- You can prevent apps from accessing your contacts in Settings / Apps / Permissions. You don’t need third party tools for that specific purpose.
- TWRP has no issues accessing an encrypted
datapartition. Just flash the latest version.
- There definitely are some hostile developers who distribute malicious apps to steal your personal information. But I’m not sure if using these apps and then trying to prevent them from doing their evil work is such a great idea. Maybe not installing them in the first place might be an option? But that’s just my personal opinion.
- denying apps permissions
Yes, you can do that. And I’m noticing lots of apps are now reacting to that by outright refusing to run unless you give them the permission they demand. This is war, they play dirty. Xprivacy takes the next logical step, by granting them permission and then giving them fake data.
- flashing TWRP
This seems a pretty far step to take. The main reason I bought a fairphone was that it is a supported, warranty-intact way to buy a rooted phone. Wouldn’t I lose that if I reflash TWRP? Is there any chance that a later version of TWRP that is able to read encrypted partitions might make its way into the official images?
- just say “no”
No, and I believe it’s really important that anyone involved in technology understands this. If my friends and colleagues choose to use a messaging app, I literally do not have the option to choose not to. Human beings require social networks to survive, and as those networks migrate online none of us has the option of opting out.
The malicious apps I’m talking about in particular are WhatsApp, Skype, Messenger, and WeChat. Those happen to be the most popular messaging apps on the planet. Choosing not to use any of them is not practical for anyone who doesn’t live in a cave. WeChat in particular is so utterly dominant that opting out doesn’t just cut you off from your friends, it cuts you off from employment and everyday transactions. At the same time, the Chinese government is obviously scraping every last bit of communication out of the app. And if you’re saying “don’t live in China”, you’re ignoring the trends in the US pointing in the same direction.
The sad reality is, if you care about privacy, Android is enemy territory. You have to treat using an Android app as if you were marching into a battlefield.
OK, obviously we have very different opinions about how to handle malicious apps and services. I’ve no interest in fighting any wars. If I don’t trust an app then I don’t use it, period. That’s why I’ve never used any of the messaging services you mentioned. But you’re right, I have no idea about life in China. And this could become a lengthy discussion without actually solving your problem, so let’s just agree to disagree.
On topic: Flashing a new TWRP will not void your warranty because you can revert that anytime. The recovery is only active while using it and does not interfere with Android. There is even a way of booting the latest TWRP without having to flash it; you’ll find it here on the forum. (In contrast, installing Xposed heavily modifies Android and is certainly not supported by Fairphone. Which doesn’t mean that you shouldn’t do it.) If your phone is encrypted you should really use a recovery which supports encryption. It makes things much easier. I have no idea why Open OS comes with an outdated TWRP and if / when this will change.
OK, those are all useful answers, thanks! I guess I will update TWRP as the cleanest way to get this process underway. Definitely a weekend job though…
Are there any hints as to how to actually install TWRP? I ask because I found this link:
$ adb reboot bootloader * daemon not running. starting it now at tcp:5037 * * daemon started successfully * $ fastboot flash recovery twrp-3.1.1-2-FP2.img target reported max download size of 536870912 bytes sending 'recovery' (10468 KB)... OKAY [ 0.332s] writing 'recovery'... OKAY [ 0.258s] finished. total time: 0.590s $ fastboot reboot rebooting... finished. total time: 0.005s
And now when I boot TWRP it says it’s version 3.0.2-0. That’s weird right? How come the install didn’t work?
What is the minimum version that can read an encrypted partition?
You mean besides the detailed wiki post about Using TWRP on the Fairphone 2?
One important step is to boot directly into TWRP after flashing it. Don’t boot into Android first, this might restore stock recovery.
If that doesn’t work, try booting TWRP without flashing it and proceed from there.
For what it’s worth (link is dead and the latest TWRP version should work anyway) …
Aha! Yes, I must have rebooted into Android last time. I reflashed and now it seems fine. Thanks!
Yes, latest should work, if not please tell me!
Alright, I got the phone updated. It’s a little complicated now. Installing the new OS also downgrades TWRP again. So I had to use adb to reflash TWRP. Then I could install XPrivacy, and finally boot the OS. I guess I have to do all three steps every time I install an update in future. It doesn’t seem to be possible to install an OS update untethered.
Incidentally, TWRP now insists on installing its own app, and it looks highly suspicious. Why does it need to access my GPS location and my call history? That’s exactly the kind of thing that makes me unwilling to allow the phone to boot without XPrivacy running. The app is entirely useless too, since it doesn’t support the Fairphone 2. But if I uninstall it I get constantly nagged.
Don’t update via the built-in mechanism, but download the package to your SD and flash it from within your (new version of) TWRP. This shouldn’t downgrade your TWRP and you can re-flash your custom stuff directly. This is how I did it for a long time with FPOS.
And yes, they try to install a suspicious app, but it’s optional. As long as you take care, nothing happens
OK, I’ll try it that way next time. Hopefully I’m done for a month or two now.
I second that. Also …
I’ll consider LineageOS, once it’s had a few months to settle in. I do hope that works out well. It’d be great if Fairphone could just switch to supporting that project instead of maintaining two entire OSs of their own.
Just to be clear … I didn’t want to promote LineageOS with this (as much as it deserves it), I was just too lazy to type my TWRP backup - update routine ad again .
What retsifp and AnotherElk said. Also, there is an app called FlashFire which makes updating modified devices even easier. I wrote a how-to about updating with FlashFire when using Magisk, but it should work pretty much the same way when using “standard” (non-systemless) Xposed.
You don’t need this app (as you noticed). The installation prompts can be disabled in the TWRP settings.
FPOS 17.11.2 is currently in beta testing, so you should have another opportunity to test your update procedure in a few days!
Not going to happen. The vast majority of “western” Android users (yes, even Fairphone users) wants the Play Store (and maybe other Google services). While the Open OS and LineageOS communities are very active here on the forum, most FP2 owners use the phone just like it is.
“Don’t update via the built-in mechanism, but download the package to your SD and flash it from within your (new version of) TWRP.”
I’m trying to upgrade again (I skipped last month’s, just couldn’t face the complexity). How do I actually do the sentence above?
What I did was download fp2-sibon-17.12.1-manual-userdebug.zip. I stored it on my (encrypted) SD card and booted into TWRP. I selected the zip file - and TWRP failed to install it. It was happy to install Xposed, however.
Looking at the download page and a few other forum posts, it looks like it’s supposed to be installed by tethering to a computer and putting the phone in fastboot mode. But when I tried to do that, my computer just hung after this step:
** Fairphone Open 17.12.1 Manual Flashing Script ** Validating files... Validation complete.
Is there a different file I’m supposed to download to flash from the phone?
Also, this forum post makes it seem like I have to do all kinds of crazy editing if I don’t want to downgrade TWRP (if I downgrade TWRP I can’t access my encrypted data). Is that true or is that misleading?
You need the OTA file for installing via TWRP (even if it says “Upgrade” on the page, it is the complete OS), not the manual one, and not the switcher ones.
This doesn’t apply when you install the OTA file via TWRP.
Ah! Thanks for that, upgrade went perfectly!