 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
David Kramer wrote: > I take lots of notes and make lots of lists. As far as notes and lists are concerned, that's a fertile ground for apps, and there are at least a few aimed at technical users and they accommodate unconventional syncing mechanisms, like saving data to Dropbox (technically no better than a public cloud) and private servers. Like Todo.txt: https://play.google.com/store/apps/details?id=com.todotxt.todotxttouch which uses plain text files. So I'm pretty confident you'll find something that fits your needs in that area. > I'm hoping NOT to root it, at least not at first... That was the path I followed with my first Android phone, and it may have been a mistake. The problem is that once you've used the phone for a while, you'll likely want to preserve what you have created/customized, yet in many cases rooting will require wiping the device, and fully backing up will require wiping the device to install the necessary backup tools (not always the case). So you could end up creating a bigger hurdle against rooting/ROMing in the future. For a hacker-type, I recommend selecting a phone while strongly taking into consideration the ease of rooting/ROMing and the opinions of groups like xdadevelopers. And plan to root and fully backup the device before you get invested in the stock ROM. This is also the time to experiment with alternate ROMs where you have the least to loose. Of course if you are new to Android and haven't lived with it for some time, you won't really have a feel for what you like better about one ROM vs. another. > I know you can turn off syncing contacts with GMail, but I had > assumed if I turned that off, then I wouldn't have to worry so much > about them getting my contacts. I get the impression you all think > that's not the case. It should be the case, but I guess I'd just remain a bit skeptical. I'd feel way better about the privacy of Android if it supported a per-app permission and network firewall. (WhisperSystems was working on this before they got bought up by Twitter.) Then you could disregard some application's declaration that it has permission to access your contacts, and simply deny it, knowing that you'd be deprived of some bit of ancillary functionality, but the rest of the app would still function as designed. Similarly, you could clamp down outbound connections used by apps, and completely shut off apps that have no real business talking to the Internet (of course this would break a bunch of ad services, but it would be good motivation for small app developers to make use of a shared ad service on your device, which you could grant net access). > If I load a replacement ROM, do my chances of keeping my data private > increase? How? Richard has a point about arbitrary apps using Google cloud storage. While you can turn off some specific things, like syncing of contacts, app settings will get synced without any fine-grained control. A while back I asked an app developer whether they could use Google's cloud storage as a way to synchronize the app's data currently held in an SQLite database, and he replied, "This storage is just for backing up and restoring app settings, which happens totally automatic. Google does not provide the means to control and use it as basic storage, nor do they want you to." So apparently apps use an API for storing settings, probably similar to the way a Windows application would use the registry, or a GNOME application would use gconf, and Google transparently backs that up to the cloud. While bulk data storage is more explicitly managed by the application, and not automatically backed up. So even with a custom ROM with root access and the ability to get rid of privacy leaking carrier bloatware and some Google apps, you may still be leaking information. It makes you wonder, as lots of apps store login credentials for various services they make use of. In some cases those will be low-risk app-specific tokens, but in other cases they're actual passwords. Are these being encrypted before being sent to the cloud? Not likely, as it would defeat the ability for you to recover the data on a new device (because they assume a user can't back up a key or passphrase). > When it comes to rooting, my main objections are not the inconvenience, > but reliability and support. I imagine if you chose a mainstream device and a mainstream ROM, support would be pretty good. The Android user base is certainly getting big enough, so that even with you slice off a fringe of people who bother to load a third part ROM, the community is still fairly sizable. -Tom -- Tom Metro Venture Logic, Newton, MA, USA "Enterprise solutions through open source." Professional Profile: http://tmetro.venturelogic.com/
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
