[APP][XPOSED][6.0+] XPrivacyLua - Android privacy manager

Search This thread

Fif_

Senior Member
Jun 5, 2013
1,230
1,354
Google Nexus 10
Google Nexus 4

Fif_

Senior Member
Jun 5, 2013
1,230
1,354
Google Nexus 10
Google Nexus 4
Last edited:

heinhuiz

Senior Member
Nov 26, 2011
1,187
982
Xiaomi Mi A1
Redmi K20 / Xiaomi Mi 9T
Last edited:
  • Like
Reactions: TiTiB

Fif_

Senior Member
Jun 5, 2013
1,230
1,354
Google Nexus 10
Google Nexus 4

heinhuiz

Senior Member
Nov 26, 2011
1,187
982
Xiaomi Mi A1
Redmi K20 / Xiaomi Mi 9T
Can you explain your setup? Do you have XPL in both work and personal profiles or just one of them? What benefits does that bring?
I'm using the two separate profiles like how they were designed to, to keep apps, data and usage of both profiles separate from each other. So each profile has its own telephone number, its own contact list and of course set of apps. With XPL installed in both profiles, I can use different privacy settings for the apps in each profile. For instance, WhatsApp in the work profile has access to all contacts in the work contact list, while in the personal profile WhatsApp only sees the starred contacts in the personal list. That's an advantage over the Dual Apps method you probably know from MIUI or other ROMs, where apps get access to the same contact lists, the same calendar, etc.

LSposed supports this very well, when opening the apps list in the scope for XPL, the personal and work apps are listed separately.
 

akhil17kr

Senior Member
Oct 8, 2011
589
64
gurgaon
is there anyway in which we can make sort of shortcut for a installed app which directly jump it to xprivacy lua settings page to modify it's privacy setting ?
 

M66B

Recognized Developer
Aug 1, 2010
26,262
56,684
On or after July 12 the pro companion app will be removed from the Play store by Google because it uses the permission QUERY_ALL_PACKAGES. I am not going to try to provide a justification for this permission because Google will most likely reject it anyway because an app is not allowed to directly or indirectly have an effect on other apps, which is the whole purpose of XPrivacyLua.

This means that the pro companion app will only be available outside of the Play store after July 12. Pro feature purchases will keep being recognized as long as the app is kept installed, but it won't be possible to install the app again after it has been removed from the Play store by Google.

Note that it is not allowed to use Play store purchases without/outside of the Play store. So, I can't transfer or exchange a Play store purchase for anything else because it would mean violating the agreement I have with Google as a developer, which could have consequences for the other apps published in the Play store (FairEmail and NetGuard).
 

beeshyams

Senior Member
Dec 29, 2014
1,648
586
Bangalore
On or after July 12 the pro companion app will be removed from the Play store by Google because it uses the permission QUERY_ALL_PACKAGES. I am not going to try to provide a justification for this permission because Google will most likely reject it anyway because an app is not allowed to directly or indirectly have an effect on other apps, which is the whole purpose of XPrivacyLua.

This means that the pro companion app will only be available outside of the Play store after July 12. Pro feature purchases will keep being recognized as long as the app is kept installed, but it won't be possible to install the app again after it has been removed from the Play store by Google.

Note that it is not allowed to use Play store purchases without/outside of the Play store. So, I can't transfer or exchange a Play store purchase for anything else because it would mean violating the agreement I have with Google as a developer, which could have consequences for the other apps published in the Play store (FairEmail and NetGuard).
Which also means disable Play Protect check, else that would silently uninstall pro companion app
 
On or after July 12 the pro companion app will be removed from the Play store by Google because it uses the permission QUERY_ALL_PACKAGES. I am not going to try to provide a justification for this permission because Google will most likely reject it anyway because an app is not allowed to directly or indirectly have an effect on other apps, which is the whole purpose of XPrivacyLua.

This means that the pro companion app will only be available outside of the Play store after July 12. Pro feature purchases will keep being recognized as long as the app is kept instalmled, but it won't be possible to install the app again after it has been removed from the Play store by Google.

Note that it is not allowed to use Play store purchases without/outside of the Play store. So, I can't transfer or exchange a Play store purchase for anything else because it would mean violating the agreement I have with Google as a developer, which could have consequences for the other apps published in the Play store (FairEmail and NetGuard).
So on your site there will be update and possible to switch over to your version? And I hope you'll keep continue to maintenance the app. I can't image to live in android world without XPL and netguard. Now I'm trying fairmail free and it's damn good email app, soon I'll buy a full version (not using this mail 😁 or nickname). Your the best app developer I ever seen foooorr a long time (pure genius).
Stay well and your girlfriend and have happy life.
 
Last edited:

VD171

Senior Member
Jun 21, 2012
2,716
2
1,971
127.0.0.1
LG K10
Samsung Galaxy J7
Hi @Fif_,
Can you help me check advertisingidclient$info in SDK 30, android 11?
The hooks cannot find the com.google.android.gms.ads.identifier.AdvertisingIdClient class.
Optional hook=Privacy.AdvertisingIdClient$Info.getId: java.lang.ClassNotFoundException: com.google.android.gms.ads.identifier.AdvertisingIdClient$Info
Thanks!
That's caused due obfuscation of classes using proguard.
If AdvertisingIdClient is obfuscated, you can't hook it and the app can read the original advertising id.
As you can see using my app VDInfos, will always show the original advertising id:
 
Last edited:
  • Like
Reactions: Fif_

M66B

Recognized Developer
Aug 1, 2010
26,262
56,684
So on your site there will be update and possible to switch over to your version? And I hope you'll keep continue to maintenance the app. I can't image to live in android world without XPL and netguard. Now I'm trying fairmail free and it's damn good email app, soon I'll buy a full version (not using this mail 😁 or nickname). Your the best app developer I ever seen foooorr a long time (pure genius).
Stay well and your girlfriend and have happy life.
You can download the pro companion app here, but I am not allowed to exchange Play store purchases for anything else:

 

dope77

Senior Member
Aug 8, 2018
320
76
That's caused due obfuscation of classes using proguard.
If AdvertisingIdClient is obfuscated, you can't hook it and the app can read the original advertising id.
As you can see using my app VDInfos, will always show the original advertising id:
Nope, I'm using your app and it doesn't show any advertising id, it just says [Fail. Not Found.]
 

VD171

Senior Member
Jun 21, 2012
2,716
2
1,971
127.0.0.1
LG K10
Samsung Galaxy J7
Nope, I'm using your app and it doesn't show any advertising id, it just says [Fail. Not Found.]
That happens when Ads ID is disabled by default on google settings.
You can spoof it hooking the method getAdvertisingIdInfo:
As I said, you can't hook if AdvertisingIdClient is obfuscated. So, it remains same on my app VDInfos.
If you want to hook Ads ID even if AdvertisingIdClient is obfuscated, you should hook the whole Intent { act=com.google.android.gms.ads.identifier.service.START pkg=com.google.android.gms }
 
  • Like
Reactions: TiTiB

lepidas

Senior Member
Sep 3, 2011
341
101
Athens
Hello, iam using xpl since 2018 smooth. Now after upgrading to android 12 with zygisk and loosed google maps can't find my location when I enable to get my location, any hints;
 

Top Liked Posts

  • There are no posts matching your filters.
  • 12
    XPrivacyLua version 1.32 is available in the Xposed module repo now.

    10
    I am sorry to say that I have cancelled all my public projects, please see the XDA FairEmail thread about why, in particular this comment:

    https://forum.xda-developers.com/t/...vacy-oriented-email-app.3824168/post-87200335
    The storm has passed.
    8
    Working perfectly for long !
    But, I got problems for some other hooks.
    I was inspecting them.
    And the problem now is setting an exception as the result.
    Examples:
    Code:
    setResult(luajava.newInstance('java.io.IOException', 'Exception error message'))
    and
    setResult(luajava.newInstance('java.io.FileNotFoundException', 'Exception error message'))
    They results in:
    Code:
    IllegalArgumentException: Expected return class java.lang.Process got class java.io.IOException
    and
    IllegalArgumentException: Expected return class java.io.FileDescriptor got class java.io.FileNotFoundException
    I see. That should be fixed in this build:

    https://bitbucket.org/M66B/xlua-companion/downloads/XPrivacyLua-v1.32-133-2-release.apk
    5
    ... as mentioned above 🥸
    In other words a double 404.
    4
    @Fif_ I can solve the problem just forcing a parsing for the long type.
    But, I can't create a pull request on XPrivacyLua official repository: "An owner of this repository has limited the ability to open a pull request to users that are collaborators on this repository."
    @M66B may you check this solution, please?

    Code:
    if (long.class.equals(this.returnType))
                result = Long.parseLong(String.format("%.0f", result));

    result will be a truncated integer, so this will suppress the error message, but still won't work. Moreover, the result value type isn't checked before the conversion (and will throw an exception later).

    Instead, try this (untested):

    Code:
    diff --git a/app/src/main/java/eu/faircode/xlua/XParam.java b/app/src/main/java/eu/faircode/xlua/XParam.java
    index 6ce29bd..2b6c71b 100644
    --- a/app/src/main/java/eu/faircode/xlua/XParam.java
    +++ b/app/src/main/java/eu/faircode/xlua/XParam.java
    @@ -149,6 +149,9 @@ public class XParam {
                     if (BuildConfig.DEBUG)
                         Log.i(TAG, "Set " + this.getPackageName() + ":" + this.getUid() + " result=" + result);
                     if (result != null && this.returnType != null) {
    +                    if (result instanceof String && long.class.equals(this.returnType))
    +                        result = Long.parseLong((String) result);
    +                    else
                             result = coerceValue(this.returnType, result);
                         if (!boxType(this.returnType).isInstance(result))
                             throw new IllegalArgumentException(

    In the Lua function you should be able to directly set a string as long result value, preventing complicated conversions. Moreover, this won't be in de way of existing Lua functions.

    Edit: more complete patch for all number return types:

    https://gist.github.com/M66B/1e1186719992a4916e657b04df4654f8
  • 309
    XPrivacyLua

    banner_play_store.png


    Really simple to use privacy manager for Android 6.0 Marshmallow and later (successor of XPrivacy).

    Revoking Android permissions from apps often let apps crash or malfunction. XPrivacyLua solves this by feeding apps fake data instead of real data.

    Features:

    • Simple to use
    • Manage any user or system app
    • Extensible
    • Multi-user support
    • Free and open source

    See here for all details, including installation instructions and download link.

    Please read the frequently asked questions before asking a question.

    This XDA thread is about using the latest version of XPrivacyLua. Off topic comments are allowed as long they are related to XPrivacyLua and are in the general interest of the followers of this thread, but anything not related to privacy is not allowed.

    If XPrivacyLua doesn't work and/or when "module not running or updated" is shown, this is almost always caused by an Xposed problem.

    Discussions about purchases are not allowed here, please contact me via here instead.

    XPrivacyLua is being maintained and community supported, but new features won't be added anymore.

    Custom hook definitions will always be part of XPrivacyLua, but there will be community support only. This means that I won't respond to questions about defining custom hooks anymore. See this thread for the reasons.

    If you value your privacy, please consider to support this project with a donation or by purchasing pro features.

    XPrivacyLua is not a permission manager, but a privacy manager. XPrivacyLua doesn't block things and doesn't revoke permissions, but does replace real data by fake data. This means you can grant Android permissions to an app and still let XPrivacyLua prevent the app from seeing privacy sensitive data. Revoking permissions can result in an app refusing to work and/or to crash. However, replacing real by fake data generally doesn't let an app crash.

    Currently restrictions are quite crude because they mostly replace real data by no data. For example restricting the contacts app from getting contacts will result in an empty contact list. In the near future it might be made possible to select the data an app may see, for example just one group of contacts.

    About feature requests and bug reports:

    The goal is to have a tool that can properly protect the privacy of many in the near future. However, it isn't paid work, so I do whatever I like whenever I like it.

    You can request features in this XDA forum. I will read them, but I will not respond to them and they might or might not be implemented. If I know for sure something will not be implemented, I will let you know.

    You can report any problem you have here. There will be no issue tracker on GitHub.

    For now I have decided to not implement restrictions that are useful to prevent tracking only. There are simply too many data items that can be used for tracking and it would take too much time to develop restrictions for all these data items.

    The basic idea is to restrict only things that 'define' you, so which contacts you have, where you are, which apps you use, etc.

    Maybe we can widen the definition of things that the core of XPL covers to "What defines you, and what can be used to spie on you"? This would include camera/audio, but not tracking.

    XPrivacyLua is pretty feature complete and will be maintained and supported and when there is a need new hook definitions will be added to better protect your privacy. For the rest this FAQ applies:

    https://github.com/M66B/XPrivacyLua/blob/master/FAQ.md#FAQ4

    As said before, development will also depend on Xposed development, which is just minimal unfortunately.

    XDA thanks and donations are appreciated.

    XPrivacyLua is supported with Xposed only. There is no support for VirtualXposed and TaiChi.
    68
    I have just released beta version 0.5 in the Xposed repository.

    The XPrivacyLua framework and user interface seems to be stable enough to call this a beta release.

    Besides several bug fixes and improvements two new restrictions were added:
    • Read account name, which mostly holds your e-mail address and will be replace by '[email protected]' when restricted
    • Read clipboard, which will be replaced by the text 'Private' when restricted

    Furthermore the ability to restrict Android system (be careful!) and to restrict system apps was added. It is possible to restrict all of these individually (XPrivacy could not do that).

    Be sure to take a look at the help page in the app again (use the ?-icon), since there were some useful hints added.

    If you appreciate what I am building here, please let me know by means of an XDA thanks and/or a donation, so that I don't get the feeling 'What am I doing this for?'.
    59
    I have just released alpha version 0.12 in the Xposed repository.

    This version has been redesigned for Android Oreo compatibility. The user interface and the restrictions work properly for me, but be aware that a lot has been changed on the inside ("it is bigger on the inside", lol), also for earlier Android versions. There is one thing I know of that needs improving and that is that the user interface might be updated too often with a lot of restrictions, which might cause delays and hangs. I will look into this tomorrow.

    This change was necessary, but it was a lot of work, so XDA thanks and donations are appreciated.
    56
    I have just released beta version 0.25 in the Xposed repository.

    Changelog:

    With this release XPrivacyLua restriction's can be compared with XPrivacy's. There are now over 100 restriction definitions!

    XDA thanks and donations are appreciated.
    53
    @CHEF-KOCH You have been given enough time to respond here. Now I just think it is pretty cowardly to write critical about XPrivacyLua, but not to tell what can actually be improved, especially because you were invited to do so.

    I still like to hear how XPrivacyLua can be improved, but I don't want to hear what is wrong with XPrivacyLua. You'll need to keep the scope of XPrivacyLua in mind (in short: privacy, not security), see the opening post and previous discussions about this for more information.

    Also, if you really know better, I like to see an original work from your hands to prove that. Actions speak louder than words.

    As it is now, you are discouraging one of the few people in the world who really did something substantial to improve privacy on Android. And don't go talking about VPNs, TOR, etc because your private information, like your contacts, will still leak.

    I also think you are pretty ungrateful for what I did so far.

    To others: if you see someone reference one of his blogs, please reference this comment in response.

    Edit: if you agree with this, please add an XDA thanks to this comment, so it will show up in the right column as a reference for others.