[Q] Restricted Kitkat profile & Google+ profile - Android Q&A, Help & Troubleshooting

Hi All
I have a problem with the Restricted Profile on Kitkat on my Nexus 7
I have been letting my kids play "Clash of Clans" on my N7, in my wisdom I created restricted profiles for them to play on. They are getting tablets for their Christmas and I want to migrate their games to their new tablets and here begins the problem
To migrate their accounts to the new devices I need to generate a Link Code in Clash of Clans.
To generate the link code I need to have a Google+ account linked to the profile.
The problem I have is that the Android restricted profiles are not able to have a Google+ profile connected to the account.
Have been trying to find out if it is possible to upgrade a restricted profile to a full profile, but this does not seem possible.
Alternatively some way to link a Google+ account to a restricted account, all seems not doable.
Anyone have any other suggestions for a work around on this problem?
Thanks
JohnB

sc00bs said:
Hi All
I have a problem with the Restricted Profile on Kitkat on my Nexus 7
I have been letting my kids play "Clash of Clans" on my N7, in my wisdom I created restricted profiles for them to play on. They are getting tablets for their Christmas and I want to migrate their games to their new tablets and here begins the problem
To migrate their accounts to the new devices I need to generate a Link Code in Clash of Clans.
To generate the link code I need to have a Google+ account linked to the profile.
The problem I have is that the Android restricted profiles are not able to have a Google+ profile connected to the account.
Have been trying to find out if it is possible to upgrade a restricted profile to a full profile, but this does not seem possible.
Alternatively some way to link a Google+ account to a restricted account, all seems not doable.
Anyone have any other suggestions for a work around on this problem?
Thanks
JohnB
Click to expand...
Click to collapse
I am fairly sure that it isn't possible to upgrade a restricted account.
but...
in my experience, Kids get over these inconveniences fairly quickly.

Have been thinking about this a bit more, and may have an idea as to how to solve this problem.
Does anyone know if it would be possible for me to copy the "Clash of Clans" data from the restricted profile to a full profile on the device that I could then link to a Google+ account and migrate over to the new device?
JohnB

sc00bs said:
Have been thinking about this a bit more, and may have an idea as to how to solve this problem.
Does anyone know if it would be possible for me to copy the "Clash of Clans" data from the restricted profile to a full profile on the device that I could then link to a Google+ account and migrate over to the new device?
JohnB
Click to expand...
Click to collapse
Sorry to resurrect an old thread, but I faced a similar dilemma yesterday, that I was able to solve. Root is obviously necessary, but it is possible to "upgrade" a restricted profile. In a nutshell, you need to modify the "/data/system/users/[nn].xml" file, and remove some files from "/data/system/users/[nn]/ folder, where [nn] corresponds to the numeric value of the restricted user.
So, if I remember correctly, this is what I did (I assume you have adb setup, and know your way around that):
Code:
adb pull /data/system/users/nn.xml
(replace "nn" with the right number for the user you want to modify; same for below)
Open the file you retrieved in a text editor like Notepad++, that won't mess with the line endings, and change
Code:
flags="24"
to
Code:
flags="16"
. Delete the contents of
Code:
<restrictions />
Save, and upload back to device:
Code:
adb push nn.xml /data/system/users/
Now delete some files from the user profile, related to restrictions:
Code:
adb shell
su (necessary if you don't see "#")
rm /data/system/users/nn/package-restrictions.xml
rm /data/system/users/nn/res_com.google.android.gms.xml
exit (twice, if you had to "su")
adb reboot
You should now be able to login as the user, and have access as a secondary user. You may need to remove/add some applications if they don't behave, and/or delete cache/data for the Play store and Google Framework. You may also need to remove all the Google accounts attached to the profile, and add them again for Play store to be able to install apps. I was getting errors, which cleared up after doing that.
So after completing the above, I was able to attach my son's CoC to his Google+ profile, and enable transferring it's data to another device, if I want to in the future. I decided to give "Screen Time Parental Control" a go, instead of the frustrating "restricted" profile. So far so good. Not sure yet if I want to shell out the $$ for the dude's Remote Control app, but so far I'm liking it. I think after the 15 day trial, though, I'll be hooked. Anyway, HTH anyone else trying to figure this out.
Edit: Forgot another detail: I did try to copy off the CoC data, and populate it into a new unrestricted profile, "chown"ing the files for the user, etc, for the new account, and it was a miserable fail. I also tried the flags="16" hack, installed Titanium Backup, and backed it up, but the resulting backup was useless. It was unable to be restored in a new profile. This is when I discovered that deleting those 2 files completely unlocked the profile, not just changing the flag, as mentioned on another website.

hondoslack said:
Sorry to resurrect an old thread, but I faced a similar dilemma yesterday, that I was able to solve. Root is obviously necessary, but it is possible to "upgrade" a restricted profile. In a nutshell, you need to modify the "/data/system/users/[nn].xml" file, and remove some files from "/data/system/users/[nn]/ folder, where [nn] corresponds to the numeric value of the restricted user.
Click to expand...
Click to collapse
I have this same issue where I m trying to get COC and other data from a Nexus 7 using 4.4.2, Kernal version 3.1.10-g4776c68 and a restricted profile. I am a noob and not familiar with adb. Is it possible to change a restricted profile to unrestricted without rooting? I searched many forums and could not find a solution.

I'm having a similar problem backing up a different game app on my son's restricted account. How do I find the numeric value for the restricted user account?

LilacPhoenix said:
I'm having a similar problem backing up a different game app on my son's restricted account. How do I find the numeric value for the restricted user account?
Click to expand...
Click to collapse
A restricted account is a separate profile of a main account and cannot have a separate google account or gmail address associated with it. It is not possible to change the status to a regular account. You can set up a new account for your son with a separate gmail address, download the game and contact their support telling them you cannot access your account. Just make sure you copy all of the game ID information for the user so they can search for it. And don't access the game on the restricted device, otherwise it may appear that you are just trying to steal someone's ID.

Related

Consolidate market purchases to 1 account?

I made various purchases with different “main gmail accounts", but always used the same Google checkout.
Now depending on what email I set as first after a new Tom install I can either download a part of what was purchased with that gmail as default or reset and use the other default for the other apps, impossible though to access all purchased, attempts restoring backed up apps result in copyright protection prompts.
Any idea how to solve that?
Sent from my Nexus One using XDA App
I'm wondering the same thing, when I was running android on my tp2 I was using a different account.now I use my gmail and I can't figure out how to transfer my old purchased apps
I got the answer.. but not very appealing...
husker91 said:
I'm wondering the same thing, when I was running android on my tp2 I was using a different account.now I use my gmail and I can't figure out how to transfer my old purchased apps
Click to expand...
Click to collapse
After reading true the Google FAQ I found the answer, anything else than satisfying though...:
- According to Google each purchase is associated with your main account - main account as per definition is the one that you've added first after installing a rom, regardless if your checkout account is associated with another gmail account. They state clearly that if one changes email, he has to buy the stuff again.
Usually not the approach that google takes, and without ending in a collective bash, I still gotta admit that this is quite a primitive way of handling customer relation - at least in my opinion.
[Edit:] I made an experiment with apprain.com, hoping they would be the solution for future purchases, but unfortunately the market app is the dominating part in the triangle between user - apprain - market syncing[/Edit:]

[APP] FBReader "Sync" App - FBSync v1.0.26 (Beta)

Hello all!
Recently I've started using two seperate Android devices to read books
using FBReaderJ for Android, a NookColor, and my phone, a Sprint EVO
3D. Very quickly, I ran into a problem. I read the same books on both
devices, so I ended up spending a lot of time looking for my place
whenever I switched devices (I used the NC at home, and my phone
everywhere else).
I imagine that this must be a problem quite a few people are having,
or will be having as android devices become more popular.
So, I wrote an android app to synchronize my place in each book
between the two devices.
App Name: FBSync
Current Version: v1.0.26
Revision History:
1.0.26 - Removed Auto-Sync feature (hopefully just temporarily. I want to get this working, but the FBReader API just doesn't provide enough functionality to get it working smoothly). Removed syncing of "recent" books (It caused more trouble than it was worth, sorry, you will have to manually open your book if you changed books on another device). Added a "Sync" item to the FBReader menu that pulls up FBSync.
1.0.24 - Updated Dropbox support to use latest Dropbox API. Fixed Auto-Sync feature to properly sync new book positions (broken due to a change in FBReader). Due to limitations in FBReader, the Auto-Sync feature is still rather rough.
1.0.23 - Added a Dropbox support for your book position data, an Auto-Sync feature that makes use of the FBReader API, and (in theory) the program has been translated into Russian (thanks Dmitry!). If you have set up your own synchronization server, you will need to update the PHP files to the files in the attached sync.zip
1.0.19 - Fixed another bug that affected Honeycomb devices. Confirmed working on an Acer Iconia A500.
1.0.18 - Fixed a bug that affected Honeycomb devices (I hope!)
1.0.17 - Added "Alternate Sync URL" functionality for those people who want to set up their own sync server instead of using mine. See below for more instructions.
Requirements:
1) Root. Your devices must be rooted. This application only uses
root for two things. First, it uses root to get access to the
FBReaderJ books database, and second, it uses root to kill the
FBReaderJ process before it syncs the data (it has to kill the process
to force FBReader to reload the database).
2) FBReaderJ must be installed on the device (you will be prompted to
install it if you haven't already when you load my app)
3) You must have already opened FBReaderJ at least once, and viewed
it's library (Menu button, "Library"). This creates the databases
that my application needs.
Download:
An older version is available on Google Play, but the latest version can always be found at the bottom of this post.
Instructions for Use:
As of v1.0.23, you have the option of either syncing book positions to my web server, or to Dropbox. If you choose to use Dropbox, it will create a single file on your Dropbox account (under \FBSync) that contains the book position data.
If you desire to sync the book positions to my web server, you can also enable a new, experimental "Auto-Sync" feature that syncs your position whenever you open or close FBReader (or a book in FBReader). This functionality only works when using my web server, it does not currently work with Dropbox.
The auto-sync feature make use of FBReader's API and makes FBSync work as a plug-in for FBReader. Unfortunately the API does not contain all of the features needed to completely remove the root requirement for FBSync.
If you are going to use my web server to sync:
After you install it, go into the settings (blue icon, or menu/
settings), and enter an email (doesn't have to be an email, any unique
string will work) and numeric pin # (this isn't secure, so don't use a
pin you care about). The email/pin is just to uniquely identify you.
You should use the same email/pin on each device.​
On the same screen, you can choose to sync the actual book files to Dropbox. Since your Dropbox account is used, only your account can access the books, if
you choose to sync them. It only uploads/downloads the books when it
needs them, so it may take a while the first time you sync, but after
that it shouldn't take more than a minute MAX (my typical sync times
for 90 books is about 5-10 seconds)
Click the middle, orange icon, to begin the sync process.
If this is the first time you've synced since selecting the "Enable Dropbox" setting, you will be prompted to allow FBSync access to your dropbox account.
The sync process first uploads, then downloads. It only updates the book's "place" on the web (or Dropbox) if it's farther ahead than the web's "place" for the book.
If you are using the Auto-Sync function, the above statement is not true. It always saves the exact position of your book upon closure of FbReader or closing the book.
Miscellaneous Info:
This program is still in beta. I have used and tested it extensively,
but I'm not liable if you manage to break it somehow. Since it does
alter the data in FBReader's databases (it does not, and never will,
alter the database structures), it is possible, but very unlikely,
that it could lose your book's places. I would suggest that you back
up FBReaderJ using something like Titanium Backup before you start
using FBSync, just to be on the safe side.
The synchronized book position data is currently hosted on my personal web server, or your Dropbox account (as of v1.0.23). Your book files are only stored on your Dropbox account.
UPDATE: As of v1.0.17, I added the ability to define your own "Sync Server". Here's how to use it:
In the Settings (Menu, Settings), there is a new option "Alternate Sync URL" where you can enter your own URL. Leave it blank if you want to use my server.
If you want to use your own, you will need the file attached to this post. I wouldn't recommend trying to set up your own server unless you are pretty comfortable with web servers, php, and mySql.
Sync.zip contains a .SQL script, and several .PHP files that are required to set up your own sync server.
The primary thing that you need to set up your own Sync server is a HTTP Web server that supports mySql and PHP.
On your server, create a new mySql database (name doesn't matter, just make sure there's a user attached to it that has insert/update/delete rights), then run the sql code in the sync.sql to create the two tables that are needed.
Edit the common.php file and replace the '' values in this block:
Code:
$dbhost = 'localhost';
$dbuser = ''; // Fill out the database user name here
$dbpass = ''; // Fill out the database user password here
$dbname = ''; // Fill out the database name here
with the correct values for your server. $dbhost can probably remain 'localhost'.
Then create a directory on your web server that is accessible from your devices, and put the 5 PHP files into it.
Launch FBSync, hit Menu, Settings, click the "Alternate Sync URL", and type in the URL that points to the directory you put those PHP files in (ex; http://sync.splitmatrix.net/alternate_sync ). You must start it with http://, and it should not end in a /.
After you enter the URL, save out of it, back out to the main FBSync window, and click the Sync button. If you set up everything correctly, it should sync to your server now instead of mine.
Please let me know of any issues you find, or any improvements you
want.
Thanks,
Scott
6/27/2012 Edit - Updated Sync.zip to remove some buggy code from addbook.php
Hi Scott,
I only have 1 device right now, so no need for sync, but I would be interested in how you can read your BN books with FBRreader. I have installed FBReader, but don't know how to read the books with it.
Also, I installed the dolphin web browser and clicked on a few epub links but nothing happens, is there a way to get it to bring up those files in FBRreader?
droidly said:
Hi Scott,
I only have 1 device right now, so no need for sync, but I would be interested in how you can read your BN books with FBRreader. I have installed FBReader, but don't know how to read the books with it.
Also, I installed the dolphin web browser and clicked on a few epub links but nothing happens, is there a way to get it to bring up those files in FBRreader?
Click to expand...
Click to collapse
I haven't actually purchased any books from B&N, but assuming the books you purchased are DRM free, you should be able to just move them into the \sdcard\books directory, and they should appear in the FbReader library. I believe, by default, the B&N books go into the internal storage, in the B&N Downloads\Books directory. Use a file manager like estrong's, astro's, or root explorer to copy them.
Via your web browser, save the epub books to \sdcard\books (or move them there after they download), and they'll show up. I don't believe that you can associate any book reader with epub files, I don't think android supports that. You have to open the book with the app, not the app with the book.
Scott
I use FBReader on multiple devices and would be extremely interested in such an app!
Thanks for your interest in my syncing app.
One pretty major requirement for this app is that your devices have to be rooted. Android doesn't like one app accessing another app's data, so the only way I could do it was to use root privileges.
It's still in beta, but you can download a copy of it at:
http://sync.splitmatrix.net/apk/fbsync.apk
Currently v1.0.9.
After you install it, go into the settings (blue icon, or menu/settings), and enter an email (doesn't have to be an email, any unique string will work) and numeric pin # (this isn't secure, so don't use a pin you care about). The email/pin is just to uniquely identify you. You should use the same email/pin on each device.
On the same screen, you can choose to sync the actual book files as well as their positions. It only uploads/downloads the books when it needs them, so it may take a while the first time you sync, but after that it shouldn't take more than a minute MAX, my typical sync times for 90 books is about 5-10 seconds.
Obviously you should have Fbreader already installed, and you need to have ran it, and gone into the library (menu/library) at least once (this creates the fbreader app database).
Click the middle, orange icon, to begin the sync process. It first uploads, then downloads. It only updates the book's "place" on the web if it's farther ahead than the web's "place" for the book.
Please let me know of any issues you find, or any improvements you want.
Thanks,
Scott
Cool
I just tested and it does work as stated. One question though, where is it uploading the data too?
Personal website, sync.splitmatrix.net. if the app takes off, i'll figure out something more secure and permanent.
Scott
Interesting. I'll try it out. Thank you!
One thing to think about however, especially if you open this up to general usage, is that by uploading/downloading the book file itself rather than just the current read-to position, you could potentially run into copyright issues. There is reason to believe that this could fall under Fair Use, but past rulings on similar commercial services for other media have been inconclusive. That may be a can of worms you don't want to open.
I am not a lawyer, but I do play one on web forums.
One thing I would try would be saving it on Google's servers through IMAP or something like SMS Backup does. Then no need to have to pay for a server. Don't know if it is at all possible but just thought I would see how you liked it.
RoboRay said:
Interesting. I'll try it out. Thank you!
One thing to think about however, especially if you open this up to general usage, is that by uploading/downloading the book file itself rather than just the current read-to position, you could potentially run into copyright issues. There is reason to believe that this could fall under Fair Use, but past rulings on similar commercial services for other media have been inconclusive. That may be a can of worms you don't want to open.
I am not a lawyer, but I do play one on web forums.
Click to expand...
Click to collapse
Yes, this is something I'm aware of. Not sure what I'm going to do about it yet. That's why it's a setting
Scott
qwerty017 said:
One thing I would try would be saving it on Google's servers through IMAP or something like SMS Backup does. Then no need to have to pay for a server. Don't know if it is at all possible but just thought I would see how you liked it.
Click to expand...
Click to collapse
The server it's currently on is hosted by a friend of mine for free, so I'm not concerned about it at the moment. If thousands of people end up using this, then obviously I'll have to make some changes.
Scott
I wonder if there's a way to store and retrieve the sync data with each user's Dropbox or something...
RoboRay said:
I wonder if there's a way to store and retrieve the sync data with each user's Dropbox or something...
Click to expand...
Click to collapse
I'd imagine that there is a way to do this, since programs like Titanium Backup support a dropbox interface.
If enough people think this would be a good feature to add, I can definitely look into it.
Scott
I'm just thinking that using each person's Dropbox would get you off the hook for not only server space and bandwidth, but also any potential copyright liability for book copies made by users synchronizing their files.
Valid points. I'll do some digging and see what it will take to implement the dropbox API in this app..
Thanks,
Scott
Edit: Updated first post with useful information - added download link.
Updated to v1.0.10 to fix a problem when used with the latest FBReader beta. Same URL as before:
Edit: Download the app off the market
Thanks,
Scott
This is a great app this is the missing link in fbreader. I hope you continue to support and enhance it.
Now that my archos tablet is rooted i can really enjoy it. I used to read my books on my phone and occasionally I still do.
Thx for the great work.
This looks like a dang good app. Since getting my nc i've quit using my evo for reading. This sync will bring joy back to my bathroom bbreaks at work!
Thanks for your kind words!
Since the last time I posted to this thread, I've added a dropbox interface to the program, and posted it to the Market (for Free of course!), so if you've downloaded the APK from the web, please re-install it from the market for the latest and greatest version.
Thanks again,
Scott
Oh, great! I'm checking out the Dropbox syncing now.
Edit: Works great!
If I may make another suggestion, you should post about your app at the MobileRead forum. I think you'll pick up a lot of users there.
Also, I know that the Android version of FBReader is different from the PC versions, but syncing with the Linux and Windows versions would be the icing on the cake. MobileRead might be a good place to find others wanting to help develop that capability

[Q] Trouble Entering Passwords

Just opened my viewsonic Gtablet from Tigerdirect. Ran the OTA update and now running 3588, otherwise straight out of the box.
I am unable to log into any account using an app (mail, contacts, skype, tdameritrade, twitter apps). I am able to log in fine when I visit the website and login through the web.
Is there someplace I have to grant apps permissions to use the internet? Why can't I log in?
Thanks.
Just checking if anyone else had this problem. If not other responses, I'll let this thread die. Thanks for reading.
seldeen said:
Just opened my viewsonic Gtablet from Tigerdirect. Ran the OTA update and now running 3588, otherwise straight out of the box.
I am unable to log into any account using an app (mail, contacts, skype, tdameritrade, twitter apps). I am able to log in fine when I visit the website and login through the web.
Is there someplace I have to grant apps permissions to use the internet? Why can't I log in?
Thanks.
Click to expand...
Click to collapse
No. There is no special place to grant permissions to use the internet. Do you get any kind of error message? Force Close? Some indication of symptoms might help us diagnose the problem.
Get an app called Superuser. You will need to root the tab, as well. I think there's something like "oneclickroot" out there.
Honestly, grab a custom ROM, they all come with this standard.
Rooting shouldn't be necessary to make any of those apps work so I doubt that will help him.
Google login fails, 2 step verification is culprit
This may not solve your problem, but it knocked me for a loop for a whole evening with my new motorola defy this week.
You get a new android device, and everything looks so nice, but then you try to log in to your google account. Repeatedly. You keep getting an error that says the username or password are wrong, even though you can log in on your pc. OBVIOUSLY the password is fine, but it wont work on your new android device.
Well, if you turned on 2-part authentication then you have a problem. (If you have never heard of 2-part authentication then move on, you would have to have done this on purpose and it is way to painful to forget having done it.)
Android doesnt support 2-part authentication. So you have to generate a special password for your android device.
Start by logging in to gmail, or whatever google service you wish. Go to your account settings (the little gear-looking thing in the upper right.) Under Personal Settings, Security you'll see an entry called "Authorizing applications & sites". Go here and make an entry for your device, and it will generate a special password for that specific google application that doesnt happen to support 2-part authentication. Enter your super-secret password.
Suddenly the world is golden.
Probably not what the OPs problem was, but I wanted to put it SOMEWHERE.
grrrr....

[Q] Privacy question

Was going to download and try this app from the Google store but have issues with privacy concerns:
This app has access to these permissions:
Your accounts
read Google service configuration
find accounts on the device
use accounts on the device
Your location
approximate location (network-based)
precise location (GPS and network-based)
Your messages
read your text messages (SMS or MMS)
receive text messages (SMS)
access mail information
Network communication
full network access
view network connections
view Wi-Fi connections
Your personal information
read calendar events plus confidential information
Phone calls
directly call phone numbers
read phone status and identity
Storage
modify or delete the contents of your USB storage
Your applications information
retrieve running apps
Your social information
read your contacts
read call log
System tools
read Home settings and shortcuts
write Home settings and shortcuts
test access to protected storage
Affects battery
control vibration
Status bar
expand/collapse status bar
Wallpaper
set wallpaper
adjust your wallpaper size
Click to expand...
Click to collapse
Why does this app need to access so much of my personal information?
Yearoftherat said:
Was going to download and try this app from the Google store but have issues with privacy concerns:
Why does this app need to access so much of my personal information?
Click to expand...
Click to collapse
Hi,
As you know, Themer helps increase the user experience by providing valuable information straight onto your homescreen.
This includes:
1. Displaying how many unread emails/SMS/missed calls you have. (Your messages
read your text messages (SMS or MMS)
receive text messages (SMS)
access mail information))
2. Displaying your map coordinates on a map image. (Your location
approximate location (network-based)
precise location (GPS and network-based))
3. A built-in dialer app that can display your recent contact as well as allow you to call a number directly from your homescreen. (Phone calls
directly call phone numbers
read phone status and identity) (Your social information
read your contacts
read call log)
4. Display agenda information. (Your personal information
read calendar events plus confidential information)
As you can see, it's all for display purposes. If you look at other widgets on the Play Store that perform the same activities, they will also require these permissions. It just so happens that Themer has all of these features built into one app. Hope this helps clarify the matter.
Thanks for the clarification. Looking forward to trying out the app!
I have the same concerns, beginning with the need to login before using any themes. (The explanation given in the faq seems too lame for me). Looks like a terrific app but possibly not for those who worry about privacy. I'm personally too scared to try it.
One option to explore is using this app with xprivacy installed which allows one to restrict unneeded permissions. Maybe a firewall might help?
Anderson2 said:
I have the same concerns, beginning with the need to login before using any themes. (The explanation given in the faq seems too lame for me). Looks like a terrific app but possibly not for those who worry about privacy. I'm personally too scared to try it.
One option to explore is using this app with xprivacy installed which allows one to restrict unneeded permissions. Maybe a firewall might help?
Click to expand...
Click to collapse
Hi Anderson2,
That FAQ actually sums it up quite well. The login feature creates a security barrier for us, which even though is not the most advanced way of preventing intrusions into our theming servers, it does a good job in finding people who are trying to tamper with our systems. That and of course sending users email updates of new features if they request it.
When exactly do you need login? Just to download themes? After the download can one log out? I don't like the idea that you have access to my emails, texts, and any files your widgets access. That is what concerns me.
I don't know enough about themer because I'm afraid to use it, but I believe your zooper widget doesn't require login. (Does it?) Can you explain how they differ in the need for protection?
I have to say that I share those concerns. Why do you force users to login with their Google or Facebook accounts? I do not understand why this should be a better securitry barrier than the login data from mycolorscreen.com? I would not even give away my login data to someone I know, so why should I give away this data to someone I do not know at all???
Well said.
+1
shibadoo said:
I have to say that I share those concerns. Why do you force users to login with their Google or Facebook accounts? I do not understand why this should be a better securitry barrier than the login data from mycolorscreen.com? I would not even give away my login data to someone I know, so why should I give away this data to someone I do not know at all???
Click to expand...
Click to collapse
Yet you log in to this forum and use it.
The explanations have been given. It's to ensure you are who you say you are when you access their servers to download the themes.
As for all the other access, Themer provides a lot of different information as explained (you DID read what he posted, correct?) GPS position, weather, etc. All of this is based on location, etc, as well as if you want unread email counts, etc. It's all there in Themer given you everything all rolled into one app, rather than having to download each piece separately. If you don't like it, don't use it. Thousands upon thousands of users are using it without any issues. I definitely like to protect my privacy, but this app is the least of your worries about privacy.
There are many other problems that could result if they didn't want you to verify who you say you are. Do you want someone to hack their servers and then you download a hacked theme that could result in even more privacy issues for you?
In the end, if you don't want to use it, don't. Nobody is forcing you to use it and they have every right to protect their investments as well. There are plenty of other apps out there you can use that can provide the same type of experience. Usually, the themes are not housed in a server so you can download them from elsewhere, but unless you're getting them from Google Play, then who is to say how safe those are? Many 3rd-party app stores are NOT the safest as they do not follow Google's security policy. At least with Themer, it's in the Google Play market and has had to go through Google's scrutiny.
A few weeks ago, the app was erroneously flagged as something that could steal your information. Google came back later and stated it was an error on their part and verified that the app is safe and it will not steal your information.
I've used it for months and nothing bad has happened to me.
There are many other ways for hackers to get your PI and this is the least of your worries.
vulcanvillalta said:
As an American, and therefore afraid of everything, I personally vote to not give out so much information. But on the other hand, IF someone wanted to get all of your information, they could probably do it without your consent. I would probably stay away from it, though. Just to "try" to be safe.
Click to expand...
Click to collapse
Once Facebook introduces its anonymous login feature, our developers will implement the feature into Themer
iBolski said:
Yet you log in to this forum and use it.
Click to expand...
Click to collapse
Yes, I do use this forum, but of course I do not log in with my Google account. There would be no reason to do so - same goes for Themer. I would have no problem if Themer would ask for my login data from mycolorscreen.
iBolski said:
The explanations have been given. It's to ensure you are who you say you are when you access their servers to download the themes.
Click to expand...
Click to collapse
You think you know who I am because I enter some data that nobody ever controls? I could simply enter some Google account data I created only for Themer. But honestly, this is too much effort for me only the check if I like an app.
iBolski said:
As for all the other access, Themer provides a lot of different information as explained (you DID read what he posted, correct?) GPS position, weather, etc. All of this is based on location, etc, as well as if you want unread email counts, etc. It's all there in Themer given you everything all rolled into one app, rather than having to download each piece separately. If you don't like it, don't use it. Thousands upon thousands of users are using it without any issues. I definitely like to protect my privacy, but this app is the least of your worries about privacy.
Click to expand...
Click to collapse
What exactly has GPS and weather to do with my Google Account data? I do not share GPS data with Google, so I would not with Themer as well. And for a weather forecast I would simply type in 5 numbers - my zip code. This is exactly what I do right now.
iBolski said:
There are many other problems that could result if they didn't want you to verify who you say you are. Do you want someone to hack their servers and then you download a hacked theme that could result in even more privacy issues for you?
Click to expand...
Click to collapse
And because the people at Themer have may account data, nobody can hack their servers? So the solution to all hacked servers worldwide is so simple? Just giving them Google account data?
iBolski said:
In the end, if you don't want to use it, don't. Nobody is forcing you to use it and they have every right to protect their investments as well. There are plenty of other apps out there you can use that can provide the same type of experience. Usually, the themes are not housed in a server so you can download them from elsewhere, but unless you're getting them from Google Play, then who is to say how safe those are? Many 3rd-party app stores are NOT the safest as they do not follow Google's security policy. At least with Themer, it's in the Google Play market and has had to go through Google's scrutiny.
Click to expand...
Click to collapse
Yes, I do not use it. This is the consequence.
iBolski said:
There are many other ways for hackers to get your PI and this is the least of your worries.
Click to expand...
Click to collapse
So what should be my worries if it is not giving away voluntarily my Google account data to someone I do not know???
And you forgot something: I know at least 5 people that use their Android phones without a Google account, and they also do not use Facebook. Believe it or not: these people do really exist, and they even survive without a Google and a Facebook account.
So for me there is no credible information why the people at themer need my Google account data, and why this should protect them from being hacked. Or why my Google Account data should be safer than my mycolorscreen account data. This is why I will not use themer and would not recommend it to others.
shibadoo said:
Yes, I do use this forum, but of course I do not log in with my Google account. There would be no reason to do so - same goes for Themer. I would have no problem if Themer would ask for my login data from mycolorscreen.
You think you know who I am because I enter some data that nobody ever controls? I could simply enter some Google account data I created only for Themer. But honestly, this is too much effort for me only the check if I like an app.
What exactly has GPS and weather to do with my Google Account data? I do not share GPS data with Google, so I would not with Themer as well. And for a weather forecast I would simply type in 5 numbers - my zip code. This is exactly what I do right now.
And because the people at Themer have may account data, nobody can hack their servers? So the solution to all hacked servers worldwide is so simple? Just giving them Google account data?
Yes, I do not use it. This is the consequence.
So what should be my worries if it is not giving away voluntarily my Google account data to someone I do not know???
And you forgot something: I know at least 5 people that use their Android phones without a Google account, and they also do not use Facebook. Believe it or not: these people do really exist, and they even survive without a Google and a Facebook account.
So for me there is no credible information why the people at themer need my Google account data, and why this should protect them from being hacked. Or why my Google Account data should be safer than my mycolorscreen account data. This is why I will not use themer and would not recommend it to others.
Click to expand...
Click to collapse
You describe me exactly. I don't use my Google account to login anywhere, don't use Facebook, have phone GPS and location turned off, only enter zip code for weather, turn off sync everywhere, use a firewall, xprivacy, etc. - - and Google only thinks it has my info.
Everyone I know who is not a teenager or addicted to Facebook does the same.
vulcanvillalta said:
If you use fake names etc and are vague about your location, no, google doesnt have your name. But what about your IP address. They can tell that your pseudonym is performing functions from the specific location you are in. You might not GIVE them your name or address, but with the IP address linking you to a specific internet connection, they certainly can figure out who you are and where you are, if they want to.
Click to expand...
Click to collapse
Which is why I don't want to help other sites identify me by giving them my Google login. Not everyone has Google capabilities.
The points made in defense of keeping your personal information private (and not using your Google login for Themer) are valid and understood.
However, Themer is not designed for that type of mindset.
Themer is designed for the overall market - the vast majority if you will - not for privacy advocates.
It's simply a tool that allows the general Android user base (the FB'ers, Google +'ers, i.e. Socialites) to easily login to an app designed to make their phones look cool. Most of the functionality of the Themes are far more invasive than your Google login anyway (GPS coordinates, access to text/email notifications, call logs, etc) so I really don't see the point of wildly waving your arms around saying "privacy breach! privacy breach!"
Don't use it. Cool. I'm OK with that. I'm sure they are too. But why complain about it? What is the goal? Surely you cannot think they will redesign the app for you.
So really, you're just posting on XDA to aggravate the devs. I mean, what launcher doesn't have access to all of your info? It's like complaining that a specific model of car has a license plate that can be used to identify you. Guess what? All cars do. Take the bus bro
Anderson2 said:
Which is why I don't want to help other sites identify me by giving them my Google login. Not everyone has Google capabilities.
Click to expand...
Click to collapse
But your phone can still identify you. You are still logged into the internet via your carrier's internet and they can definitely get who you are on the phone.
You might as well just stay off the internet completely then.
And, if you're going to stay off the internet, then why have a smart phone? You're already identified out there through your carrier. If they breach your carrier account, they have all sorts of information right then and there, more so than Google would have. Think about it. Your billing address, etc.
Don't think for a minute that your carrier is completely safe. Even Verizon has had breaches.
vulcanvillalta said:
Like I said above, IF PEOPLE WANT YOUR INFORMATION, THEY CAN GET IT. There are nasty identity thieves out there that can find all of your information SOOOO easily. So easily. So whether or not you use an app or make a phonecall or whatever, you can still be traced and you can still be monitored and your information can still be acquired. I'm not trying to be a downer, but you can either accept that you are at the mercy of whoever wants to stalk you, or you can spend the rest of your life worrying and trying to protect yourself from something you literally have no control of.
IMHO, if you can use the app and it would benefit you, you might as well enjoy it.
Click to expand...
Click to collapse
Not sure why you quoted me bro, I'm on the same page you are.
IT need to display some information about your phone

Need to lock Genymotion SaaS appliance to run only 1 app in restricted user by default and prevent install 3rd party apps and access to settings

I need to run an app in Genymotion that is used for data entry and upload of the entered data into 3rd party sites. The logins to 3rd party sites are stored in this application (probably encrypted). The application will store multiple logins for my different customers of who need to have the data uploaded into the 3rd party sites. The data into the app will then be entered by other people to whom I outsource the data entry.
So I created Genymotion appliance, installed the app and in this application I entered logins for sites such as ebay. I am looking for suggestions on what can I do to secure the appliance to prevent the data being copied out from it.
I want to prevent the person to whom I outsource data entry to be able to install and load 3rd party other apps, modify system settings, install other apps, copy the system directory, copy the login and password information saved by the application.
Let's assume the worst possible case here when application is well written but the passwords mentioned above (for the ecommerce sites like ebay) is saved in plain text in this application in the internal application directory. What I know about the application is it doesn't support access to SD Card, only can read and write data to the internal memory.
What can I do in Gennymotion to improve the security of my appliance. Genymotion virtual machines are rooted. So I looked at following suggestions:
1. Setup restricted user on Android
2. Set restriction for the restricted user to only be able to use the one application. Disable anything else (including disabled browser, email, youtube etc..)
3. Try to get the restricted user loading on boot of Android. When Android restarts, however, it doesn't allow choice to login into the restricted user or the admin user, sort of like a Windows or MacOS login menu. To get the appliance to always start with restricted user by default, I need to add a script and the scripted will need to start using Tasker or MacroDroid.
However, how do I prevent the user from installing 3rd party apps? Is it good enough to disable all user apps (except that one used for data entry) from the restricted user? Is there any other way the user could abuse the access to the virtual appliance and load something there? Are there any system android apps I need to disable for the restricted user to prevent the user to be able to do anything bad with it?
The application used for data entry can not download any application or data, however, I believe it does use the webview because it loads sites like ebay and fills the forms on those sites. It only interacts with select websites only like Ebay to enter data into Ebay forms..
Is there anything I can do to secure Genymotion appliance any other than what I already mentioned. I would like to send the link to the Genymotion SaaS Android to people who will do data entry for me into Ebay and other sites. So I need to make sure the virtual appliance is secured as much as possible from tinkering with it. I need to make sure somebody doesn't get hand on the stored login details.
Just to clarify for the login credentials:
I am not sure how the user credentials are stored and I will find it out, however, for now, I go from the worst case scenario when the credentials are stored in plain text in the app settings. The user name and password is stored in the application with exception for Ebay because the many other sites do not have API key or any webservices interface, so the application would access those sites simply via a webview, and when it goes to login there it will do that by filling in the login information on the login form (simulates keystrokes). The user name and password is entered into the login form for the site. That's why the login info is stored in the application itself.
This question is not about how to secure the specific application I will be using, but how to secure the actual whole Android appliance from tinkering with.
I am aware I will the risks here, just want to do as much due diligence as I can.
Sources for Genymotion restricted user..
How to set restricted user as default user on reboot?
We would like to have an already added restricted user account be the default when we restart our Samsung SM-T580 tablets. At current we have 2 accounts installed, Admin and User The User is a use...
android.stackexchange.com
Root access - Device image User Guide
docs.genymotion.com
Done some digging so this cannot be done. Neither Genymobile or Appetize or other online Android emulators can offer fine-tuning in terms of user access. The closest is Genymobile because at least allows adding and removing access of users to individual appliances. That is however not resolving the issue with Android and in particular rooted Android, since all online emulators run rooted Android and I am not sure how that is secured against potentially malicious actors who receive access link.
The only easy way to solve it, kind of in a mickey-mousy way is to install Kiosk mode application. That kiosk app will run at every boot and it only shows the specific application. There is always risk of course the malicious user would do something to crash the application and the Kiosk app, but if the application is not a web browser or email client or similar it should be relatively safe.
There are plenty of Kiosk mode apps for Android but none of them is free (don't try to look, no chance to find one), the cheapest cost about 7 USD one-time purchase, the more expensive ones cost 20 per month per device or more and come with remote control etc... Not cheap but kiosk mode apps are almost exlusively used by businesses so that's why there is lack of free apps.
Anyhow I believe this is the closest as I could get to deal with this.

Categories

Resources