
Cyanogen Mod: Run in Incognito Mode - gulbrandr
https://plus.google.com/100275307499530023476/posts/6jzWcRR6hyu
======
ac
While I think this mode is useful, what I'd really like to see is Cyanogen
integrating OpenPDroid [1,2]. OpenPDroid allows for more fine-grained
permissions which, I think, is what we need. Because the real problem is not
running suspicious programs completely sandboxed from the private data. It's
running the otherwise useful apps that request too many permissions that we'd
like to keep in check, but still use (which would require allowing them to
access _some_ of our data).

[1] [http://forum.xda-
developers.com/showthread.php?t=2098156](http://forum.xda-
developers.com/showthread.php?t=2098156)

[2] [https://github.com/OpenPDroid](https://github.com/OpenPDroid)

~~~
discostrings
I couldn't agree more--OpenPDroid is great, and I would suggest anyone who
values privacy and who is technically inclined give it a try.

Unfortunately, we won't be seeing it baked into CyanogenMod. CyanogenMod used
to have a feature to disable specific permissions back in the CM7 days. As I
understand it, Google insinuated that CyanogenMod would likely be banned from
the Android Market if that feature continued; it wasn't ported to CM9. That's
why I imagine this new incognito feature isn't configurable and can only be
turned fully on or fully off.

Still, this is a step in the right direction. There's a lot of room to stand
up to Google about data privacy right now, and I'm glad to see a big player
doing it.

~~~
MWil
I'm running CM10 on my phone but I'm not sure where the most recent OpenPDroid
installation is or whether it's phone dependent or not...

Mind enlightening me a bit? Thanks!

~~~
discostrings
There's an auto-patcher utility[1] they've developed--you basically give it
your ROM file and specify the patch, and it'll generate an update file you can
flash to enable it (as well another file you can flash to remove it).

There's also a utility mentioned on that page that provides a GUI for Windows
that will automatically download patches and run the auto-patcher[2].

It's definitely not easy yet, but it's not too difficult to get through if
you're used to this sort of thing.

[1] [http://forum.xda-
developers.com/showthread.php?t=1719408](http://forum.xda-
developers.com/showthread.php?t=1719408)

[2] [http://forum.xda-
developers.com/showpost.php?p=31648393](http://forum.xda-
developers.com/showpost.php?p=31648393)

~~~
MWil
Thank you for replying (and thanks to the others too but this was more
helpful). That certainly sounds within my pea-brain's ability to follow
directions.

------
jlgreco
> _The API provides a simple isIncognito() call which will tell you if
> incognito is enabled for the process (or the calling process). Third party
> applications can honor the feature using this API, or they can choose to
> display pictures of cats instead of running normally._

Does anybody know what the logic behind this is? I assume "incognito" modes in
browsers don't expose something similar. Is the idea that if this is provided,
then application programmers will be less inclined to attempt to subvert the
system?

~~~
Xlythe
From what I've read: It always disables access to contacts, location data, and
the like. Apps, however, have their own saved state (say, your score in a
game). The idea is they can selectively choose to run in Guest mode when
incognito is enabled.

It'd be cool if they forced apps to run in a temporary directory like how
incognito mode saves cookies in the browser. Apps would appear as if you wiped
their data. CyanogenMod's implementation seems like something you'd leave on,
though, and constantly losing your data would be no fun (no server to backup
all changes you make, unlike the web).

------
Spittie
I gladly welcome this. While it's not nearly as powerful as OpenPDroid or
similiar, it's a good option designed for the "average user".

I know that the average user isn't going to flash a new rom, but that's
exactly the feel that I get from CyanogenMod: a polished additional experience
over AOSP, that even the average user could use and enjoy.

Other custom rom, like AOKP, already include a more featureful permission
manager. It gives all the control you'll ever need, but it's not as easy to
use and it might cause some applications to crash. And the "advanced" user can
always flash OpenPDroid over CyanogenMod, thanks to the auto-patcher it only
takes few minutes.

Keep also in mind that this is designed pretty much for Facebook, the most
hated application on Android.

~~~
magic_haze
I'm not an Android user, so I'm curious: what's so bad about the Facebook app?

~~~
yareally
If you do a quick search of the Android Forums, a general complaint is just
the performance of it while Facebook runs in the background as a service
(impacting the currently used app) . Also tends to be a battery hog from all
the syncing it does. I don't want to get into the whole privacy debate on it,
so I'll let someone else field that part.

However, Android Permissions are "all or nothing" when you install an app.
Combined with apps being able to potentially access much more than other
platforms based on the permissions an app requires (as well as any app can
read your sdcard without permission prior to Android 4.1 [though it's still
disabled by default on 4.1 so apps not accounting for that permission don't
crash]) and the need of some people to install certain apps, they must choose
what is more important--potentially giving into whatever permissions this app
wants or doing without.

I don't personally use it because I don't want Facebook on my rooted Android
device (though I'm like that for most apps), but I have seen those reoccurring
complaints over the last few years.

~~~
jjsz
Can I get away with uninstalling the main Facebook app but keeping Messenger
to save battery, or will I have to opt for an IM client that doesn't work with
Facebook chat groups?

~~~
yareally
I never used the Facebook app on Android personally, so I do not know. Was not
even aware they were two separate apps. Perhaps someone else can chime in.

------
jaryd
This looks like it would be an excellent addition to CyanogenMod. Also, for
any CM users that might be lurking: Have any of you been able to get
SEforAndroid
([http://selinuxproject.org/page/SEAndroid](http://selinuxproject.org/page/SEAndroid))
running? I haven't spent too much effort researching this, but would be very
interested to hear some anecdotes/experiences.

~~~
yareally
It's on my list of things to integrate into my own Android Builds, but have
not had time to do much AOSP modding lately.

------
angryasian
Another option I've found is xprivacy using the xposed framework

[http://forum.xda-developers.com/showthread.php?t=2320783](http://forum.xda-
developers.com/showthread.php?t=2320783)

------
guelo
Note that Cyanogen Mod has previously rejected features that would cost Google
ad revenue because they don't want to anger Google.

~~~
angryasian
Without a citation its complete bs. If you're speaking of cornerstone it was
not because of Google its because of stability and apps. If cornerstone was
useful some ROM would have integrated it and its not found anywhere.

~~~
ce4
He probably talks about this rejected 2011 patch:
[http://review.cyanogenmod.org/#/c/5677/](http://review.cyanogenmod.org/#/c/5677/)
The first comment reads: "I am not sure that this is the direction I want to
see CM go. This will piss off developers, carriers, and probably Google."

~~~
angryasian
If you continue reading the thread its primarily because its unfriendly to
developers. Seeding dummy data and interfering with developer source of
revenue is not something they wanted at the time. Even with this incognito
mode, they are attempting to do it in a developer friendly way.

~~~
ce4
Yep, they want to retain the API's semantic as much as possible. BTW,
OpenPdroid and similar are even more invasive and unfriendly to developers and
revenue (randomize IMEI on each call,etc.). Regarding the pleas to merge this:
That patch will definitely not make it into CM. That's also the reason why the
original PDroid has been delivered as both a normal patch for the source and
as .smali patch for use with apktool to enable easy integration the way
autopatcher does.

