Privacy and security of SailfishOS

Most Android apps are still written in java. That they compile to ‘native’ (dex?) code is clear, but I’d prefer a JVM approach (if it’s fast enough) to maintain portability. That, of course, doesn’t interest google and co. So, I know it doesn’t have a chance :wink:

The state of the art for me is old (2017) but this is about the state of my knowledge. … now I’m getting up to date with :

I installed F-Droid and tried to find the app permissions but I couldn’t.
If I go to Settings > Apps > Select F-Droid > and, I can choose the following options:
- Allow background service to start on bootup
- Clear Cache
- Clear data
- Force stop

I’m using an Xperia X, with SFOS

Is it possible to select the permissions to android apps like in the standard Android permission systems?

The X as well as Jolla1/C/Tablet use an older kernel and an older AlienDalvik implementation (4.1 / 4.4).
And there it was/is notpossible.
Only with newer devices (XA2, 10) and the newer AlienDalvik (>=8.1) this was made possible.

1 Like

OK, bad news. Thanks for your answer

For some time, System Monitor (ade’s fork) has been showing me short periodical spikes in Cellular network traffic when mobile data is turned off. It usually happens twice per 6-8 hours and it looks as if some very small portion of data was regularly sent somewhere.

Has someone else noticed this? Is this a bug in SysMon graph, a false positive caused by some other modem activity (e.g. switching bands at that time), or does SFOS really send out something once every couple of hours even if we switch mobile data off? I haven’t seen it before 4.5 update (but also several SysMon updates during that time).


Have you got VoLTe enabled?

I guess it’s possible that some of those are NTP requests.

Yes, but VoLTE works independently of the mobile data connection.

Might be. But shouldn’t they NOT work when the internet connection is off? If NTP could send (and/or receive) data despite our choice to turn internet connection off, then I’m afraid that anything else could do it, too…

1 Like

I’m afraid that someone fluent in Wireshark is needed to decode this.

This sounds odd and I couldn’t verify with current version of SystemMonitor 0.6-53. Also SystemDataScope by Rinigus does not show any spikes at network when phone(s) are in flight mode.

SysMon seems to take only a short sample of network traffic each 30 seconds, and if there’s no traffic at sampling time, it shows nothing. - edit: may be or not, but see below! - Just now I started SysMon and started surfing the net and reading a page that causes no network traffic while only open to read it. I scrolled and loaded a new page on this site from time to time. SysMon shows NO cell traffic while reading this page for 15 minutes!

edit: SysMon also shows no traffic while listening to internet radio (permanent traffic)! Neither with nor without VPN. So I suspect there’s a bug in SysMon.

I’ll give it a few more tests during the upcoming nights when I can leave the phone alone with mobile data disabled for some prolonged period of time. Let’s see if I can reproduce it.

1 Like

OK, so today I left the phone for some 6 hours with both mobile data and WLAN disabled. Additionally, I turned off 4G Calling and switched to 2G network only to exclude any possible VoLTE-related activities. Same result as before, two spikes. This time with shorter interval (about 1 hour, whereas previously it was about 2,5 hours). Well, I don’t know what to think about it.

1 Like

I never noticed any cell traffic when having e.g. WLAN enabled, not even the few bytes you are seeing. When you click on the graph, is it both received and transmitted data? And does enabling flight mode have any impact?

WLAN was disabled, too.

Yes, identical spikes as on the main graph and at the same time, for both sent and received data.

I can’t enable Flight mode (i.e. be unavailable) for longer periods of time (I look after an elderly person who may need to contact me). So I probably won’t test it.

It’s fine when you report in about something that might be an issue on your device, but not replying to additional information requests afterwards does not give the impression you actually want to spend time on this.

I don’t check OpenRepos so frequently, so please forgive me! I’m now busy with reinstalling SFOS on the Volla and will check and report after I’m ready with this. Thanks for reminding me.