asked 2014-09-02 10:11:49 +0200
This post is a wiki. Anyone with karma >75 is welcome to improve it.
Hi, sadly I need to install google play because I do need a couple apps available only there.
Is there a way to block Alien Dalvik (or just feed empty data) from reading my addressbook / location / call history / sms / etc (or just google play apk) so that they can not snoop on my data stored on sailfish?
thank you
answered 2014-09-03 07:58:45 +0200
We need a new setting to Sailfish OS for this. Suggesting as an answer:
Default setting for all should be hidden. When switching, a confirmation like "All content under ... will become visible to all Android applications. Are you sure?"
@simo Thanks.:) Hm I don't know but maybe it would be somewhat logically to put the mic setting under camera or just create a new subitem 'Android Dalvik' under Settings > System for managing all android-security related settings easily. If this will be implemented someday into SailfishOS: There also should be the possibilty to change/view all this settings while installing the Dalvik runtime and also give some (optional) information about how the dalvik is working/using data on SailfishOS.
Alex ( 2014-09-03 12:58:21 +0200 )editanswered 2014-09-03 12:57:24 +0200
In line with Simo's suggestion, I would say that ideally we would have a
Settings > Alien Dalvik
with
Settings > Alien Dalvik > restart Alien Dalvik
Settings > Alien Dalvik > manage Apps
which would show the list of Android Apps, and for each app a list of permissions, with everything from GPS to address book access, to internet access
This could be an root Android app that manages all low-level access to alien-dalvik apps, like some Android ROMs already do!
answered 2014-09-19 00:16:50 +0200
Can't Jolla just introduce something without GUI for the beginning? I am unaware of the architecture, but for photos and videos, a simple symbolic link would be sufficient. Sailfish would access photos and alien dalvik would access to photo_dalvik that point per default to photos. If the user modifies the link, dalvik cannot access the Sailfish photos. Maybe something similar for devices (/dev) ?
answered 2014-09-02 12:27:16 +0200
Did you try downloading the apps needed, using APK Downloader? Don't know if that will avoid snooping on your data, but at least it will avoid installing Google Play.
@c.la did you try Permission Remover apk? http://www.plop.at/de/android.html maybe im late, but it could help you in further
sail10 ( 2014-11-29 22:08:07 +0200 )editAsked: 2014-09-02 10:11:49 +0200
Seen: 2,004 times
Last updated: Sep 19 '14
At the beginning Jolla stated that the Dalvik is running in a Sandbox and is using 'fake-data' to make the apps work. But the users wanted to be able to use all android apps like native apps with all data being accessable... Did Jolla now left the safety aspect behind regarding our data security? I think there should be a setting which should let the user choose if he WANTS to give away his real data or he wants to use 'fake data'.
Alex ( 2014-09-02 11:48:45 +0200 )editI agree with you i think with G**gle power users need a customizable list of option where you can agree with permissions and also use fake data for each option...
mvdm ( 2014-09-02 11:57:32 +0200 )editSo.. even from command line I can't block alien dalvik access to my private data? Not even for all android apps?
Only permission I need (obviously) is network access
Problem is, I need to do it within few days :(
Thank you
c.la ( 2014-09-09 13:49:31 +0200 )editIn OP case I would rather than install Google Play download the APK from an online website such as discussed over here: http://techapple.net/2014/09/3-websites-directly-download-apk-google-play-store-pc-mobile-requirement-device-id/
You get the latest version through this method and all you have to do is check now and then if your app has received some interesting updates.
In General, a Sailfish integrated app control center is needed.
Ideally it would deal with both native and Android apps access to all critical user data / communication hardware.
As soon as this would be in place Sailfish would be a sensible platform to run Android apps on as the added out-of-the-box security.
Evolving from "look, it can even run android apps and that is good because the native featured programs are still lacking" to "allows you to run your android apps safely - easily if you would find the need to do so"
Strange that no Mobile OS seems to be willing to pull the bandwagon with regard to such security features.
vandersmash ( 2015-07-30 12:45:46 +0200 )edit