[chetmanley]

You are right, I tried Firefox as you suggested and it can retrieve the location from the below websites

1. Google maps
2. Ola cabs
3. Swiggy

Location was not identified while using uber.com. I'm getting pickup.currentlocation error.

Can you pls also verify from your side and confirm

Thanks for your help

I just tried uber.com with Firefox on my Key2 with all Google Disabled. It worked without issue and immediately detected the device's location when I allowed the website to access it.

So I'm not sure what might be causing the pickup.currentlocation error on your device, but I don't think it has anything to do with Google Play Services being disabled.

[chetmanley]

Actually, my KEYone does have this issue. It will not display the location if play service is disabled.

On any app? or just Google Maps?

I just re-tested my Keyone (June 5 2019 Patch ABY299) with the latest version of Google Maps installed.

No issues, it shows location in Google Maps regardless of Google Play Services being installed or not.

What might be causing issues is if the GPS almanac isn't up to date (GPS Daemon app connects to time.izatcloud.net and xtrapath.izatcloud.net to upload telemetry and download gps almanac)
If this is the case, then try restarting the device. My Keyone wasn't displaying position (Google play enabled or not) and it wasn't until I restarted the device that it triggered GPS Daemon to recontact those servers and now it works again.

[chetmanley]

A couple things:

1) The above link doesn't work for me. All I get is a page with a bunch of links to "lucky patcher guides;" no .apk's to download.
2) I *think* I found it at luckypatchers dot com but I'm worried it's a fake. Google Play Protect flags it as an unsafe app, which could simply be because of what it does (patch other apps and replace their signatures) but it could also be malware disguising itself as the real app.

Any way to assure myself I have the real app and not some Trojan?

I would suggest you try luckypatchers dot com and download it from there.

Then I would do the following:

Install it in airplane mode with WIFI off.
Run Lucky Patcher and perform a patch on it's own APK which you just downloaded.
-Bottom Right corner -> Rebuild&Install
-Navigate to the APK you downloaded
-Open the APK and Click Rebuild
-Click APK with modified permissions and activities
-Deselect (turn red) all permissions except Read_External_Storage, Write_External_Storage, and (optional) Request_install_packages.
Personally I don't give Lucky Patcher this permission, and use a trusted file manager to install packages after I modify them. The fewer apps with install privileges, the better.

Don't deactivate the light-blue com.Ip.xxxxxx activities.

Then click "rebuild the app". Once complete, navigate to where it was saved (Internal Storage/Android/Data/lucky patcher/files/Luckypatcher/Modified/) and move it out of this folder (to downloads for example).

note: the /Luckypatcher/ folder may actually be called something very strange like ru.lsakdfjasoff

Then uninstall the Lucky Patcher app. You won't be able to simply install over top because the signatures won't match.

Now you can install this patched version which won't have any of those permissions that were just disabled.

If you are particularly concerned, then do all of this on a spare android device, then move the patched app to your main device.

[babugaru1]

I just tried uber.com with Firefox on my Key2 with all Google Disabled. It worked without issue and immediately detected the device's location when I allowed the website to access it.

So I'm not sure what might be causing the pickup.currentlocation error on your device, but I don't think it has anything to do with Google Play Services being disabled.

You are right again. I have enabled the play services and issue persists with uber.com. Not sure what could be the problem.

[JHBrandt]

I would suggest you try luckypatchers dot com and download it from there.

Then I would do the following:

Install it in airplane mode with WIFI off.
Run Lucky Patcher and perform a patch on it's own APK which you just downloaded.
-Bottom Right corner -> Rebuild&Install
-Navigate to the APK you downloaded
-Open the APK and Click Rebuild
-Click APK with modified permissions and activities
-Deselect (turn red) all permissions except Read_External_Storage, Write_External_Storage, and (optional) Request_install_packages.
Personally I don't give Lucky Patcher this permission, and use a trusted file manager to install packages after I modify them. The fewer apps with install privileges, the better.

Don't deactivate the light-blue com.Ip.xxxxxx activities.

Then click "rebuild the app". Once complete, navigate to where it was saved (Internal Storage/Android/Data/lucky patcher/files/Luckypatcher/Modified/) and move it out of this folder (to downloads for example).

note: the /Luckypatcher/ folder may actually be called something very strange like ru.lsakdfjasoff

Then uninstall the Lucky Patcher app. You won't be able to simply install over top because the signatures won't match.

Now you can install this patched version which won't have any of those permissions that were just disabled.

OK thanks; I gave that a go and and the "limited" version seems to run OK.

It did seem to have a disconcerting number of permissions, but I take it the .apk at luckypatchers dot com slash download is nonetheless OK. Any idea what happened to the other link you posted?

[chetmanley]

OK thanks; I gave that a go and and the "limited" version seems to run OK.

It did seem to have a disconcerting number of permissions, but I take it the .apk at luckypatchers dot com slash download is nonetheless OK. Any idea what happened to the other link you posted?

No idea, but the current version of LP I'm using is from luckypatchers dot com.

[chetmanley]

You are right again. I have enabled the play services and issue persists with uber.com. Not sure what could be the problem.

Does it work if you use the full desktop website and not the mobile version?

[bb10adopter111]

Not my circus or monkeys but @chetmanley is better able to confirm

I’m not even using my KEYones until I know more about the new malware issue

I use Google services because I think there is more risk downloading apps from unofficial sources.

My method for securing Android is not to associate it with my real-world identity or use it for any sensitive data. It's registered to an alias with my carrier, uses an alias Google account that isn't used for anything else, and every app on it uses a different email account for the service. In addition, I don't use my carrier-assigned number for anything at all.

I don't mind being tracked around the Internet, so long as I'm tracked as 50 different people, none of whom are actually me!

From the screen of my trusty Z10 using the exceptional BlackBerry VKB.

[chetmanley]

That's certainly one method of tackling this issue.

I've decided to go the route of greatly reducing (in most cases), if not completely stopping (in some cases), the data collection. This has added benefits of reducing battery drain and reducing my data consumption.

Why give "them" anything at all if it can be avoided. And by "them" I'm referring to any company or government which has a vested interest in data collection for surveillance or monetary gain.

As long as Google is on the device, Google knows where that device is, whether the owner is driving, walking, getting into or out of a car, stopping into a shop and what is being browsed on the internet. They know the names, MAC addresses and locations of WIFI routers inside and around the user's house, and those of any other devices the user connect to.

They know the device's IMEI and Carrier and which applications are installed. Thanks to all of the tracking that occurs between applications using Google trackers and the Google Play ID, they can no doubt link the signed in users between those applications. All of this allows them to build accurate profiles of their users, regardless of how many profiles they use.

I feel safer by just killing all of that in the first place, and taking my chances with app sources besides Google. Besides, just because an App is in the Play Store doesn't mean it's not full of Malware. Google can't catch everything as evidenced by the recent news of the Strandhogg vulnerability.
Additionally, nearly every app inside the Playstore contains Google spyware, if not facebook's, Adobe's, or countless other companies' spyware.

I always try my best to verify the safety of applications I choose to use before install, after install, and during use through applications like Lucky Patcher to modify permissions and remove trackers and firewalls like Netguard to monitor who they are connecting back to.

There are many ways to tackle this issue to be sure, but this is how I prefer to tackle it. Unfortunately it's not always leak proof, but it's a trickle versus a fire hose.

Here are some examples of different trackers found in almost every application and the types of data they collect:

Now, whether or not these trackers are successful in collecting all of these bits of data is an open question. But I think the key point to take away is that they are actively trying.

[bb10adopter111]

That's certainly one method of tackling this issue.

I've decided to go the route of greatly reducing (in most cases), if not completely stopping (in some cases), the data collection. This has added benefits of reducing battery drain and reducing my data consumption.

Why give "them" anything at all if it can be avoided. And by "them" I'm referring to any company or government which has a vested interest in data collection for surveillance or monetary gain.

As long as Google is on the device, Google knows where that device is, whether the owner is driving, walking, getting into or out of a car, stopping into a shop and what is being browsed on the internet. They know the names, MAC addresses and locations of WIFI routers inside and around the user's house, and those of any other devices the user connect to.

They know the device's IMEI and Carrier and which applications are installed. Thanks to all of the tracking that occurs between applications using Google trackers and the Google Play ID, they can no doubt link the signed in users between those applications. All of this allows them to build accurate profiles of their users, regardless of how many profiles they use.

I feel safer by just killing all of that in the first place, and taking my chances with app sources besides Google. Besides, just because an App is in the Play Store doesn't mean it's not full of Malware. Google can't catch everything as evidenced by the recent news of the Strandhogg vulnerability.
Additionally, nearly every app inside the Playstore contains Google spyware, if not facebook's, Adobe's, or countless other companies' spyware.

I always try my best to verify the safety of applications I choose to use before install, after install, and during use through applications like Lucky Patcher to modify permissions and remove trackers and firewalls like Netguard to monitor who they are connecting back to.

There are many ways to tackle this issue to be sure, but this is how I prefer to tackle it. Unfortunately it's not always leak proof, but it's a trickle versus a fire hose.

Here are some examples of different trackers found in almost every application and the types of data they collect:

Now, whether or not these trackers are successful in collecting all of these bits of data is an open question. But I think the key point to take away is that they are actively trying.

That's all totally legit. I have no problem with people who are technically sophisticated and take responsibility for their own threat model rolling their own Android with custom configs, downloaded APKs and ROMs. I would do it if I cared enough about Mobile.

My methods would not slow down a targeted investigation by a three-letter agency at all, but that's not my threat model. I just want to defeat the lazy, automated commercial and government surveillance systems that expect me to identify myself with my email accounts, Google accounts,phone numbers, and GPS coordinates (including my home location where I spend the night).

From the screen of my trusty Z10 using the exceptional BlackBerry VKB.

[bblinky]

Hey, I must admit that I did not read all the replies because there's quite a few by now! But as far as I could see you have only talked about the pros/cons and not about the method used to remove google services! I would love some feedback on that since I just got my key2 but I don't like the stare of the google eyes! ( I already payed for the phone, now stop spying on me (for profit or other!))

Best regards
bblinky

[Chuck Finley69]

Hey, I must admit that I did not read all the replies because there's quite a few by now! But as far as I could see you have only talked about the pros/cons and not about the method used to remove google services! I would love some feedback on that since I just got my key2 but I don't like the stare of the google eyes! ( I already payed for the phone, now stop spying on me (for profit or other!))

Best regards
bblinky

Go back to beginning of thread

[chetmanley]

Hey, I must admit that I did not read all the replies because there's quite a few by now! But as far as I could see you have only talked about the pros/cons and not about the method used to remove google services! I would love some feedback on that since I just got my key2 but I don't like the stare of the google eyes! ( I already payed for the phone, now stop spying on me (for profit or other!))

Best regards
bblinky

Hi bblinky,

I think you may be right, my initial post really didn't detail how to disable them, but it's pretty straight forward.

First, go into settings -> Security&Location and then open Device Administrators

You should see two in there, one for Blackberry Launcher and one for Find My phone/Device. Uncheck the Find My Phone admin.

This will now allow us to disable Google Services.

Go back into Settings and then to Apps & Notifications. Scroll to the bottom and click >See All Apps

Now in the top right you'll see the 3 dot menu. Click that and select Show System.

Next, start typing Google into the physical keyboard to show all the Google Apps.

Start disabling them one by one.

Disable everything except Google Calendar Sync and Contact Sync. If you disable those, it seems to prevent BB calendar and contacts from accessing them.

In addition to disabling them all, I like to go into each and turn off their user controllable permissions, clear their data and then hit Force Stop for good measure.

After that, Go back to the Apps & Notifications level and open up Special Access and then select Usage access.

Again, make sure to select Show system and then remove access to all google apps and the blackberry diagnostics app.


Once you've done all of that, you can disable more apps which can't be disabled as described above by using ADB as outlined here:

https://forums.crackberry.com/blackb...ethod-1168996/

Cheers

[bblinky]

So, I have been trying to do it the HC way by uninstalling the apps but f.eks when I try to remove daydreams I get errors, have not tried others yet...

Key2 (BBF100-1) btw

[chetmanley]

So, I have been trying to do it the HC way by uninstalling the apps but f.eks when I try to remove daydreams I get errors, have not tried others yet...

Key2 (BBF100-1) btw

The uninstall command only works on the Priv, it doesn't work on the Keyone or 2. Instead you need to use the disable command.

adb shell pm disable-user --user 0 [package name]

[bblinky]

Yeah, that's also what I found out by now Disabled it all except GPS (since I think GPS is still too annoying not to have)...

I still keep getting a notification that tells me to enable google play services, and it's quite insisting all the time! Do you have any idea which app that comes from?

[chetmanley]

Yeah, that's also what I found out by now Disabled it all except GPS (since I think GPS is still too annoying not to have)...

I still keep getting a notification that tells me to enable google play services, and it's quite insisting all the time! Do you have any idea which app that comes from?

You can turn that off by pulling down the notifications shade where you will find the Play Services Required notification. To change the settings on this particular notification and to see what is causing it, then just slowly swipe that notification to the left about 1 cm or so, this will reveal a Settngs Cog icon to the right of the notification which you can open.

Turn off the notifications associated with that app.

It is likely coming from Google Maps, Photos, or Youtube or any other Google app that hasn't been disabled or uninstalled.

[bblinky]

You can turn that off by pulling down the notifications shade where you will find the Play Services Required notification. To change the settings on this particular notification and to see what is causing it, then just slowly swipe that notification to the left about 1 cm or so, this will reveal a Settngs Cog icon to the right of the notification which you can open.

Turn off the notifications associated with that app.

It is likely coming from Google Maps, Photos, or Youtube or any other Google app that hasn't been disabled or uninstalled.

Thanks! Found it, they called it messages and made the icon look like it has something to do with txt msgs (go figure): com.google.android.apps.messaging

[JHBrandt]

Thanks! Found it, they called it messages and made the icon look like it has something to do with txt msgs (go figure): com.google.android.apps.messaging

Messages is Google's SMS app. It's built-in but you've probably replaced it with a better SMS app already (if not, try Signal, Textra, or Yaata) so you no longer need it.

[Invictus0]

Disable everything except Google Calendar Sync and Contact Sync. If you disable those, it seems to prevent BB calendar and contacts from accessing them.

I was able to disable Google Contact Sync on my Nokia 6 and Galaxy S10 and Hub+ seems to sync contacts just fine to an Outlook.com/Exchange ActiveSync account. If you're also syncing to Outlook, make sure your device hasn't been Quarantined via the web client.

As an aside, it doesn't seem like this will be a problem for any BlackBerry branded device but with Android 10 it's getting harder to "de-Google". Now that the Play Store is being used for security updates you're essentially opening the device up to vulnerabilities by disabling apps like Google Play Services.

On the other hand, Android 10 also seems to give Play Services permanent access to the Physical activity permission...

[hatchaholic]

it doesn't seem like this will be a problem for any BlackBerry branded device but with Android 10 it's getting harder to "de-Google". Now that the Play Store is being used for security updates you're essentially opening the device up to vulnerabilities by disabling apps like Google Play Services.

On the other hand, Android 10 also seems to give Play Services permanent access to the Physical activity permission...

This is what I look for in a phone to eventually replace my Motion. Almost no mention of this concern is mentioned in the "What phone after Motion" thread. I do see how things are much easier if you let Goo in as your lord and savior.

[Grungni]

Messages is Google's SMS app. It's built-in but you've probably replaced it with a better SMS app already (if not, try Signal, Textra, or Yaata) so you no longer need it.

I use SMS organiser from Microsoft its a good messaging app too... Also used Pulse which I thought was also pretty good...

[nevilleadaniels]

Why buy BBAndroid device if you're going not use Google Play Store? You have no idea what some other app store puts on their site.

Why not just load virus and Trojan horse apps directly on to your phone?

Google play store is well known for five eyes spyware

[conite]

Google play store is well known for five eyes spyware

So, use 1mobile and aptoid instead? Lol.

If you're looking for complete immunity from state-level surveillance, then crawl into a deep cave.

[Chuck Finley69]

Since I live in 5 eyes land, I'm OK with that

Posted via CB10