custom ROM, and the latter explaining about protecting your privacy and providing fake or null information to the apps that access your private data.

Now, today I'm going to explain about a combination of both Xposed and OpenPDroid. Yeah, enter XPrivacy module for Xposed Framework.  Wondering what is it?

I am going to explain about it in a minute, read on..!!

XPrivacy can be used as an alternative to OpenPDroid, though not as restrictive as OpenPDroid can be, but still is a great option for those who cannot patch their ROM to run OpenPDroid. XPrivacy can be used to prevent applications from accessing your private sensitive data.

XPrivacy does this by providing an application with null or fake data.

XPrivacy does not block the permissions of an application, it just provides the application with fake data, hence there'll be no problem of a particular application getting force closed because of using XPrivacy.

If providing fake or null data to an application causes problems in working of an application, then the same can be reversed. By default, all newly-installed applications will not be allowed to access any data, so that any new application cannot leak any sensitive data after its installation. After every application installation, XPrivacy will prompt to ask for the data you want the application to have access to.

As the developer of the XPrivacy module says, XPrivacy will monitor attempts made by all applications to access sensitive data. XPrivacy will highlight (with a yellow triangle) a data category for an application (or an application name in the application browser) as soon as data of the data category has been used. XPrivacy will also display if an application has internet access, indicating that the application poses a risk of sharing the data it obtains with an external server. If an application has requested Android permissions to access data in a data category, it will also be displayed (with a green tick), but this will only be shown when looking at an individual application, since checking permissions for all applications is quite slow.

XPrivacy is built using the Xposed framework. XPrivacy taps into a number of selected functions of Android through the Xposed framework. Depending on the function, XPrivacy conditionally skips execution of the original function (for example when an application tries to set a proximity alert) or alters the result of the original function (for example to return empty calendar data).

Installation of XPrivacy

1.    Requires Android Jelly Bean (4.1 and above) and rooted phone.

2.    Requires Xposed Framework installed.

3.    Download XPrivacy and Xposed fix for your Android version from  here.

4.    Enable XPrivacy in Xposed Installer > Modules tab.

5.    Reboot into Recovery mode.

6.    Flash Xposed fix for the version of Android.

7.    Reboot your phone.

If you have any queries, feel free to comment.!!

OpenPDroid – Protect your Privacy in an Android Phone

Whenever we download an application from the Android Play Store, it shows us the permissions the applications uses. Many applications access our data like, location, usage statistics, contacts, messages, phone numbers. Even if we don't want to share a particular data with the application due to privacy concerns, the only way not to share data is to uninstall the application. We can also provide fake data to the application. But HOW?

         

OpenPDroid helps protect your privacy by providing real, fake, null or random data based on our preferences. We can configure OpenPDroid for each and every application installed on our device, so we can configure what data to share with various applications. For example, if we have set our preference as to provide location as 'Mumbai' for Facebook app, then even if we are in USA, Facebook will only get location as 'Mumbai'. Fascinating, isn't it?

PDroid Manager Application

         

         

Description of OpenPDroid from the developer:

“OpenPDroid is a set of modifications to the Android framework and libraries which allows fine-tuning of the data which applications are able to retrieve about your device, your account, your messages, and more.”

“OpenPDroid intervenes in API interactions by apps (e.g. when an app attempts to retrieve your location, phone number, or contacts) and provides real data, empty data, fake data or random data, depending on the user setting.”

As OpenPDroid just modifies the data requested by the app without modifying the permissions of the app, there is very less chance of getting undesired effects like Force Close of app, etc. OpenPDroid supports Android versions 4.1.2 and 4.2.1, and is also completely open-source.

Permissions of Google Chrome

         

This actually needs modification of Android framework and hence is hard to implement on a particular Android OS you already have, and is not as easy as installing an app. This mod should be added to Android ROM when the ROM is compiled from source. There also is a tool named auto-patcher for implementing the mod in an existing ROM. The tool is available for Windows, Linux and Mac OS X.

         

Though implementing OpenPDroid requires much effort, it is well worth, if you are concerned about your privacy from the big list of permissions required by various apps you use.

For more information, you can refer to: OpenPDroid