Lets say I want to enable disk access to "drives" (a great software product to display dive space utilization), I can not do so there is no way to do so as I get a message "Screen Overlay detected", of course it is detected I have over 10 apps that require it, if I disable it they do not work PERIOD. so I need to have it enabled, nut then I have many apps that simply do not support Marshmallow (6.0) at all as a result. I can not understand why there are not more complaints and fixes for this as I'm basically stuck I have apps that require overlay including my dialer and I have apps I need that I can not use if overlay is enabled!
One work around I heard of was to boot into safe mode and run the apps there, but in safe mode I can not run any third party apps (so I can not execute those that I need to overlay disabled to set a permission.
I need help, either to fix the overlay prompt (simply put at this point security be damned I'll live without it I need the software to function), but searching and searching I've yet to see any solution or even suggestion beyond safe mode, which does not let me execute the software I need to fix, other than down grading (which does not help since at some point I'll need to move to 6.X), how does one fix the very annoying and Android breaking issue of overlay?
I just do not understand how Overlay a very necessary feature is also able to break many apps, including a few that require overlay themselves. I'm completely confused and sick of wasting time (hours at this point trying to figure out how to get around this).
Thanks,
ERIC
Related
Hi,
I try to be as brief as I can but I'm known to write "walls of text". Please, I really try to write differently but it always ends up with at least one A4...
I need some input from you who have vastly more knowledge then me, I have a few pondering's that I need to ask if they hold or not.
As you know I'm "rusty" in my knowledge so I have been reading up. Especially on SELinux.
I have a Note 3 that is plain vanilla and 2 days ago I got an "SELinux rules update #16". Didn't know how to take a screen pic of it. Sorry.
Did anybody else get that? I didn't even saw that there was a way to turn it on/off.
I know that SELinux is a bunch of text-files. It's making a MAC-solution for the kernel and can hinder you from accessing parts in system-space.
If can control all vital functions in user-space, including fs, files, sockets, network, processes and run own processes without disclosing them to
you as a user. They are simple text-rules. Pretty straight forward.
Made a "wall of text" -- > http://forum.xda-developers.com/showpost.php?p=48287600&postcount=1392 again.
I'm sorry if I c/p some from that, you can just sift it through if you feel for it
This is from their own White-paper on Knox:
Secure Boot requires the device boot loader, kernel, and system software to be cryptographically signed
by a key verified by the hardware. Secure Boot uses X.509 certificates and public keys which are embedded
into the boot loader of the device. A secure hash of the certificates is fused into hardware Read-Only
Memory (ROM) at the time of manufacture. The Secure Boot loader will only continue if the authorized
secure signed binaries are present. Next, Secure Boot verifies the cryptographic signature of the Linux
kernel and system image before handing control to the OS.
So they boot-loader contains the SELinux and it won't boot if it's not verified for a cert in your phone.
This has been planned for a long time.
Since I don't have any I9505 but and I9506 (that only has one bootloader so far. Knoxed) I need to ask a few questions to see if my assumptions hold or not.
Q1: Is it true that if you upgrade to a Knox-bootloader never can downgrade?
Q2: If you trip the Knox-flag can you do that or is it still impossible?
Q3: Can you while already having a Knox-bootloader downgrader WITHIN the Knox-bootloaders?
Good and bad
Bad: They can have your Prog->serial that you signed in your store->You. Sinister, as I think Knox is this is bad.
Good: It's still a PROM. There might be some way to read from it. Next year Knox is totally integrated on a chip, black boxed, WITH E-FUSE.
Then we are toast and can all buy a HTC...
If Q1 holds then you always have a boot with SELinux. The bootloader fit's a kernel just fine, right?
I get a strange error on my phone. It's saying I have space left on my device but when I try to download from Play it says I'm out of space.
Q4: Is this a know bug? Is this software? Have anyone had it before Knox?
I took and started to read a bit on Wikipedia. It's good sometimes for quick info: Selinux,
So it's a container basically. I also stumbled over this baby: NSA SEAndroid
So this leads me to some other questions.
Q5: Could it be possible that the device is virtualized?
Q6: Do we have some programs that can go deep into the system and pick up system info?
Q7: Does all custom kernels work after the Knox (with the flag tripped of course). Where are they loaded? The bootloader or somewhere else?
It's hard to know if you ARE virtualized but not impossible so there need to be some comparison between a pre-knox and knoxed device. I don't own any.
So I ask here is anyone does?
Q7: Has someone verified that it refuses to boot the pre-Knox bootloaders with or without trippning the flag?
Because it would make perfect sense. We have the hardware for it for sure. They are still chit-chatting about their bootloaders and warranty and that is
something I don't have to care about since I have written permission to flash away, as much I want from my cell-provider.
So I don't know if this is just a wild theory of mine or not but I started to wonder why the enforcement and the total lockout when it comes to the bootloader.
If what they also say in the White paper is true then there is no way that we CAN make a non-Knox boot, can we?
Privacy wise this is also a catastrophe. They can connect the device directly to you, with targeting, for instance, a grouping of some kind. Good or bad.
Up to the ones that controls the phone, right?
So sorry for maybe obvious questions but I though that here, if anywhere, if the place to asked them.
Oh, another thing, I stumped over this one when I was researching why my Windows was desperately making contact with the standard 6to4 replay
that there is a written about. I see that it does that over and over (among trying to make a tunnel through ICMP when you turn on Skype). Caught them on that.
This one: Geoip Locator
How does it show at your place? I've turned off all my localisation platforms. Hard. I even run behind a VPN.
But when I run it in Chrome (where I should have it turned off and are behind a VPN it's waaay to close).
In FF you can turn it off with the about:config --> geo.* and put the value to false the the address to localhost.
But I did the same in Chrome but it's still leaking.
When it comes to IE. If you have your "Localisation policy" set to "ON" you can turn it off in IE. If you disable it it's greyed out (I have Win 8.1).
Think I'll soon move to BSD totally....
All the best,
Abs
Hello there!
So I purchased the strangest "Android Phone" I've ever owned in the form of an iPhone case. Some folks around here probably know about this but for those who don't:
https://item.jd.com/3254140.html
It's essentially a phone within a case but minus the screen, camera and various other things. It "borrows" them from the iPhone itself. Anyway! As cool as that is (and I still think it's super cool in a geeky kind of way)... the issues I'm having are:
- I can't root this thing no matter what I try!
- I can't find the option within Developer Settings to enable ADB debug mode (I suspect either a build.prop value disabled it or I've got a modified settings app.)
- I can't get Play Store installed on the thing.
It's a straight from China device so it's tricky to setup and use but I've just about managed it for the most part. As I say - the main problem is I can't root it so I can't install Play Store (I've tried the "no root" options but they seem to force close and/or be unable to connect to google services despite the fact that the /system/etc/hosts file only has localhost in it.)
Any help would be greatly appreciated and I'm more than happy to tip anyone who manages to help me get this thing rooted or at least running Play Store in some other way!
Thanks!
Managed to root it - info over at:
http://forum.xda-developers.com/android/general/mesuit-i6p-iphone-case-runs-android-t3463757
Sorry if this is in the wrong location, if it is please let me know where to move it.
So the story goes I found an Amiibo Kiosk at my apartment dumpster. It was originally designed to run a single app meant to be interacted with by customers and a settings app meant to be accessed by a technician and nothing more. Using adb I managed to get into the /actual/ android settings menu instead of the custom "CSR" one that you can access by pushing some buttons on the back and perform a factory reset. If you need more information I documented everything I did here: https://forum.xda-developers.com/android/help/commercial-grade-android-tablet-issues-t3594279 the post is at the very bottom.
It's a giant 18.5 inch 720p commercial tablet from DUCO meant to be mounted in customer-service kiosks: (product page) http://www.ducotech.com/product/18-5-android-based-720p-hi-def-lcd-media-player/
I sideloaded arrow launcher, aosp keyboard, google chrome, and a stripped-down youtube front-end so it can be used as an actual tablet. Unfortunately Google Play services in not supported on this device (although I could probably spoof it as an officially supported device to make it work, but I want to fix my biggest problem first.)
My problem is that after a pretty consistent amount of time it unceremoniously black-screens with a pop from the speakers, then starts back up. I logcatted it and it shows nothing but wlan polls and ram cleanup before it shuts down, however I'll include it anyway since I'm sure that'll be the first thing anybody asks for.
My best guess is that there is some kernel watchdog resetting it since it's not being tickled by DUCO's CSR app that is normally installed when the system is sitting on a salesfloor.
Is there any way to check for this and/or disable it?
Additional info:
Running Android 4.1.1
Sun4i architecture
I attempted to install Busybox, but the tablet resets itself before Busybox can finish installation.
Logcat is here since the logcat.txt is a few kb too big to upload.
How did you get PowerShell to accept the line code. It errors everytime I type the codes you are recommending
Alright, here is the deal, I'm planning to upgrade my mom's phone, thinking about Nokia 2.2.
I want to severely restrict phone's ability to do things. Phone should be essentially frozen in time. She breaks any electronics in ways that boggles my mind. And unfortunately I don't have physical access to her devices.
I'll install set of apps that she can use. Set up phone properly with her google account. But beyond that, she shouldn't be able to:
1. move icons around.
2. Change anything related to the phone appearance, language, keyboard etc.
3. use most of the settings. She'll change screen brightness / volume at most.
4. install / remove any software.
Other than that, updates should work (both android and apps)
Ideally I should be able to access her screen remotely.
Looking for apps that can do that. I can custom rom flash/root/whatever the phone, so both google play solution and more hacky ways are accepted.
I have a multi-boot touch screen enabled machine running Android as one of the partitions. I like the idea of transitioning from Android to ChromeOS, but I have to have use of Android apps. The Brunch project has given me a way to install ChromeOS and seems to work extremely well for what I need. But there are a few ChromeOS quirks that keep me from making the swap. Search seems to indicate they are not solvable at present, but maybe this community can help.
1. The biggest issue with ChromeOS is its insistence that I login using my full Google password every time. The Android (or ChromeOS) partition would not be my main driver, so simply sleeping is not a feasible option for me.
a. Is there a way to mod chromebook to login from cold boot using a PIN? And if so, would such a mod survive updates? Sorry, I'm pretty sure that's a hard no, but it's worth asking.
b. Alternatively, I think I could get this to work if I could hibernate (suspend to disk) to work. I know suspend to disk is not part of the nominal use case of chromebooks, so maybe it's not even supported? Either way, I'm struggling to fine resources for it. If that worked, then I think that I could simply login with a PIN most of the time.
2. Brunch includes a great mod to allow tablet mode to be turned on/off by way of terminal. What would be better is to have a link to a script that could toggle with a tap (or maybe two). But I don't see a way to run a script for android terminal without going into terminal. Is there a way to run scripts without having to switch to the terminal? Bonus points if I can give that way an icon and stick it in the dock.