I went through my Heros settings and found that in "menu>settings>applications" theres a check-box named "unknown sources" which while checked allows install of non-Market applications.
Why is there such a setting? Since Android OS is open-sourced, isn't the whole point that everybody should be able to upload apps to the Marketplace without Google having to accept them first? If it is like that, why wouldn't all apps be on the market place?
The only reason i see for this is so that you would be able to install apps that Google wont allow, but if they don't allow the app, why would they have a setting so you can install it?
Please tell my why there is such a setting.
Thank you /nofowuw
my only guess is that that setting is equivalent to a Release of Liability form. Any damage caused by apps installed from external sources, not on the Market where it can be rated and commented upon (maybe filtered too?) cannot thus be blamed on Google?
nofowuw said:
Why is there such a setting? Since Android OS is open-sourced, isn't the whole point that everybody should be able to upload apps to the Marketplace without Google having to accept them first? If it is like that, why wouldn't all apps be on the market place?
Click to expand...
Click to collapse
The fact that Android is open source has absolutely *nothing* to do with the Market. There are many reasons why a developer might not want to put their apps on the Market - a core consideration might be that they want to sell their apps, but paid apps are not available in their region, so perhaps they want to use a different distribution method.
Similarly, in some regions, Android phones do not ship with the Market app at all, presumably because Google charge a licence to ship their closed source apps.
Regards,
Dve
google does not check the apps in the market. every app comes to the market, but there is the self-controlling mechanism: if several users complain about an app (and rate it bad) it will be taken out of the market. also you wouldn't install an app that has 1 star and several warnings in the comments. this way you can be pretty (not 100%) sure that the app from the market won't harm your phone. last but not least through the market it can be tracked down to the dev who created the app.
now if you download an app or someone sends it to you all that is gone. no user ratings, no comments, no dev. this is why you have to check that box when you want to install apps from other sources...
ohh, ok... umm.
So how do you install these applications? Just put the application-file on the SD and the phone does the rest? Is there any community that host a library of apps to download?
Since i live in a non-full market region and cant buy apps, i guess this can be usefull for me
This is my first post, so hope to get some good replies here .
Lots of Android users complain about a few issues related to Google Play.
a) country restrictions
b) access to paid apps
c) access to "device-specific" apps
For me, I'm really curious about how the Google Play app is creating these restrictions. I've noticed that Deeco7 and xinfinityoO have created mods to the stock APK in order to help people get around these restrictions and access more apps.
But how is Google Play specifically running its restrictions? I know one small part of device authentication comes from build.prop's ro.build.fingerprint. But does anybody have a good explanation for the overall restriction/authentication process? What is it about apps like MarketEnabler that allow (or not be able to allow) devices to circumvent Google Play restrictions?
Officially, manufacturer firmware builds need to pass Google CTS tests in order to get a "license" to use Google Play. Not sure if anyone knows whether or not an authentication key is signed for a particular device once it passes CTS, and if that plays a role in granting specific Google Play app access.
Look forward to any helpful facts.
Hey all,
I'm the proud owner of a Samsung Nexus S (sadly the i9020a model, though). I was forced against my will at gun point by someone named Jealousy to install ICS (4.0.4) on my i9020a when it was released for all other Nexus S devices except for the US AT&T version of the phone.
Anyway, love the ICS and absolutely love the ROM I'm using (Brainmaster's stock ICS, w/ Supercharger V6 and a number of other goodies). But I was a bit confused today when I opened my phone and noticed a recently downloaded APK called "update.apk". Looking at it's info, it's name is "com.android.fixed.update" with no author, developer, and minimum version of 0. It weighs roughly 40kb and is not associated with the market, so I'm going to have to disable my "Market-only" settings in order to install it, otherwise it was about to install itself.
I was wonder what it might be. With no other information, I'm a bit hesitant to install it. The only permissions it asks for is Network Access and Start on Boot.
I thought just maybe it was an OTA from a developer (maybe even Brainmaster) but I wasn't exactly sure what kind of access or ability non-service providers had to OTA functionality and what not. (I suppose, if it can probably be modified with some effort, seeing as the source is available...)
Anyway, hoping to hear your thoughts on it. Google showed ONE result for "com.android.fixed.update" and that's it. Thanks for your input in advance!
We also got the same file on our Moto Xoom, I believe its a virus so do not install it. The file was downloaded at biandroid (dot) info which is definitely not associated with android.com
http://anonhq.com/notcompatible-back-market/
that is the explanation
Back in 2012 malware called Not Compatible was haunting android devices. Now more powerful than ever the latest version of NotCompatible.C has its own self protected encryption. Thus making this program difficult to find and delete.
Lookout Inc, a mobile security firm says that this version of the malware is a threat on a massive scale. Once in it has the tendency to control and hack data. It is an advance form of malware that can be seen on a PC a botnet so powerful that it has a server design architecture, P2P communications and as previously said encryption capabilities.
The programming of the malware is one of the hardest to kill malware that we have observed. Once the malware is installed it does not appear on the android operating system as it keeps itself in the background. It only works when the device is unlocked by the user or if it is restarted.
view
Source: Imgur
The only way you can find out is through Manage Applications>Settings. This will show you that an application by the long name of (com.andriod.fixed.update) is running. All you need to do is simply uninstall it.
I am a Windows Phone developer who writes apps for wearable devices like the Pebble that are not supported or poorly supported on Windows Phone. In order to understand the Bluetooth protocol for the device I normally download the manufacturers apk for their device and decompile it to understand the Bluetooth packet requirements.
I have been using a Nexus 7 which has worked well but the last couple of devices I have purchased, Google Play will not allow me to download the apk because my Nexus 7 is not a phone. So the question is what would be the recommended pre-owned device I should get that will still allow me to download apps meant for an Android phone but still allow me to get to Google Play and the apk when downloaded.
If it makes a difference, I use Verizon but if a suitable phone was not available or too expensive, I would be willing to go with a phone I could not use on Verizon but still use Google Play on.
Thanks for any help you can provide.
I decided to root ky Pixel 6 and found out that i couldn't get around the security from germans banking apps.
simple soloution. have magisk/zygisk installed and set the root mode to "user" in the settings of magisk manager.
then go to your settings and setup a second user (wont have root) install your banking apps and enjoy the ability to use them with an rooted device
edit: this method was tested for Sparkasse app's
• S-Push Tan
• Mobiles Bezahlen
IndubidablyStoned said:
I decided to root ky Pixel 6 and found out that i couldn't get around the security from germans banking apps.
simple soloution. have magisk/zygisk installed and set the root mode to "user" in the settings of magisk manager.
then go to your settings and setup a second user (wont have root) install your banking apps and enjoy the ability to use them with an rooted device
Click to expand...
Click to collapse
I'm not being critical of your choices but why would anyone chance having a banking institution or any financial app including
GPay on a rooted device? Isn't there a much greater chance of being compromised by an app or inadvertent web link? And if the banking institution sees that a bogus user was created what are the chances of recovering funds obtained through fraudulent activity? I understand why people want to root don't get me wrong, but money transfers and transactions on that device seem a little reckless to me. But I could be wrong, just curious of the thinking here.
i Understand, but if you want to have an custom DAC like Viper4Android you kinda need root. my intention isnt to do fraudulent activity, as i mentioned in the Post you dont have Root access on that second user
IndubidablyStoned said:
i Understand, but if you want to have an custom DAC like Viper4Android you kinda need root. my intention isnt to do fraudulent activity, as i mentioned in the Post you dont have Root access on that second user
Click to expand...
Click to collapse
You misunderstood my concern wrt banking activity. I didn't suggest that you were doing anything fraudulent but if you were the victim of fraudulent activity would the bank still cover you with a bogus account you created? I don't know if what you did was entirely proper or not but that was not the issue I thought you might be concerned about.
As I said, I completely understand your desire to root be it V4A or DAC or even ad blocking. I just wonder the benefit vs the exposure if you are using banking apps. Without financial transactions occurring on the phone I doubt there is much to worry about other than what we are all concerned about root or not.
bobby janow said:
I'm not being critical of your choices but why would anyone chance having a banking institution or any financial app including
GPay on a rooted device? Isn't there a much greater chance of being compromised by an app or inadvertent web link? And if the banking institution sees that a bogus user was created what are the chances of recovering funds obtained through fraudulent activity? I understand why people want to root don't get me wrong, but money transfers and transactions on that device seem a little reckless to me. But I could be wrong, just curious of the thinking here.
Click to expand...
Click to collapse
Considering DirtyPipe exists and has not been patched yet (plus how long it already took to even acknowledge the problem in the first place), rooting is the least of our worries when it comes to monetary transactions/banking and android.
Bear in mind that DirtyPipe is only one elevation exploit that we've heard about. And for every disclosed vulnerability there are dozens of others that nobody's aware of. The market for rooted android users is very small compared to the overall android phone-user market. Creating exploits specifically targeting rooted phones would be a waste of time and effort compared to working on privilege escalation on non-rooted devices; from a hacker's perspective you want to hit the largest volume of targets in cases like these.
I've been rooting my phones for 10 years now, and my usage of banking/fintech apps on my devices has increased consistently. Applying common sense opsec/infosec practices can negate a large percentage of the perceived risk that root access exposes you to.
On the other hand, if someone wants to target you specifically, as an individual, you're screwed, root or no root, unless you're aware of the risks that come with technology and the pitfalls of android (iOS can be perceived as more secure but when it comes to individual targeting/attacks, there are expensive tools made by some of the world's top intelligence organizations that can wreck havoc on iOS as well)
TL;DR you're never truly safe, root or no root.
Unfortunately that doesn't worked for me
I tested the following apps:
SecureGo
VR SecureGo
Mobiles bezahlen
Every App doesn't launch. Sparkasse is quitting instantly and SecureGo Apps are stuck with their logo.
On the rootet user I get the Browser-warning (of SecureGo) that my device doesn't meet the security requierements. So far so good, but on the non-rooted uses i would have expect that they're working.
Any Idea? I'm on April Build.
i dont know currently, i dont have root anymore since i had to update to the April Update. i'll update if there is something that can be done
Maybe you could confirm that these Apps launch on April build without root? That could help to research the problem a bit. Thanks!
hanni2301 said:
...but on the non-rooted uses i would have expect that they're working.
Any Idea? I'm on April Build.
Click to expand...
Click to collapse
Maybe these apps are not supporting fully Android 12?
I have an app which, until recently, was freezing when the location was enabled. To be exact, when "Use precise location" was enabled. Only location access the app was not freezing, but couldn't get the coordinates.
Maye this is a similar situation here.
Cheers
Tom
hanni2301 said:
Unfortunately that doesn't worked for me
I tested the following apps:
SecureGo
VR SecureGo
Mobiles bezahlen
Every App doesn't launch. Sparkasse is quitting instantly and SecureGo Apps are stuck with their logo.
On the rootet user I get the Browser-warning (of SecureGo) that my device doesn't meet the security requierements. So far so good, but on the non-rooted uses i would have expect that they're working.
Any Idea? I'm on April Build.
Click to expand...
Click to collapse
I managed to get the VR Secure Go app working by doing the steps in the op plus using ice box and freezing magisk and the bank apps. I'm on April, too and I'm using radioactive kernel. Rooted stock kernel works as well on my device, but I had issues with the bank apps on some other kernels.
So to confirm, you need to freeze magisk on the rooted user and you're able to use the bank apps on the second (non rooted) user?
On which user you would freeze the bank apps? I doesn't have them installed on the rooted user.
Thanks in advance that you can definitely confirm its not the fault of April built.
hanni2301 said:
So to confirm, you need to freeze magisk on the rooted user and you're able to use the bank apps on the second (non rooted) user?
On which user you would freeze the bank apps? I doesn't have them installed on the rooted user.
Thanks in advance that you can definitely confirm its not the fault of April built.
Click to expand...
Click to collapse
I only have one user (the rooted user). I've done the following steps:
1. Configure magisk: activate Zygisk and setup deny list for the banking apps
2. Hide magisk app
3. Freeze magisk and banking apps with Ice Box
ok, that is the normal way which is different to the approach the thread starter has chosen.
I use deny list plus hide my applist and works fine with Sparkasse, s-push and mobil bezahlen no need to freeze or use a second user profile
How do you do that, hide applist?
You can bypass it by
Download App Named Shelter from Play store.
The App will create work profile and you can bypass any bank or app you facing issue with it.
When completed create work profile you can clone Bank App and use if.
As Information, It works out of the Box with Magisk denylist,
You only need to Install Ice Box and hide Magisk Manager, even if it is using a random name, "Mobiles Bezahlen" would detect it.
Magisk + Ice Box is sufficient on latest Miui 13 as well!
Regards!
Not sure but I think island could help not sure though as I'm not rooted the app is made by greenify
Only as info, these 2 Apps, Postbank Finanzassistent and Postbank BestSign working by default on a rooted device.
I like Postbank