[regecks]

I use XPrivacy (https://play.google.com/store/apps/details?id=biz.bokhorst.x...).

With it, I have extremely fine-grained access control to a wide variety of "system calls", including access to contacts, text messages and to the device phone number.

In this case, I can permit access temporarily during the 2FA, and then return garbage values the rest of the time. Easy. (Though obviously if they harvest my text messages for other purposes during 2FA, that is a problem - but one can that can be technically solved within XPrivacy imo.)

In other cases, such as running Skype, I deny access to everything always (phone number, my location, contacts, Google accounts are the things Skype makes system calls for) and Skype continue to works fine, so I think this is a viable strategy.

[sizzle]

since first being introduced to XPrivacy, I absolutely can not use an android phone without it. It really opened my eyes to how invasive some apps are when running in the background or just inappropriately accessing info in general (especially location information!)

[sandwell]

It sucks that you have to have a rooted device to use this. While I think Android in general is fantastic, I'm torn but the fact that I am forced to choose between having control of my privacy or being able to use online banking, get regular updates etc.