Play store: application list #373
Comments
|
It might have something to do with Google Play's market links, because you can use |
|
well titanium has account data blocked and complains about not beeing able to retrieve auth token when I try to change market links ("accounts" blocked in xprivacy, so it shouldnt be able to "link" apps to market in the first place, should it?!) and this also happens with real sideloaded apks or apks i had installed before installing the play store (phone is with minimal gapps: Google Account Manager, Google Fraemwork, Google Play Store only). It seems like the play store retrieves this information different than through "getinstalledapppackages"?! |
|
It is likely that the Play store is using a non standard, non documented way to retrieve the installed applications (perhaps through GSF). Unfortunately the Play store is not open source, so it will be difficult to figure out how it works. |
|
I looked again at this bug/problem and I found out that there are some more intents that xprivacy needs to block related to system (installed apps): android.intent.action.PACKAGE_CHANGED I think the last two are fired if the sd_card is mounted/unmounted, not sure if those actually hand out any other information than that, but lets just block it anyway.. :P I found this out by looking at all the receivers of the play store app with romtoolbox. Please try to add the possibility to block these intents as well. |
|
Thanks for figuring this out! |
|
The receiver disabler/enabler of the romtoolbox app is quite handy to find out which intents are hooked to which receivers. Ill see if i can find some more interesting stuff. |
oops.. closed by accident.One more thing I found out. There is also an intent related to accounts which might need some blocking work hehe (not sure if this is needed/helpful, but it might be giving out account info to apps?): android.accounts.LOGIN_ACCOUNTS_CHANGED |
|
I will look into the accounts changed intent too. |
|
Next version will restrict addittional in the system category:
|
|
android.accounts.LOGIN_ACCOUNTS_CHANGED does not need to be restricted, since it carries no data. |
|
Will be in next release. |
Google Play Store with everything checked beside "Internet", "Accounts" and "GservicesProvider" in Identification still manages to recognize which apps are installed.
Sideloaded a few apks and checked the store for them to see they had been marked "installed".
On the same note: When an app is beeing installed through play store, despite having revoked all system (installed apps) permissions, the play store still recognizes when the download and installation is finished.
As far as my researches show, this is related to DownloadBroadcastReceiver which currently cannot be blocked in Xprivacy.
Ideally with all but the true necessary permissions denied the play store should not know which apps are installed on the device and just be able to "start download of new app", whether its alrdy installed or not. (if possible..)
The text was updated successfully, but these errors were encountered: