zlacker

[return to "Everyone knows all the apps on your phone"]
1. captn3+ou[view] [source] 2025-03-30 02:37:34
>>gnitin+(OP)
The ACTION_MAIN loophole has been written about before: https://commonsware.com/blog/2020/04/05/android-r-package-vi...

Google refuses to patch this. I wonder what would happen if you submit it to the Android VDP as a permission bypass.

There’s also this SO question by the author about the bypass: https://stackoverflow.com/q/79527331

◧◩
2. 3abito+RC[view] [source] 2025-03-30 04:13:33
>>captn3+ou
> Google refuses to patch this.

That's why projects like XPL-Extended (and previously XPrivacyLua), are an absolute need. I never run an android phone without these.

◧◩◪
3. ignora+PU[view] [source] 2025-03-30 08:21:23
>>3abito+RC
XPrivactLua and other XposedMod/Magisk extensions break open the app sandbox. It is better to restrict running those on usereng/eng builds (test devices). For prod builds (user devices), I'd recommend using Work Profiles (GrapheneOS supports upto 31 in parallel) or Private Spaces (on Android 15+) to truly isolate apps from one another.
◧◩◪◨
4. saturn+bk1[view] [source] 2025-03-30 13:19:38
>>ignora+PU
I'm on Android 14 and I've been pretty happy with an app called Insular on F-Droid or Island on the Play Store. It let's you install as many instances of an app as you'd like and they'll show up in the work profile, ignorant of the others' existence.
◧◩◪◨⬒
5. 1oooqo+oF1[view] [source] 2025-03-30 16:19:06
>>saturn+bk1
it's a frontend to work profiles feature.

not recommended to run insular anymore. use Shelter for a14

[go to top]