[APP][XPOSED][6.0+] XPrivacyLua - Android privacy manager

Search This thread

M66B

Recognized Developer
Aug 1, 2010
25,617
54,253
XPrivacyLua

banner_play_store.png


Really simple to use privacy manager for Android 6.0 Marshmallow and later (successor of XPrivacy).

Revoking Android permissions from apps often let apps crash or malfunction. XPrivacyLua solves this by feeding apps fake data instead of real data.

Features:

  • Simple to use
  • Manage any user or system app
  • Extensible
  • Multi-user support
  • Free and open source

See here for all details, including installation instructions and download link.

Please read the frequently asked questions before asking a question.

This XDA thread is about using the latest version of XPrivacyLua. Off topic comments are allowed as long they are related to XPrivacyLua and are in the general interest of the followers of this thread, but anything not related to privacy is not allowed.

If XPrivacyLua doesn't work and/or when "module not running or updated" is shown, this is almost always caused by an Xposed problem.

Discussions about purchases are not allowed here, please contact me via here instead.

XPrivacyLua is being maintained and supported, but new features won't be added anymore.

Custom hook definitions will always be part of XPrivacyLua, but there will be community support only. This means that I won't respond to questions about defining custom hooks anymore. See this thread for the reasons.

If you value your privacy, please consider to support this project with a donation or by purchasing pro features.

XPrivacyLua is not a permission manager, but a privacy manager. XPrivacyLua doesn't block things and doesn't revoke permissions, but does replace real data by fake data. This means you can grant Android permissions to an app and still let XPrivacyLua prevent the app from seeing privacy sensitive data. Revoking permissions can result in an app refusing to work and/or to crash. However, replacing real by fake data generally doesn't let an app crash.

Currently restrictions are quite crude because they mostly replace real data by no data. For example restricting the contacts app from getting contacts will result in an empty contact list. In the near future it might be made possible to select the data an app may see, for example just one group of contacts.

About feature requests and bug reports:

The goal is to have a tool that can properly protect the privacy of many in the near future. However, it isn't paid work, so I do whatever I like whenever I like it.

You can request features in this XDA forum. I will read them, but I will not respond to them and they might or might not be implemented. If I know for sure something will not be implemented, I will let you know.

You can report any problem you have here. There will be no issue tracker on GitHub.

For now I have decided to not implement restrictions that are useful to prevent tracking only. There are simply too many data items that can be used for tracking and it would take too much time to develop restrictions for all these data items.

The basic idea is to restrict only things that 'define' you, so which contacts you have, where you are, which apps you use, etc.

Maybe we can widen the definition of things that the core of XPL covers to "What defines you, and what can be used to spie on you"? This would include camera/audio, but not tracking.

XPrivacyLua is pretty feature complete and will be maintained and supported and when there is a need new hook definitions will be added to better protect your privacy. For the rest this FAQ applies:

https://github.com/M66B/XPrivacyLua/blob/master/FAQ.md#FAQ4

As said before, development will also depend on Xposed development, which is just minimal unfortunately.

XDA thanks and donations are appreciated.

XPrivacyLua is supported with Xposed only. There is no support for VirtualXposed and TaiChi.


XDA:DevDB Information
XPrivacyLua, Xposed for all devices (see above for details)

Contributors
M66B
Source Code: https://github.com/M66B/XPrivacyLua

Xposed Package Name: eu.faircode.xlua

Version Information
Status:
Beta

Created 2018-01-05
Last Updated 2020-03-10
 
Last edited:

Orphee

Senior Member
Jan 31, 2008
1,709
786
Even if old Xprivacy isn't supported on nougat, is it possible to keep it with new Lua too until Lua grow up? Or it is not recommended ?

Thank you
 

blackhawk_LA

Senior Member
Dec 27, 2010
1,510
639
HTC One (m7)
Sony Xperia XZ1 Compact
Even if old Xprivacy isn't supported on nougat, is it possible to keep it with new Lua too until Lua grow up? Or it is not recommended ?

Thank you
Noooo! First post and it is asking about using Xprivacy on Nougat? That must be demotivating to the dev! It has been told too many times in the xprivacy thread that it is not recommended to use it on Nougat and above all IT IS NOT SUPPORTED!
Sorry for using capitals but let's hope everyone sees it and this thread stays on new Lua topic.
Greetings.
 

Namnodorel

Senior Member
Oct 26, 2015
379
286
Wow, I was just scrolling through some stuff, stumbled into your repo for XPrivacy/Lua and couldn't believe what I saw! M66B is developing a new app as a replacement for XPrivacy... Thank you so much, you've totally made my day and pobably quite some time into the future as well! I'll definetely also buy/donate for this version as soon as I get to use it.

Just some technical questions:
Looks like you are going more modular with this new app, and you mentioned something about downloading additional (user-made) hooks. You also said you'd keep it much more simple this time to avoid high maintenance etc. Could these external hooks then allow to get the complexity back? I totally understand your motivation, but in-depth restricting of app permissions was something I really liked about the old XPrivacy, and if some user-made hooks would make that possible I'd use them. But they'd also need the ability to add new UI elements, and not just "This hook is about the method XY, execute this code before/after to block it and this code to enable it" for that to be possible.
 

M66B

Recognized Developer
Aug 1, 2010
25,617
54,253
Wow, I was just scrolling through some stuff, stumbled into your repo for XPrivacy/Lua and couldn't believe what I saw! M66B is developing a new app as a replacement for XPrivacy... Thank you so much, you've totally made my day and pobably quite some time into the future as well! I'll definetely also buy/donate for this version as soon as I get to use it.

Just some technical questions:
Looks like you are going more modular with this new app, and you mentioned something about downloading additional (user-made) hooks. You also said you'd keep it much more simple this time to avoid high maintenance etc. Could these external hooks then allow to get the complexity back? I totally understand your motivation, but in-depth restricting of app permissions was something I really liked about the old XPrivacy, and if some user-made hooks would make that possible I'd use them. But they'd also need the ability to add new UI elements, and not just "This hook is about the method XY, execute this code before/after to block it and this code to enable it" for that to be possible.
For now I will concentrate on fixing bugs and building restrictions, which is of course the most important of all. Restrictions are indeed defined and written in Lua. Currently all restrictions are built-in, but later I might add a manager, so you can manage your own definitions. There might even be a repository, which could even contain definition for things not privacy related.

You can find the current definitions here (hooks.json contains the definitions).
 

OgreTactic

Member
Jan 4, 2018
38
1
Noooo! First post and it is asking about using Xprivacy on Nougat? That must be demotivating to the dev! It has been told too many times in the xprivacy thread that it is not recommended to use it on Nougat and above all IT IS NOT SUPPORTED!
Sorry for using capitals but let's hope everyone sees it and this thread stays on new Lua topic.
Greetings.

"XPrivacyLua is supported on Android 6 Marshmallow and later" you're either lying or it's a misstatement on the repo.

Also can somehow explain to me (I just switched to Android), what Lua is (if not a programming language)?
 

M66B

Recognized Developer
Aug 1, 2010
25,617
54,253
"XPrivacyLua is supported on Android 6 Marshmallow and later" you're either lying or it's a misstatement on the repo.
I don't see why that is a lie or misstatement, so, could you please explain why you think it is?

Edit: I have changed the wording of the opening post a bit, so it is clearer that "Android 6 Marshmallow and later" applies to XPrivacyLua and not to XPrivacy, assuming this is what you meant.

Also can somehow explain to me (I just switched to Android), what Lua is (if not a programming language)?
See this comment.
 
Last edited:

th4_c0r3

Member
Jan 10, 2016
10
3
Thx a lot for building and developing this app.

After I've selected some apps I get an error:
XLua.Main:android.os.DeadObjectException:Transaction failed on small parcel; remote process probably died

Things that I would appreciate in future releases:
- More restriction-types like: Network connection, Telephone number/sim-operator, Serialnumber, installed apps/services, accounts
- Is it possible to hide disabled apps from the list?
- Is it possible to decide when an app will request for example the location to allow or deny the request?
 

M66B

Recognized Developer
Aug 1, 2010
25,617
54,253
Thx a lot for building and developing this app.

After I've selected some apps I get an error:
XLua.Main:android.os.DeadObjectException:Transaction failed on small parcel; remote process probably died
Can you please capture a logcat? If not, the problem might be visible in the Xposed log as well.

Edit: where exactly do you see this error?

Things that I would appreciate in future releases:
- More restriction-types like: Network connection, Telephone number/sim-operator, Serialnumber, installed apps/services, accounts
- Is it possible to hide disabled apps from the list?
- Is it possible to decide when an app will request for example the location to allow or deny the request?
Disabled apps are hidden from the list by default.
 
Last edited:
  • Like
Reactions: andacro and mssngr

Uzephi

Recognized Contributor
Apr 20, 2012
3,439
1,891
Phoenix
Google Pixel 3a
First: thanks for the release and minimal UI of this app.

Just one request if it is possible. Would it be possible when you start ironing out the features to include a randomisation to some privacy information. Like my main coordinates for GPS are 33N 112W. If the app could randomise the rest so the app knows my general location but not accurately as 1m?

Edit: a good reason for this is for apps like speedtest.net. it grabs GPS to find a close server. When I restrict, closes server is in NY. I don't mind if it knows I live in AZ, heck, XDA knows I live here, but knowing my exact location is bothering.
 

th4_c0r3

Member
Jan 10, 2016
10
3
Can you please capture a logcat? If not, the problem might be visible in the Xposed log as well.

Edit: where exactly do you see this error?

The error occurs every second time I open the app and it's shown in the bottom of the app. In the Xposed log there isn't a XLua-Error.

I've sent you the logcat via email.
 
  • Like
Reactions: mrfrantastic

Namnodorel

Senior Member
Oct 26, 2015
379
286
For now I will concentrate on fixing bugs and building restrictions, which is of course the most important of all. Restrictions are indeed defined and written in Lua. Currently all restrictions are built-in, but later I might add a manager, so you can manage your own definitions. There might even be a repository, which could even contain definition for things not privacy related.

Thank you for your answer, but I'm still kinda missing what I wanted to know: Could hooks potentially add custom UI and/or save data? I'd imagine something like saving a list of contacts and when an app requests the contact list selecting this specific list to be returned.
 
  • Like
Reactions: Keule-Tm

M66B

Recognized Developer
Aug 1, 2010
25,617
54,253
Thank you for your answer, but I'm still kinda missing what I wanted to know: Could hooks potentially add custom UI and/or save data? I'd imagine something like saving a list of contacts and when an app requests the contact list selecting this specific list to be returned.
Yes, that would be possible. When there is a need, I will add APIs that can be used in Lua to save data in a structured way into the XPrivacyLua database, so anyone wanting to develop a new hook definition doesn't have to worry about how to do this. In fact this has already been prepared.
 

OgreTactic

Member
Jan 4, 2018
38
1
I don't see why that is a lie or misstatement, so, could you please explain why you think it is?

Edit: I have changed the wording of the opening post a bit, so it is clearer that "Android 6 Marshmallow and later" applies to XPrivacyLua and not to XPrivacy, assuming this is what you meant.

See this comment.

Oh okay, thanks. So I can't use the current XPrivacy (on the PlayStore) on Nougat S8? I hope I can if not, I'll wait for the XPrivacy L.

It's crazy that Android forces privacy breaching (violation is an accurate word use) "services", processes and apps at it's core. If I were to learn to use Android enough is it possible to prevent it, like it's the case on iPhone, well in appareances because when you jailbreak it you can see all the processes, but it's clearly not in completely forcing this violation of your data, be it just with the permission management that NO apps can require or force on you to run, which to me absolutely crazy that it's the case on Android.
 

mrfrantastic

Senior Member
Sep 23, 2013
293
89
Oh okay, thanks. So I can't use the current XPrivacy (on the PlayStore) on Nougat S8? I hope I can if not, I'll wait for the XPrivacy L.

It's crazy that Android forces privacy breaching (violation is an accurate word use) "services", processes and apps at it's core. If I were to learn to use Android enough is it possible to prevent it, like it's the case on iPhone, well in appareances because when you jailbreak it you can see all the processes, but it's clearly not in completely forcing this violation of your data, be it just with the permission management that NO apps can require or force on you to run, which to me absolutely crazy that it's the case on Android.
As M66B said in the Xprivacy Thread:
An absolute privacy fix is turning your device off. XPrivacy is an best effort attempt to fix the most important privacy problems, like exposing your location and contacts.

What you could do, at least that's what I do, is to disable services (look for DisableService in PlayStore) and/or restrict as much as possible via the privacy settings (depending on ROM). For example I deny Google services the location rights and only switch them on when needed.
Also there are possibilities to run your phone without any Google services at all. Search for MicroG.
But you have to understand, that using an Android device is going to violate privacy in one form or another. Same goes with Windows and Apple devices...
I don't like it at all but that's just what the world has become. If you want to use Google Services you kinda have to accept that you can't (at least not with simple fixes) protect your whole privacy. It sucks, but that's just what it is...
 

Top Liked Posts

  • There are no posts matching your filters.
  • 12
    @k2helix @anuraag.neo can you please install this test version of XPrivacyLua?


    Edit: this problem is reported to be fixed, so:


    To people who installed the test version: you'll need to update to the version in the Xposed repo, which is different, even though the version number is the same!
    4
    Discussions about evading policies of companies can result in take down requests. As I have said before, I won't fight that ...
    2
    I'm using this module on Android 12L and apps restricted with camera usage crash when they try to open the camera

    Crash unexpectedly: java.lang.IllegalArgumentException: com.android.providers.settings: Targeting S+ (version 31 and above) requires that one of FLAG_IMMUTABLE or FLAG_MUTABLE be specified when creating a PendingIntent. Strongly consider using FLAG_IMMUTABLE, only use FLAG_MUTABLE if some functionality depends on the PendingIntent being mutable, e.g. if it needs to be used with inline replies or bubbles. at android.database.DatabaseUtils.readExceptionFromParcel(DatabaseUtils.java:172) at android.database.DatabaseUtils.readExceptionFromParcel(DatabaseUtils.java:142) at android.content.ContentProviderProxy.call(ContentProviderNative.java:732) at android.content.ContentResolver.call(ContentResolver.java:2450) at android.content.ContentResolver.call(ContentResolver.java:2430) at eu.faircode.xlua.XLua$6.run(SourceFile:12) at java.util.TimerThread.mainLoop(Timer.java:562) at java.util.TimerThread.run(Timer.java:512)
    Besides that hooks do not modify pending intents, the module doesn't target Android S+.
    So, I don't see how this problem can be caused by XPrivacyLua.

    For reference:

    https://github.com/M66B/XPrivacyLua/blob/master/app/src/main/java/eu/faircode/xlua/XLua.java#L599
    2
    Discussions about evading policies of companies can result in take down requests. As I have said before, I won't fight that ...
    @M66B Thread cleaned assuming your consent.
    2
    iinstalled the app, but seems it does not work.
    i tried selecting apps like aida64 or devCheck but these app can read everything about my phone. just aida can't read other installed apps, but the other app can.

    am i doing something wrong? which app can i use to test if xprivacy is working properly?
    My app VD Infos is specially developed for testing XPrivacyLua (and the old/deprecated xprivacy too).
    Just try it:
  • 307
    XPrivacyLua

    banner_play_store.png


    Really simple to use privacy manager for Android 6.0 Marshmallow and later (successor of XPrivacy).

    Revoking Android permissions from apps often let apps crash or malfunction. XPrivacyLua solves this by feeding apps fake data instead of real data.

    Features:

    • Simple to use
    • Manage any user or system app
    • Extensible
    • Multi-user support
    • Free and open source

    See here for all details, including installation instructions and download link.

    Please read the frequently asked questions before asking a question.

    This XDA thread is about using the latest version of XPrivacyLua. Off topic comments are allowed as long they are related to XPrivacyLua and are in the general interest of the followers of this thread, but anything not related to privacy is not allowed.

    If XPrivacyLua doesn't work and/or when "module not running or updated" is shown, this is almost always caused by an Xposed problem.

    Discussions about purchases are not allowed here, please contact me via here instead.

    XPrivacyLua is being maintained and supported, but new features won't be added anymore.

    Custom hook definitions will always be part of XPrivacyLua, but there will be community support only. This means that I won't respond to questions about defining custom hooks anymore. See this thread for the reasons.

    If you value your privacy, please consider to support this project with a donation or by purchasing pro features.

    XPrivacyLua is not a permission manager, but a privacy manager. XPrivacyLua doesn't block things and doesn't revoke permissions, but does replace real data by fake data. This means you can grant Android permissions to an app and still let XPrivacyLua prevent the app from seeing privacy sensitive data. Revoking permissions can result in an app refusing to work and/or to crash. However, replacing real by fake data generally doesn't let an app crash.

    Currently restrictions are quite crude because they mostly replace real data by no data. For example restricting the contacts app from getting contacts will result in an empty contact list. In the near future it might be made possible to select the data an app may see, for example just one group of contacts.

    About feature requests and bug reports:

    The goal is to have a tool that can properly protect the privacy of many in the near future. However, it isn't paid work, so I do whatever I like whenever I like it.

    You can request features in this XDA forum. I will read them, but I will not respond to them and they might or might not be implemented. If I know for sure something will not be implemented, I will let you know.

    You can report any problem you have here. There will be no issue tracker on GitHub.

    For now I have decided to not implement restrictions that are useful to prevent tracking only. There are simply too many data items that can be used for tracking and it would take too much time to develop restrictions for all these data items.

    The basic idea is to restrict only things that 'define' you, so which contacts you have, where you are, which apps you use, etc.

    Maybe we can widen the definition of things that the core of XPL covers to "What defines you, and what can be used to spie on you"? This would include camera/audio, but not tracking.

    XPrivacyLua is pretty feature complete and will be maintained and supported and when there is a need new hook definitions will be added to better protect your privacy. For the rest this FAQ applies:

    https://github.com/M66B/XPrivacyLua/blob/master/FAQ.md#FAQ4

    As said before, development will also depend on Xposed development, which is just minimal unfortunately.

    XDA thanks and donations are appreciated.

    XPrivacyLua is supported with Xposed only. There is no support for VirtualXposed and TaiChi.


    XDA:DevDB Information
    XPrivacyLua, Xposed for all devices (see above for details)

    Contributors
    M66B
    Source Code: https://github.com/M66B/XPrivacyLua

    Xposed Package Name: eu.faircode.xlua

    Version Information
    Status:
    Beta

    Created 2018-01-05
    Last Updated 2020-03-10
    68
    I have just released beta version 0.5 in the Xposed repository.

    The XPrivacyLua framework and user interface seems to be stable enough to call this a beta release.

    Besides several bug fixes and improvements two new restrictions were added:
    • Read account name, which mostly holds your e-mail address and will be replace by '[email protected]' when restricted
    • Read clipboard, which will be replaced by the text 'Private' when restricted

    Furthermore the ability to restrict Android system (be careful!) and to restrict system apps was added. It is possible to restrict all of these individually (XPrivacy could not do that).

    Be sure to take a look at the help page in the app again (use the ?-icon), since there were some useful hints added.

    If you appreciate what I am building here, please let me know by means of an XDA thanks and/or a donation, so that I don't get the feeling 'What am I doing this for?'.
    59
    I have just released alpha version 0.12 in the Xposed repository.

    This version has been redesigned for Android Oreo compatibility. The user interface and the restrictions work properly for me, but be aware that a lot has been changed on the inside ("it is bigger on the inside", lol), also for earlier Android versions. There is one thing I know of that needs improving and that is that the user interface might be updated too often with a lot of restrictions, which might cause delays and hangs. I will look into this tomorrow.

    This change was necessary, but it was a lot of work, so XDA thanks and donations are appreciated.
    56
    I have just released beta version 0.25 in the Xposed repository.

    Changelog:

    With this release XPrivacyLua restriction's can be compared with XPrivacy's. There are now over 100 restriction definitions!

    XDA thanks and donations are appreciated.
    53
    @CHEF-KOCH You have been given enough time to respond here. Now I just think it is pretty cowardly to write critical about XPrivacyLua, but not to tell what can actually be improved, especially because you were invited to do so.

    I still like to hear how XPrivacyLua can be improved, but I don't want to hear what is wrong with XPrivacyLua. You'll need to keep the scope of XPrivacyLua in mind (in short: privacy, not security), see the opening post and previous discussions about this for more information.

    Also, if you really know better, I like to see an original work from your hands to prove that. Actions speak louder than words.

    As it is now, you are discouraging one of the few people in the world who really did something substantial to improve privacy on Android. And don't go talking about VPNs, TOR, etc because your private information, like your contacts, will still leak.

    I also think you are pretty ungrateful for what I did so far.

    To others: if you see someone reference one of his blogs, please reference this comment in response.

    Edit: if you agree with this, please add an XDA thanks to this comment, so it will show up in the right column as a reference for others.