I'd be grateful if someone in the know would clue me in:
Stock Android, I believe since 2.0, has supported multiple Exchange sync accounts (at least for email sync, and probably contacts). Running the
Android emulator on the desktop, I can configure as many accounts as I please.
However... I just took delivery of a Samsung Fascinate (Verizon) and as hard as I try, I can't make it configure a second account (it dumps me into the 'edit' UI for the first account when I ask to create a second one).
So I tried an HTC Incredible that we have here. Same behavior !
Yet, when I Google search 'samsung galaxy s multiple exchange accounts', I find a bunch of people claiming to be using multiple accounts.
What's up with this? Am I just not doing the setup correctly, or did Samsung remove this capability from the devices recently ?
I also figured I could install the stock Android email app as a workaround, but that doesn't exactly seem to be a 'one-click' process. K-9 has no ActiveSync support, so that isn't useful.
Can't speak for anyone else, but I have yet to see any Android phone that supports multiple Exchange accounts out of the box. That's one of the reasons I bought Touchdown, as it supports multiple Exchange profiles. Of course, only one of them can be active at a time, but if I needed to have two accounts active simultaneously, I could use Touchdown for one, and the stock email app for the other. Oh, and just FYI, I didn't mean for this to become a Touchdown advertisement. ^^;
Sent from my SCH-I500 using XDA App
Actually, I have a Touchdown license so this is a good plan.
Presumably the situation is this : stock Android supports multiple accounts but none of the device vendor skins do, yet. Correct ? (and it isn't possible to manifest the stock Android behavior side-by-side with the vendor skin).
I was just coming in here to ask this question. I would like a way to get multiple exchange accounts too. Since it was supported in 2.0 on up i think we should be able to get this to work. Unless Samsung messed this up for us.
Hmm, I thought Sammy left the stock Android email app on the Fascinate, but it looks as though they modified it just enough to cripple it. :-(
Sent from my SCH-I500 using XDA App
There are actually good reasons NOT to do this. Corporate IT admins have massive problems with this, and because Google/Sammy/etc. are actually TRYING to work with corporate IT... you end up with this.
Outlook doesn't allow it either, nor does any other mail program which respects Activesync conventions.
It has to do with security... and compartmentalization.
The Droid X and the Droid supported 2nd Exchange accounts.
I'm sorry, but I disagree that this is a security issue. They are completely disparate accounts, and this functionality should be stock on all Android phones.
That said, the Samsung client is the worst of all of them, and Touchdown is the best option, IMHO.
Gurm said:
There are actually good reasons NOT to do this. Corporate IT admins have massive problems with this, and because Google/Sammy/etc. are actually TRYING to work with corporate IT... you end up with this.
Outlook doesn't allow it either, nor does any other mail program which respects Activesync conventions.
It has to do with security... and compartmentalization.
Click to expand...
Click to collapse
Oh, really? That's interesting. I work on the helpdesk for an IT company that hosts Exchange servers (and much more) for dozens of clients, including numerous medical and financial institutions (i.e. security is a significant concern), and I have never heard about any such security issue. Please explain to me how being able to setup multiple Exchange accounts on a single device is such a huge security concern, and include links to references if possible, as I may want to present the information at our security meeting, which I'm actually attending tomorrow. No joke, that's my job, and I am on the security team.
Btw, Microsoft themselves eliminated the single Exchange account limitation with Outlook 2010. It's still not unlimited, but you can now have three Exchange accounts per Outlook profile. Oh, and did I mention that iOS 4 now also supports multiple Exchange accounts per device? So yeah, if you have any links to share about these alleged security nightmares, feel free to enlighten me.
Sent from my SCH-I500 using XDA App
8notime said:
That said, the Samsung client is the worst of all of them, and Touchdown is the best option, IMHO.
Click to expand...
Click to collapse
While I tend to agree with you, I'd like to point out that I haven't seen any issues with actually reliably syncing with an Exchange server with the Fascinate, whereas the mail client on the original Droid was plagued with bugs, and while it improved later on, one of the more recent post-Froyo patches broke the ability to sync with Exchange 2010 (which has since been fixed).
Also, if I remember correctly, the helpdesk I work on got a bunch of calls from clients who bought the Droid X when it first came out, because it couldn't sync with Exchange 2003, which was a pretty serious bug. Motorola had apparently tested it thoroughly with Exchange 2007 and 2010, but never with 2003. It was so bad that they were giving away licenses for Touchdown for free to anyone that complained, until they were able to issue a patch for it.
Anyway, no mail client is perfect, and all have their pros and cons. Which stock one is better or worse depends on whether the features that don't work right matter to you or not. Me, I'll stick with Touchdown, which basically mops the floor with the stock mail clients, just in sheer volume of features alone.
Sent from my SCH-I500 using XDA App
IOS 4, android 2.* and up and WP7 all support multiple exchange accounts. Unfortunatley Samsung messed this up for us.
I wonder if there is a way to pull the AOSP e-mail.apk and try that? Or if there would be another way around this.
Since someone got a little cranky I will elaborate on the security problem.
The issue is largely one of partition. Let me paint a scenario...
I am government contractor x. I provide you with exchange on your phone. Your phone very helpfully merges all your data together. That violates my policies. Additionally, your android device doesn't respect remote wipe, remote lock, or security policy for disclaimers, password complexity, etc.
But the biggest issue is that the exchange data isn't self-contained.
If the phone, client, or whatever provides partitioning of the data then multiple accounts becomes a possibility.
Essentially I as an exchange admin don't want some other company's mail cross pollinating with mine. And because my company is in Massachusetts, it's actually a violation of state law at this point to let our emails into someone else's system.
Outlook 2010 supports separate cache files, contact lists, and all other data... So it can do multiple accounts. The iphone doesn't, and neither does droid.
I love my android phone, but I cannot let the end users have them, because we can't secure thee data. Full stop.
Sent from my SCH-I500 using XDA App
And yes, ios 4 and some iterations of droid do allow this, but not in s way that is kosher with either microsoft or your mail admins.
Sent from my SCH-I500 using XDA App
Hehe, I wasn't cranky. I just wanted some additional info to back up a rather vague, blanket statement about data security. I could go on to discuss security issues, but it looks like your concerns exist at a much higher level. If the Android platform as a whole is too insecure for you to allow, then whether or not a phone supports multiple Exchange accounts is irrelevant. That being the case, I won't draw this on much longer, as it's beginning to drift off topic.
Based on what you've listed as your security requirements, I believe Touchdown actually has a strong enough feature set to safely allow Android devices to work in your environment. It supports a healthy set of Exchange security policies, namely remote wipe, PIN/password policies, and complete data encryption (it even encrypts the data it stores on the SD card), and since it only allows one account per profile, and all data is contained within the application itself, and not mixed on the phone, the partition requirement is met. Plus, you can deploy a template that dictates desired config settings for the app, and locks them down to prevent users from changing them. Oh, and don't forget the added benefit of standardization, in that you would only have a single email app to support, regardless of which Android device end users have. The only real down side is the added cost, as it's extra software to buy. And for those wondering, no, I do NOT work for NitroDesk, the makers of Touchdown.
I apologize if I'm still failing to understand any of your points in all this. I do have an interest in security topics like this, and while I'm not completely ignorant, I'm by no means an expert either, not by a long shot. If you'd like to discuss this any further, feel free to PM me, so we don't get any further off topic in this thread. Thanks!
Gurm said:
Essentially I as an exchange admin don't want some other company's mail cross pollinating with mine. And because my company is in Massachusetts, it's actually a violation of state law at this point to let our emails into someone else's system.
Click to expand...
Click to collapse
I have never in my life heard of this happening, nor is there any proof that it's technically possible. I get the whole concept of all data being on the same partition, but cross pollination? They are totally different accounts, with their own data stores.
If a companies security policy is this strict, they probably shouldn't have any phone connecting to their network, unless they have a device management tool in place that prohibits installation of any 3rd party apps unless they install them themselves. Oh and they should probably remove the camera too, if they're a government contractor with this much security in place.
I don't think the Fascinate was designed for a company like this.
Just to throw in my 2 cents. A division of the company i work for engineers nuclear plants and because of the strict government regulations only blackberries are permited because other platforms are not secure enough.
Sent from my SCH-I500 using XDA App
8notime said:
I have never in my life heard of this happening, nor is there any proof that it's technically possible. I get the whole concept of all data being on the same partition, but cross pollination? They are totally different accounts, with their own data stores.
Click to expand...
Click to collapse
Really? Your contact list isn't comprised of all the contacts from all the accounts? Do you keep strict track of which little yellow "new mail" envelope you've just pulled down? It can't happen? Think again.
If a companies security policy is this strict, they probably shouldn't have any phone connecting to their network, unless they have a device management tool in place that prohibits installation of any 3rd party apps unless they install them themselves. Oh and they should probably remove the camera too, if they're a government contractor with this much security in place.
Click to expand...
Click to collapse
Yup. Guess why Blackberries are still the biggest corporate device? For exactly this reason. Why is there always a Blackberry variant with no camera? BINGO.
I don't think the Fascinate was designed for a company like this.
Click to expand...
Click to collapse
No Droid or iPhone was.
Then why are we even having this conversation? We're talking about the Fascinate.
Also, we were talking about email, not contacts. Emails are stored in entirely different data stores. I don't have 1 giant inbox with emails from both accounts. They are totally separated.
8notime said:
Then why are we even having this conversation? We're talking about the Fascinate.
Also, we were talking about email, not contacts. Emails are stored in entirely different data stores. I don't have 1 giant inbox with emails from both accounts. They are totally separated.
Click to expand...
Click to collapse
Because Exchange isn't POP or IMAP. It's an entire comm system. It's not just mail, it's contacts and calendar and notes and public folders and a half dozen other things.
If you just want to sync the contents of two Exchange inboxes, sure there's no TECHNICAL reason you can't. But that's not how Exchange WORKS, typically. I'm sure you could write a client that does that, but as yet folks haven't.
You can go in and uncheck to sync the calendar and contacts, but new "events" will still arrive and have to be thrown out by the client. Essentially you would need to write MORE code to NOT have the entire system than you would to HAVE it.
I'm sorry but that isn't true. Like I said earlier, I was able to add more than one Exchange account - contacts, calendar, and email - on both my Droid and Droid X. One Exchange account for work, and the other a personal account through a hosted Exchange provider. There was no "cross pollination" between either account, and each had a completely separate inbox/data stores. So not only is it technically possible, the functionality is also available for use. Also, as a security professional, I think there are other real security concerns/vulnerabilities to focus on, than something that has never been proven to be one.
8notime said:
I'm sorry but that isn't true. Like I said earlier, I was able to add more than one Exchange account - contacts, calendar, and email - on both my Droid and Droid X. One Exchange account for work, and the other a personal account through a hosted Exchange provider. There was no "cross pollination" between either account, and each had a completely separate inbox/data stores. So not only is it technically possible, the functionality is also available for use. Also, as a security professional, I think there are other real security concerns/vulnerabilities to focus on, than something that has never been proven to be one.
Click to expand...
Click to collapse
I understand that you have done it before. I've done it too on an iPhone. My point is that the capability to do so is not something that comes pre-cooked in an Exchange client. MS didn't do it until recently themselves. Given that a lot of the stuff in the Fascinate is pre-2.1 due to Samsung's pidgin kernel (really a 1.5 or 1.6 kernel hacked up for 2.1, from what I've read on here) I'm not at all surprised that functionality only recently available is missing.
Like I said - it takes more code to do it than not to do it... don't hold your breath for it from Samsung, although anything is possible in 2.2!
Last week I noticed a device under my Google Play account (My Devices) that is not mine, a phone on a Romanian cell phone company network. I also noticed that someone from Russia had accessed my Gmail account. I changed my Gmail password (the old one was alpha-numerica,random, with symbols) and turned on two step authentication.
The Gmail account seems to be ok. The contacts all there and no messages removed or messages sent by people other than me.
The only sign of the intrusion is about a dozen "free" apps ordered by that device. It included sketchy gambling apps, a child's game that from comments I read has adult advertisements, and ringtones. After I changed the password there are new "free" media on the account - books and various video. These appear to be from a different user - all in English as opposed to Russian and nothing sketchy.
My guess on how this started - I downloaded an app with about 100 reviews. The next day the "free" apps started to appear, and the unauthorized device also was added the next day.
My SGS 3 isn't rooted. For Jellybean it seems that I have to wait for a stable root, should be another few days.
I contacted the Play Store support and they were of no help. They referred me to Gmail support but Gmail doesn't offer phone support. I think only support on a Google Group forum.
Any idea how this could have happened and how to get this device off of my account? My PC's are secure and my primary PC is Linux.
starfcker69 said:
Last week I noticed a device under my Google Play account (My Devices) that is not mine, a phone on a Romanian cell phone company network. I also noticed that someone from Russia had accessed my Gmail account. I changed my Gmail password (the old one was alpha-numerica,random, with symbols) and turned on two step authentication.
The Gmail account seems to be ok. The contacts all there and no messages removed or messages sent by people other than me.
The only sign of the intrusion is about a dozen "free" apps ordered by that device. It included sketchy gambling apps, a child's game that from comments I read has adult advertisements, and ringtones. After I changed the password there are new "free" media on the account - books and various video. These appear to be from a different user - all in English as opposed to Russian and nothing sketchy.
My guess on how this started - I downloaded an app with about 100 reviews. The next day the "free" apps started to appear, and the unauthorized device also was added the next day.
My SGS 3 isn't rooted. For Jellybean it seems that I have to wait for a stable root, should be another few days.
I contacted the Play Store support and they were of no help. They referred me to Gmail support but Gmail doesn't offer phone support. I think only support on a Google Group forum.
Any idea how this could have happened and how to get this device off of my account? My PC's are secure and my primary PC is Linux.
Click to expand...
Click to collapse
I have the IMEI # of the phone added to my account, also the model number (registered in Russian Federation). Could the IMEI be useful? I can PM if interested.
Imeis are quite useful to many people...Just don't pursue this on xda.
Sent from my Galaxy Nexus using xda premium
My account too was almost hacked.
I signed into youtube and a notice was shown that someone from ip in china tried to log into my google account and it denied them and i changed my password. No weird apps nothing.
The thing is probably the app you downloaded.
Just because it has 100 downloads doesn't mean its malware but you need to check permissions always.
Even big games like "Paper Toss" has been know to sell peoples info to companies.
When you read permissions. There should be a list of all the options the app requests.
Be Smart. If you download a calculator, It shouldn't have access to your personal identy, messages and the big key is internet access.
If you download a calender it may need access to contacts but it it also needs internet access, its probably is storing your contacts and sending them out to a site that then sells to a company and lastly, your grandparents receive phone calls asking if they want to buy a service and use your name as who referred them.
Also. rooting is a good option. With an app on here called pdroid or droidwall you can download those apps but it will alert yyou when the app wants to use a permission (like internet) and gives you the option to allow or deny.
good luck
I have one update. I think that after I changed my password and went to two step verification, the purchases of "free" apps and media stopped. It's been four days and nothing new added. So far so good. Thanks for the replies. BTW, Google of no help.
I'd still like to know how the Gmail account was compromised - I may never know.
similar thing just happened to me (Galaxy Note) appeared on my account from no where. When I contacted google if they can help or if they are interested in tracking him down, all they said was we cant help you. And change the pw. Obviously I know that I need to change the pw. I know Apple would have tracked it down somehow if it was an iphone. My pw has 22 characters number letter symbols yet it was hacked.
Since google is not helping me I installed Android Lost app on this NOTE and waiting to get a location update via email. I know it wont do anything much and I cant do anything against him or her since no paid apps were downloaded. Still I would like to do something to crooks like this. He only had 6 apps installed (facebook,viber candy rush) and terminal emulator (which worried me).
I really hope that Android close their unlimited backdoors in the OS.
So I finally upgrade my LG simple 1G phone to a VZW Galaxy S4, allowed it to update to MK2, setup my gmail account (not G+ though), take care of organizing it like I want, etc. Next thing I notice, that in my gmail I start getting dangerous looking spam ("update your Amazon credit card info", "update your ###### info", and the image had a link which would've sent me to a Yemen domain. Nothing happens without a reason, and the only thing that changed was I gave the phone my gmail logon. I did not directly give account info to any of the other vendors advertised on the bloatware on this phone. I should add that prior to this I was familiar with the spam I'd get in gmail (and gmail would flag it into spam folder) and it was consistent and never made it into my inbox.
This being my first android I'd appreciate comments on your experiences with this, and anything you can share on how to better safeguard my info. I hate google, or anybody for that matter, having so much access to my credentials which I normally and successfully hold fairly close. (Yes this is my first smartphone).
I am a Malwarebytes registered user on my desktop and laptop so I downloaded their app onto my phone, but something tells me what caused this spammer to source me was over-sharing of data on google's (android's?) part.
Thanks
MessyPotamia ("because in the land between the Tigris and Euphrates, things are a MESS")
Huntsville, Alabama
I think its pretty safe to say its coincidence. My family owns about 5 Android devices and I myself have three Android devices currently in active use , two gmail account, one for my personal devices and the other for family use and so far, we have yet to get any 'weird' spam issues except for the occasional spam that promises me that I'll get bigger manhood and such. Try playing with the app settings or try another email app. I mean, if you have a gmail account all this while and google wants to sell off your personal information, they would have sold it a long time ago and not wait only now because you have a new smartphone right? Lol
Sent from my GT-N7105 using xda app-developers app
mha93 said:
I think its pretty safe to say its coincidence. <SNIP> I mean, if you have a gmail account all this while and google wants to sell off your personal information, they would have sold it a long time ago and not wait only now because you have a new smartphone right? Lol
Sent from my GT-N7105 using xda app-developers app
Click to expand...
Click to collapse
Didn't mean that I think G directly sold it off, but something enabled a spammer to target me. Have been getting this same spam about 1x / day since I shared my 10 yr old gmail acct w/ VZW/I545/MK2. Something triggered it, I don't believe in coincidences (my prior CI work, sorry!), and the only thing that changed was my new setup.
Maybe its something that you've installed? Like have you pirated any apps or downloaded any sketchy apps? Besides that, I can't think of other ways besides logging in to your gmail account, and actively mark the emails from that address as spam.
Sent from my GT-N7105 using xda app-developers app
mha93 said:
Maybe its something that you've installed? Like have you pirated any apps or downloaded any sketchy apps? Besides that, I can't think of other ways besides logging in to your gmail account, and actively mark the emails from that address as spam.
Sent from my GT-N7105 using xda app-developers app
Click to expand...
Click to collapse
Two days later from my orig post. First, I have not downloaded any suspicious apps (only 2 banking apps, and they're pretty secure), one or two others from app store (but uninstalled them when I wasn't impressed). I set up my wife's yahoo email account as another account under email; one gmail account I use often as another email account; and my regular gmail account is the main phone account. My regular gmail account gets very little spam.
Now I notice my wife is getting evidence her contacts have been harvested, as folks in her contacts (some very old contacts) are replying "Did you send this? " or rejection messages from their .gov or .mil enterprise mail server. She has had registered malwarebytes on her laptop, as do I on mine. Tomorrow I will run CCleaner and HijackThis on both hers and mine. I must say the neither of us visit suspicious places or have any poor practices regarding opening emails or attachments, and our Secunia PSI scores are usually around 98.
This has to have something to do with my new Galaxy S4 and the fact that I gave it my gmail credentials, and her yahoo credentials.
This is not a coincidence.
After googling around, I came upon several forums stating that their users are getting spam mails after logging into their gmail accounts from their 'new' smartphones. So I guess your case is not unique. In all the cases, they managed to solve the problem by changing their gmail password. So what I'm thinking is that your phone is a 'manufacturer refurbished phone' or at least one that was returned to your carrier and repackaged again and that the previous owner left a malicious code or script in the phone. So short of returning to your carrier or to Samsung, I suggest that you change your password, factory reset your phone, update the firmware before logging in to your gmail account and see if it changes anything. The best bet is to return it to Samsung or your carrier on grounds that its a 'defective device' or at least claim that something is wrong with it. Chances are, they will reflash a fresh new firmware onto your phone and would in theory solve and delete any malicious code in your phone. Or they'll replace yours with a new phone. Yeah sounds troublesome but if you want to skip Samsung and reflash a new firmware yourself, head over to the S4 forums and see the method of flashing a new stock firmware. Sorry that your new smartphone causes so much problems. Google is quite helpful when its working right.
Sent from my GT-N7105 using xda app-developers app
(Problem solved)
mha93 said:
After googling around, I came upon several forums stating that their users are getting spam mails after logging into their gmail accounts from their 'new' smartphones.<<SNIPPED for brevity>> Google is quite helpful when its working right.
Sent from my GT-N7105 using xda app-developers app
Click to expand...
Click to collapse
The source of the spam is most assuredly the YAHOO MAIL ANDROID APP (downloaded 3 days ago from App store and put on her android, not mine). After running (reg'd) malwarebytes, plus CCleaner and HijackThis (all showed nominal) I began to suspect it was on Yahoo's side, and sure enough there are plenty of recent articles about their vulnerability. Removed the app from her Moto Droid.
I particularly enjoyed reading this:
[I can't post outside links, google the search terms "even-yahoo-employees-dont-use-yahoo-mail"]
Meanwhile, everyone here I thank for participating in this thread.