I often give out loaner phones and recently have had a wave of theft and damage to my devices. I need a way to make for say a limited profile on devices that will not allow borrowers to delete my tracking apps and preferably a way to remote wake device... I have multiple devices so this is not specific to just one device. Been thinking maybe tasked would help me achieve this?
There is nothing you can do with the state of Android. A simple factory rest or flash will remove anything you may do
Related
Ok so this is a question for lets say hardcore developers, lately Ive taken an interest in android security after the Snowden revelations, (not that any of us have anything to hide), but mainly due to the simple principle of privacy in the digital age... anyhow in my research ive found various ways and sites that can help harden ones security on android , and there are also tools that have been developed to purposely get around these same security precautions on android. My question is to various developers that design security related apps, those who design custom recoveries (TWRP, CM, etc), and even those that work on fastboot (Google).
1) I know there are plenty of apps that are made for security, but are developers sure they are cleaning up (read "wiping ram, on say an app FC, a reboot, or upon receiving a fastboot request from a host")? In the age of NSA and everyone else wanting all in your business, are developers making sure that keys, and other secure info is destroyed, and not still in memory or God forbid in some file on the SD card?
2) Is there any way to make/modify the bootloader so that before you could even get to the bootloader menu (ie. fastboot/recovery/boot/etc..) the bootloader either nukes the entire RAM or fills it with random data? Granted there are always ways to get to ones data, but i was just wondering if there was consideration for the lifespan of said 'security' once one is done with some secure app are the keys tossed(?) ram cleared before deallocation, etc?
3) And... in the interim is there a way users can auto clear/wipe deallocated RAM and SD/internal storage space (as well as within the system area on rooted devices) every so often using something like the Tasker app, remote wipe or something similar?
@steve_77 RAM (at least the RAM we have in phones at the moment) is volatile, meaning it only retains data when powered, therefore there's no need to go to any lengths to wipe it. A reboot will do that. Besides, if any data is being loaded into memory at all in the first place, the NSA probably already have it . Just kidding of course, if you have measure in place already like encryption; I don't think it's possible to retrieve data from memory like that anyway, but I'm no expert.
I understand that the measures mentioned are extreme, but there is already a way to break encryption via reading the keys out of the RAM as outlined in the link provided in the previous post from a German university that was able to do it.
I'm sure this is also not the only type of tools designed to hack into peoples phones and bypass encryption, but if exiting an app does not erase/wipe the RAM allocated to that app, all that data is up for grabs. Sure in this particular case someone would have to physically have your phone, but what if there were some new way, say in the future that could use some sort of exploit to access your data, and what can be done now to mitigate this potential pitfall and make our phones more secure?
Rooted your device, but it may have side effects !Does your phone really shutsdown !Next time you turn off your Android phone, you might want take the battery out just to be certain.
Security vendor AVG has spotted a malicious program that fakes the sequence a user sees when they shut off their phone, giving it freedom to move around on the device and steal data.
When someone presses the power button on a device, a fake dialog box is shown. The malware then mimics the shutdown animation and appears to be off, AVG’s mobile malware research team said in a blogThe malware requires an Android device to be “rooted,” or modified to allow deep access to its software. That may eliminate a lot of Android owners who don’t modify their phones.
But some vendors of Android phones ship their devices with that level of access, potentially making it easier for the malware to get onto a device.SO be careful about the rooting !
How would it be possible to make an android phone run my app on startup and not let the user out of the app unless they use a password
The device is created for our app.
Not sure about from start up, but you can use the screen pinning function in Lollipop or if it's running an older version of Android then you would need to create a kiosk type app.
Good luck!
There are 3 well known 'kiosk' apps available. They are all capable of doing what you want to a greater or lesser degree. (Kioware, Mobilock and Surelock ....others are available). The problem for you is the cost, if you intend to scale up your devices. If you are putting your app on a $20 Chinese tablet, then these apps listed above all want another $15 or so to install, which doubles your costs!
I'm looking at a similar problem, and I think the true answer is a specialist ROM with most of the opsys actually stripped out. Only problem with that is...... that it is WAY beyond my talents and abilities! I would be enormously interested in how you get on (without needing to know your application specifics). Keep in touch?
Paul
Howdy, folks. I hope someone can help answer this question. Mods, if I posted this in the wrong section, please relocate.
I'm helping a friend who is expanding his business by hiring 3 field sales reps and they need to be provisioned with smartphones and tablets for doing quotes, reviewing e-blueprints, accessing email, and so on. So, that's six devices in question, with more to come.
There's a question about whether iOS or Android is the better platform for what we're gong to need. Yes, I know XDA is Android-centric, but this decision isn't about what I want to do, but about what's right for his business. So, your honest input is appreciated.
Essentially, what I think we need is an ACL Management utility of some sort that will support these functions:
Remote access to configure devices in the field
Track and 'nuke' devices if lost/stolen
Remote backup of data/settings
Remote install/configuration of apps by managment
Enforce password protection
Good antivirus/malware/firewall software(?)
Prevent users from installing or deleting data/apps
Prevent users from changing settings
Though I have some technical skills, a 'dashboard' style interface to manage the devices and set a group policy would be preferred. I am aware of Android Device Manager, but I was unable to determine if it will do all of the above that we need.
If you think I've left anything out, please let me know.
Thanks in advance for your help!
Hello there!
I use a Motorola Moto G6 that's running on Android 9 Pie (Build no. PPS29.118-11-1) and I was wondering if there was a way to block certain apps from being installed on my device by their package name. I want to be able to do this for the same reason I use very strict settings on Digital Wellbeing: self control.
I know that you can install and block apps and I know that you can use parental settings on your phone but that simply won't help in this situation. I'm also aware that an app with these capabilities might not be available. My question isn't if it's possible now or with the utilities currently provided through apps developed for my Android OS; I'm trying to figure out if it's possible to block apps by their Package Name in any way and if it's impossible to make (in theory) an app that can do it.
I'm not sure how it can be done. Can it be done by having an app that reads through an app that's attempting to be installed and generates bricked app directories where it should chuck out the app's resources so it can't be installed? Maybe. Can it be done by cancelling the installation request of an app that has a Package Name matching one inputted into a list on the hypothetical app in question? Not sure. If anyone knows the answer to those two proposals or has their own suggestions, please do your best to answer my post and keep in mind, this has to be done without the phone being rooted.
An additional but important factor: this is about self control. I can easily bring myself to not remove or otherwise disable restrictive measures on my phone, but I'd like to know if I can make it so that you cannot remove a Package Name that has been blocked in the phone no matter the method used in the first part (other than uninstalling the blocker app, of course).
Regards,
Yoki Aza