I've done everything I can think of to determine if this is a question that has been posed elsewhere - to no avail. Nothing quite seems to fit my predicament exactly (that I've found anyway - please feel free to flame/educate me if I have overlooked anything or am in the wrong thread) I am hoping you 1337 pros here on xda devs can help this poor self-loathing n00b. Apologies for the lengthy post - but it is necessary to explain my question.
I am attempting to develop an app (open source for personal use [no ads] - with enterprise edition available for a fee) that can remotely secure/locate an Android device - tablets, phones, etc -- targeted for anything running Froyo or better.
The problem I am running into is that I am unable to prevent a would-be thief from initiating a factory reset and removing the app (and it's configuration settings). I have device admin setup so that the permissions must be revoked after signing in with a username and password before the app can be uninstalled - but factory restore still wipes it.
As this would be a theft deterrent/recovery tool - relying on a thief to connect the device back to the original Google account and reinstall the apps is out of the question. I understand that if the ROM is replaced with a custom ROM (e.g. Cyanogen, etc.) it would not be able to prevent the app from being wiped - but negating the factory reset from removing the app would still be very beneficial.
Short of including the app in the manufacturer's ROM image - is there any work around to be found here? I'm at my wit's end (however limited that may be).
I am most grateful for any information you can provide - even if its bad news.
Related
I just got my Atrix yesterday, I seem to have the issue where it wont successfully log in to google talk which also means that I cant download apps. I've tried making a new account which also failed to work. Are there any ideas out there for how I could fix it?
Can anybody help me?
I had the same problem and figured out that it was Droid Wall keeping Gtalk from connecting. Make sure Talk can access the network freely.
Sent from my Nexus S using XDA Premium App
Real solution
Gibsonflyingv said:
I just got my Atrix yesterday, I seem to have the issue where it wont successfully log in to google talk which also means that I cant download apps. I've tried making a new account which also failed to work. Are there any ideas out there for how I could fix it?
Click to expand...
Click to collapse
After cloning a samsung gio s5660 through a CWM backup I started experiencing the same issue. Heres What REALLY happens.
Google authenticates you in their services trought unique "keys" which are automatically generated upon system installation / factory reset, so if you clone your device or install a rom which has these "keys" pre-installed, obviously, your rom will only autheticate you in google servers if your phone is the only one using the service at that given time... Upon failure, your phone assumes to be the one who's wrong, and google servers won't autheticate you until you either tell your phone he is not wrong (by deleting the data from play store, which resets its status and errors) or you change the "keys". SO, what can we learn from this? deleting the play store data IS a temporary solution, and won't solve a thing. Let's delete the duplicated keys shall we?
Navigate with your favourite folder explorer on your android (I use X-plore, you can tell me anything, there's nothing better) to the following directory:
- "(root)/data/data/com.google.android.gsf"
Now you have two real options, either you may delete the all folder, which was the perfect solution for me, since my rom is prepared to re-create it upon phone restart and new keys will be generated, OR, you might want to just delete the contents of app_sslcache inside com.google.android.gsf whish are THE KEYS I HAVE BEEN TALKING ABOUT THIS ALL TIME, YEEEIHHHH and reboot your phone...
Needless to say, take a nandroid backup before you do any of this...
Thank me later
For those who remember me from symbian s60v3 phones, yes, it is me, I'm back, and I've moved to the droid world, it's much better indeed
Let me just say, I have no idea why this thread was moved or resurrected. Whoever did so was about a year and a half too late. Please close/delete this thread.
I've spent the whole night trying to figure this out so hopefully the information is useful for some of of you
The usual scenario is that the phone is encrypted due to using Exchange email (eg. Corporate email) and now you can't upgrade or root it. The first thing to do is to delete that email account and hopefully the phone will decrypt itself or the option appears when you go to phone security settings. You can also try to access the corporate email via a browser and delete the mobile connection.
This worked for me previously but it doesn't now - I don't know if its because I'm using a non-stock rom. Either way a lot of people seems to be stuck with a Samsung rom as well. So you now have a phone with the exchange account gone and its restriction so you should in theory be able to removing the decryption but no it doesn't work. I don't know why as this is a basic OS stuff.
At this stage you can try to full wipe it - but this doesn't work, both through settings or CWM. The only way to sort this out is to copy / backup all your information then flash it to factory state and this means using odin and a stock rom. I've done this several times and there is no lasting issues.
I''m by no mean an expert and would be happy for anyone to correct me
NOTE:
This is a very basic guide only for newbies like me.
I'm not a developer or something even near to that. All information provided here is copied from different sources and according to the best of my knowledge. I'll not be responsible for any harm to you or your device. Try it on your own risk.
Any additions or corrections are welcomed.
Note: Unlocking Bootloader and Rooting breaks "Verified Boot". It can be dangerous.
Unlocking bootloader:
Disables signature checking of boot image and recovery image
Allows all fastboot commands to be executed
Zeros out /data partition i.e. filesystem is erased and then regenerated on next boot
To know further: BOOT PROCESS: ANDROID vs. LINUX
As compared to iOS, Android is considered less secure OS because it's an open source project and a large number of developers are involved contrary to iOS where things are kept secret. We can face two types of threats regarding mobile security:
Data theft or loss when using mobile phone.
Different types of malware (spyware, adware, bloatware, ransomware, worms, trojans, virus, cookies) or a hacker can directly attack your device to gain access to your personal data like contacts, pictures, credit card information or even can note your habits and then forcefully show you ads etc. Sometimes the purpose is just to harm you, rather than having some benefit. To avoid this:
Keep your phone as simple as possible. Avoid installing apps from unknown sources particularly KeyGens and cracked / pirated / hacked apps and MODs offered free of cost. Use an app store like PlayStore to install apps which provide security somewhat.
Some stock ROMs (manufacturer's operating systems) contain bloatware (unnecessary and suspicious apps) running as an app or in background. Try removing as much of these as possible by uninstalling or freezing or at least restrict their permissions and internet access.
In Android 6 and above, apps ask for permissions from user when run first time. Allow for these permissions carefully. Check your list of apps auto-starting up and running in background as well as accessing storage and phone / sms etc.
Permission regarded as "Normal" by Android cannot be revoked by simple means e.g. you can restrict an app's INTERNET permission. Either use a third party trustworthy permission manager or at least review the list of permissions requested by an app at install time.
Use some firewall app like AFWall+ to block hidden internet access of apps to internet.
If your phone is rooted, try to avoid granting root access to as less apps as possible particularly those from uncertain sources.
Use some anti-malware or commonly known antivirus app in mobile phone which can scan and filter apps, attachments, links, emails, sms and webpages etc. There are numerous paid and free apps available for the purpose, though most of them are themselves promoting some kind of malware for business purpose. av-test.org is a good place to start with selection.
Data theft or loss when phone is lost or stolen
In this thread I'm focussing this part and giving here a few technical tips and measures you should always take that can help you keep your data, device and yourself safe in case if your device is LOST or in case of THEFT. Otherwise your device and your data can be accessed and misused.
The very first vulnerability of our data to theft and misuse starts with the Unlocking of BootLoader which is locked by default for security on most of the new devices. Unlocking BL makes it easy to flash custom recoveries, kernels and ROMs. That's why, the internal storage can be accessed from any custom recovery or device is factory reset or new OS can be installed for a fresh use. Therefore vendors are making it harder and harder to unlock BL without proper authorization. Personal data is also prone to wrong hands due to insufficient security measures on device as explained below:
DATA PRIVACY
Always keep Screen Lock enabled (with PIN or Password or Pattern).
But keep in mind, this option alone is of no use. It takes only a minute or two to remove screen lock protection if a custom recovery is installed or BL is unlocked / unlockable.
Always use Internal Memory of Phone to store personal data like pictures, contacts etc.
External memory (SD cards) can be removed from device and easily accessed from computer or other devices. They aren't erased usually in case an app tries to erase data in case of theft. Also, Android doesn't offer encryption of SD cards by default. A few custom ROMs offer this feature or you have to use a third part app for encryption. Built-in kernel module dm-crypt is used by AOSP for full disk encryption (FDE). A similar service is needed which auto-mounts your memory card at OS boot. Good examples of encryption at filesystem level are EncFS and CryFS which offer a stackable transparent encryption with virtual filesystem. An easy way to implement EncFS on Android 5- is explained here.
However, in Android 6.0 and above, external memory swapping with internal memory is offered called adoptable storage. That's relatively more secure because it makes SD card not readable by other devices (at least not easily).
Old Devices with Low Internal Memory - in this case instead of putting personal data on SD card, try using SD card's 2nd partition to link apps & their data to SD card by Link2SD and keep your personal data on internal memory.
However, Link2SD may slow down your device or can be a battery hog. In this case, use Third Party Encryption apps to encrypt your targeted data instead of encrypting whole /data partition. There are numerous apps like KeepSafe which is more useful if you combine encryption with cloud backup or online synchronization. However, be careful while selecting app. The app can fail to protect your data online or it can itself misuse your data. Otherwise, any app like ES Explorer or Solid Explorer can be used to keep data encrypted.
In case of third party encryption software, you must be extra conscious of your data. Sometimes sensitive data is hidden (apps data or due to .nomedia) like WhatsApp Sent folders. You have to take care of all this manually. It's really a hectic job.
Encrypt Internal Memory (particularly if BL is unlocked).
It's because and attempt to unlock BL erases all personal data on internal memory (not external SD card). However, it may not always be true. So keeping Internal Memory Encrypted always promises more security. An un-encrypted internal memory can be easily accessed from custom recovery.
Performing these steps makes your data quite secure and not vulnerable to easy access.
DATA PROTECTION
Data Recoverable - use local / online backup of your data. Read here how to do that.
Wiping Data
Bootloader Locked - so that there is no chance of flashing custom recovery and then accessing data from there or through ADB. As stated above, unlocking BL will erase data but it's not always true. So, this option alone cannot be relied on.
There are chances of wiping data if you use some anti-theft app. Android Device Manager (ADM) is a built-in app on all Android devices that suffices the basic needs of an anti-theft app. A Google account on device is mandatory and ADM must be enabled from settings i.e. Device Administrator. You can use Google Find My Device anytime to Locate (Location services should be enabled on device), Play Sound, Lock or Erase your device. Obviously, device should be connected to internet for ADM to work.
However, you may use any third party app with rich features (also SMS based).
Rendering Data Useless - as stated above, using Encrypted Internal Memory only for personal data makes it secure and hard to read by others, even useless.
DEVICE SECURITY
Device Recoverable
As stated above, there are chances of device recovery if you use some anti-theft app.
Keep your phone's IMEI number safe. Your Mobile Network Operator along with the help of police can trace your device whenever it's switched on unless its IMEI is tempered.
Rendering Device Useless
Bootloader Locked - so that there is no chance of flashing custom recovery and then flashing new ROM.
OEM Unlocking disabled - so that Bootloader can't be unlocked without proper authorization.
It can be disabled from ROM settings menu on Android 5.0 and higher devices (if found).
Factory Reset Protection (FRP) - so that after resetting device from recovery, device can't be logged in without already linked Google account. This is implemented by a separate partition named FRP or CONFIG or PDB (on Intel devices) or something else which saves information of last logged in Google (or OEM) accounts. This partition is not reset on factory data reset by stock recovery. So, if bootloader is locked and set unlockable in Developer Options, one can't flash custom recovery to erase FRP partition. He will be stuck at login screen permanently.
So a working Google account on device is mandatory. It works on some Android devices with Lollipop 5.1 and higher. However all vendors don't implement this security feature in their devices. Some use their own similar feature e.g. XIAOMI links your device to MI account.
Additionally some OEM's don't allow unlocking of bootloader without permission from OEM to ensure more security i.e. contents of partition[/URL] "devinfo" are signed by the OEM and can't be modified without their approval. After having permission, an official method is provided to unlock BL using PC.
Hi, i need help and i hope that someone here can help me, im currently infested by a virus or malware that keeps on coming back, it never stop it always install itself
and it has the capability to
1. read phone status and identity
2. location
3. modify/delete contents
4. find accounts on device
5. download files WITHOUT notification
6.retrieve running app and run at startup
7. draw over other apps
8. read sync settings
it looks very dangerous it could steal info from my phone, based on my research those who are infected by this app also receives msgs with links and it seems that the phone itself created that message and sends to itself
right now i have no idea on how to remove this problem, also rooting is impossible currently because my phone is not supported on any rooting services and i yes i tried everything, emailed them if they supports rooting my phone and they all say no.
i was able to grab a copy of the enginee app in apk format maybe someone is interested on simulating it on an emulator (im doing it right now actually)
wow, very friendly "developers"
The other day, when I went to use my phone it gave me a page focused on accepting terms and conditions. I was unable, via restart, turn off and start, etc. to clear that page. It also didn’t reference T&C’s for an app. Long story short, it was the terms and conditions for initializing a new phone; in other words, my phone had been reset.
After nearly a year’s use without issues, I don’t have any idea what caused the phone to reset. My best guess is that it was 3-4 days after an OS upgrade, but I would have expected it to fail then immediately after the upgrade.
At any rate, I also discovered that my backups were incomplete. Samsung Notes was not backed up via Google or Samsung and more recent photos were not backed up. So, my question is whether or not either can be recovered with file recovery software or some other means. I tried Recuva; however, I don’t think it sees the phone as a drive. There’s a fair bit of sotware listed on line that claims to be able to recover files if the phone is rooted.
Do those apps really work? Also, what I am reading about rooting an S21 is that is will perform another wipe of the phone which seems to raise the risk of complete data loss.
Also, has anyone tried this on a newer phone: https://forum.xda-developers.com/t/guide-internal-memory-data-recovery-yes-we-can.1994705/ ? The headline at the top suggests it will not work: "This method does not seem to work on newer phones that apply TRIM or some other type of partition clearing implementation. If anyone has recovered their data on a device newer than Android 4.3 please pm me and let me know."
Please give me some advice on this. How might I try to recover the Samsung Note files and the photos?
It was suggested to me that Android and/or Samsung deliberately overwrite/wipe the internal storage upon reset. If that's the case, its very likely that anything can be recovered. Does anyone know whether that really happens?