Does anyone have any information about the device encryption that the X2 offers? I recently traded my Thunderbolt for an X2 so I could have device level encryption. I'm just looking for links to information about it. I tried Motorola's website and I can't seem to find any support information about it.
My main concern is, if a device/sd card is encrypted, can a cellebrite machine access anything stored on it? Does it require the PIN number for USB access? Any information or links pertaining to this would be great.
Related
Hi,
I am about to assist in deploying a large amount of android device. The requirement is, that the devices (700+) need to be charged, configured and provisioned with the relevant applications for the end-users before delivery.
Device info:
Android 2.3.3
Samsung Galaxy SII
This is not windows mobile, so I am unsure if I can code/design a solution to avoid this enormous manual task.
Is it possible to code something for an sd-card that will be automatically triggered on insertion (as on WM)? This would then provision the device etc.
Is it possible to bypass the initial prompts - To my knowledge you will be prompted for entering the info for your google accounts?
If above is not possible, do I then need to create 700+ google accounts?
Hope someone can help
Brgds
It can also be via an active sync (ish) connection using a computer du provision the device?
A suggestion I received from another forum, was that I could: Make an update.zip for apps .Copy on SD card .Boot in recovery . Apply update.zip.
Would this be a feasible way to go?
odaugaard said:
A suggestion I received from another forum, was that I could: Make an update.zip for apps .Copy on SD card .Boot in recovery . Apply update.zip.
Would this be a feasible way to go?
Click to expand...
Click to collapse
We just deployed 100 EVO 4G's prior to the deployment we sent a mass email requesting the users create their own Google account and email us the info so we could setup their new phone with email and corporate email access. It took awhile to setup 100 android devices but it went smooth.
Sent from my PC36100 using Tapatalk
You can use SureMDM from 42Gears for mass provisioning, application deployment and password policy enforcement on Android devices, including smartphones and tablets.
It does not require Google accounts. Install the agent directly on the devices and then use the web-based console to perform all of the above actions from one place. For e.g. you can push an apk on hundreds of devices with a single click.
On non-rooted phones installation of .apks will prompt the user to continue the action.
Free trial is available on the website 42Gears dot com
Similar situation here and am fielding any suggestions or ideas if things have changed in the last several months regarding deployment.
Scenerio:
Deploying approx 200 Asus Transformers in an educational setting
Wish List:
Setup all units using the same Google account, populate static name on the lockscreen, install 3 specific apps on each and the ability to identify each one individually on the market for individual app install by an "administrator".
Currently we are doing each unit manually and then having to wait a few minutes for the Market to populate the new unit and then changing the nickname to the bldg/room number. If we don't wait for the Market to refresh for the new device they will all show as Asus Transformer TF101 and obviously we will not know which device to send specific apps to when they are requested.
There just has to be a better way! I checked out SureMDM and it has a lot of features that we really don't need and it doesn't appear to accomplish what we do need.
Any suggestions or comments would be greatly appreciated!
I know this is an old thread, but what about rooting and building a custom ROM for each unique device to let it do what you want? I'm thinking of doing something similar at the moment.
stephendt0 said:
I know this is an old thread, but what about rooting and building a custom ROM for each unique device to let it do what you want? I'm thinking of doing something similar at the moment.
Click to expand...
Click to collapse
Probably would work although Google now has a way to streamline deployment:
unfortunately I cannot post the direct link but goto developer dot android dot com/edu
So I recently read an article on the htcloggers.apk file.
Let's just say it scared the crap out of me.
I have an HTC Sensation, and had no clue that such an app ever existed on my phone, and how it could be abused. In short, the htcloggers.apk file allows a malicious app to access a variety of system information, including system log files. I only remember downloading one non-Play Store app around the time period that this existed, it was an app available on the Play Store but I got it from a different site, so I'm not sure if someone made it malicious. I'm not even sure what the app was, but I'm worried that it may have transmitted my information. What I'm most worried about, as seen by the title, is the log files, specifically the ones having to do with Dolphin Browser. I routinely access confidential information such as bank information on my phone, and also have logged in my credit card number on sites such as Amazon and Ebay. I know I'm probably overreacting here, but if someone were to get my log files could they ressurect the web pages I was on and take a look at information such as the website of the bank I use and confidential bushiness information accessed through the web browser? Could they get my credit card number through the browser? Many thanks, once again I know I'm probably overreacting but just gotta make sure.
Wanted to start a thread on this subject as I have yet to see anything regarding AfW anywhere in these threads.
Does anyone have any information on how the o/s will handle securely wrapping applications and how the o/s creates a second partition/perimeter that is secured from the personal side?
Google Android For Work if you haven't heard about it.
I'm wondering if a rooted device would be able to trick the MDM protected work perimeter to think it has a secure bootrom, recovery partition and valid o/s?
Anyone have a picture of what the filesystem difference looks like?
There's such little information on this, yet it was released with 5.0 lollipop and I'm sure if we reverse engineer the way it functions we could create our own pki enabled MDM open source solution. This would allow end users to freely use there phone without the fear of being snooped on by viruses, corporations for marketing purposes, etc. Overall an open source Mobile Iron solution is what I'm getting to.
Let me know what you guys think.
Hey guys,
what do you think about GrapheneOS? (https://grapheneos.org)
I think there are some disadvantages:
- only Pixel devices (because only these have some security "flags")
- no root access
- hardcoded Google domains
and some advantages:
- good hardware support
- hardenized aosp
- closed bootloader after flashing
Now I would like to discus about this ROM
I too would be interested to hear about anyones experience regarding this OS
johndoe118 said:
Hey guys,
what do you think about GrapheneOS? (https://grapheneos.org)
I think there are some disadvantages:
- only Pixel devices (because only these have some security "flags")
- no root access
- hardcoded Google domains
and some advantages:
- good hardware support
- hardenized aosp
- closed bootloader after flashing
Now I would like to discus about this ROM
Click to expand...
Click to collapse
I'm interested in this ROM too. I have a Pixel 3a. I haven't flashed it yet because I'm trying to find out what people's experiences are first. There doesn't seem to be a lot of posts about it. Did you ever flash it? Also, what do you mean by "hardcoded Google domains"?
Well, the captiveportal contacts the Google servers regularly when you connect to a WiFi. That was one reason why I lost interest in the ROM. The other was the limited device support and missing root access. I absolutely need access to the iptables. As a one-man show, the ROM can be adjusted at any time.
johndoe118 said:
Well, the captiveportal contacts the Google servers regularly when you connect to a WiFi.
Click to expand...
Click to collapse
Do you have some kind of reference for that? I'm using it now and would really like some proof to bring up in their subreddit as a WTF.
graphene seems great, no root does not
I don't want the bootloader locked.
I want Magisk extensions
I need root for LP _only_ to remove ads. Is there something like LP that allows (interactively) disabling app activities?
hardcoded google domains info from faq
https://grapheneos.org/faq#device-support
GrapheneOS leaves these set to the standard four URLs to blend into the crowd of billions of other Android devices with and without Google Mobile Services performing the same empty GET requests. For privacy reasons, it isn't desirable to stand out from the crowd and changing these URLs or even disabling the feature will likely reduce your privacy by giving your device a more unique fingerprint. GrapheneOS aims to appear like any other common mobile device on the network.
HTTPS: https://www.google.com/generate_204
HTTP: http://connectivitycheck.gstatic.com/generate_204
HTTP fallback: http://www.google.com/gen_204
HTTP other fallback: http://play.googleapis.com/generate_204
Click to expand...
Click to collapse
nay_ said:
hardcoded google domains info from faq
https://grapheneos.org/faq#device-support
Click to expand...
Click to collapse
Thanks, right from there
I have Graphene OS taimen-factory-2020.07.06.20.zip on my Pixel 2 XL.Under "System update settings" is "Check for updates" but nothing happens if I tap.Only the field becomes darker.Has someone experience with this?
Update with adb sideloading to 2020.08.03.22 works.
OTA update from 2020.08.03.22 to 2020.08.07.01 likewise.
I'm personally not a fan of these kinds of projects, they aren't really all that 'secure', you're still using proprietary vendor blobs and such
help please
Hello! In the description
I pointed out that you can change servers just not through the GUI.
Has anyone tried this?
```
Providing a toggle in the Settings app for using connectivitycheck.grapheneos.org as an alternative is planned. The option to blend into the crowd with the standard URLs is important and must remain supported for people who need to be able to blend in rather than getting the nice feeling that comes from using GrapheneOS servers. It's possible to use connectivitycheck.grapheneos.org already, but not via the GUI.
```
captive portal leak + location services data leak
Few points:
1. General idea is that privacy/security oriented OS (as graphene is advertised) should limit network activity as much as possible, and not ping google using captive portal service every few seconds providing perfect IP-based location to google
It is possible to switch it off, but should be off by default
2. Connections of android location services to get GPS constellations were shown before to send sim card imsi and connected cellular tower id to provider (qualcom/google):
"blog.wirelessmoves.com/2014/08/supl-reveals-my-identity-and-location-to-google.html"
Graphene still allows those connections (check their FAQ on website)
W/O root no way to switch this off. Even some devices ignore config files and still leak data (on the level of cellular modem most probably)
3. Android services make other weird connections. Example: AOSP dialler app is querying phone numbers against online database leaking all contacts to google. How was this taken care of in graphene? Are all AOSP services/apps security-verified to not leak any data?
w/o root no way to install afwall to block everything
Is graphene built-in firewall capable of blocking system services from network access?
I was a little bored and decided to mess with the no-java browser on a device i own. I created an frp environment to see if it could be hacked by communicating with my rooted Note 8. I haven't attempted to use termux to deliver an apk yet (my plan)... one that uses the sdcard to gain access internally.... leading to a disruption in such a way that it "breaks" the frp process. I am curious why a browser of any kind us even allowed.
Did you ever get past the FRP with this method? I've been racking my brain trying to think of a way to connect to an outside source with the NO-Java browser.