[APP][XPOSED][6.0+] XPrivacyLua - Android privacy manager [UNSUPPORTED]

Search This thread

VD171

Senior Member
Jun 21, 2012
2,859
2
2,108
127.0.0.1
LG K10
Samsung Galaxy J7
Ok, now I know where you are coming from.

Yes, I agree with the caching. However, even when I enable Location on my device, it will still take 2-3 minutes before the app will "see" *any* GPS coordinates (even the fake one) because it seems the device first needs to lock into the satellites. So this is giving me the impression that the way apps get gps coordinates is via a system broadcast intent from android (after it locks into the satellites), and then XPLUA can intercept that broadcast and substitute the real coordinates with the fake ones so the app will only get the fake ones.

And yes, this delay wouldn't happen if I kept location on all the time because it would always be "locked in" after the initial lock. But for privacy/security reasons, I only turn on the location for this app, then turn it back off then I am done using it. So, I just looking for a solution so I don't have to wait the 2-3 minutes before the app fully works correctly.

So, my main goal is to get the app to see the "fake" coordinates immediately and not wait the 2-3 minutes for the device to lock into the satellites.

But, if my theory is correct (that apps receive gps coordinates via a broadcast intent only *after* the device locks in), then that means I must somehow generate my own broadcast intent, so that the app doesn't have to wait the 2-3 minutes for android to generate it.

But it doesn't seem that XPLUA can do a broadcast intent.
Just block location totally for all other apps using XPrivacyLua.
Did you already try FakeGPS ?
You can spoof simulated location detection using XPrivacyLua too.
 

EngineerMind

Senior Member
May 5, 2007
730
192
Just block location totally for all other apps using XPrivacyLua.
Did you already try FakeGPS ?
You can spoof simulated location detection using XPrivacyLua too.
I am very hesitant in trying to block all "other apps", because I once had a bad experience trying to block some system apps (using the original Xprivacya while back) and it boot-looped by device. I know that XPLUA is safer, but I still don't feel comfortable in keeping location on 24/7.

I think the solution (to eliminate the delay) might be to get my device to lock into a position quicker than 2-3 minutes. I'm looking into aGPS which seems like it will help speed-up GPS lock on devices.

Thanks for your help.
 

bush911

Senior Member
Oct 12, 2012
811
345
重庆
Google Nexus 5
Google Pixel
Try LSPosed-v1.8.3-6597-zygisk-release

My loga seem to be present of A13 stable. Good luck
I have tried LSPosed-v1.8.3-6597-zygisk-release as well as several previous builds, which all don't work with Xprivacylua as expected.
Thank you for the information, I am probably going to roll back to Android 12.

By the way what do you mean by 'loga'? You have Xprivacylua works with you on Android 13?
 

Amd4life

Senior Member
Dec 30, 2010
1,877
464
Google Pixel 6 Pro
Vivo X Fold
I have tried LSPosed-v1.8.3-6597-zygisk-release as well as several previous builds, which all don't work with Xprivacylua as expected.
Thank you for the information, I am probably going to roll back to Android 12.

By the way what do you mean by 'loga'? You have Xprivacylua works with you on Android 13?
I meant logs. Sorry about that. What device are you using? Are you on a Pixel running A13?
 

CarlosBRX

New member
Aug 19, 2022
2
0
Hi folks. I don't understand much about Lua and how to write scripts.

The ro.boot.serial and ro.serialno are not being changed.

20220819_164039.jpg


Do I need to modify anything to make it work?

If I'm not wrong, it should stay "unknown".

Can someone help me solve this?🙏

Thanks in advance.
 

VD171

Senior Member
Jun 21, 2012
2,859
2
2,108
127.0.0.1
LG K10
Samsung Galaxy J7
Hi folks. I don't understand much about Lua and how to write scripts.

The ro.boot.serial and ro.serialno are not being changed.

Do I need to modify anything to make it work?

If I'm not wrong, it should stay "unknown".

Can someone help me solve this?🙏

Thanks in advance.
Instead of SystemProperties.get, you can get system properties using getprop command too.
You should hook getprop too.
 

anjarys

Senior Member
Feb 3, 2011
270
45
Jakarta
  • Like
Reactions: bush911

maxafe

Member
Jul 19, 2016
23
8
Salzburg
Code:
{
      "builtin": false,
      "collection": "Privacy",
      "group": "Use.Tracking",
      "name": "DeviceIntegrityCheck\/checkIntegrity",
      "author": "B!",
      "version": 0,
      "description": "Skip asitplus device integrity check",
      "className": "at.asitplus.utils.deviceintegrity.DeviceIntegrityCheck",
      "methodName": "checkIntegrity",
      "parameterTypes": [],
      "returnType": "void",
      "minSdk": 1,
      "maxSdk": 999,
      "minApk": 0,
      "maxApk": 2147483647,
      "enabled": true,
      "optional": false,
      "usage": true,
      "notify": false,
      "luaScript": "function before(hook, param)\n  param:setResult(nil)\n  return true\nend\n"
    }

I use this script from B!GBOY to bypass the integrity check ("The device is checked for signs of root access or whether the bootloader has been unlocked.") of the "Digitales Amt" app. It also worked wonderfully under Android 13, but now the app has been updated to 2.2.0 and it no longer works. Firstly, how can I tell if it was really due to the update and secondly, is there any way to adapt the script? Or is it Android 13? Thank you.

PS: The banking app, which is very sensitive to root, still runs without problems.

 

Top Liked Posts

  • 1
    This basically IS xprivacy lua but the user does it manually. It's NOT for dummies. Haha. Is that a good assessment? I wish I had time to learn and understand al this stuff. It's so fun and interesting.
    That's what it looks like. I've been working on writing a few hooks myself, it's not conceptually that hard. My biggest challenge has been trying to figure out syntax, like needing to use "
    java.lang.String" rather than "string"

    Some of what I've been working on.

  • 9
    If this is what the majority of the people here want, no problem.
    Sir, my vote: Negative. Please continue as you did in the past. And thanks for your other clarification.
    8
    Damn, I knew this day would eventually come, I just hoped it wouldn't. It's one of the few that I've donated to because I honestly couldn't see myself using Android without it.

    Even though Android has incorporated more permissions over the years, being able to restrict an app's ability to see what other apps are installed on the phone, SIM card/subscriber data, sensor data such as accelerometer and gyroscopic data which can be used to track user movements from a wifi or gps determined location, and of course, being able to read all of the stored SSIDs stored on a phone which a malicious app could also use to determine where a person spends their time and has been via the many glob SSID location maps, many of which have been crowd sourced such as wigle.net.

    As a digital privacy advocate, I'll continue to advise people use this framework until some other developer hopefully picks this mantle back up, or such a time as these aspects of privacy become baked into mobile OSs.

    I want to say thank you for all the work you've done on this project, Marcel. You've not only empowered many people like myself to better our own operational security, but have also raised awareness that many of these forms of tracking are even possible, and are also preventable. I wish you the best of luck with your other projects, which I'll continue to support as well.
    7
    Version 1.34 should be available via the LSposed repository now. Can somebody please double-check?

    https://github.com/Xposed-Modules-Repo/eu.faircode.xlua/releases
    6
    I have said in the past that open sourcing the pro companion app means that I will drop support for this project completely. If this is what the majority of the people here want, no problem.
    No!

    Kind regards,
    The majority of the people here 😇
    6
    I am considering to terminate support on January 5th 2023 because:
    • Not many people use the module anymore
    • The support of the project is pretty limited
    • Android has become more privacy-friendly over time
    • The LSposed developers do not support the module (*)
    • The module is too often misused, for example to cheat in games, etc.
    • I have received enough hate mail
    (*) They refuse to add an API to access scopes, resulting a too many questions and also loosing users.

    This means that XPrivacyLua has been supported for exactly 5 years. XPrivacy was first released on June 12, 2013, so that's in total about 10 years of XPrivacy(Lua). I think that is a pretty long time.
  • 315
    XPrivacyLua

    banner_play_store.png


    Really simple to use privacy manager for Android 6.0 Marshmallow and later (successor of XPrivacy).

    Revoking Android permissions from apps often let apps crash or malfunction. XPrivacyLua solves this by feeding apps fake data instead of real data.

    Features:

    • Simple to use
    • Manage any user or system app
    • Extensible
    • Multi-user support
    • Free and open source

    See here for all details, including installation instructions and download link.

    Please read the frequently asked questions before asking a question.

    This XDA thread is about using the latest version of XPrivacyLua. Off topic comments are allowed as long they are related to XPrivacyLua and are in the general interest of the followers of this thread, but anything not related to privacy is not allowed.

    If XPrivacyLua doesn't work and/or when "module not running or updated" is shown, this is almost always caused by an Xposed problem.

    Discussions about purchases are not allowed here, please contact me via here instead.

    XPrivacyLua is being maintained and community supported, but new features won't be added anymore.

    Custom hook definitions will always be part of XPrivacyLua, but there will be community support only. This means that I won't respond to questions about defining custom hooks anymore. See this thread for the reasons.

    If you value your privacy, please consider to support this project with a donation or by purchasing pro features.


    XPrivacyLua is not a permission manager, but a privacy manager. XPrivacyLua doesn't block things and doesn't revoke permissions, but does replace real data by fake data. This means you can grant Android permissions to an app and still let XPrivacyLua prevent the app from seeing privacy sensitive data. Revoking permissions can result in an app refusing to work and/or to crash. However, replacing real by fake data generally doesn't let an app crash.

    Currently restrictions are quite crude because they mostly replace real data by no data. For example restricting the contacts app from getting contacts will result in an empty contact list. In the near future it might be made possible to select the data an app may see, for example just one group of contacts.

    About feature requests and bug reports:

    The goal is to have a tool that can properly protect the privacy of many in the near future. However, it isn't paid work, so I do whatever I like whenever I like it.

    You can request features in this XDA forum. I will read them, but I will not respond to them and they might or might not be implemented. If I know for sure something will not be implemented, I will let you know.

    You can report any problem you have here. There will be no issue tracker on GitHub.

    For now I have decided to not implement restrictions that are useful to prevent tracking only. There are simply too many data items that can be used for tracking and it would take too much time to develop restrictions for all these data items.

    The basic idea is to restrict only things that 'define' you, so which contacts you have, where you are, which apps you use, etc.

    Maybe we can widen the definition of things that the core of XPL covers to "What defines you, and what can be used to spie on you"? This would include camera/audio, but not tracking.

    XPrivacyLua is pretty feature complete and will be maintained and supported and when there is a need new hook definitions will be added to better protect your privacy. For the rest this FAQ applies:

    https://github.com/M66B/XPrivacyLua/blob/master/FAQ.md#FAQ4

    As said before, development will also depend on Xposed development, which is just minimal unfortunately.

    XDA thanks and donations are appreciated.

    XPrivacyLua is supported with Xposed only. There is no support for VirtualXposed and TaiChi.
    68
    I have just released beta version 0.5 in the Xposed repository.

    The XPrivacyLua framework and user interface seems to be stable enough to call this a beta release.

    Besides several bug fixes and improvements two new restrictions were added:
    • Read account name, which mostly holds your e-mail address and will be replace by '[email protected]' when restricted
    • Read clipboard, which will be replaced by the text 'Private' when restricted

    Furthermore the ability to restrict Android system (be careful!) and to restrict system apps was added. It is possible to restrict all of these individually (XPrivacy could not do that).

    Be sure to take a look at the help page in the app again (use the ?-icon), since there were some useful hints added.

    If you appreciate what I am building here, please let me know by means of an XDA thanks and/or a donation, so that I don't get the feeling 'What am I doing this for?'.
    59
    I have just released alpha version 0.12 in the Xposed repository.

    This version has been redesigned for Android Oreo compatibility. The user interface and the restrictions work properly for me, but be aware that a lot has been changed on the inside ("it is bigger on the inside", lol), also for earlier Android versions. There is one thing I know of that needs improving and that is that the user interface might be updated too often with a lot of restrictions, which might cause delays and hangs. I will look into this tomorrow.

    This change was necessary, but it was a lot of work, so XDA thanks and donations are appreciated.
    56
    I have just released beta version 0.25 in the Xposed repository.

    Changelog:

    With this release XPrivacyLua restriction's can be compared with XPrivacy's. There are now over 100 restriction definitions!

    XDA thanks and donations are appreciated.
    53
    @CHEF-KOCH You have been given enough time to respond here. Now I just think it is pretty cowardly to write critical about XPrivacyLua, but not to tell what can actually be improved, especially because you were invited to do so.

    I still like to hear how XPrivacyLua can be improved, but I don't want to hear what is wrong with XPrivacyLua. You'll need to keep the scope of XPrivacyLua in mind (in short: privacy, not security), see the opening post and previous discussions about this for more information.

    Also, if you really know better, I like to see an original work from your hands to prove that. Actions speak louder than words.

    As it is now, you are discouraging one of the few people in the world who really did something substantial to improve privacy on Android. And don't go talking about VPNs, TOR, etc because your private information, like your contacts, will still leak.

    I also think you are pretty ungrateful for what I did so far.

    To others: if you see someone reference one of his blogs, please reference this comment in response.

    Edit: if you agree with this, please add an XDA thanks to this comment, so it will show up in the right column as a reference for others.