We just implemented Exchange 2010 at our company within the past year, and up until now, we weren't enforcing a security key for devices with Exchange accounts attached to them. Our systems team is currently implementing some security features including the required security key and a remote-wipe tool.
I tested the remote wipe tool on my Asus Transformer, which is running a custom Jellybean ROM and Rogue Recovery, and the wipe actually worked. I was a little surprised to see it work, I figured the custom recovery would cause it to fail.
Is there anyway to screw over the remote-wipe tool?
Installed Touchdown on my tablet and used the ActiveSync remote-wipe tool... Tablet data intact! The remote-wipe simply removed the Touchdown account, the tablet itself was not wiped.
This is jolly and all, but we can easily blacklist Touchdown, so it's not a true solution/workaround.
Bump.
Related
I've done everything I can think of to determine if this is a question that has been posed elsewhere - to no avail. Nothing quite seems to fit my predicament exactly (that I've found anyway - please feel free to flame/educate me if I have overlooked anything or am in the wrong thread) I am hoping you 1337 pros here on xda devs can help this poor self-loathing n00b. Apologies for the lengthy post - but it is necessary to explain my question.
I am attempting to develop an app (open source for personal use [no ads] - with enterprise edition available for a fee) that can remotely secure/locate an Android device - tablets, phones, etc -- targeted for anything running Froyo or better.
The problem I am running into is that I am unable to prevent a would-be thief from initiating a factory reset and removing the app (and it's configuration settings). I have device admin setup so that the permissions must be revoked after signing in with a username and password before the app can be uninstalled - but factory restore still wipes it.
As this would be a theft deterrent/recovery tool - relying on a thief to connect the device back to the original Google account and reinstall the apps is out of the question. I understand that if the ROM is replaced with a custom ROM (e.g. Cyanogen, etc.) it would not be able to prevent the app from being wiped - but negating the factory reset from removing the app would still be very beneficial.
Short of including the app in the manufacturer's ROM image - is there any work around to be found here? I'm at my wit's end (however limited that may be).
I am most grateful for any information you can provide - even if its bad news.
I added my S3 to corporate exchange activesync, then decided to not to use it.
Now every time when press power button, the phone show screen lock and ask for a password, and I cannot disable it under
settings -> security-> screen lock as everything is greyed out there but the password.
I have tried to
1. Delete the exchange account
2. Remove the device administrators
3. Clear credentials
I haven't tried factory reset yet, and I hope I can avoid that route because I don't want to reinstall and set up everything else.
Thanks!
ericw12 said:
I added my S3 to corporate exchange activesync, then decided to not to use it.
Now every time when press power button, the phone show screen lock and ask for a password, and I cannot disable it under
settings -> security-> screen lock as everything is greyed out there but the password.
I have tried to
1. Delete the exchange account
2. Remove the device administrators
3. Clear credentials
I haven't tried factory reset yet, and I hope I can avoid that route because I don't want to reinstall and set up everything else.
Thanks!
Click to expand...
Click to collapse
This is a little command utility I found couple weeks back to by-pass outlook exchange security policy.
What you need:
* rooted phone
* JDK ready PC (or MAC / Linux, never tried it)
Steps:
1. enable usb debug on the phone
2. plug your rooted phone to PC
3. **for windows PC** copy .cmd file and "lib" folder to /windows/system32/ or /windows/syswow64/ for 64-bits
4. double click the .cmd file and it will do the trick and then auto restart when complete.
Note:
* Not required to manually remove existing Outlook account. It should be gone after running the script
* I suppose if you already have configured exchange email, your internal storage or/and sdcard should be encrypted. You will need to unencrypt both to remove password protection, that is a Android requirement.
* Unencryption could be done before or after the exchange policy hack
* You might still be prompt to accept security policy, but it will actually apply anything.
https://www.dropbox.com/s/hj8y6popmnz3j6s/email-policy-patch-3.1.zip
Credit goes to the DEV developed this!!!!! NOT ME!!!!!
Thanks a lot! Too bad, I already factory reset my phone... but it is good to know.
This is the main reason installed Touchdown (By Nitro) on my first android phone.
That way I can use my Work Email and the admins there can only lock the Email app and cannot touch the rest of my phone.
Might want to give it a try if you need your work email.(They have a 30 day trial I believe)
DroidGnome said:
This is the main reason installed Touchdown (By Nitro) on my first android phone.
That way I can use my Work Email and the admins there can only lock the Email app and cannot touch the rest of my phone.
Might want to give it a try if you need your work email.(They have a 30 day trial I believe)
Click to expand...
Click to collapse
Touchdown worked pretty good. Thanks a lot!
I've spent the whole night trying to figure this out so hopefully the information is useful for some of of you
The usual scenario is that the phone is encrypted due to using Exchange email (eg. Corporate email) and now you can't upgrade or root it. The first thing to do is to delete that email account and hopefully the phone will decrypt itself or the option appears when you go to phone security settings. You can also try to access the corporate email via a browser and delete the mobile connection.
This worked for me previously but it doesn't now - I don't know if its because I'm using a non-stock rom. Either way a lot of people seems to be stuck with a Samsung rom as well. So you now have a phone with the exchange account gone and its restriction so you should in theory be able to removing the decryption but no it doesn't work. I don't know why as this is a basic OS stuff.
At this stage you can try to full wipe it - but this doesn't work, both through settings or CWM. The only way to sort this out is to copy / backup all your information then flash it to factory state and this means using odin and a stock rom. I've done this several times and there is no lasting issues.
I''m by no mean an expert and would be happy for anyone to correct me
Hi all,
after getting my new 99 € Fire HDX 7" and managing to root it, install Safestrap and the Nexus ROM, I am now somewhat worried about the security of the device in case it gets lost or stolen. Let me explain:
Among other apps with personal data I have my email account installed on the device, so anyone getting access to it can easily get into my ebay/paypal/amazon/whatever accounts using the forgot-password functionality of those web sites.
What one would do on a stock kindle in order to prevent this: use an unlock PIN for the screen and disable ADB. That should be sufficient, I guess, as I don't see what additional security there should be in enabling encryption except that someone could physically remove the flash chips from the device (but that risk I'm willing to take, as I don't deem my data sensitive enough for someone to go take the device apart).
Now how is the situation once Safestrap and the Nexus ROM are installed? I can still disable ADB in the settings, but on every reboot the Safestrap screen gets displayed and a thief can easily get into the Safestrap recovery and browse the files from there. Would it be possible for him to export files from there, reset a ROM to remove the PIN or do something else to get access to the system?
If so, would it be possible to enable encryption on the Kindle HDX to prevent this? Or would encrypting not work with Safestrap or even brick the device?
Is there any way to exit Ultra-Power-Saving-Mode while locked out of my S5 using recovery mode, installing some update, etc? I have a lot of development experience with several languages and tools, but not Android.
I've been using my fingerprint for access for over a year and now I have no idea what my alternative password is... since I've never used it regularly and can't find any record of it. I usually right document such things, but apparently not this time.
Unfortunately, this last Sunday while in Ultra-Power-Saving-Mode something went wrong with my phone and now it only asks for the alternative password... which I can't recall. I've used the Android Device Manager 4 times since then to reset the lock PUK/PIK. After each time resetting it, the lock screen does show the new greeting I set via the Android Device Manager, but it still asks for the alternative password... instead of asking for the PUK/PIK that I just reset.
I am suspecting/hoping that if I can somehow get my phone out of UPSM that the lock screen will allow me to use the reset PUK/PIK to get back into my phone.
So, I am asking if you know of any app that can be installed remotely that will allow me to get my phone out of UPSM? Or, if there is any way to get it out of UPSM by rooting the phone, but installing an ADM update, etc.
Normally I would just do a factory reset because everything is synced up to my Google account. However, apparently my SD card, which was my primary storage, filled up on May 2, so everything since then has been stored on internal memory and thus will be lost if I do a factory reset. I've taken a lot of pictures and video of my 2 1/2 yr old boy and I am trying to avoid losing everything since May 2.
Thanks for any help.
rjlyders said:
Is there any way to exit Ultra-Power-Saving-Mode while locked out of my S5 using recovery mode, installing some update, etc? I have a lot of development experience with several languages and tools, but not Android.
I've been using my fingerprint for access for over a year and now I have no idea what my alternative password is... since I've never used it regularly and can't find any record of it. I usually right document such things, but apparently not this time.
Unfortunately, this last Sunday while in Ultra-Power-Saving-Mode something went wrong with my phone and now it only asks for the alternative password... which I can't recall. I've used the Android Device Manager 4 times since then to reset the lock PUK/PIK. After each time resetting it, the lock screen does show the new greeting I set via the Android Device Manager, but it still asks for the alternative password... instead of asking for the PUK/PIK that I just reset.
I am suspecting/hoping that if I can somehow get my phone out of UPSM that the lock screen will allow me to use the reset PUK/PIK to get back into my phone.
So, I am asking if you know of any app that can be installed remotely that will allow me to get my phone out of UPSM? Or, if there is any way to get it out of UPSM by rooting the phone, but installing an ADM update, etc.
Normally I would just do a factory reset because everything is synced up to my Google account. However, apparently my SD card, which was my primary storage, filled up on May 2, so everything since then has been stored on internal memory and thus will be lost if I do a factory reset. I've taken a lot of pictures and video of my 2 1/2 yr old boy and I am trying to avoid losing everything since May 2.
Thanks for any help.
Click to expand...
Click to collapse
Only option I can think of would be to install TWRP custom recovery and use the built in file manager to rename the UPSM app. This wouldn't work if you have an ATT or VZW model, as the bootloaders are locked down, not allowing installation of TWRP, but pretty much any other carrier model should be fine.