|
|
|
|
|
|
by _e
1901 days ago
|
|
|
I have used XPrivacyLua for years. It is great but not perfect. Daniel Micay,author of GrapheneOS (an Android fork), pointed out some shortcomings of XPrivacyLua on reddit[0]: You do probably want the ability to force apps to see fake data, but this doesn't do that. It's a client-side check inserted into the app that the app can bypass (even unintentionally, by using a different client-side implementation) or disable. It does not provide any isolation and cannot fundamentally improve privacy / security because it's based on client side checks, which is not a working approach. It relies on apps not accessing the data via other approaches or alternate implementations of the client-side code, which isn't uncommon. Apps can also detect it and simply work around it directly. This will only give you a false sense of privacy / security. Apps will likely use the fake data for their user-facing functionality, making you think that it works, but a tracking SDK bundled with the app can easily bypass this and harvest your data if you allow the permissions via the OS. This is harmful approach... [0] https://www.reddit.com/r/GrapheneOS/comments/ch5kv8/is_magis... |
|
|