Better Mobile App

[RFC] URL Fetch service

Have any of you app developers faced this situation: You have an app that needs to download data from the Internet, but don't want to add the Internet permission to your application, because it may deter some users from installing the app. Moreover, the data may be large and may need to be saved to the SD card, which requires yet another permission. You also need to ensure that a network is available currently, which means more permissions (WiFi state, etc).
Here's my proposed solution: A URL fetch service
This will be a simple app which accepts URL fetch requests from other applications and fetches them (HTTP GET) from the internet as a background service. Upon completion, the data can be returned to the application as a byte stream.
Since this is based on a callback, the network need not be currently available. The service will (optionally) queue the request and fetch whenever a network is available.
Another useful feature would be avoiding duplicate requests. For example, an app may want to fetch some data periodically, say every two hours. But if the network is not available for two days, then only one request should be made when the network becomes available, not 50! This could be done by letting the app assign a unique id to the request. Requests that have the same id will over-write other requests from the same app with the same id.
Logging and Filtering
From the user point of view, there is tremendous advantage in having a centralized URL Fetcher, because she will be able to Log the requests that go through it, and also filter some requests. For example, she could filter an app that she doesn't want to be updated (for whatever reason).
Distribution:
The app will be open-source and made available on all App markets and also as a direct APK download.
The only hurdle to this idea that I can see is that the app will have to be installed separately by the user. The problem will be reduced over time as more and more apps use this service. So the chances of the app being already present will increase. Also, custom ROMs might pre-package this app, so it will be present by default.
__________________________________
Your thoughts?
Update:
I have begun coding this up. You can follow / contribute here:
https://github.com/hrj/SafeNet/

Questions or Problems Should Not Be Posted in the Development Forum
Please Post in the Correct Forums
Moving to Q&A

For an app like that, you are not going to be able to not allow the internet permission. It needs it to fetch the URL (from the internet) so it has to use it... Unless you have a huge database of all URL's stored on your sd card .

Theonew said:
For an app like that, you are not going to be able to not allow the internet permission. It needs it to fetch the URL (from the internet) so it has to use it
Click to expand...
Click to collapse
Yes indeed. The fetch service app will have the Internet permission, and the read/write to SD card permission. The idea is to reduce the number of entities that the user has to trust.
And since the service app will be open-source, the user can compile her own version and install it. In that case, she doesn't even have to trust anyone else.
I have put up a tentative project and have some working code already in my local repository. If you would like to follow the progress or would like to contribute, here's the GitHub link:
https://github.com/hrj/SafeNet/
cheers!

h_r_j said:
the user can compile her own version and install it. In that case, she doesn't even have to trust anyone else.
Click to expand...
Click to collapse
Great. One thing... all the users of your app aren't only female...

Theonew said:
Great. One thing... all the users of your app aren't only female...
Click to expand...
Click to collapse
I guess you are right.. I didn't check thoroughly
But seriously, he / she / it doesn't really matter. I don't like typing "he or she" in every sentence. So, I just pick between those words randomly.

h_r_j said:
I guess you are right.. I didn't check thoroughly
But seriously, he / she / it doesn't really matter. I don't like typing "he or she" in every sentence. So, I just pick between those words randomly.
Click to expand...
Click to collapse
Just put "they" .

[Q] VPN server?

Hi,
Tomorrow my girlfriend leaves for China for a week, and she'll be missing the usual things, facebook, youtube and such. Is there a way I can set up a VPN server on my PC so she can get connected to my machine (in Hong Kong) and get proper uncensored traffic from China? Which app should she use to connect? She has a Galaxy Note.
I tried this before (with windows 7 default server), with not much success. I can try either Windows or Kubuntu for the server, whichever is easier to work with.
Could you guys give me a hand on this?
Thanks a lot!

Simply download UltraSurf aka UltraReach aka 无界 over at www .ultrareach. com/ for desktop use, this app is the best free one click way to breach the censorship. I use this app on daily basis here in China. On handset wise if your girl friend uses android devices, just browse the market and download "Verizon Opera", a browser based on Opera Mini 5 that Opera made for Verizon customers since it sends data directly to Verizon wireless servers which bypasses the government firewall. Its features are a little bit outdated, no in browser download support or flash or offline browsing, yet still itis the most simple solution on the go to visit blocked sites such as twitter, fb, cnn, bbc, deutschland world (dw.de), IRF, etc.
Sent from my Hero using xda premium

Ok, I'll definitely try that version of Opera, thank you for the information!
Regarding Ultrasurf, what's the difference with the (allegedly) newer UltraVPN? Both of these are desktop clients, but I believe she'll be taking only the phone this time. I thank you for the tip, as those seem to be free (first time I find a free VPN server, I'm a bit suspicious as why is that one free), but I'd like to find an equivalent for Android, if possible

Sibling products? To be very honest I'm not quite sure about the ultraVPN. The reason that ultrasurf is free of charge is word on the street says this app is sponsored by anti censorship groups and funds based in the US, with a sole purpose - to help netizen in mainland China breach the system. In other words it's not developed by any ordinary commercial firm.
Yes there are other solutions aside of ultrasurf, like Tor for Firefox, Google's own goagent (which has certain traffic limit for free users 1GB per day.), but non of which offers similar easy to use features as ultrasurf does.
The reason why most mainstream US vnp services are down in China is that those vnp providers have been blocked by Chinese government's GFW way beforehand.
Sent from my Hero using xda premium

Good to know. Thank you very much indeed!
For the phone thouhg, there's no other free alternative, right?
Thank you!

The goagent I mentioned before is a universal proxy solution on both desktop and handheld platforms. Follow a step by step tutorial which can be found by Googling, set up a free account for goagent on desktop. Then download GAEProxy from market to your android device, choose goagent type of proxy, configure it with the account you set before and you are hooked up. In this way all apps like native twitter, Facebook, linked in, browsers, YouTube client are with the mighty force of Google's proxy. But for instant and light web use, I still recommended Verizon Opera.
Sent from my Hero using xda premium

Are there any ROMs with ability to block app installs for administrative purposes?

Hello there,
Short story - Looking for a Custom ROM with the ability to control what applications can be installed on an Android device or preferably to ask for an administrator password prior to installing, much like in Administered desktop systems. This is to be used on a large number of company-owned tablets
Thank you for any help or suggestions
--------------------------------------------------------------------------------------
Long Story - The company i work for (a large travel & tour agency) is investigating the possibility of providing Tour Bus drivers with Android tablets, which will be used for filling out and submiting (via mobile data) a number of different types of forms
Since the tablets will be connected to the internet via 3G/4G, any downloaded apps will cause data charges by the ISP. This is a major issue as the Tour Bus fleet consists of over 300 vehicles and drivers
For this reason, we were trying to find an app which would control what a user installs on an android device, but from what we have researched, this level of control is not available for Apps, for security reasons (such as malware)
Custom firmware seems to be the only option, if such a firmware exists.
Thank you for any help or suggestions

No dont exist but you can configure the pasaword in google play settings
Sent from my GT-S5830 using XDA

Use password to block or secure those app that can download things
Eg: mail, market, browser, file explorer, USB storage.. etc...
PM me if you need more detail... already have an idea.
Accidentally sent from my Google Nexus S

Google Cloud Messaging

Anyone tried it ? What are the first impressions ?
http://developer.android.com/guide/google/gcm/index.html

pandata000 said:
Anyone tried it ? What are the first impressions ?
http://developer.android.com/guide/google/gcm/index.html
Click to expand...
Click to collapse
Why should anybody want this?

Well, it depends from the app, iOS has push notifications (which are almost the same), and this one will be good if you want to send messages to users app remotely - for example alerting them for event or something ....

pandata000 said:
Well, it depends from the app, iOS has push notifications (which are almost the same), and this one will be good if you want to send messages to users app remotely - for example alerting them for event or something ....
Click to expand...
Click to collapse
But you could have done this without google... push notifications do not require a server by google (however you need one, but that shouldn't be the problem these days)
iOS and Windows Phone both have an OS dependant push notification service. That's simple because you have (or had) no internet connection from background apps on those OSs - so the only way to reach an app is via push using apple/microsoft servers - android does not have this restriction - so why give your/your user's data to google?

MaR-V-iN said:
....... the only way to reach an app is via push using apple/microsoft servers - android does not have this restriction - so why give your/your user's data to google?
Click to expand...
Click to collapse
To avoid having background tasks and permanent connections that would degrade the performance of the device.
However, I don't feel that sending a push message that just tells the user that there's new stuff in the app hurts or discloses any private info. Even, thanks to Android, you could use the push notification to "awake" the app, then the app connects silently to your own server to get the info it needs, without google knowing, and closing the connection right after.

mocelet2000 said:
To avoid having background tasks and permanent connections that would degrade the performance of the device.
Click to expand...
Click to collapse
That's not correct - you just give away the background task / permanent connection to another application, it's still needed. Moreover, with using this "service" you force your users to have gapps installed (and currently also JB, as gcm is currently only available in the newest Google APIs)
mocelet2000 said:
However, I don't feel that sending a push message that just tells the user that there's new stuff in the app hurts or discloses any private info.
Click to expand...
Click to collapse
If its only a tickle to notify the app that there is sth to update its not a privacy problem. But gcm allows you to send 4k of payload - this could be a private or chat message. (google gives such an example: http://developer.android.com/guide/google/gcm/adv.html#payload )
mocelet2000 said:
Even, thanks to Android, you could use the push notification to "awake" the app,
Click to expand...
Click to collapse
That's right, but the question is if I - as a user for now - want this. Should the app developer (and Google!) be able to start apps on my phone to do things?
mocelet2000 said:
without google knowing
Click to expand...
Click to collapse
I'm not going to tell you that google will know about it - it's up to you to find this out.

I agree, being not universal is a problem. But I prefer just an open connection to a notification server than many connections and multiple background services that developers might have not optimized.
Regarding what Google knows or not, it actually has nothing to do with GCM

mocelet2000 said:
I agree, being not universal is a problem. But I prefer just an open connection to a notification server than many connections and multiple background services that developers might have not optimized.
Click to expand...
Click to collapse
GCM does not stop developers from doing **** with their background services.
You might be right, that one connection is better than many, however it is important to see, that most traffic on android devices today is with google servers - even if your mails are not there. All this traffic is not done with a single connection, but often many parallel connections. So google should optimize thier own things, else this is useless to me, as i do not need those google apps and i would have less connections with every other app using their own connection than with google apps installed.

Questions or Problems Should Not Be Posted in the Development Forum
Please Post in the Correct Forums & Read the Forum Rules
Thanks ✟
Moving to Q&A

MaR-V-iN said:
GCM does not stop developers from doing **** with their background services.
You might be right, that one connection is better than many, however it is important to see, that most traffic on android devices today is with google servers - even if your mails are not there. All this traffic is not done with a single connection, but often many parallel connections. So google should optimize thier own things, else this is useless to me, as i do not need those google apps and i would have less connections with every other app using their own connection than with google apps installed.
Click to expand...
Click to collapse
However GCM is just an additional option for developers, which itself is good. The C2DM was a poor try to make things done. I hope this time its better

pandata000 said:
However GCM is just an additional option for developers, which itself is good. The C2DM was a poor try to make things done. I hope this time its better
Click to expand...
Click to collapse
GCM is just an additional option for developers who want to make their apps incompatible with AOSP. However as there still are developers out there that do not know what AOSP is, they do not know that using GCM makes them incompatible. So GCM is not good at all, because it may be used "accidentally" by those developers.
So GCM is even worse than the pendants for iOS or WP, because there the push service is available for everyone.

MaR-V-iN said:
GCM is just an additional option for developers who want to make their apps incompatible with AOSP. However as there still are developers out there that do not know what AOSP is, they do not know that using GCM makes them incompatible. So GCM is not good at all, because it may be used "accidentally" by those developers.
So GCM is even worse than the pendants for iOS or WP, because there the push service is available for everyone.
Click to expand...
Click to collapse
Agree ! But without any other alternatives, it's still an option

pandata000 said:
Agree ! But without any other alternatives, it's still an option
Click to expand...
Click to collapse
There is an alternative: write your own stuff. A push server is not that complicated. As you propably already got a server (because i dont think you want to send GCM pings from your home ) you got all you need, to not use GCM.

Hello
Google Cloud Messaging apparently not working on my device. Reported by a web service (not from Google but using GCM). Why?
My Google account fully configured and all used services assigned and working.
Where's the problem??

This is used by a few big developers. In their own apps. One of the biggest being AOKP with their AOKP push app.
Wayne Tech Nexus

In new Cyanogenmod Google CloudMessaging been used. CM 10 encodes SMS and these SMS been send per Google Cloud Messaging. CM is Open Source so you can get tipps from there

"Work profile" (e.g. Shelter, Island) and Exchange Device Administrator permissions

"Work profile" (e.g. Shelter, Island) and Exchange Device Administrator permissions
Hi,
I've installed Shelter (also Island is an alternative app) which allowed me to install Microsoft Outlook and connect to my work email in a "shelter" (separate envionment for work). I read that this is based on "work profile" which is in the standard Android API. When I connected to the Exchange server from work, I had to allow Outlook to be "device administrator" and so the remote admin can remotely wipe my phone if he wants.
My question is: If I installed Outlook in a "work profile", can the remote admin still wipe my phone or the "work profile" isolates the app completely so it cannot affect my phone in any way?
Thanks!

epurehello said:
Hi,
I've installed Shelter (also Island is an alternative app) which allowed me to install Microsoft Outlook and connect to my work email in a "shelter" (separate envionment for work). I read that this is based on "work profile" which is in the standard Android API. When I connected to the Exchange server from work, I had to allow Outlook to be "device administrator" and so the remote admin can remotely wipe my phone if he wants.
My question is: If I installed Outlook in a "work profile", can the remote admin still wipe my phone or the "work profile" isolates the app completely so it cannot affect my phone in any way?
Thanks!
Click to expand...
Click to collapse
I believe it should only effect the work profile, but I have also heard of policy settings effecting the entire phone also.
In all honesty for the best and most accurate answer you should ask your employers IT department. They can tell you exactly what the remote wipe will effect since they are the ones who set up the policy.

scottusa2008 said:
I believe it should only effect the work profile, but I have also heard of policy settings effecting the entire phone also.
In all honesty for the best and most accurate answer you should ask your employers IT department. They can tell you exactly what the remote wipe will effect since they are the ones who set up the policy.
Click to expand...
Click to collapse
The IT department has nothing to do with this. This is a question about the work profile implemented in Android. Does it COMPLETELY isolate the app from the rest of the device (including device admin permissions), or not?

Looked a little more into this and wanted to re-edit my post.
Does shelter completely isolate the app (and device admin permissions) from the rest of the device?
No it does not. When looking at F-Droid shelter homepage it states that ut is not a full sandbox implementation. It also continues to list a few caveats to the app (below is a copy and paste).. Please note that I am not saying you may encounter these particular caveats, but because they exist (in conjunction with the shelter app not providing a full sandbox environment) it is not possible to say the shelter environment is completely isolated from the rest of the device.
*Security bugs of the Android system or Linux kernel
*Backdoors installed in your Android system (so please use an open-source ROM if you are concerned about this)
*Backdoors installed into the firmwares (no way to work around this)
*Any other bugs or limitations imposed by the Android system.
Click to expand...
Click to collapse
When it comes to the device wipe within the "shelter" environment I would be inclined to believe a selective wipe would possibly only effect the email client.. If they use a full wipe it is possible it may effect only just the work profile. In the end it what kind of wipe you could encounter really depends on what kind of device wipe the IT department has set the policy too.
Though take the words "possible" and "possibly only" to be implied very loosely here, it's not a simple cut and dry answer. This is because the shelter app is not a full sandbox environment so it is not possible to rule out that through some sort of backdoor or other android bug your device might be fully wiped.
Also "take with a grain of salt" and unrelated to the shelter app through personal experiences (and hearing discussions) I have seen (and heard of) devices also encountering a full wipe even with a work profile.
Why does the IT department of your employer have anything to do with this? Let me explain in a bit more detail, though you kinda gave the reason in the quoted text below:
epurehello said:
When I connected to the Exchange server from work, I had to allow Outlook to be "device administrator" and so the remote admin can remotely wipe my phone if he wants.
Click to expand...
Click to collapse
There are two kinds of device wipe policies... First is a selective wipe it would only remove the organizational data from the phone, so it would just effect the email client. Second is a full wipe that would remove all content from the phone.
Since your employers IT department is responsible for configuring and controlling the exchange server they know what the policy settings/effects are. Granted they can't tell exactly what would happen with respect to the shelter app, but they might have someone back there who has looked into it or might know something from experience or research.
So I don't say contact your employer's IT department with your question lightly or without reason, they can tell you exactly what the policy is and what it will do.

Just use exchained. It will stop the profiles from doing anything to your phone, yet allow you to connect to the servers just the same. Been using it for a year or more with no issues at all. It blocks all the silly profile crap they try to enforce. When the demanded a 6 digit password on the phones, that was what sent me over the top. Basicly it will ignore all the profile crap your company demands, but doesn't tell your company that it is ignoring them. Now they can't wipe your phone... since you never really gave them permission when you set up the account, but they will "think" you did....
https://play.google.com/store/apps/details?id=mobi.biko.exchained