[APP][XPOSED][6.0+] XPrivacyLua - Android privacy manager

Search This thread

M66B

Recognized Developer
Aug 1, 2010
23,754
48,652
Marcel,

Error within XPL and as Notification:

Privacy.Build.SERIAL
java.lang.NoSuchMethodException: #SERIAL

Only seeing this for serial number and only for Clock (LG) and Whatsapp so far. Is this expected or actionable? Only shows up after first attempt or after clearing and enabling identifiers restriction.

All the best. Logcat captured and I can email to you if helpful.
If you are using beta version 0.23 or 0.24 and did reboot after updating, please contact me through this contact form to send me the logcat. The contact form doesn't allow file attachments for security reasons, so you'll need to wait for my reply.
 
  • Like
Reactions: popveneer

bluegrass55

Senior Member
Sep 29, 2011
573
71
London
There is mostly no need to reboot to apply restrictions.

I have no idea why apps disappear from the list. Somebody else reported this too, but I need to reproduce this or see the cause in a log file to be able to fix this. My theory is that you restricted access to get application for a system app/component.

XPrivacy and XPrivacyLua work differently and therefore the restrictions cannot be compared one to one.
Yes that could be it. On first install I blocked every thing. This happened so did not restrict any system apps. It worked but reverted to this after re launch of the app. I have backup N5 which i'm trying it on. Will use updated version tomorrow. Don't know where you find the time & patience to work on this. Brain fried just installing it.
 

kurvenmeister

Senior Member
Jan 16, 2016
218
57
@M66B

i thank you very much for developing xpl. keep on please. my lightning browser just tried to access my camera. got a xpl message at the statusbar from that attempt. keep on man.
 

daniu

Senior Member
Feb 27, 2009
845
393
That was already asked multiple times today, so read a little back or use the search.

Edit: in short: for now the interest in the pro companion app doesn't justify putting time in alternate payment methods, which is not something trivial to implement.
Hi

Well - it took me some days to find that something happened on the xprivacy front ... and I am 100% sure that lots of people have not heard/read of it yet. Plus I did not update my phone for quite some time and actually am not really willing to use a beta app (not an app like xprivacy) and also will need to find some time to update. But I would pay the pro version without hesitation - immediately as a kind of crowdsourcing and I hope more people will do that!
However when I used xprivacy before I did away with gapps completely and I would love to go that path again with Oreo if xprivacy was available without gapps. So right now not being able to buy xprivacy without playstore is the thing that makes me hesitate ... why not just offer paypal? Since I do not like google playstore I would appreciate an independant licence that does not force me to pay fees to google.

Or is there a way to use xprivacylua without playstore even the licence was bought with playstore? (still would not like that but if you insist ...)

Besides all that: THANK YOU FOR STARTING AGAIN - really excited ...

Regards
Daniel
 

M66B

Recognized Developer
Aug 1, 2010
23,754
48,652
Hi

Well - it took me some days to find that something happened on the xprivacy front ... and I am 100% sure that lots of people have not heard/read of it yet. Plus I did not update my phone for quite some time and actually am not really willing to use a beta app (not an app like xprivacy) and also will need to find some time to update. But I would pay the pro version without hesitation - immediately as a kind of crowdsourcing and I hope more people will do that!
However when I used xprivacy before I did away with gapps completely and I would love to go that path again with Oreo if xprivacy was available without gapps. So right now not being able to buy xprivacy without playstore is the thing that makes me hesitate ... why not just offer paypal? Since I do not like google playstore I would appreciate an independant licence that does not force me to pay fees to google.

Or is there a way to use xprivacylua without playstore even the licence was bought with playstore? (still would not like that but if you insist ...)

Besides all that: THANK YOU FOR STARTING AGAIN - really excited ...

Regards
Daniel
XPrivacyLua is free to use and doesn't require Google services. At this moment the pro companion app adds one extra paid feature: setting a custom coarse location.

XPrivacyLua seems to be quite stable and I am considering to release an 1.0 stable version soon.

If you like XPrivacyLua, you can show your appreciation with a donation.
 
Last edited:

daniu

Senior Member
Feb 27, 2009
845
393
XPrivacyLua is free to use and doesn't require Google services. At this moment the pro companion app adds one extra paid feature : settings a custom coarse location.

XPrivacyLua seems to be quite stable and I am considering to release an 1.0 stable version soon.

If you like XPrivacyLua, you can show your appreciation with a donation.
Hi
Ok - thanks for your answer. Still would appreciate an gps independant pro app - and I would buy at least 1 licence of it ...
Of course developing other features seems more important atm and I will definitely need some more time before I install xprivacylua anyways
Regards
 

rogier666

Senior Member
Jan 27, 2011
590
138
androidblog.site666.info

That site only returns the IP address of your proxy or VPN, just like all the other "what's my IP" sites. But Android knows your real IP address, 'cos it needs that to connect to your proxy or VPN.

Which IP address do apps get when they ask Android for it? If Android only gives apps your proxy/VPN IP address there's no need to block/restrict/spoof anything. However, if Android gives apps your real IP there'd be a good reason to feed it a fake address.
 

M66B

Recognized Developer
Aug 1, 2010
23,754
48,652
That site only returns the IP address of your proxy or VPN, just like all the other "what's my IP" sites. But Android knows your real IP address, 'cos it needs that to connect to your proxy or VPN.

Which IP address do apps get when they ask Android for it? If Android only gives apps your proxy/VPN IP address there's no need to block/restrict/spoof anything. However, if Android gives apps your real IP there'd be a good reason to feed it a fake address.
Apps can see the IP addresses of all network interfaces, including the VPN network interface.

XPrivacyLua is not meant to prevent tracking, so there will be no restriction for IP addresses.
 

rogier666

Senior Member
Jan 27, 2011
590
138
androidblog.site666.info
In a similar vein...

Calling
prevent calls from being placed
prevent SMS messages from being sent
Placing calls and sending messages is security specific.

[vs.]

Phone
return a fake own number

If an app can phone or text its maker (s)he knows your real phone number, even if XPL fed it a fake number.
 

M66B

Recognized Developer
Aug 1, 2010
23,754
48,652
In a similar vein...



If an app can phone or text its maker (s)he knows your real phone number, even if XPL fed it a fake number.
Theoretically, yes. Placing calls and sending text messages require special Android permissions, so it is not likely that this will happen.

Edit: I checked calling: an app can initiate a call but you need to actually place it, so this doesn't need a restriction.
 
Last edited:

popveneer

Member
Apr 5, 2016
11
1
Error within XPL and as Notification:

Privacy.Build.SERIAL
java.lang.NoSuchMethodException: #SERIAL

I got more of these errors (for each new restriction) when I upgraded to 0.24 from 0.21.

Privacy.Geofence$Builder.setCircularRegion
java.lang.ClassNotFoundException: com.google.android.gms.location.Geofence$Builder
Privacy.LocationManager.addProximityAlert
java.lang.ClassNotFoundException: double

Marcel helped me through it though.

Do a FULL Reboot when enabling an updated XPL. Soft reboot will only make trouble. If you see the same... FULL REBOOT.

Thanks Marcel!
 
Last edited:

tbv2005

Senior Member
Aug 3, 2011
232
84
Hope it wasn't asked already, but why the location restriction doesn't get the checkmark that the restriction is installed. Does this has something to do with the Pro app?
I checked around 10 apps and every restriction set get's the checkmark except location restriction. Nevertheless if you open an app with location restricted (tested with Tom tom go) the set fake location is applied. You also see the timestamp in XLua but without the checkmark in front

Sent from my OnePlus3T using XDA Labs
 
  • Like
Reactions: popveneer

M66B

Recognized Developer
Aug 1, 2010
23,754
48,652
Hope it wasn't asked already, but why the location restriction doesn't get the checkmark that the restriction is installed. Does this has something to do with the Pro app?
I checked around 10 apps and every restriction set get's the checkmark except location restriction. Nevertheless if you open an app with location restricted (tested with Tom tom go) the set fake location is applied. You also see the timestamp in XLua but without the checkmark in front
This is a bug and it will be fixed. Thanks for reporting.
 

Pogo

Senior Member
Mar 19, 2007
126
42
Apparently WhatsApp provides its own camera implementation using the Android camera APIs. The difference is that WhatsApp will have Android camera permission, while Google keep, which starts the system camera to take pictures, does not need this Android permission.

IMHO a well behaving app will use the system camera (unless it is a camera app of course) and it is questionable that the Whatsapp needs camera permission and is implementing its own camera (why should it?). Just this allows an app to take pictures behind your back. So, be careful with granting camera permissions to apps and if you need to, restrict the camera with XPrivacyLua.

Let's summarize:
  • App provides own camera implementation: restricting the app will block the camera
  • App uses system camera: restricting the app will allow the system camera to start
  • System camera app: restricting the app will block the camera

I hope it is clear now.


Interesting. I cannot disable Whatsapp audio recording in XLua nor Xprivacy. If Whatsapp is using own camera implementation I wouldn't be surprised if they use their own audio lib as well.
I can disable Microphone and Camera in Whatsapp's Android permission or App ops, but there is no way for me to know if Whatsapp is just faking.
Just example from my Xprivacy what Whatsapp is using/asking:
Libraries:
FFTEm
audioeffect_jni
codec2
curve25519
gnustl_shared
jhead_jni
resample
soundpool
vlc
webviewchromium
webviewchromium_plat_support
whatsapp

Shell:
exec
load
loadLibrary

command:
ps
 

Poebat

Senior Member
Jan 15, 2016
476
72
Interesting. I cannot disable Whatsapp audio recording in XLua nor Xprivacy. If Whatsapp is using own camera implementation I wouldn't be surprised if they use their own audio lib as well.
I can disable Microphone and Camera in Whatsapp's Android permission or App ops, but there is no way for me to know if Whatsapp is just faking.
Just example from my Xprivacy what Whatsapp is using/asking:
Libraries:
FFTEm
audioeffect_jni
codec2
curve25519
gnustl_shared
jhead_jni
resample
soundpool
vlc
webviewchromium
webviewchromium_plat_support
whatsapp

Shell:
exec
load
loadLibrary

command:
ps
Using app ops should prevent the mic completely
 

eekyknehc

Member
Jan 9, 2018
11
0
Apps can see the IP addresses of all network interfaces, including the VPN network interface.

XPrivacyLua is not meant to prevent tracking, so there will be no restriction for IP addresses.

also might related to this topic, some app will show "you are offline" if you do not share Wi-Fi networks/network name with it. possible to extend from:

** Read network data (hide cell info, Wi-Fi networks / scan results / network name)
to
** Read network data (fake cell info, Wi-Fi networks / scan results / network name...)

Thanks.
 

Top Liked Posts

  • There are no posts matching your filters.
  • 9
    I am visiting this thread rarely anymore because most comments are about Xposed and not about XPrivacyLua. So, if it takes a long time until you get an answer from me, you know why now. If you don't get an answer at all, it is most likely about an Xposed issue.
    6
    Can you demonstrate where you see the Xposed issue so I can log a bug with them?
    This thread is full of comments about this problem, but the Xposed developers are too busy fighting with each other. Basically, XPrivacyLua itself isn't hooked.

    Read a little back here to see which version/combinations Riru/Xposed work.
    4
    Okay, it is really enough now. I won't follow this thread anymore. If you need support, you can use the support menu item in the pro companion app.
    4
    i think by Android(framework) it means Google Service Framework (com.google.android.gsf)
    Android framework is Android system, not GSF.
    3
    I tried the clipboard and recorded it on WeChat, but Suning did not. . . .

    I found this error code
    Code:
    04-10 11:45:26.389  5323  5323 I EdXposed: Riru hooks installed
    04-10 11:45:26.452  5323  5323 I EdXposed: ART hooks installed
    04-10 11:45:26.522  5311  5311 I EdXposed-Bridge: XLua.Xposed Loaded com.android.traceur:10090
    04-10 11:45:26.532  5323  5323 I EdXposed: Loading modules for com.suning.mobile.ebuy
    04-10 11:45:26.532  5323  5323 I EdXposed-Bridge: Loading modules from /data/app/~~hcjuv6HzQbZOKMB3ug7WSw==/eu.faircode.xlua-vNspZ6pSQTrjHf23gYkdcA==/base.apk
    04-10 11:45:26.572  5323  5323 I EdXposed-Bridge:   Loading class eu.faircode.xlua.XLua
    04-10 11:45:26.806  5359  5359 I EdXposed: Start to install inline hooks
    04-10 11:45:26.806  5359  5359 I EdXposed: Using api level 30
    04-10 11:45:26.806  5359  5359 I EdXposed: Start to install Riru hook
    04-10 11:45:26.907  5323  5323 E EdXposed: error when hooking bindApp: pkg=com.suning.mobile.ebuy, prc=com.suning.mobile.ebuy
    04-10 11:45:26.907  5323  5323 E EdXposed: java.lang.ArrayIndexOutOfBoundsException: length=1052; index=1263817555
    04-10 11:45:26.907  5323  5323 E EdXposed:     at pxb.android.axml.AxmlParser.getNamespacePrefix(AxmlParser.java:151)
    04-10 11:45:26.907  5323  5323 E EdXposed:     at pxb.android.axml.AxmlReader.accept(AxmlReader.java:80)
    04-10 11:45:26.907  5323  5323 E EdXposed:     at com.elderdrivers.riru.edxp.util.MetaDataReader.<init>(MetaDataReader.java:27)
    04-10 11:45:26.907  5323  5323 E EdXposed:     at com.elderdrivers.riru.edxp.util.MetaDataReader.getMetaData(MetaDataReader.java:19)
    04-10 11:45:26.907  5323  5323 E EdXposed:     at com.elderdrivers.riru.edxp._hooker.impl.HandleBindApp.beforeHookedMethod(HandleBindApp.java:69)
    04-10 11:45:26.907  5323  5323 E EdXposed:     at de.robv.android.xposed.XC_MethodHook.callBeforeHookedMethod(XC_MethodHook.java:51)
    04-10 11:45:26.907  5323  5323 E EdXposed:     at com.swift.sandhook.xposedcompat.hookstub.HookStubManager.hookBridge(HookStubManager.java:361)
    04-10 11:45:26.907  5323  5323 E EdXposed:     at SandHookerNew_42b8453bf7df105343083f1377c32094be493c49.hook(Unknown Source:51)
    04-10 11:45:26.907  5323  5323 E EdXposed:     at android.app.ActivityThread.access$1300(ActivityThread.java:237)
    04-10 11:45:26.907  5323  5323 E EdXposed:     at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1913)
    04-10 11:45:26.907  5323  5323 E EdXposed:     at android.os.Handler.dispatchMessage(Handler.java:106)
    04-10 11:45:26.907  5323  5323 E EdXposed:     at android.os.Looper.loop(Looper.java:223)
    04-10 11:45:26.907  5323  5323 E EdXposed:     at android.app.ActivityThread.main(ActivityThread.java:7660)
    04-10 11:45:26.907  5323  5323 E EdXposed:     at java.lang.reflect.Method.invoke(Native Method)
    04-10 11:45:26.907  5323  5323 E EdXposed:     at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:592)
    04-10 11:45:26.907  5323  5323 E EdXposed:     at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:947)
    04-10 11:45:26.935  5359  5359 I EdXposed: Riru hooks installed
    04-10 11:45:26.983  5359  5359 I EdXposed: ART hooks installed
    This is a bug in Riru.
  • 299
    XPrivacyLua

    banner_play_store.png


    Really simple to use privacy manager for Android 6.0 Marshmallow and later (successor of XPrivacy).

    Revoking Android permissions from apps often let apps crash or malfunction. XPrivacyLua solves this by feeding apps fake data instead of real data.

    Features:

    • Simple to use
    • Manage any user or system app
    • Extensible
    • Multi-user support
    • Free and open source

    See here for all details, including installation instructions and download link.

    Please read the frequently asked questions before asking a question.

    This XDA thread is about using the latest version of XPrivacyLua. Off topic comments are allowed as long they are related to XPrivacyLua and are in the general interest of the followers of this thread, but anything not related to privacy is not allowed. However:

    Discussions about Xposed are not allowed here, please use the Xposed forums instead.

    If XPrivacyLua doesn't work and/or when "module not running or updated" is shown, this is almost always caused by an Xposed problem.

    Discussions about purchases are not allowed here, please contact me via here instead.

    XPrivacyLua is being maintained and supported, but new features won't be added anymore.

    Custom hook definitions will always be part of XPrivacyLua, but there will be community support only. This means that I won't respond to questions about defining custom hooks anymore. See this thread for the reasons.

    If you value your privacy, please consider to support this project with a donation or by purchasing pro features.

    XPrivacyLua is not a permission manager, but a privacy manager. XPrivacyLua doesn't block things and doesn't revoke permissions, but does replace real data by fake data. This means you can grant Android permissions to an app and still let XPrivacyLua prevent the app from seeing privacy sensitive data. Revoking permissions can result in an app refusing to work and/or to crash. However, replacing real by fake data generally doesn't let an app crash.

    Currently restrictions are quite crude because they mostly replace real data by no data. For example restricting the contacts app from getting contacts will result in an empty contact list. In the near future it might be made possible to select the data an app may see, for example just one group of contacts.

    About feature requests and bug reports:

    The goal is to have a tool that can properly protect the privacy of many in the near future. However, it isn't paid work, so I do whatever I like whenever I like it.

    You can request features in this XDA forum. I will read them, but I will not respond to them and they might or might not be implemented. If I know for sure something will not be implemented, I will let you know.

    You can report any problem you have here. There will be no issue tracker on GitHub.

    For now I have decided to not implement restrictions that are useful to prevent tracking only. There are simply too many data items that can be used for tracking and it would take too much time to develop restrictions for all these data items.

    The basic idea is to restrict only things that 'define' you, so which contacts you have, where you are, which apps you use, etc.

    Maybe we can widen the definition of things that the core of XPL covers to "What defines you, and what can be used to spie on you"? This would include camera/audio, but not tracking.

    XPrivacyLua is pretty feature complete and will be maintained and supported and when there is a need new hook definitions will be added to better protect your privacy. For the rest this FAQ applies:

    https://github.com/M66B/XPrivacyLua/blob/master/FAQ.md#FAQ4

    As said before, development will also depend on Xposed development, which is just minimal unfortunately.

    XDA thanks and donations are appreciated.

    XPrivacyLua is supported with Xposed only. There is no support for VirtualXposed and TaiChi.


    XDA:DevDB Information
    XPrivacyLua, Xposed for all devices (see above for details)

    Contributors
    M66B
    Source Code: https://github.com/M66B/XPrivacyLua

    Xposed Package Name: eu.faircode.xlua

    Version Information
    Status:
    Beta

    Created 2018-01-05
    Last Updated 2020-03-10
    68
    I have just released beta version 0.5 in the Xposed repository.

    The XPrivacyLua framework and user interface seems to be stable enough to call this a beta release.

    Besides several bug fixes and improvements two new restrictions were added:
    • Read account name, which mostly holds your e-mail address and will be replace by '[email protected]' when restricted
    • Read clipboard, which will be replaced by the text 'Private' when restricted

    Furthermore the ability to restrict Android system (be careful!) and to restrict system apps was added. It is possible to restrict all of these individually (XPrivacy could not do that).

    Be sure to take a look at the help page in the app again (use the ?-icon), since there were some useful hints added.

    If you appreciate what I am building here, please let me know by means of an XDA thanks and/or a donation, so that I don't get the feeling 'What am I doing this for?'.
    59
    I have just released alpha version 0.12 in the Xposed repository.

    This version has been redesigned for Android Oreo compatibility. The user interface and the restrictions work properly for me, but be aware that a lot has been changed on the inside ("it is bigger on the inside", lol), also for earlier Android versions. There is one thing I know of that needs improving and that is that the user interface might be updated too often with a lot of restrictions, which might cause delays and hangs. I will look into this tomorrow.

    This change was necessary, but it was a lot of work, so XDA thanks and donations are appreciated.
    56
    I have just released beta version 0.25 in the Xposed repository.

    Changelog:

    With this release XPrivacyLua restriction's can be compared with XPrivacy's. There are now over 100 restriction definitions!

    XDA thanks and donations are appreciated.
    53
    @CHEF-KOCH You have been given enough time to respond here. Now I just think it is pretty cowardly to write critical about XPrivacyLua, but not to tell what can actually be improved, especially because you were invited to do so.

    I still like to hear how XPrivacyLua can be improved, but I don't want to hear what is wrong with XPrivacyLua. You'll need to keep the scope of XPrivacyLua in mind (in short: privacy, not security), see the opening post and previous discussions about this for more information.

    Also, if you really know better, I like to see an original work from your hands to prove that. Actions speak louder than words.

    As it is now, you are discouraging one of the few people in the world who really did something substantial to improve privacy on Android. And don't go talking about VPNs, TOR, etc because your private information, like your contacts, will still leak.

    I also think you are pretty ungrateful for what I did so far.

    To others: if you see someone reference one of his blogs, please reference this comment in response.

    Edit: if you agree with this, please add an XDA thanks to this comment, so it will show up in the right column as a reference for others.
Our Apps
Get our official app!
The best way to access XDA on your phone
Nav Gestures
Add swipe gestures to any Android
One Handed Mode
Eases uses one hand with your phone