Yeah, I the Shark apps could definitely use some love from the developer. He's an xda member, so maybe he'll hear our pleas. I never got shark updater (which comes packaged with the Reader) to work correctly, which would be awesome, because it supposedly gives the ability to tag packets and analyze the outgoing data.
I do use them though. The main tool is the firewall, and its logs. We all know Google gets a ton of our info, it's kind of the cost of doing business with Android. If you look at your app list, say through Droidwall (every app I am going to discuss is free in the market, I cannot buy apps on this device, and which has necessitated some work around.. That said, I haven't found a paid way to do this that is demonstrably easier) how many of the apps functionality depends on the Internet that aren't Google or some other massive company? I bet it is fewer than you think.
Block those apps, kernel and root, and any others that are even mildly unknown quantities. Consider this their Probationary period. Run the device awhile and show the log. All blocked packet transfers are recorded, with their destination IPs listed. An Internet search on those addresses make it pretty clear what is trustworthy and what isn't.
I then use Shark apps to record some traffic and trace any unrecognized IPs. This isn't as hard as it sounds. Anything starting with 74 is Google, and we have removed the pointless data gathering of any unnecessarily permitted apps. If somethings amiss, I just freeze the likely suspects one of by one until the offending traffic disappears.
I know this sounds like a ton of work, but depending on the size of your app drawer, not counting time letting the logs accrue, it's only a couple of hours. Depending on how many chances you take with non-market apps, or smaller developers, you may be surprised at how secure you already are.
The real payoff for the work comes into play now. With this process you can be at a baseline safety. Any apps you install are blocked at installation by default through the firewall. After installing an app, wait a few minutes and check the log before allowing them Internet access. Most suspicious apps, and many above board ones, send the most data packets upon installation, so you will pretty much see the breadth of their communications list in those first few minutes. It doesn't take but a few minutes to vet their traffic, and and decide if they are above board or not. I do this with every app I install, although with many you can just block them from the network permanently, and just keep an eye on tam over time. When I check my logs now, I only see blocked kernel traffic. None of my installed apps amending anything wouldn't want them too, and I know it for sure.
Most apps aren't necessarily trying to directly steal from you, and but some do try to profit by selling your info. I use the above to stymie those efforts. And to tie this admittedly overlong response back into the thread, I use Pdroid to plug the holes. If they are gonna get through the cracks, and I at least want theninfo to be bad and/or of my choosing.
Look at your app list realistically. There are probably less than a third that truly need Internet access out of the 2/3 to 3/4 that ask for it.. I just block the unnecessary ones and never look back. Disregarding Google and the other behemoths, who are most certainly gathering data, but generally with your knowledge/approval in return for the free services, there are but a handful left to investigate. I find I worry way less after doing the above diligence, which takes a couple hours but is free, easy, and uses way less battery than Lookout and other wastes of space.
Sorry about all that. Got carried away, I suppose. : >)
oh yeah, I came up with this byzantine chicanery only after trying a million traffic monitors and watchdogs. I don't know if it is the ROM or the nook, but per-app wifi traffic just isn't supported. Hence the drawn out process.
Back to your lives, citizens...
