Here we go again. Users desperately need an abstraction layer in Android that can spoof sensor data on a per-application basis. In this case, the spoofing layer could be set up such that whenever Google Maps uses the Android API to ask "Is wifi location sensing turned on" the spoofing layer would say "Yes." When GM asks "What wifi networks are around?" the spoofing layer would say "None." (Even better would be for it to just make up a bunch of random wifi SSIDs to pollute Google's wifi database with noise.)
I have several other apps (Twitter for example) who are able to tell that I have notifications for them turned off, and consequently they bug me to turn on notifications. I need a spoofing layer that tells Twitter "notifications are turned on" even when they're off, because if the app can tell some feature is turned off it will bug me or in some cases fail to work at all. So it's also critically important that there be no way for applications to figure out that the spoofing layer is in place.
Xprivacy basically did this. I supported the developer by buying the "pro" version and he promptly stopped maintaining it...and started a new project that was substantially more complicated/difficult to use, requiring writing blocking rules by hand...or paying him for the "pro" service that included 'recipes' for blocks.
I do not know about this specific case and I have not used XPrivacy but I want to chime in here and say
Thank you, Marcel Bokhorst
Your NetGuard (https://github.com/M66B/NetGuard) and FairEmail (https://github.com/M66B/FairEmail) apps are great. They are high quality, open source and contain none of the dark patterns that mobile is plagued with. They are available to download from Github, F-Droid and the Playstore. There are paid premium features to support you but if I wanted to I could still compile the app myself to unlock them.
It's harsh, but not really about the maintenance being stopped, KennyBlanken paid for a pro version and the author changed commercial strategy and rebooted the project with a different approach, without granting a licence of the replacement to his existing customer.
This is not respectful of paying customers.
Vendors stop giving system upgrades for their $1000 phones after 2 years and some people are complaining about their $2 one-time software license no longer working. What a sad world...
this was supported with Xprivacy many years ago and it was fantastic, but it stopped getting support. The entire pro-privacy android scene seems to have become a very small niche over the years
That's mainly googles fault. Xposed still lives on somewhat with the Riru project, but even a rooted phone without any mods will fail securitynet checks today, rendering it useless for most consumers that would have been willing to do the process before. With every android version things become less modular and less moddable, so the community shrinks as a consequence.
It's still possible to use XPrivacyLua (https://github.com/M66B/XPrivacyLua) with passing SafetyNet. It's a cat-and-mouse game, but the community is still ahead.
that's why this needs to be built directly into alternate roms, like graphene, /e/ or even lineage so this feature is available on those roms without the user needing to root their phone.
interesting. f-droid has an app called xprivacylua which seems to be a successor to xprivacy. last updated less than a year ago. the problem is that it requires rooting the phone which not many people will want to do, and the xposed framework comes with a big warning that it could prevent android from booting.
what we need is to have this integrated into the core OS so that it can safely be used by anyone.
Yes, basically. After you root the device and install things like Xposed, "safety" feature called SafetyNet will most likely start reporting to apps that your device is untrusted. Google Pay, some banking apps and similar software may stop working or complain. There are still some ways to cloak the root and let SafetyNet pass but that may easily change with a simple Google Play Services OTA upgrade or something like that and it is simply not worth the risk for me personally. I don't want to spend days hacking around a recent update in order to regain the ability to pay with my phone, I don't want to block a queue of people when a payment machine displays generic rejection errors...
Can't happen. Maps uses Google Location Services, which is built into Android and replaces the default, raw-sensor location provider for all applications. They have sunk their rootkit deep. You can't do this without uninstalling Google Play Services.
I have several other apps (Twitter for example) who are able to tell that I have notifications for them turned off, and consequently they bug me to turn on notifications. I need a spoofing layer that tells Twitter "notifications are turned on" even when they're off, because if the app can tell some feature is turned off it will bug me or in some cases fail to work at all. So it's also critically important that there be no way for applications to figure out that the spoofing layer is in place.