Found a security issue with Restricted Profiles - Android Q&A, Help & Troubleshooting

I decided to try and lock down my younger brothers Nexus 7 so that he could have his favorite apps but have no access to the internet. Android 5.0 has made this a little easier with the addition of Restricted Profiles.
However there is a major flaw.
Firstly i can disable access to all browsers etc but it does not have the option to disable access to settings. From there you can browse to "Accounts" then "Google Ads" which then gives you full access to the internet and acts as a mini web browser. This defeats the whole purpose of a restricted profile lol, is Google aware of this?
What i need is a way to disable access to settings. I have tried App lock apps but he manages to beat them by repetitively punching a bunch of random numbers
Is there a way to disable the quick settings and notification panel, so that when he tries to pull it down, it won't do anything?
I have hidden the settings icon from Nova so that he can't access this way. But all it takes is a simple swipe down, tap the settings icon in the quick settings panel, go to Accounts, then Google ads and you have access to a full web browsing experience LOL.
Did i mention he's 7? I'm scared of what he'll be able to do at 16
I realise it will probably require root. I'm willing to try anything at this stage!
Any suggestions?

Related

[Q] Can't set default navigation app

Whenever I tap on a location (e.g., address in contacts) AT&T navigation takes over. I don't even get a choice to select a default. I disabled AT&T navigation, but this didn't help - selecting the address doesn't do anything anymore. This is all on a HTC One with stock rom.
Next I rooted the device and flashed the latest CleanROM 4.0 from 7/31. This rom doesn't have the AT&T navigator. Unfortunately, it still behaves the same (selecting an address in contacts doesn't do anything). On all of my previous Android phones I was able to select Google Maps as default. This doesn't seem to be possible with the HTC One (at least with the roms I have tried). I also tried using a default app manager without any success.
Any suggestion on how to enable google maps as default navigation up is appreciated.
Open Google Maps, select the arrow icon at the top and start typing a contact name in the destination box. It's a round about way of accomplishing the same thing you seem to be after. There's no way to set Maps as the default any longer.
Thanks jdk2. It's not a perfect but reasonable workaround.
I am wondering about your statement that there is no way to set the default anymore, though. After all, AT&T Navigator is used as default if you don't disable it. If AT&T can bind their stuff, it should be technically possible to bind other apps to it.
Come to think of it, this might be an issue just with contacts. Any other app that deals with addresses allows me to pick Google Maps.

[Q] Controlling cellular data use by app ala iOS

In the stock android main settings you can manually restrict background data for individual apps (though the settings menu prompts you that it is usually better to find the option for this within the app itself which clearly seems to be the android paradigm).
I don't see anyway though, to centrally control foreground data for individual apps. I.e. If I want an app that relies on an internet connection to refresh on WiFi only but the app itself doesn't have an option for this and I don'[t want to turn network data off completely (as I still want to use it for other apps). Other than just not opening that particular app does Android provide any way to handle this like iOS does?
Somewhat related is the new Hangouts app. On iOS I notice it provides an in-app setting to use WiFi only but the Android app does not seem to have this option (v2.3.75067996). Is there any particular reason for this? An architectural difference between Android and iOS maybe?

android guru help for settings...

Its been a while since I use android... bot now that i have switched things changed a lot. Im still at the edge if im going to return my note or not because of some annoyances im getting that i cant figure out how to fix it. Hopefully an android guru can help.
FIrst... i need some help why does all my online account signs out. If i didnt get to open them in a significant amout of time. the moment i launch the app it gonna be asking me to log in again. kinda frustrating sometimes esp when im in a hurry that i really want to check something.
Firstly: This is something that happens to all mobile devices. Almost every iOS (iPhone and iPad) users complains about this. Android is a little less aggressive in logging users out of services from apps than Apple does. But, yes, Android does time out after inactivity some login sessions, like banking, for security reasons. Some apps have a "stay logged in" option in its settings or on the login page that you can enable. While other apps choose to allow login sessions to time out. Few these apps will give you a warning about the timeout so you can delay the logout. And few apps may have a time delay without human interaction setting before logging you out (Android has this time delay without human interaction (inactivity) setting before logging you out to the Lock screen). Also some areas in an app, like Account Settings, you may need to log into separately from the main app for (again) security reasons.
What I do about this: I use LastPass (a password manager) auto-fill feature so that I don't need to type in the user name and password all the time. The auto-fill will allow you to choose the user name and password set to use for the app or site, then it auto fills the user name and password. Some apps also may allow you to use your fingerprint to auto login to an app, like a bank app.
Most Android apps should somewhere in the app have the "hamburger" menu (three lines or three dots). Settings/Options for most apps would be found in the Hamburger menu. Once you tapped onto the Hamburger menu look for and tap the Setting or Option name/icon to go to the settings for that app. There you can navigate the settings to see if there is something like "stay logged in" setting to enable. You can logout then go to the login page to see if there is something like "stay logged in" that you can check before you log back in.
Android has a time delay without human interaction (inactivity) setting before logging you out to the Lock screen. To set this go to Settings > Display > scroll down to and click on "Screen timeout". There you can choose from 15 seconds to 10 minutes without human interaction (inactivity) before Android logs you out to the Lock screen.
JaguarXT said:
Firstly: This is something that happens to all mobile devices. Almost every iOS (iPhone and iPad) users complains about this. Android is a little less aggressive in logging users out of services from apps than Apple does. But, yes, Android does time out some login sessions, like banking, for security reasons. Some apps have a "stay logged in" option in its settings or on the login page that you can enable. While other apps choose to allow login sessions to time out. Few these apps will give you a warning about the timeout so you can delay the logout. And few apps may have a time delay without human interaction setting before logging you out (Android has this time delay without human interaction setting before logging you out to the Lock screen). Also some areas in an app, like Account Settings, you may need to log into separately from the main app for (again) security reasons.
What I do about this: I use LastPass (a password manager) auto-fill feature so that I don't need to type in the user name and password all the time. The auto-fill will allow you to choose the user name and password set to use for the app or site, then it auto fills the user name and password. Some apps also may allow you to use your fingerprint to auto login to an app, like a bank app.
Most Android apps should somewhere in the app have the "hamburger" menu (three lines or three dots). Settings/Options for most apps would be found in the Hamburger menu. Once you tapped onto the Hamburger menu look for and tap the Setting or Option name/icon to go to the settings for that app. There you can navigate the settings to see if there is something like "stay logged in" setting to enable. You can logout then go to the login page to see if there is something like "stay logged in" that you can check before you log back in.
Click to expand...
Click to collapse
Well thats the problem... im using LastPass and LastPass itself is logging me out once in a while.
Okay. Let us try to fix this.
Go to LastPass app.
Go to the Hamburger menu (three lines on left top of app)
at the bottom of the Hamburger menu click on Settings click on "Security"
uncheck " Lock LastPass automatically"
There are more login settings to go for LastPass. In the same Security settings:
uncheck "Check session when app is activate"
select "Skip reprompt after login" > choose "Disabled"
select "log out when app in idle" > choose "Never"
check "Allow offline access.
Here you can setup fingerprint to unlock LastPass.
In the Security settings check "Use fingerprint to unlock".
Then follow instructions.
If you never set fingerprint reading for your Note 8, then you will need to go through that setup first.
Now restart LastPass.
The" Allow offline access" helps you prevent logging out when your device loses 4G/LTE connection. This stores your LastPass stuff in your device.
Make sure you setup App Fill in the Settings.
Hope that helps.
Thank you... Good karma to you for giving a little bit of your time to help. I hope this fixes my logging out problems.
:fingers-crossed:
Cool

Phone Number Icon or app

Hi
We run Maas360 to control approximately 200 android mobiles. One thing lacking in this MDM is to be able to populate the contacts with important numbers. We need to be able to put an Icon on the home screen of all the mobiles so that when they tap the icon it will dial a special landline number that we have for emergencies. I have looked through a lot of the dialer apps but the all seem to use the phones contacts which we don't have any control over. Can anyone think of a way we can achieve this? Currently google chrome is greyed out on the phones due to limiting them to no internet and no playstore access.
Ideas anyone?
Regards
Houndog1952

Bootloop / Rebooting when WiFi is turned on?

Hi Folks,
3 nights ago for the 2nd time only, I connected to the Internet with WiFi and I noticed some apps were being updated. Somewhere along the way Automatic Updates was reset from Off to Via Wi-Fi only. It stopped on the third.
apps_Packages info is reporting the following 3 apps, in descending Date and Time order, as being updated but they still appear listed in the screen for App Updates which is accessed from the Update Center listed on the screen for About Phone.
LG Account
RemoteCall Service
LG Mobile Switch
My intention was to to look at LG SmartWorld to see what Dark Themes they have to offer before disabling this app. I would like a System Wide theme with Black Text on a Grey or Dark Grey background.
Are themes an inherent feature of Launchers that are automatically applied to all apps?
Not too long afterwards the phone Rebooted and this would happen again after 2 or so minutes each time after I entered my PIN and started checking settings etc.
I turned off WiFi and the rebooting stopped.
I noticed afterwards that less RAM is being used by the System.
Same thing started happening again the following morning when I turned Wi-Fi on again.
Has anyone else had a similar experience?
Have I possibly disabled something that is required for WiFi to function correctly or for apps to be able to properly communicate with the Wi-Fi processes?
I had previously used the Force stop button for apps such as Gallery, Weather, My Places, Email, Exchange, QuickMemo+ etc.
There does not appear to be a Software Update to Oreo 8.0 available but the following apps are listed as having updates available. Do they need to be updated first in order for the system to "properly" check for a Software Update?
Email
Home & app drawer
LG Account
LG Keyboard
LG Mobile Switch
QuickMemo+
RemoteCall Service
Weather
What I would like to achieve is to have everything disabled as much as possible before removing the SIM Chip from my old phone and installing it into this one.
The following Apps, I want disabled, but keep appearing in the lists of Running Services and Cached Processes even after I have used the Force stop button and after every Reboot.
Email
FmService (Can this be replaced by a Third Part app?)
Gallery
My Places
QuickMemo+
RemoteCall Service
Weather
Weather Service
I want the following disabled also.
Exchange
LG Account
LG Backup
LG Health
LG Keyboard (after installing AnySoftKeyboard)
Is the only way to ensure this, without loading another ROM, to use ADB (Android Debug Bridge) and uninstall the Apps? I am using MX Linux.
I have seen various Debloat lists on this forum and there is some useful information provided via the following page.
lists · master · W1nst0n / Universal Android Debloater · GitLab
Bash script using ADB to debloat rooted and non-rooted android devices. Improve your privacy, the security and battery life of your device.
gitlab.com
For example, in the Google.sh list the following is noted.
##################### YOU SHOULDN'T MESS WITH THEM (core packages and may cause bootloop) #####################
#"com.google.android.captiveportallogin"
# Support for captive portal : https://en.wikipedia.org/wiki/Captive_portal
# A captive portal login is a web page where the users have to input their login information or accept the displayed terms of use.
# Some networks (typically public wifi network) use the captive portal login to block access until the user inputs
# some necessary information
# NOTE : This package is a now a mandatory mainline module (https://www.xda-developers.com/android-project-mainline-modules-explanation/)
Click to expand...
Click to collapse
In the AOSP.sh list the following is noted.
#"com.android.captiveportallogin"
# Support for captive portal : https://en.wikipedia.org/wiki/Captive_portal
# A captive portal login is a web page where the users have to input their login information or accept the displayed terms of use.
# Some networks (typically public wifi network) use the captive portal login to block access until the user inputs
# some necessary information
Click to expand...
Click to collapse
My phone is using com.android.captiveportallogin - Version 7.0 (24). The Disable button is disabled for this app.
Which apps should not be uninstalled with the approach I am taking to mitigate privacy concerns?
For example, is it safe to uninstall the standard Contacts (com.android.contacts) and Contacts Storage (com.android.providers.contacts) apps or are they required by some of the Third Party apps, for Contacts, in order to function properly?
Can the Messaging (com.android.mms) and Phone (Call services - com.android.phone) apps be uninstalled and replaced by Third Party apps such as QKSMS and Simple Dialer?
My current Home Screen (Home & app drawer - com.lge.launcher2) had a Time and Date and Weather widget but, even though I have removed it, the Weather apps still appear in the lists for Running Services and Cached Processes after every Reboot.
Checking the Uses permissions list of apps_Packages info reveals that the Home & app drawer has references to Email, FormManager and Weather.
Could the Email, FormManager and Weather apps be prevented being used by using a different Launcher? Which Launcher?
https://f-droid.org/en/packages/com.vincent_falzon.discreetlauncher
Which Weather apps are recommended as a replacement?
I also want to prevent all the Offers (Advertisements) I keep receiving from my current Service Provider via SMS.
Can this be done using the SIM Toolkit?
Is the SIM Toolkit an app that should not be uninstalled?
Should I do a Factory Reset and start again? If so, will I need to disable, again, all the Gulag (Google) apps that I previously disabled with the Disable button?
Which of the methods on the following page is the best to use?
How to hard reset an LG G5
According to the following page, "If a pattern, PIN, etc. is or has ever been set up on the device, Google account sign-in is required during initial setup."
I am using a PIN but a Google Account has never been configured for the phone.
LG G5 - Factory Data Reset (Powered Off) | Verizon
Here's how to factory / hard reset your LG G5 if the screen freezes or call, app, audio or sync issues occur and the device won't start up.
www.verizon.com
If I do a Factory Reset should I attempt to have the App Updates done before starting to disable any other apps?
What other information could I provide that would help to pinpoint the cause of this problem?
Thanks, M.

Categories

Resources