Hello all,
As you can no doubt tell I'm new here so please be gentle. If there is a better location for this post please let me know. So my situation is that I am one of a few building on a system for work (a non-profit children's hospital). What we're attempting to do is replicate some of the functionality of commercial and often expensive in room entertainment systems using more inexpensive open source gear. As it stands we've purchased a few small Android TV type boxes and have had good success getting them to do all of the things we want (play games, movies, and television mainly).
My primary responsibility is surrounding what the ongoing maintenance and support of a system of these boxes installed in every patient room might look like. The current thought is to not put too much time into trying lock down the devices but instead build a system for wiping and re-initializing the boxes on patient discharge. I know I can configure the ADB connection daemon on the device to listen to the network instead of the USB port. There isn't any security around the connection but these devices will live on a separate dedicated network anyways. So assuming I know the device name and IP I should be able to issue ADB commands to it through a script which can be triggered on the patient discharge event in our systems. This would allow me to effectively issue a factory reset to the device which should get rid of any changes or content made by the last patient.
What I'm not so sure of is how I can get the device back to the exact state we want it to start out in for the next patient. I suspect that there is a way I can package a custom ROM with the settings/applications I would like configured and have that loaded onto the device as the factory image but I have no idea how to go about that and I haven't had much success searching for the solution. Most of the custom ROM building advice is lower level than I'm looking for and gets into actually compiling and building a true custom OS and to be frank that's probably a little bit past my skillset. I'm really only looking to get the stock OS (or a community ROM), a few applications and ideally even some system settings (name, network config, etc) baked in as a base image.
Any advice/suggestions would be greatly welcomed. Thank you.
Related
I did have a search on here, but didn't find anything particularly relevant so I'm hoping some people could help me out.
My situation is that I manage the deployment of Android Handsets and Tablets within my company. This process is fairly ad-hoc as in, I order a few handsets at a time, set them up with company software requirements + some desktop shortcuts, and ship them to the specific user.
My problem is that the quantity of devices I'm going to be deploying in the next 12 months will grow significantly, and this job is extremely boring, and costing me in time wasted on a repetitive task that could be much better spent on other things.
So I am looking for tools to help make this process more automated/quicker/simpler.
The crux of my requirements are:
a) install software packages (some from market, some not eg Lotus Notes Traveler)
b) Slight desktop customisations (add some app shortcuts, browser homepage etc) - realistically this is optional, but I thought I'd mention it.
Currently I take care of (a) with a homegrown python script which makes some adb calls.
(b) and (c) are entirely manual, and currently depend in part on the device going out - could be any of HTC Desire/Desire S/Sensation, Motorola Atrix/Defy+/Xoom or Samsung Galaxy Tab 10.1.
I also have to do this *after* having logged in, set up at least one google account + possibly a motoblur account, and enabled USB debugging - is it possible to get adb shell functionality without needing to get into the OS and enable USB Debugging?
Moving to higher level things, I'm open to the idea of paying for dedicated tools to manage this job - eg Google Apps Domain services, or some other Mobile Data Management service (eg silverback mdm).
However, what these tools are geared to is securing a fleet of devices, but don't seem to offer what I'm looking for, which I believe are pretty simple requirements. ie add some arbitrary apps, and make them accessible on the front screen of the device.
I can't imagine that I'm the first person to need to do this, so what are other people doing to ease the management burden?
Hello.
I am here seeking for help and advice on how to approach the development of a security framework (via APP or via hacked Android ROM to be used by kids, that could be monitored by adults (parents or legal tutors).
The idea would be to develop a (white hat) hacked ROM, that would allow the kids to communicate with their friends, but also would allow their parents to supervise/monitor in real time what their children are doing, who are they communicating with and that way protect their children. The thing is not to spy on our kids, but to be able to check regularly if there is anything wrong going on with our kids (mobbing, insults or harassment). Kids aged (10-14) could be influenced by other kids, adults, or adults simulating being kids, and on some occasions they can be tricked to do things without their parents consent/knowledge that can lead to a tricky situation.
When I was a kid, we had the telephone (wired telephone, of course) on the middle of the hallway, so all our conversations were basically family-public. The truth is that there are not many secret things a 10yo kid could/should talk about, but nowadays, it could be a little bit worrying to lend a smartphone to a kid. I think it's just as letting a kid drive a car; he can do it right, or not be able to evaluate the whole consequences of driving a car.
Talking to other parents around me, they all found very interesting the idea of having a telephone that one could lend to their son, having the kid available all the time, and with the peace of mind that you could know what's going on. Of course the kid should be aware of this, and that the telephone comms are being supervised. I think it's no big deal. "Kid, it's very simple. The telephone is mine, and if you want to use it you have to use it under my terms".
Probably, all of us working for a company, have also our communications supervised, cannot make personal phonecalls with the company's telephones, probably cannot navigate to webs looking for personal content, and we asume those rules (because neither the company's phones nor the computers are ours but our company's). It's basically the same, switching the company-employee role to a father-son one.
So, let's get to the point (technically). I am a tech-geek, linux pro-user, have compiled a few ROMs just for personal use, but don't feel capable enough of starting a project of these magnitude alone. If there is anyone willing to help, opine, or whatever, will be very welcome.
First of all, APP or ROM? I basically think that the ROM is the way to go, but I'm asking just in case someone can convince me on the contrary. I will make a poll on this question.
APP An APP could be easily downloaded and installed but would require a rooted phone, and I don't see it clearly if an APP could resolve all the needed issues (access to communications for example) and could be fairly easily uninstalled too.
ROM On the other hand, a ROM would be trickier to uninstall (basically flashing another ROM) but wouldn't be as easy to install as an APP (though the installer model of cyanogenmod could be kind of a solution). There could be an universal (if possible) independent flashable module, over whatever android ROM, or an entire ROM solution.
Features that I want to develop in this ROM (by the way, I call it 'Vigilante ROM'):
Suitable for as many devices as possible
Web interface for parents available to see device-related information
Some hack-proof measures to avoid kids bypassing the ROM's security
Alerts triggered on some events (offensive words, whatever)
Position of the mobile -just in case-
Suitable for as many devices as possible
The first thing I though was what platform should be used for this ROM. To select Android over others (iOS, Blackberry, W7) was a no-brainer. Now, the question is should we use pure Android or make a CyanogenMod fork?
In my opinion, even though every phone maker has to supply their ROM sources publicly, they usually introduce so many modifications (HTC Sense, Samsung Touchwizz and so on) that it looks more difficult to develop a common security framework over each manufacturer's version of Android, rather than using a more standardized one like CyanogenMod.
CyanogenMod already works with a wide number of devices (and a wider one if you count the unofficial supported devices), I think CyanogenMod should be the base of this ROM. If all the 'things' needed could be flash on top of any Android device, would be even better, but technically I need help with this one.
I understand that basically there should be an internal proxy setup, so that all the communications go through this internal proxy, and based on the kind of communication, we could log whatever we need. For example:
Visited URLs
Whatsapp or other messaging apps should be decrypted
Incoming/Outgoing calls/SMS
Social network activity
I know the Whatsapp protocol because I'm familiar with a project called WhatAPI. The key point to be able to intercept whatsapp messaging is a key generated and exchanged during the app install (although there are ways to later ask the Whatsapp server to renegotiate this keyword) and that's used later to encrypt all the messages between the phone and the whatsapp server.
Web interface for parents available to see device-related information
Behind every kid with a smartphone there should be a responsible adult supervising the kid -even if it's remotely-. In my idea, logs of messaging activity, incoming/outgoing calls/SMS and even the position should be available to the supervisor through a web interface.
Some hack-proof measures to avoid kids bypassing the ROM's security
That's an easy one. CRC checks on some keyfiles would guarantee that the device is not being 'counter-hacked'. Some kids are also very techie, and we should make some defences against kids trying to hack (counter-hack?) the phone.
Alerts triggered on some events (offensive words, whatever)
It could be interesting if somehow the supervisor could receive a notification whenever the kid sends/receives and offensive word, or tries to enter some special tagged website.
When I first saw Remix OS, I was ecstatic thinking of the possibilities for development, and now that it's come out on the Pixel C, this could be really innovative.
Imagine using Android Studio on my laptop and then pushing my in-development application to the Pixel C using ADB (Android Debug Bridge) over wire or wifi, and then an app window showing up to test my app, essentially replacing a real phone with an all in one Pixel C computer. The main reason why this was so ecstatic for me was because what I am testing on is now no longer a phone, but a computer, four very important and useful things open up for me to possibly experience:
I can resize my application easily on the tablet to test out any dimensions.
- We all know the emulator is a ***** in Android and even the thought of starting and restarting different emulator instances for different dimensions, or, god forbid spending hundreds of dollars on different android devices of different sizes just irks me to the core.
- Resizing would become as simple as a click, hold, and drag, just like browser development. An added bonus would be Jide giving a little toolbar above or below or to the side of these development applications to simulate different settings, such as Location, Network, whatever, and maybe even a resize button to select popular and customizable preset dimensions.
I can have multiple instances of my application to run at the same time, basically A/B test on myself.
- I don't know how you can manage this, but if you can, whatever the way it may be done, it would be marvelous.
- Imagine the power of being able to test multiple versions of an application side by side or even different applications side by side, one for each window of Android studio perhaps.
- Testing is one of the slowest factors of android development, but no matter how you put it, being able to run as many applications as I want to test would definitely speed up the process.
- Write a bit of code for idea one and start the test and let it run.
- Code up another idea to test.
- While the second one is getting ready for testing, you can test the first one.
- When the second one is ready, we can test them side by side to see which idea is better.
- It would be, again, simply marvelous, and the number of instances to test could be increased for even greater speed.
I can control it from my laptop.
- If you need to be told the gigantic advantages of being able to control your android device by simply moving your mouse over to the screen as if it was an extended display, then you must really not have any imagination.
- https://sites.google.com/site/droidskm/
- https://sourceforge.net/projects/synergyandroid/
- There are many tools out there to allow this kind of control, and all Jide really has to do is make it really easy for us to root the OS, maybe a button click in the developer tools, so we can install tools like the ones I mentioned above.
Remix OS could become where I test AND develop. If an android studio like tool were to be created for Remix OS, where all the previews and all the testing are just popups on the sides of the tool, then development would be even cooler.
- There would be no need for a native android device, no need to fumble back and forth, especially since Laptops or the Pixel C would probably have all the features of a modern phone, and thus act just like one in testing.
- Since all we're doing is launching another application on the native OS, there shouldn't be any annoying and overbearing emulator problems, nor lag or performance issues.
- I know this is a stretch, since a tool like Android Studio would be very hard to live up to, but even a simpler version would do, like sublime; Jide may even contract or partner up with IntelliJ to create such a tool or host of tools.
These four core points are marvelous, and for an android developer, Jide would become heaven. If Jide really does listen to the community, they would listen to this, because if they pushed forward with these ideas, their platform would grow a lot, easily becoming the number one platform for Android development, definitely garnering a lot of attention.
Oh, and please add a Linux console I can use.
Thank you.
Sincerely, an imaginative android/web developer.
- redDrill
On #2 you can sort of do that already by using different users
On #4 something like AIDE would be too simple I take it...
I'm not a developer but I have knowledge about Linux and how PCs in general work. Is there any book/course that explains how android works on a deeper level? I'm not interested in apps or user UIs, I want to know the deeper levels like how partitioning works, how the OS is loaded, why some bootloaders are locked by default, what a custom recovery is or what is the first thing to load when you power on your phone/tablet (do phones have a BIOS like PCs or anything equivalent?). Thanks in advance.
I'm also interested in this, but I think the answer is it's a bunch of undocumented proprietary baseband processor junk nobody will share for the boot, then the rest is basically a Linux distro made by 1000 monkeys on 1000 typewriters copy/pasting stuff provided by their hardware vendors together, and the components of that also probably have no documentation or incorrect documentation.
Just browsing through directory structures on a rooted phone there's so much unused and inaccessible junk like config files for really old versions of android, random vendor apks that aren't configured, and firmware for other processors strewn all over, sometimes multiple copies of the same structure, that it makes no sense. It looks like a bunch of vendors gave their support libraries to manufacturers with the intent they'd delete the unused parts and copy the used parts in, but the manufacturers don't understand how to do that so they just paste the same full directory structure several different places until it starts working.
If it made any sense, some people would just learn it and rooting new phones wouldn't be hard.
dan2525 said:
I'm not a developer but I have knowledge about Linux and how PCs in general work. Is there any book/course that explains how android works on a deeper level? I'm not interested in apps or user UIs, I want to know the deeper levels like how partitioning works, how the OS is loaded, why some bootloaders are locked by default, what a custom recovery is or what is the first thing to load when you power on your phone/tablet (do phones have a BIOS like PCs or anything equivalent?). Thanks in advance.
Click to expand...
Click to collapse
The rabbit hole goes as deep as you want it to. I have plenty of information to get you started. Happy digging!
*A general overview of the android boot process, thanks to the Lineage OS developers.
*An old, but good read on reverse engineering aboot.
*And a much more recent article on reverse engineering android. It gets very detailed in this one. It also goes into the low level processes of android. Like; What loads the bootloader? That kind of stuff. I think this is what you're after. Hope it helps.
About the bios question. The short answer is, "kind of". They have a very simple and proprietary one that's not easy to access. It also does not function in the same ways that a PC bios does. It's more like a motherboard programmer. It's hard to explain. The last article goes into some of that.
Spaceminer said:
The rabbit hole goes as deep as you want it to. I have plenty of information to get you started. Happy digging!
*A general overview of the android boot process, thanks to the Lineage OS developers.
*An old, but good read on reverse engineering aboot.
*And a much more recent article on reverse engineering android. It gets very detailed in this one. It also goes into the low level processes of android. Like; What loads the bootloader? That kind of stuff. I think this is what you're after. Hope it helps.
About the bios question. The short answer is, "kind of". They have a very simple and proprietary one that's not easy to access. It also does not function in the same ways that a PC bios does. It's more like a motherboard programmer. It's hard to explain. The last article goes into some of that.
Click to expand...
Click to collapse
Do you know if there is any tool that lists all the various initscripts and settings in use on a running system? I'd like to remove Google entirely from my phone, but there are so many firmwares and initscripts all over the place that I can't even figure out which ones are actually used to run the system. Half of the settings files, properties, and commands return 0 results or 3-4 useless results when searching for them on the internet.
ZHNN said:
Do you know if there is any tool that lists all the various initscripts and settings in use on a running system? I'd like to remove Google entirely from my phone, but there are so many firmwares and initscripts all over the place that I can't even figure out which ones are actually used to run the system. Half of the settings files, properties, and commands return 0 results or 3-4 useless results when searching for them on the internet.
Click to expand...
Click to collapse
The best way to remove google entirely is to flash a custom ROM or GSI if your device supports it. You really only need to look in system/app and system/priv-app for google stuff. Some phones use stock Google apps for things like the Calendar or MMS. So, to run google-less you may need to replace some system apps as well. Just a warning, even if you already know this. Removing certain apps, even google apps, may cause problems for normal operation. Definitely make a backup before deleting anything in the system.
ZHNN said:
Do you know if there is any tool that lists all the various initscripts and settings in use on a running system? I'd like to remove Google entirely from my phone, but there are so many firmwares and initscripts all over the place that I can't even figure out which ones are actually used to run the system. Half of the settings files, properties, and commands return 0 results or 3-4 useless results when searching for them on the internet.
Click to expand...
Click to collapse
I'm no expert but have been running lineageos 14.1 for some time now. It is a version of android 7.1 in which everything google has been removed. I use it with microG which replaces google play services.
You may wish to look into it instead of re-inventing the wheel.
I use it with a firewall (AFWall +), and Xprivacylua for additional privacy.
I'm a long time developer but brand new to Android, with my having past experience developing in Unix systems as well as a lot using Cygwin in Windows. I have a newly-installed App that seems popular called 'C Locker'. So far, I've just got the Free version because I'm trying it out to see if it does what I need. Unfortunately, it's now crashing with the Settings that I've enabled, and as a general developer, I'm interested in seeing if I can glean information from the Bugreport (or whatever else I can use...perhaps even gdb on the device itself?) to help me know what specific Settings might be the problem being that there are so many of them and I would prefer to gain some type of help from my phone in figuring out what the bad settings might be that I've enabled that are causing the problem rather than to spend all day flipping them around. I've already scanned through the Bugreport after uploading it to my computer, examining all of the references it makes in there to "com.ccs.lockscreen" with this apparently being the process name for the C-Locker program. I've seen indications in there where it indeed shows that it has crashed, but I couldn't yet discern if it is able to give me pointers as to what the cause of the crashes might have been. Is that possible to gain such information out of these Bugreport files? Or is there a way to run it directly in gdb on my device to perhaps see the stack at the time that it crashes, for which the names provided might help to discern what specifically it was trying but failing to do at the time? If it helps, as an intended future Android developer, I've already gotten Android SDK set up on my computer, although I haven't yet really used it much to speak of for anything. I also have adb working from my computer to the smartphone and even have rooted it using a rare method being that I have an older phone purchased years ago via Amazon that I didn't activate until about a month ago. (It's an LG G4 VS986 version 13B so I couldn't use the popular rooting method for version 11A but instead had to use the "Injection" method which took me FOREVER although I finally got it to work!) And just in case it helps perhaps even to bypass a direct answer to this question (although it will still of course be appreciated), my Settings within C Locker involve having set it to be a Device Admin and to bring it up as the first App upon Reboot as well as I've selected within the Root category to make it a System App as well as my then having Disabled ALL things that typically show on the screen (such as 9-1-1, camera, Etc). I had left it set to the default "Gesture" Unlock method, but whenever I bring up the App again and go into "Unlock Methods", it now immediately crashes each time (as well as upon Restarting the phone!). So this covers the majority of the most significant of the Settings that I've made on it so far to the best of my recollection. And I feel that if I could get some indications from the system as to what the specific errors may be when its crashing (or from a stack trace or whatever else), then it might help me to discern what specific Settings are creating the problem being that perhaps I just have an odd (rare) combination of Settings on it that I can tweak to get it working. My goal is to ultimately get a lockscreen App that I can use a Pattern type Unlock with that allows an UNLIMITED number of Failed Attempts (so that it won't ever Factory Reset my phone after the 10th or ANY number of failures!!!). I also--as mentioned above--don't want ANY shortcuts whatsoever being accessible BEFORE the phone is unlocked...not even 9-1-1. Anyway, so if there's a way to glean information from the Bugreport (or from whatever other methods available) to find the specific cause (involved errors) of this or any other App that's crashing that I do NOT have the source code for (being that I of course am not its developer) then it will be greatly appreciated to know how to best find this information. (And I promise that I've already searched extensively on Google but couldn't filter out its replies all being based on the idea that I'm the developer of the App that's crashing, with my even trying adding phrases such as "not my app" and "not the developer of" Etc to no avail...lol). Thanks.
By the way, if I shouldn't have combined the 'C Locker' Settings details into this post, then please just let me know because I'm new to posting here. Also, unfortunately, if I don't receive any help with this right away, then I'll be forced to start testing different Setting combinations anyway, which would then of course solve this problem but without knowing truly what exactly was causing the issue. Even if so, it will still be helpful in the long run with other potential App crashes to get the answer to this general question.
Unless not disabled by user, all runtime activities in Android are logged, so app crashes and their reason also. You can view this log by means of Android's logcat command-line tool or by means of a LogCat Viewer app. My POV: logcat is essential for determining what an app and the Android OS are doing while the app is running on a device.
BTW: Android's log can be filtered per package, too.
Thanks!
jwoegerbauer said:
Unless not disabled by user, all runtime activities in Android are logged, so app crashes and their reason also. You can view this log by means of Android's logcat command-line tool or by means of a LogCat Viewer app. My POV: logcat is essential for determining what an app and the Android OS are doing while the app is running on a device.
BTW: Android's log can be filtered per package, too.
Click to expand...
Click to collapse
Thank you, and since posting this, I've been learning more about Android Studio and have used it to actually see the stack trace within the "Android Monitor" pane there in order to find the instant reason why the/ANY (meaning 3rd party as well) App is crashing at the time! Thanks again for the help!