Velocity is Like OpenTable on Steroids

We all enjoy a night out with friends or our significant other from time to time. However, there is … more

Android Lollipop Lands for the Sony Xperia Z Ultra

The undisputed king of the beasts–at least in Sony’s current stable,is the … more

Android 5.0 Lollipop in 3D–EVO 3D, That Is!

It is that time of the year once again. Flowers bloom (or snow falls, depending on which … more

Gaming Console with Lollipop? Ouya Gets an Android TV Port

Android is a very flexible platform, and it can be used on a large variety of … more

Welcome to XDA

Search to go directly to your device's forum

Register an account

Unlock full posting privileges

Ask a question

No registration required
Post Reply

Protecting Privacy - Compiling TaintDroid into Kernel to find leaky apps

OP vasra

19th October 2010, 09:12 AM   |  #1  
OP Senior Member
Thanks Meter: 9
 
219 posts
Join Date:Joined: Jun 2009
Most people don't yet know that many Android software leak all sorts of information to the internet with only scant user acknowledgement (basically what you accept when you install the app).

Due to this and the fact that there are already privacy information harvesting apps for Android on the marketplace - a team of security experts have created TaintDroid:

What is TaintDroid?
From the project's web page: "A realtime monitoring service called TaintDroid that precisely analyses how private information is obtained and released by applications "downloaded" to consumer phones."
From: http://appanalysis.org/index.html


How can I install TaintDroid?
As TaintDroid is currently compiled into the kernel, you cannot easily install it, but you have to cook your own kernel. Instructions (for Nexus 1) are available at the project web site: http://appanalysis.org/download.html

How does TaintDroid work?
Here's a video demonstrating how TaintDroid works once it is installed and configured:
http://appanalysis.org/demo/index.html

Why would you want to install this?
There can be many reasons for installint TaintDroid:

- You want to learn about privacy features and play with Android kernel
- As it is currently impossible to differentiate between innocent and sneaky Android apps based only on what access rights they request, you may want to dig in deeper
- You are worried about what apps are doing behind your back and you want to know which apps to uninstall
- You want to help create Android a more secure and privacy-protected platform, instead of the swiss cheese it currently is

What can you do?
As compiling kernels is mostly beyond the reach of mere mortals currently, consider cooking TaintDroid into your kernel, if you are cooking one yourself and offering it available for others to try and use.

Hopefully increased awareness and usage will bring this program eventually into other modders and perhaps even Google's attention and something more easily accessible is offered for the public at large.

BTW, I'm just a user, interested in getting TaintDroid on my own Galaxy S. I'm not affiliated with the research program, but I like what they are doing. This information is purely FYI.
19th October 2010, 09:35 AM   |  #2  
ragin's Avatar
Senior Member
Flag Hubli
Thanks Meter: 152
 
1,724 posts
Join Date:Joined: Dec 2007
More
+1 for the idea

Sent from my GT-I9000 using XDA App
19th October 2010, 12:11 PM   |  #3  
Senior Member
Thanks Meter: 66
 
309 posts
Join Date:Joined: Aug 2010
More
+1

Since we cannot expect information gatherer Google to come up with a good privacy protection mechanism soon I think we are forced to take measures ourselves.

I also learned that several of my bought applications are constantly forcing me to enable synchronisation and/or 3G internet. They either randomly uninstall (Asphalt 5), their icons disappear (for example: Mini-squadron) or won't start, with (Schredder Chess) or without a message. Angry Birds Beta2 lite (free game) and Hungry Shark are 2 more examples. So much for an incentive to buy games...

It would be great if applications used a well-defined mechanism to check their validity on-line, and not have this sneaky, lingering attack from all sides to any privacy or battery consumption aware user.
19th October 2010, 12:37 PM   |  #4  
Member
Flag Oss
Thanks Meter: 0
 
55 posts
Join Date:Joined: Jun 2009
Donate to Me
More
I can not cook Kernels, but this is something i want to use.

Not that i am worried, but i dont know what apps are sending when you open them. Thats something i want to know!

I am sure i am not the only one.
19th October 2010, 12:54 PM   |  #5  
_JKay_'s Avatar
Recognized Developer
Thanks Meter: 14,819
 
5,488 posts
Join Date:Joined: Aug 2010
Donate to Me
+1

Yes please... This should be in all android phones... as a security option you could turn on!!!
19th October 2010, 12:57 PM   |  #6  
Senior Member
Thanks Meter: 66
 
309 posts
Join Date:Joined: Aug 2010
More
Quote:
Originally Posted by Antonyjeweet

Not that i am worried, but i dont know what apps are sending when you open them. Thats something i want to know!

And do some of these applications only send stuff when you open them?
--

From a user perspective it currently is really difficult to judge applications that need to start at boot-up and deal with many facets of your computer (Launchers, tools combining lots of divers features).
4th December 2010, 08:15 PM   |  #7  
Junior Member
Flag Saint Quentin En Yvelines
Thanks Meter: 0
 
2 posts
Join Date:Joined: Mar 2008
More
Do you know some ROM where Taindroid is included?
5th December 2010, 05:53 AM   |  #8  
exadeci's Avatar
Senior Member
Flag Paris
Thanks Meter: 132
 
531 posts
Join Date:Joined: Jul 2010
More
I've posted in hardcore and laststufo kernel threads to ask if they could add it.
We just need more people wanting it so they think about adding it
5th December 2010, 07:06 AM   |  #9  
specialex's Avatar
Senior Member
Thanks Meter: 60
 
245 posts
Join Date:Joined: Jun 2010
Quote:
Originally Posted by exadeci

I've posted in hardcore and laststufo kernel threads to ask if they could add it.
We just need more people wanting it so they think about adding it

glad you did that
5th December 2010, 07:09 AM   |  #10  
Senior Member
Thanks Meter: 46
 
478 posts
Join Date:Joined: May 2009
+1 support the idea. hope some of our hardworking kernel builders will add this in.

Post Reply Subscribe to Thread

Tags
kernel, leak, privacy, security, taintdroid
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes