I would love to use this, but I don't want to allow a third party app with closed source to read all my notifications. This can read OTP passwords, full messages, etc. so it must be open source for me to consider it.
I would donate/pay for this if it was open source on F-Droid.
Kudos to you for building it. I put off building this exact same application so many times it's not even funny. Too bad I'm too lazy to maintain something like this.
>I would love to use this, but I don't want to allow a third party app with closed source to read all my notifications. This can read OTP passwords, full messages, etc. so it must be open source for me to consider it.
The app lacks the INTERNET permission so it can't really exfiltrate data even if it wanted to.
This is correct, but it is still a slippery slope. At some point the dev ends up adding internet permission (might be for legit reasons too), and lo and behold you are sharing your data. For something as sensitive as notifications, I really can't trust anything but open-source app which is vetted by a few seasoned people and hosted on F-droid.
Related, GrapheneOS has a handy feature to disable network access for individual apps.
Also non-GrapheneOS Android. I'm on CrDroid (Android 16), ans if I go into "Settings -> Apps -> Some App -> Mobile data usage", there's a toggle for "Allow internet access", and a few more to control network access on Wi-Fi, cellular, background, and VPN.
If the permission is added in retrospect wouldn’t you still need to opt in?
fwiw i completely agree that oss is the way to go here
The "Internet" permission on Android is one of the no-approval ones. If it gets added, you won't notice.
I’m interested in what you’re suggesting. Who are those auditors you trust? Does f-droid imply things have been audited?
f-droid implies
* that the application is source-available;
* toolchain used to build the app is FOSS - application does not use Play Services, or proprietary tracking/analytics, or proprietary ad libraries.
* application toolchain doesn't depend on "binary blobs";
Not even passing the sniff test on those easy to meet requirements is suspicious.
Would a safe alternative (albeit annoying to update) be to side load the apk for the purpose of eliminating the possibility of auto updates brought on by an app store?
That's another pet peeve of mine: Why the hell can't we block internet access for apps in (native) Android? Everything else is a permission, but this is not, somehow.
Maybe Google doesn't want users blocking ads from getting loaded.
ADs work via play services so even if you block internet for the app the ADs will continue to work.
The reason many apps stop showing ADs when their internet is blocked is because they need to make an API call to their own servers before running the AD. That is the common behavior but not mandatory
Wait, we can in Android. In my OnePlus 12 in the app settings under "data usage" there are two toggles for "disable mobile data" / "disable wifi"
Not present with a Pixel with Android 16, my effective choices are:
1. App can't use mobile data in background
2. App can use mobile data in background except in Data Saver mode
3. App can use mobile data in background regardless of Data Saver mode
____
For anyone doing comparisons, the literal settings appear under "Mobile Data Usage" as:
* [X] Background Data ("Enable usage of mobile data in the background")
* [ ] Unrestricted mobile data usage ("Allow unrestricted mobile data access when Data Saver is on")
You mean Google-Android.
Wow, thought it was GrapheneOS only, but no.
Confirmed these settings on One+15 on OOS16 (based on Android 16).
Is it also the case for other Android brands?
P.S. I did use it before to turn off ads.
Google's Pixel phones (near stock Android) famously do NOT have the option.
Google is invested into you having WiFi all the time.
Weirdly, my very old Nexus 6P with the WiFi off, could lie untouched for weeks, with almost no battery depletion. Yet if I turn the WiFi on with near stock Android (meaning no messengers, tens of email accounts, etc, to constantly ping _something_), it just eats the battery within 24 hours tops. Perhaps that’s just the module itself, but I remember flashing LineageOS and having better savings. I have no real numbers to support that right now, although I still have the phone lying around somewhere and could test this some day.
Modern Google Android will use neighbouring WiFi networks to guesstimate your location quickly, so it's scanning even when the toggle says "off" unless you disable it. This location can be queried in the background when nearby devices broadcast the equivalent to Apple's "find my" network broadcasts, because Google uses collected reports of beacons+location to roughly locate tags and such. Opting out of all of that stuff should massively improve standby battery time.
I've also noticed the difference between vendor+custom ROM with a Xiaomi device, which I use as a second phone around the house for controlling smart lights and such. The biggest difference there seems to be that I don't have as many apps installed and as many features enabled, because during active use and shortly after, the battery drains just as fast as (actually a bit faster than) when using the original ROM.
Many custom ROMs (at least the LineageOS-based ones) also don't do thing like configure the country code for the WiFi chip and GPS caches. A large part of the 5GHz spectrum simply doesn't exist (by default) on my custom ROM devices so there's just less to scan in the background.
I believe this has been part of LineageOS since before it was called LineageOS. Most custom ROMs have some kind of internet filtering capability.
Some Chinese/Taiwanese brands do it too, but most western brands don't seem to include a firewall.
Xiaomi phones also have it but you can block Wi-Fi only for user (non system) apps. However you can block mobile data access to all apps.
None of the Samsungs I have owned so far had this feature and neither did my last Pixel.
I have an S25 Ultra with the latest version of Android, and these options don't seem to be there at all. I don't have a "data usage" under Permissions for any apps. I do have a Mobile Data section under App Info for any given app, but there's no way to toggle the options you mentioned.
You can on some devices (many Chinese brands, funnily enough) and on custom ROMs.
There are also (open source) firewall apps that will let you block (non-system) apps if you're on a stock ROM like me.
Technically, this is a permission, just not a user-grantable one. Google has moved quite a few permissions from inherent to user-grantable, but most apps don't work without internet (unfortunately) so I doubt they will do it for the internet permission in stock android.
It is a permission that app can get without asking the user
Lacking INTERNET permission today does not guarantee that the app will never have that permission. The internet permission is considered a "normal" permission by android so it will be auto granted without even a notification to the user.
Moreover an app without internet permission can still send data out using "INTENTS" for other apps in Android. This can make an app dangerous even without internet permission.
I was excited about the application and was dissapointed to see that it was closed source. I will absolutely not trust anyone that I cannot sue with this data. Big companies at least follow some standards that are enforced by multiple governments here we know nothing.
It's hard to rule out intentional side channels without access to source.
Do you mean a no-internet app (like this) could write data locally in a way that another internet-enabled app (in cahoots) could locally receive? Like a non-sandboxed storage area? Seems plausible.
Meta literally got caught doing this.
Writing to a local server, and then uploading from the browser to bypass consent mechanisms.
https://wire.com/en/blog/metas-stealth-tracking-another-eu-w...
yes that and internet permission can be added later and pushed with an update. Unless you are checking permissions after every update you will not know.
Is that actually required? I thought that was implicit
It's automatically granted but the app needs to declare it in order to access internet. Because of that it's not enough that the app _currently_ doesn't request internet permissions, because if it ever starts, it would be mostly transparent to a user
Yes. Without the permission all network requests will just fail.
You can silently add the permission in an update though. It's safe if you don't auto-update it I guess.
Not alone,
but it could prepare a tidy little package for something else to grab later.
Fair enough, you only have my word on it (that it doesn't send any data to the Internet). But you do have my word :)
Another person requested that the app be open-sourced as well. I will look into that.
I would greatly appreciate it, if this was open source :) Especially since this will be able to read 2FA codes sent by SMS. (I get that SMS 2FA codes are not perfectly safe to begin with, I personally don't love them either, but they are still used on a bunch of services)
Just makes me sleep a little better.
I'm going to join the list of voices requesting open source here. If you're not planning to charge money for this, there are several benefits starting with increased trust.
Mobile apps are a cesspool of user-hostile behavior, and I have a strong preference for not giving closed source apps access to sensitive data.
> completely free, and there is no advertising or hidden gotchas
I don't understand why not release the source if the app is completely free, what are you trying to protect?
Putting on my CISO hat, if they release the source, someone else could then create an app, but this time maliciously with said exfiltration of information, and publish it on play with paid ad time.
they probably just wanna keep the option to monetize it in the future open
It's something i've also vaguely thought about building myself, because god damn uber, how many times do you need to send me an advert for uber one? just tell me when my car is here.
so congrats to the author of this. I do agree that I'd prefer it open sourced too, it feels a bit risky it having access to all your notifications.
It took me a moment to find, but Alertly claims to do something similar while being open-source. Last commit was made two years ago though.
https://f-droid.org/packages/com.example.notificationalerter
https://github.com/lightningcpu/Alertly
What about this? https://f-droid.org/packages/co.adityarajput.notifilter
If you're feeling skeptical and just want to be sure, you can use this NetGuard https://github.com/M66B/NetGuard to block internet access for any app.
Just blocking access to internet for this one app is not enough. It can use intents or a shared local storage with some other app to send the data out.
Great tool. Additionally, some Android forks (ColorOS) allow you to do this without apps, directly in the system settings of the app
The irony
App1 abuses notification permission
App2 keeps App1 in check
App3 to keep App2 from abusing network permission
...
TIL! What a find. Thanks mate!
I might actually try this now.
If NetGuard makes you smile, have a look at ReThink.
Fast/private DNS, firewall, logs, VPN (WireGuard) ready to go.
You're welcome
If you're that paranoid, you might also consider not using F-Droid:
https://www.privacyguides.org/en/android/obtaining-apps/#f-d...
https://discuss.grapheneos.org/d/15490-f-droid-or-obtainium
TIL!
IDK if I would consider not blindly trusting an unknown third party to read all my notifications being paranoid, but if it is, then yeah, I guess I am.
I've used F-droid merely due to the open source guarantee, so how fast these apps are patched isn't a deal-breaker for me, but I'll definitely look into Obtanium now.
Thank you!
As a developer, the fact that F-Droid now compiles all your packages for you, using their own keys, is a non-starter for me. It means they are free to modify my code however they want or inject malware etc. (whether by mistake or not), and it's totally outside of my control, but still has my name on it.
I guess we can't win, can we? I worried more about random developers getting compromised since the surface area is much larger, but at the same time one entity compiling all packages makes them a more attractive target.
We've seen the released bundles being different to the source code before too AFAIR, so whether it's a single repository or F-Droid, both can easily screw users up if compromised.
I don't want to be paranoid but the world's not making it easy.
What I'd like to see is enforced reproducible builds from multiple sources with publicly published and verifiable results that don't fall out of date.
Absolutely! It is a sovereignty software effectively, it could be OSS only, otherwise treated as "soon to turn into bloatware cash-cow to death". There is no other way to gain trust, but staying closed source is a way to confirm distrust. If dev scared about monetization that much, that's a pre-bloatware effectively.