Have you ever refused to install an app because it wants too many permissions? Yeah, a lot of people have, and we don't blame them. A little too much trust can lead to stolen information, mysterious charges on your cellular bill, or worse. Thanks to developer M66B, we've got a simple way to lock down potentially misbehaving software. His new mod, XPrivacy, can block several types of activities and queries, despite the permissions granted at installation. It can even substitute GPS coordinates and your MAC address, with plans to add support for more types of data in the future. This is a lot like the upcoming Incognito Mode in CyanogenMod, but it can be used with almost any rooted ROM, including those from OEMs.

2013-06-22 23.30.232013-06-22 17.05.222013-06-22 20.34.20

XPrivacy requires a fairly simple manual process to install, and you'll need a rooted device running Android 4.1 or above (sorry, MIUI is incompatible). The app also relies on the Xposed framework, a platform similar to the recently released Cydia Substrate, which makes it possible to deeply modify how software runs on Android.

The interface is really simple to use, but you will probably stumble a bit at first because some common conventions are ignored. Tapping almost anywhere on a row toggles the restriction for only the current category/permission. You will have to specifically tap on the app icon to configure all of its specific permissions. At least there are some helpful indicators for apps with Internet access (globe), the given Permission (green checkmark), and if APIs have been used (warning triangle) for that category since XPrivacy had been installed. Keep in mind, denying access to certain features may cause some apps to be unstable or hang completely. In my experience, most apps worked as expected, but a few froze or became unusable.

Here is a current list of restrictions that can be imposed:

  • Accounts (Google, Facebook, etc.)
  • Browser (bookmarks / history)
  • Calendar
  • Calling (phone, SMS, MMS)
  • Contacts
  • Identification (device)
  • Internet
  • Location (fine/coarse)
  • Media (audio, photo, video)
  • Messages (SMS, MMS)
  • Network (addresses)
  • Phone (ID, numbers, calls)
  • External storage (SD card)
  • Shell (commands, superuser)
  • System (installed apps)
  • View (browser)

It's important to remember, XPrivacy is not a substitute for common sense, so readers are advised to remain cautious with potentially malicious software. All the same, this is a great tool for trying out apps without exposing things like your contact list and browser history to prying eyes. It can also be helpful for reining in particularly data-hungry apps by shutting down their Internet access or blocking individual apps from abusing the GPS (great idea abqnm).

Again, the software is free to install, but there is an unlock key on the Play Store that allows users to import and export configurations across devices. Please remember to make backups and read all instructions carefully. Happy modding!

Source: XPrivacy thread & Github Repository

Thanks, Joseph John!