[Q] sync office files to encrypted folder? - Android Q&A, Help & Troubleshooting

I work for an IT firm, and often when we go onsite we end up having to retrieve user passwords for various reasons. Right now our options are to:
A) Print out the site's password sheet and take it with us
B) RDP back to our company network and lookup each password as needed
The first solution is rife with security concerns, while the second is a pain in the butt.
What I would like to do is set up a background wifi sync at the office with my android tablet, so every time I leave the building I automagically have up-to-date files with me. But also store them in an encrypted folder or format, so if the tablet gets lost we don't have to reset many hundreds of client passwords. I am not at all opposed to buying an app, or more than one if this can be accomplished in a convenient and secure way. Any ideas?

Dropbox? Preferably combined with storing the passwords in an encrytped database such as keepass?
Really, you want confirmed sign off from your management here. ****ing up with a customer password database (say you lost your phone) is a Career Limiting Move.
Sent from my GT-I9100 using Tapatalk

Related

[APP] FBReader "Sync" App - FBSync v1.0.26 (Beta)

Hello all!
Recently I've started using two seperate Android devices to read books
using FBReaderJ for Android, a NookColor, and my phone, a Sprint EVO
3D. Very quickly, I ran into a problem. I read the same books on both
devices, so I ended up spending a lot of time looking for my place
whenever I switched devices (I used the NC at home, and my phone
everywhere else).
I imagine that this must be a problem quite a few people are having,
or will be having as android devices become more popular.
So, I wrote an android app to synchronize my place in each book
between the two devices.
App Name: FBSync
Current Version: v1.0.26
Revision History:
1.0.26 - Removed Auto-Sync feature (hopefully just temporarily. I want to get this working, but the FBReader API just doesn't provide enough functionality to get it working smoothly). Removed syncing of "recent" books (It caused more trouble than it was worth, sorry, you will have to manually open your book if you changed books on another device). Added a "Sync" item to the FBReader menu that pulls up FBSync.
1.0.24 - Updated Dropbox support to use latest Dropbox API. Fixed Auto-Sync feature to properly sync new book positions (broken due to a change in FBReader). Due to limitations in FBReader, the Auto-Sync feature is still rather rough.
1.0.23 - Added a Dropbox support for your book position data, an Auto-Sync feature that makes use of the FBReader API, and (in theory) the program has been translated into Russian (thanks Dmitry!). If you have set up your own synchronization server, you will need to update the PHP files to the files in the attached sync.zip
1.0.19 - Fixed another bug that affected Honeycomb devices. Confirmed working on an Acer Iconia A500.
1.0.18 - Fixed a bug that affected Honeycomb devices (I hope!)
1.0.17 - Added "Alternate Sync URL" functionality for those people who want to set up their own sync server instead of using mine. See below for more instructions.
Requirements:
1) Root. Your devices must be rooted. This application only uses
root for two things. First, it uses root to get access to the
FBReaderJ books database, and second, it uses root to kill the
FBReaderJ process before it syncs the data (it has to kill the process
to force FBReader to reload the database).
2) FBReaderJ must be installed on the device (you will be prompted to
install it if you haven't already when you load my app)
3) You must have already opened FBReaderJ at least once, and viewed
it's library (Menu button, "Library"). This creates the databases
that my application needs.
Download:
An older version is available on Google Play, but the latest version can always be found at the bottom of this post.
Instructions for Use:
As of v1.0.23, you have the option of either syncing book positions to my web server, or to Dropbox. If you choose to use Dropbox, it will create a single file on your Dropbox account (under \FBSync) that contains the book position data.
If you desire to sync the book positions to my web server, you can also enable a new, experimental "Auto-Sync" feature that syncs your position whenever you open or close FBReader (or a book in FBReader). This functionality only works when using my web server, it does not currently work with Dropbox.
The auto-sync feature make use of FBReader's API and makes FBSync work as a plug-in for FBReader. Unfortunately the API does not contain all of the features needed to completely remove the root requirement for FBSync.
If you are going to use my web server to sync:
After you install it, go into the settings (blue icon, or menu/
settings), and enter an email (doesn't have to be an email, any unique
string will work) and numeric pin # (this isn't secure, so don't use a
pin you care about). The email/pin is just to uniquely identify you.
You should use the same email/pin on each device.​
On the same screen, you can choose to sync the actual book files to Dropbox. Since your Dropbox account is used, only your account can access the books, if
you choose to sync them. It only uploads/downloads the books when it
needs them, so it may take a while the first time you sync, but after
that it shouldn't take more than a minute MAX (my typical sync times
for 90 books is about 5-10 seconds)
Click the middle, orange icon, to begin the sync process.
If this is the first time you've synced since selecting the "Enable Dropbox" setting, you will be prompted to allow FBSync access to your dropbox account.
The sync process first uploads, then downloads. It only updates the book's "place" on the web (or Dropbox) if it's farther ahead than the web's "place" for the book.
If you are using the Auto-Sync function, the above statement is not true. It always saves the exact position of your book upon closure of FbReader or closing the book.
Miscellaneous Info:
This program is still in beta. I have used and tested it extensively,
but I'm not liable if you manage to break it somehow. Since it does
alter the data in FBReader's databases (it does not, and never will,
alter the database structures), it is possible, but very unlikely,
that it could lose your book's places. I would suggest that you back
up FBReaderJ using something like Titanium Backup before you start
using FBSync, just to be on the safe side.
The synchronized book position data is currently hosted on my personal web server, or your Dropbox account (as of v1.0.23). Your book files are only stored on your Dropbox account.
UPDATE: As of v1.0.17, I added the ability to define your own "Sync Server". Here's how to use it:
In the Settings (Menu, Settings), there is a new option "Alternate Sync URL" where you can enter your own URL. Leave it blank if you want to use my server.
If you want to use your own, you will need the file attached to this post. I wouldn't recommend trying to set up your own server unless you are pretty comfortable with web servers, php, and mySql.
Sync.zip contains a .SQL script, and several .PHP files that are required to set up your own sync server.
The primary thing that you need to set up your own Sync server is a HTTP Web server that supports mySql and PHP.
On your server, create a new mySql database (name doesn't matter, just make sure there's a user attached to it that has insert/update/delete rights), then run the sql code in the sync.sql to create the two tables that are needed.
Edit the common.php file and replace the '' values in this block:
Code:
$dbhost = 'localhost';
$dbuser = ''; // Fill out the database user name here
$dbpass = ''; // Fill out the database user password here
$dbname = ''; // Fill out the database name here
with the correct values for your server. $dbhost can probably remain 'localhost'.
Then create a directory on your web server that is accessible from your devices, and put the 5 PHP files into it.
Launch FBSync, hit Menu, Settings, click the "Alternate Sync URL", and type in the URL that points to the directory you put those PHP files in (ex; http://sync.splitmatrix.net/alternate_sync ). You must start it with http://, and it should not end in a /.
After you enter the URL, save out of it, back out to the main FBSync window, and click the Sync button. If you set up everything correctly, it should sync to your server now instead of mine.
Please let me know of any issues you find, or any improvements you
want.
Thanks,
Scott
6/27/2012 Edit - Updated Sync.zip to remove some buggy code from addbook.php
Hi Scott,
I only have 1 device right now, so no need for sync, but I would be interested in how you can read your BN books with FBRreader. I have installed FBReader, but don't know how to read the books with it.
Also, I installed the dolphin web browser and clicked on a few epub links but nothing happens, is there a way to get it to bring up those files in FBRreader?
droidly said:
Hi Scott,
I only have 1 device right now, so no need for sync, but I would be interested in how you can read your BN books with FBRreader. I have installed FBReader, but don't know how to read the books with it.
Also, I installed the dolphin web browser and clicked on a few epub links but nothing happens, is there a way to get it to bring up those files in FBRreader?
Click to expand...
Click to collapse
I haven't actually purchased any books from B&N, but assuming the books you purchased are DRM free, you should be able to just move them into the \sdcard\books directory, and they should appear in the FbReader library. I believe, by default, the B&N books go into the internal storage, in the B&N Downloads\Books directory. Use a file manager like estrong's, astro's, or root explorer to copy them.
Via your web browser, save the epub books to \sdcard\books (or move them there after they download), and they'll show up. I don't believe that you can associate any book reader with epub files, I don't think android supports that. You have to open the book with the app, not the app with the book.
Scott
I use FBReader on multiple devices and would be extremely interested in such an app!
Thanks for your interest in my syncing app.
One pretty major requirement for this app is that your devices have to be rooted. Android doesn't like one app accessing another app's data, so the only way I could do it was to use root privileges.
It's still in beta, but you can download a copy of it at:
http://sync.splitmatrix.net/apk/fbsync.apk
Currently v1.0.9.
After you install it, go into the settings (blue icon, or menu/settings), and enter an email (doesn't have to be an email, any unique string will work) and numeric pin # (this isn't secure, so don't use a pin you care about). The email/pin is just to uniquely identify you. You should use the same email/pin on each device.
On the same screen, you can choose to sync the actual book files as well as their positions. It only uploads/downloads the books when it needs them, so it may take a while the first time you sync, but after that it shouldn't take more than a minute MAX, my typical sync times for 90 books is about 5-10 seconds.
Obviously you should have Fbreader already installed, and you need to have ran it, and gone into the library (menu/library) at least once (this creates the fbreader app database).
Click the middle, orange icon, to begin the sync process. It first uploads, then downloads. It only updates the book's "place" on the web if it's farther ahead than the web's "place" for the book.
Please let me know of any issues you find, or any improvements you want.
Thanks,
Scott
Cool
I just tested and it does work as stated. One question though, where is it uploading the data too?
Personal website, sync.splitmatrix.net. if the app takes off, i'll figure out something more secure and permanent.
Scott
Interesting. I'll try it out. Thank you!
One thing to think about however, especially if you open this up to general usage, is that by uploading/downloading the book file itself rather than just the current read-to position, you could potentially run into copyright issues. There is reason to believe that this could fall under Fair Use, but past rulings on similar commercial services for other media have been inconclusive. That may be a can of worms you don't want to open.
I am not a lawyer, but I do play one on web forums.
One thing I would try would be saving it on Google's servers through IMAP or something like SMS Backup does. Then no need to have to pay for a server. Don't know if it is at all possible but just thought I would see how you liked it.
RoboRay said:
Interesting. I'll try it out. Thank you!
One thing to think about however, especially if you open this up to general usage, is that by uploading/downloading the book file itself rather than just the current read-to position, you could potentially run into copyright issues. There is reason to believe that this could fall under Fair Use, but past rulings on similar commercial services for other media have been inconclusive. That may be a can of worms you don't want to open.
I am not a lawyer, but I do play one on web forums.
Click to expand...
Click to collapse
Yes, this is something I'm aware of. Not sure what I'm going to do about it yet. That's why it's a setting
Scott
qwerty017 said:
One thing I would try would be saving it on Google's servers through IMAP or something like SMS Backup does. Then no need to have to pay for a server. Don't know if it is at all possible but just thought I would see how you liked it.
Click to expand...
Click to collapse
The server it's currently on is hosted by a friend of mine for free, so I'm not concerned about it at the moment. If thousands of people end up using this, then obviously I'll have to make some changes.
Scott
I wonder if there's a way to store and retrieve the sync data with each user's Dropbox or something...
RoboRay said:
I wonder if there's a way to store and retrieve the sync data with each user's Dropbox or something...
Click to expand...
Click to collapse
I'd imagine that there is a way to do this, since programs like Titanium Backup support a dropbox interface.
If enough people think this would be a good feature to add, I can definitely look into it.
Scott
I'm just thinking that using each person's Dropbox would get you off the hook for not only server space and bandwidth, but also any potential copyright liability for book copies made by users synchronizing their files.
Valid points. I'll do some digging and see what it will take to implement the dropbox API in this app..
Thanks,
Scott
Edit: Updated first post with useful information - added download link.
Updated to v1.0.10 to fix a problem when used with the latest FBReader beta. Same URL as before:
Edit: Download the app off the market
Thanks,
Scott
This is a great app this is the missing link in fbreader. I hope you continue to support and enhance it.
Now that my archos tablet is rooted i can really enjoy it. I used to read my books on my phone and occasionally I still do.
Thx for the great work.
This looks like a dang good app. Since getting my nc i've quit using my evo for reading. This sync will bring joy back to my bathroom bbreaks at work!
Thanks for your kind words!
Since the last time I posted to this thread, I've added a dropbox interface to the program, and posted it to the Market (for Free of course!), so if you've downloaded the APK from the web, please re-install it from the market for the latest and greatest version.
Thanks again,
Scott
Oh, great! I'm checking out the Dropbox syncing now.
Edit: Works great!
If I may make another suggestion, you should post about your app at the MobileRead forum. I think you'll pick up a lot of users there.
Also, I know that the Android version of FBReader is different from the PC versions, but syncing with the Linux and Windows versions would be the icing on the cake. MobileRead might be a good place to find others wanting to help develop that capability

[Q] Help with Exchange email

Hey guys-
I had been using TouchDown Exchange to access my work email. When I first got android I asked my IT department if they could set it up for me but they replied that they "don't support Android, and because there are so many different android phones, they probably wouldn't ever support". Anyways, I found I could use the web-exchange server (http://xxx.xxxxxxxx.com/exchange/) as my domain on the android app and it would end up sync'ing my email to my phone.
I guess they eventually found out I was doing this somehow and they blocked it. They do support the iPhone, though, and through a coworker I was able to get the server and domain that they use.
Is there anyway I can trick the server into thinking I'm using an iPhone so it will allow me to connect and sync? I tried using the "ActiveSync Device String" and setting it to "iPhone" before connecting to the server, but that didn't work. I don't know much about exchange servers if you couldn't tell, but is there a way they can authorize only certain users to connect? Could I potentially borrow my girlfriends iphone, have them set it up on her device, and then once I get the login permissions, switch the info over to my fascinate?
Sorry to any IT administrators out there, I bet this post will annoy you haha. I just want to have email on my phone because I hate walking into work in the morning and getting blindsided by an email that was sent to me at 2am.
Thanks in advance for your help guys.
Our IT department also has a "no android" policy but I figured out that if I left the Domain blank and used the Webmail url as the Exchange server address everything would sync perfectly. I started out using Touchdown but dropped it for the stock email client.
They specifically denied your phone from syncing via ActiveSync? Even with Touchdown, which more fully supports the ActiveSync protocol than even the iPhone? Sounds like your IT guys are morons. I can fully understand not wanting to support Android phones because of all the variances. I know, because I work for an ASP hosting company that does just that. But really, if they wont support Touchdown, they're just shooting themselves in the foot, because that app will work the sane no matter what Android phone it's installed on, meaning you will have a standardized mail platform for Android that supports any and all necessary security features, including full encryption of the local mail database and any data it stores on the SD card.
I don't know if you'll get anywhere with it, but I would recommend showing the the feature list for Touchdown, including the security features, and ask them to support that one app. If you make the case that they only need to support one app for any Android phone, they should be willing to work with you on that.
Besides, every serious corporate user should be using Touchdown anyway. The stock mail client, no matter what Android phone you have, is lacking some of the most basic features, is buggy,and is essentially useless. And if days encryption is required, you're out of luck with the stock clients. Exchange syncing is really an afterthought by Google, and until they make enterprise features and data security a primary focus, things wont get any better.
Sent from XDA Premium on my Super Clean Fascinate
Oh, and btw, I'm not an expert on the matter, but I know that mobile device syncing can be disabled on a per-user basis. What I'm not sure about is if it can actually allow only certain devices to connect or not.
Sent from XDA Premium on my Super Clean Fascinate

[Q] Stock Email passwords still stored in clear text.

I realize that this has been an 'issue' for a while now, but I would like to know if there are any new ways secure and use stock email client with Exchange ActiveSync and not have credentials stored in clear text on the device. The same goes for IMAP and POP accounts using the app.
Yes, this is really only an issue on rooted devices, Google's official answer is to enable Device Encryption and that there are other email clients out there that handle credentials better. I personally switched to Touchdown, but would rather use the stock client.
I am trying to come up with a MDM solution for my company and really don't want to have to block devices if I don't have to. But as it stands my only options are have the user buy a 3rd party email client, force encryption and/or block rooted / jailbroken devices or use Citrix and OWA. I've spent a couple days researching this and haven't come up with anything promising that puts a smile on my face.
Any other Exchange Admins out there? How have you dealt with this?
For those who were not aware of your network username, password and domain being stored in clear text. Using Sql Lite open the Email app, Open EmailProvider.db and select HostAuth. Within you will find your connection info staring back at you, clear as day.
Android Issue Log:
https://code.google.com/p/android/issues/detail?id=10809
Google's Response:
https://code.google.com/p/android/issues/detail?id=10809#c128

[Q] any way to retreive the facebook-id

Hi there,
my question might seem to be a little odd, so I will explain the reason first...
in my university lab 6 of our android devices (and an iphone 5) got stolen. the thief might have sold the devices, I'm not really sure. anyhow - one of the devices still had our lab-gmail-account logged in so i could install androidlost and get at leas some control over one of our stolen nexus 7.
I was able to get gps coordinates, the WiFi name + IP address as well as some pictures of the person that has the device right not. unfortunately the police told me that gps wouldn't help, as there are possibly 150 persons in the street where the device is, that have the potential to be criminal...getting the owner of the connection via IP is also not likely, because a judge needs to approve the locating via ISP and before that happens, the telecommunications company will have deleted the data -.- I've seen they added a new gmail account after I changed our password. but it's just something like "[email protected]", so nothing that tells me the name.
with androidlost I can also start a web-server and browse the sdcard of the device. unfortunately the device is not rootet, so I can't browse to /data/data to gather more information.
so (finally ) here is my question:
is there any app that saves it's data to the sdcard which uses the facebook ID?
I mean in any logfile or something...maybe an app that automatically starts at boot, so i can be sure the app leaves it's trace on the sdcard.
I can still install apps via play store and if i could retreive the facebook ID in any way, there would still be a chance to catch the thief...
I'm also open for other creative ideas to retreive the identity...
EDIT: before anyone gets me wrong - I don't want the password or login to the account - all I need is the facebook ID (or name...) so I might find out the real name and give it to the police...

Need to lock Genymotion SaaS appliance to run only 1 app in restricted user by default and prevent install 3rd party apps and access to settings

I need to run an app in Genymotion that is used for data entry and upload of the entered data into 3rd party sites. The logins to 3rd party sites are stored in this application (probably encrypted). The application will store multiple logins for my different customers of who need to have the data uploaded into the 3rd party sites. The data into the app will then be entered by other people to whom I outsource the data entry.
So I created Genymotion appliance, installed the app and in this application I entered logins for sites such as ebay. I am looking for suggestions on what can I do to secure the appliance to prevent the data being copied out from it.
I want to prevent the person to whom I outsource data entry to be able to install and load 3rd party other apps, modify system settings, install other apps, copy the system directory, copy the login and password information saved by the application.
Let's assume the worst possible case here when application is well written but the passwords mentioned above (for the ecommerce sites like ebay) is saved in plain text in this application in the internal application directory. What I know about the application is it doesn't support access to SD Card, only can read and write data to the internal memory.
What can I do in Gennymotion to improve the security of my appliance. Genymotion virtual machines are rooted. So I looked at following suggestions:
1. Setup restricted user on Android
2. Set restriction for the restricted user to only be able to use the one application. Disable anything else (including disabled browser, email, youtube etc..)
3. Try to get the restricted user loading on boot of Android. When Android restarts, however, it doesn't allow choice to login into the restricted user or the admin user, sort of like a Windows or MacOS login menu. To get the appliance to always start with restricted user by default, I need to add a script and the scripted will need to start using Tasker or MacroDroid.
However, how do I prevent the user from installing 3rd party apps? Is it good enough to disable all user apps (except that one used for data entry) from the restricted user? Is there any other way the user could abuse the access to the virtual appliance and load something there? Are there any system android apps I need to disable for the restricted user to prevent the user to be able to do anything bad with it?
The application used for data entry can not download any application or data, however, I believe it does use the webview because it loads sites like ebay and fills the forms on those sites. It only interacts with select websites only like Ebay to enter data into Ebay forms..
Is there anything I can do to secure Genymotion appliance any other than what I already mentioned. I would like to send the link to the Genymotion SaaS Android to people who will do data entry for me into Ebay and other sites. So I need to make sure the virtual appliance is secured as much as possible from tinkering with it. I need to make sure somebody doesn't get hand on the stored login details.
Just to clarify for the login credentials:
I am not sure how the user credentials are stored and I will find it out, however, for now, I go from the worst case scenario when the credentials are stored in plain text in the app settings. The user name and password is stored in the application with exception for Ebay because the many other sites do not have API key or any webservices interface, so the application would access those sites simply via a webview, and when it goes to login there it will do that by filling in the login information on the login form (simulates keystrokes). The user name and password is entered into the login form for the site. That's why the login info is stored in the application itself.
This question is not about how to secure the specific application I will be using, but how to secure the actual whole Android appliance from tinkering with.
I am aware I will the risks here, just want to do as much due diligence as I can.
Sources for Genymotion restricted user..
How to set restricted user as default user on reboot?
We would like to have an already added restricted user account be the default when we restart our Samsung SM-T580 tablets. At current we have 2 accounts installed, Admin and User The User is a use...
android.stackexchange.com
Root access - Device image User Guide
docs.genymotion.com
Done some digging so this cannot be done. Neither Genymobile or Appetize or other online Android emulators can offer fine-tuning in terms of user access. The closest is Genymobile because at least allows adding and removing access of users to individual appliances. That is however not resolving the issue with Android and in particular rooted Android, since all online emulators run rooted Android and I am not sure how that is secured against potentially malicious actors who receive access link.
The only easy way to solve it, kind of in a mickey-mousy way is to install Kiosk mode application. That kiosk app will run at every boot and it only shows the specific application. There is always risk of course the malicious user would do something to crash the application and the Kiosk app, but if the application is not a web browser or email client or similar it should be relatively safe.
There are plenty of Kiosk mode apps for Android but none of them is free (don't try to look, no chance to find one), the cheapest cost about 7 USD one-time purchase, the more expensive ones cost 20 per month per device or more and come with remote control etc... Not cheap but kiosk mode apps are almost exlusively used by businesses so that's why there is lack of free apps.
Anyhow I believe this is the closest as I could get to deal with this.

Categories

Resources