Location leaking #233
Comments
|
Can you please post a link to the app, so I can look into it? |
|
when you select "attach loocation" on a new tweet it will post your real location instead if the spoofed one. |
|
I have just tested and for me the location is 'Christmass Island'.
I like to see at least all messages with '... hooked ...' |
|
Still getting the same errors, now it won't spoof the location of maps? Anyway I can send you my log file? |
|
Yes, please send me a log file. |
|
Do you get an alert saying 'Incompatible ...' when you start XPrivacy? |
|
Did you flash the Xposed fix? |
|
Location didn't leak for me using the app Network info II, but Wifi SSID does. |
|
I have flashed the xposed fix, i know for a fact its working because spoofing gps on gmaps does not work with out it. |
|
Could somebody try with this version? http://d-h.st/nST |
|
ok ill grab it |
|
Also try to flash the Xposed fix again, it is the most logical explanation for the location leak. |
|
@vipere decompiled Network Info II, thanks! |
|
If the previous test version still doesn't restrict the location, then please try this version: http://d-h.st/Noc |
|
SSID leak is fixed. The issue with location in network info II is still there, its not grabbing my spoofed location like it used to. Still did not fix the issue of network info saying location was unavailable. SO then i decided to give network info all perms back. everything in it got proper info BUT location info. so then i uninstalled network info II. reinstalled. STILL could not get the spoofed location to work. then i exported my xprivacy data, wiped xprivacys cache and data. rebooted re-imported xprivacy's settings checked that network info II worked and it did and now location was proper. so then i went into xprivacy limited the perms on network info II the exact same way i had before when location was not working. and BAM its picking up my spoofed location now. I have no idea what going on. i tried to grep for xprivacy touching network info when it was all buggered up but i gave it all perms back, and didn't see a single thing. |
|
Could you please send me your exported XPrivacy settings? |
|
sure ill email them |
|
email has been sent |
|
Hi, This morning i updated my rom, flashed the fix and installed the second testversion. The problem remains thesame in wechat |
|
Did anybody try the second test version from above? |
|
well, i did. |
|
I tested it as well that's what my above report was based on that you asked for my settings XML from |
|
@GhostlyCrowd thanks for your exported settings. Did you update Network Info II recently? |
|
Device: Samsung SGH-I747M |
|
Samsung Galaxy SIII (GT-I9300), Vanilla rootbox nightly 4.2.2, Fix 4.2 |
|
"CM nightly updated daily": do you also flash the Xposed fix daily? |
|
@M66B: do i need to give up on wechat after reading your answer to GhostlyCrowd? |
|
@M66B |
|
if an app uses GS network/location: can it be that users blocks "something" for this app so that it cannot ask GS for the location? |
|
@treare Already working on that ;-) |
|
Thanks. Still i have doubts about what i wrote earlier. I think wechat has nothing much to do with GS after all. What bothers me most is that wechat is the only app that only triggers the gps icon when its location is not blocked. All other apps ive tried, i think 5 or 6, get the gps icon, blocked or not. Even whatsapp and flightradarOp 21:18, 17 juli 2013, schreef Marcel Bokhorst:@treare Already working on that ;-) —Reply to this email directly or view it on GitHub. |
|
XPrivacy doesn't block the GPS, it only spoof the location or returns an empty location. |
|
Well... you told me that before but thats exactly the problem with wechat. If i block location and i enter location feature in wechat the icon is not shown. In other apps if i block location and ask for the location the icon is shown like you say (but location is spoofed ofcourse)Op 21:29, 17 juli 2013, schreef Marcel Bokhorst:XPrivacy doesn't block the GPS, it only spoof the location or returns an empty location. —Reply to this email directly or view it on GitHub. |
|
If the gps icon is not shown then it means wechat must be probing something else besides the actual gps hardware for location. maybe GS or something. that icon only shows up when something probes the actual hardware so ive been told. |
|
@GhostlyCrowd: i tested with GS which makes no difference. But as said before: the icon is there if i dont block location. Its not there if location is blocked. Wechat is the only app that doesnt turn on the icon when location is blocked.Op 21:42, 17 juli 2013, schreef GhostlyCrowd:If the gps icon is not shown then it means wechat must be probing something else besides the actual gps hardware for location. maybe GS or something. that icon only shows up when something probes the actual hardware so ive been told. —Reply to this email directly or view it on GitHub. |
|
Test version 1.7.1: http://d-h.st/0of |
|
Reboot is still required to make it work ... |
|
Installed 1.7.1 like you described and tested it with flightradar. Afterwards with whatsapp. GS has nothing blocked. The 2 apps could find my correct location. I think "connect" doesnt work.Op 21:55, 17 juli 2013, schreef Marcel Bokhorst:Reboot is still required to make it work ... —Reply to this email directly or view it on GitHub. |
|
Whatsapp caches the location itself. Clearing data helps. |
|
Ok wiped whatsapp completely. I have set moscow as location. Whatsapp thinks im somewhere in san fransisco now. Flightradar stayed thesame. It finds my coorect location. Everything blocked for flightradar (also connect) except for internet. Some more tests in the morning.Op 22:07, 17 juli 2013, schreef Marcel Bokhorst:Whatsapp caches the location itself. Clearing data helps. —Reply to this email directly or view it on GitHub. |
|
@M66B Alright, installed 1.7.1, drilled down "Connect" and now when i launch Network Info II it sees my spoofed location even with GS location spoofed.looks like you have solved the leak in this aspect. I will test whats app now with the others. As well as Flight Radar. |
|
Flightradar is using Google maps, see the wiki for how to restrict Google Maps. Speaking about the wiki, could you please document in the wiki what we have found out here? Am I correct we have an explanation/fix for all leaks now? |
|
@treare Whatsapp is in fact seeing my gps location as spoofed, it just doesn't auto move the map to that location instead it is sitting on the default map area that whats app has in San Fransisco but if i zoom out i can see my blue gps marker and when i zoom in its indeed my spoofed location. Flight radar is also showing my proper spoofed location. i have Connect drilled down on both these apps as well as the rest of the location stuff good stuff! @M66B |
|
Hi again, Here's what i did. This morning i wiped whatsapp's data. blocked everything in location and in netword adressess for whatsapp. connect ofcourse also. i did NOT block GS as i assume it cannot be reached by whatsapp. instead of using wifi at home i started driving. it finds my correct location. this could not have been cached. Flightradar: it uses google maps? i don't have that installed. also here:
it's clear to me that "connect" does something but that it's not fully working or am i missing something? with "connect" enabled for an app blocking GS from location/network should not be necessary, right? Ghost wrote earlier: "Alright, installed 1.7.1, drilled down "Connect" and now when i launch Network Info II it sees my spoofed location even with GS location spoofed." why spoof GS when connect is ticked? as i understand with connect for lets say, flightradar enabled, GS shouldnt be spoofed |
|
Flight radar comes with the Google Maps library, meaning that it should be restricted as Google Maps (GS). To be clear: if connect is ticked it should not be necessary to restrict GS. |
|
I killed, wiped data, wipe cache, rebooted etc etc etc. Between all critical steps. Will read about google maps in the wiki again later on but im sure that i do it correct for flightradar as i am able to spoof its location. Only not with using "connect".Op 08:15, 18 juli 2013, schreef Marcel Bokhorst:Flight radar comes with the Google Maps library, meaning that it should be restricted as Google Maps (GS). To be clear: if connect is ticked it should not be necessary to restrict GS. —Reply to this email directly or view it on GitHub. |
|
"Did you also kill WhatsApp after clearing data?": yes |
|
arg... second time i lose a comment here. sorry for the unclear answers. i killed whatsapp, cleared data and cache and rebooted to be sure. for flightradar: i know how to spoof it, thats not the problem, but not using "connect": if i tick "connect" for FR and do not spoof GS: FR DOES find my real location. GS spoofing: network address and location + reboot after every change |
|
@M66B did you mean whatsapps data or cache? I dont wanna lose all my histories etc.. |
|
Btw: I have Version 1.7.1 installed. Whatsapp can no longer access on my real location:) |
|
I am closing this issue now, since the discussion is getting to long and the problem for most cases seemed to be explained/fixed. Create a new issue for the apps where there is still a location leak. |
|
Last question: There's anything about the fix in the newest changelog. Is this fix here still included? |
|
Yes, I will add it to the changelog, I just forgot. |
|
:) |
every app is getting a spoofed location besides seesmic. I've disabled all location services and added various cities to the xpiracy location field. anyone else experiencing this problem?
The text was updated successfully, but these errors were encountered: