So I need to know what the consequences are of removing market from the phone? The reason I ask is we are getting ready to issue these out as corporate phones, and other than the software we have on them, we don't want any additional software installed. The obvious easiest way is to just remove market, unless there is some app that can restrict market. I know that we will lose the ability to update apps, but other than that I don't see much else. The last thing I need is for them to download rogue software and charge up the company accounts. Thanks!
A better thing to do will be to block any new installations by some kind of administrator access rather than take out market. Taking out market is not at all harmful nor does it interfere with anything.
If i were you and I had to seriously limit the applications on the phone then I would at least find an app on market that can install only after putting in a password or someting like that. Uninstalling market will not do any good. People can still install by putting in an apk file to their sd card.
Ideally that would be the way that I would do it. Under Windows Mobile I could. Under Android..... I haven't found an app that's capable of doing so. I suppose I could start getting in and changing permissions on folders through root, but I really don't want to go down that road. I know they can search and download apps otherwise than the app market, but it removing the temptation that helps. You know how users can be.
You will need to rely on google then. Here is a sample of what might help you.
http://www.facebook.com/pages/Android-Parental-Control-App/123629131031273
Hope you find many more apps like these.
I saw that earlier, but its almost too Draconian. The hand holding Android would upset many of the Adult employees. Laughing. I think I may have found another way around it though. Remove the obvious Apps, but then I found an app called Droid wall which you can use to interface with IP tables to block access to market. They can view market, but you can't download. This prevents using the marketplace as well as trying to load from a website. It's password protected so it can be turned off easy enough if needed. It doesn't prevent side-loading the apps but I'm not to worried about my users doing that. If they do, it proves obvious intent to bypass company policy. Hoping this works.
Related
This is not troll baiting or OS Slamming...
Looking for knowledgeable and constructive feedback regarding device security. I'm thinking in terms of an Executive or VP or Network Admin or such loosing the device. a piece of software
1) to do more to control access than a squiggly line
2) to allow for remote GPS tracking and/or device data wiping
3) that is stealthy and/or hard to remove.
I know there are a few "security services" out there but that leads me into "how do i know whose who and who can be trusted in the android segment". I place a great deal of trust in the developer of my ROM. That he/she/they are benevolent and not including by intent or negligence loggers or other malware. then i have a companies like Wave and Norton and Good all angling to get installed on my device. i don't know Wave nor Good and I have no luv for Norton.
The EVO allows for RDC and VNC sessions. It allows for VPN access and has the pwd's to my personal and work email. meebo has me signed into all my chat networks. As a long time Windows person I guess it's just a lil disconcerting when i stop and think on it. this device can easily be configured to hold everything needed to access a secured network. Perhaps this is a reflection on my lack of understanding the system in depth. perhaps i'm not sure how well the opensource community will communicate "problem" apps and developers.
Also, and kinda sorta related. Applications in the marketplace. sometimes you get an application and the types of security access it is asking for seems a bit "off". occasionally in the comments the developer may comment that "i need to access X in order to provide Z". It usually makes sense (whether true or not i cannot say), but is there any nice cross-reference of what types of actions require what access level. or why so many apps need to know the phone state and identity or general location or full network access and what exactly that means to me as the end user. this second paragraph is proving difficult to put to paper..i may come back and edit for clarity.
and lastly, i guess is a question on how to protect from apps like this...
http://www.networkworld.com/news/2010/060210-android-rootkit-is-just-a.html?page=1
http://www.zdnet.com/blog/security/commercial-spying-app-for-android-devices-released/4900
If the app seems fishy don't download it you can allways get lookout from the market it will pull your phone up on the gps and tell you exactly where it is I've tested you can also make it chirp real loud as for them accessing your phone put the pattern lock on in stead most thiefs are not hackers so they probably won't be able to access your phone even if you hard reset you still have to draw the pattern I mean unless they full root the phone and wipe it in petty sure you will be ok hope that helped
Sent from my PC36100 using XDA App
Lookout kinda falls into the same category at Good or Wave. (at least to me thus far). All appear to be fine and yet somehow free products. I'm looking for a corporate solution, not end user solution. a free solution would be swell, so long as trust can be established.
i am looking at this from a corporate IT security perspective. not a young person, a enthusiast nor regular end user. heck, if I could get all of my users to actually know what is meant by "if the app seems fishy don't use it", most of my job would be completed. but to be honest, i'm still trying to get a grasp on that myself in the android world, hence the question about access levels in last paragraph of original post.
the zigzag is nifty and should protect from casual access. Froyo will provide an interface that a secured Exchange server would prefer to have. that will help.
( BTW ... if anyone knows how to make the red line not appear when you mess up the pattern lock...you'd be my personal hero for the day)
its not thieves that I'm worried about...it's my own end users that have to be protected from themselves. if a device was left in a bar or cab and did end up in the wrong hands....data could be sold, deals could be lost, people could be embarrassed, with the type of data that 'can very easily' exist on these devices...network security itself can be compromised. and sadly, i must assume that a good many end users will disable security if they are able to. for the same reason they ***** at automatic screenlocks on their desktop/laptop computers.
would you rather your IT team "hope/pray/expect the device will be picked up by some incompetent/benign/lawabiding citizen" or the opposite?
i choose to prepare for the worst...hope for the best. not the other way around. hence, my questions.
Isn't remote wipe being built into froyo somehow? Thought I read that somewhere.
I have my exchange email set up on my device and it requires me to use a passcode. I cannot disable it.
Sent from my PC36100 using XDA App
As for wiping data remotely wave secure will do that it might be close to what you need or something for the time being hopefully this will help
Sent from my PC36100 using XDA App
This is kinda sorta what I'm lookn for.
http://www.downloadsquad.com/2010/06/28/understanding-the-android-market-security-system/
I am ok with paid/donate apps using it to ID your device, but a lot of the free apps share it so that they can track your usage and or with advertisers to push targeted ads to you. With location enabled, they can track where you are visiting, etc.. I feel they are allowed too much personal information.
Anyone know of a way to not allow access to this, other than disabling mobile networking?
Personally I would prefer to be anonymous, don't mind using something for free and having to see ads, that's fair..
-CC
I recently came under attack, and have determined that a hack tool used the IMEI and atiagent to gain information, that allowed them to connect remotely. persistently.
I was wondering how do i hide this info, or obtain a new valid number?
If i subscribe to a new service provider, will this help?
CM7 has a feature that allows you to revoke permissions. I haven't tried it, but it might do what you're after. I haven't tried it myself. Some apps may just crash though when it tries to get the IMEI. Since an app dev wouldn't expect a permission it was granted on install to be revoked, they may not have any exception handling around that.
Bottom line...if you don't trust an app with a permission it's asking for, I would generally just not install it and move on.
LBE Privacy guard, it's in the market
Hey, well yesterday I got a notification saying "supercharge UR battery". I was pretty sceptical but I clicked on it not realising it would go to a website and apparently that website then downloads and installs something automatically that allows them to clone your contact etc, even your IMEI and they can put your number to go through premium calls to get money out of you.
Either way I need to know how to get rid of this. It's just come up again so I'm presuming it didn't install properly for them or something. It came just after I updated all my apps yesterday but I don't know which one would have caused it.
Do we think a full wipe and reinstall might do it?
:EDIT:
shocker that AVG antivirus didn't find anything. I've been looking through my apps, deleted some I don't use but none of them stand out as being dodgy, I don't even have many.
What makes you think it's cloning your device?
Are you sure it's not just a push notification advert, from something like airpush?
Remove all recent apps that you've installed since you started getting them, and when they stop install them one by one, seeing if they cause the notifications. Check all permissions very carefully.
If you are seriously worried, full wipe and start again but there shouldn't be a need for that.
That sounds slightly unlikely; not that there's malware out there that can do that sort of thing (there is), but that you can acquire it simply by visiting a site and somehow bypassing all the usual application access authorisations. All the instances I've heard of require an app to be installed (and access granted) which then runs off and does all this in the background. So if you could post your source for that it would be a great help.
(As to the "supercharge your battery" ad, I've definitely seen that somewhere recently as well, but I can't think where. In an app, but I'm struggling to think what it could have been. I just ignored it as per any other ad that sneaks past the hosts file).
If you're really worried then a full wipe would get rid of anything actually on your phone, but I'm not yet convinced that's necessary.
Edit: just noticed you said "notification" not "ad". Try downloading something like Airpush Detector from the market; sounds like you've got an app using Airpush to show ads in your notification area. Again, that's not necessarily something to be particularly concerned about (irritating though it is).
Edit2: curses, beaten to it while I was writing all this on my phone. Must learn to be more concise.
//sent from my Desire HD using Tapatalk; all errors entirely intentional.
Well I've been going through my apps and there isn't a single one in there that you would ever consider to be dodgy as I just stick to the main ones. I don't bother downloading games or anything like that.
Surely if it's just an ad I'd be able to find said app on the market place, but I can't. In fact google finds nothing for "supercharge UR battery".
I'll try airpush detector. Cheers.
Ok so airpush detector says:
Mysettings
jqsoft.apps.mysettings
Checked out the app on the market and turns out the update added airpush to it. Way to kill your market. I guess they want people to go "pro".
Cheers guys!
Last night I noticed Play asking me to update an app called Smart Device Manager. Having no idea what the app was, or why it was on my phone, I read the description:
OVERVIEW
Smart Device Manager is an app that runs on the “child” phone in order to power two family safety services on the Sprint Network, Drive First and Mobile Controls. These services allow parents to automatically lock a phone when driving or to prevent phone usage during school hours.
Click to expand...
Click to collapse
With a bit more searching, it looks like it's a background utility that comes preinstalled on our phones. It's a helper for parental controls to manage what your children (or employees, I suppose) are doing, as well as lock your phone when you're driving to discourage talking or texting while driving. Accomplishing this requires some pretty nasty permissions. Granted, it's obviously not CIQ, and it shouldn't be doing anything at all unless you activate and pay for the appropriate services, but I still don't want it on my phone, if for no other reason than it may be using up some juice.
It appears there was some sort of bug with the change to Google Play that prompted many (everyone?) with the app to update it, even though you have no reason to update it unless you're actually using the service(s) (Source). As it's a system app, you can uninstall it with Titanium if you are rooted. I've done so and it hasn't hurt anything thus far.
Just figured I'd let a few people know what was up, in case they get the notification as well. And if it's already common knowledge, *shrug* I guess I wasted a few minutes of my life
interesting...
Just read about this.
http://phandroid.com/2012/03/28/spr...are-to-android-devices-heres-how-to-avoid-it/
Thank goodness for custom roms and their bloatware removal.
What's weird is that I'm running Blazer Rom, have never installed this service and google play is reminding me every day that I need to "upgrade it."
Somehow must have been left in Blazer.....
wotan2525 said:
What's weird is that I'm running Blazer Rom, have never installed this service and google play is reminding me every day that I need to "upgrade it."
Somehow must have been left in Blazer.....
Click to expand...
Click to collapse
I think it's a Sprint/Google agreement that is going to show up in our market suggestions no matter what ROM we run, the key is just ignore the suggestion and don't install.
Thanks for the info. I missed this one when I was getting rid of the bloatware. Even if it's not activated on my end, I'd rather not give them one more route of easy access to controlling my device. I suppose it's a good feature for parents/employers, but can you imagine if service providers started shutting down your phone (essentially airplane mode) if your were traveling over a certain speed?
You can delete this from system/app and it will stop alerting you in the market. Its actually labelled smartdevicemamager.apk in system/app.
Edit: Pointless post. Sorry.
When i had this app on it would give me slow data then i disable it and now i have full speeds
Sent from my SPH-D710 using xda premium
Sycobob said:
Last night I noticed Play asking me to update an app called Smart Device Manager. Having no idea what the app was, or why it was on my phone, I read the description:
With a bit more searching, it looks like it's a background utility that comes preinstalled on our phones. It's a helper for parental controls to manage what your children (or employees, I suppose) are doing, as well as lock your phone when you're driving to discourage talking or texting while driving. Accomplishing this requires some pretty nasty permissions. Granted, it's obviously not CIQ, and it shouldn't be doing anything at all unless you activate and pay for the appropriate services, but I still don't want it on my phone, if for no other reason than it may be using up some juice.
It appears there was some sort of bug with the change to Google Play that prompted many (everyone?) with the app to update it, even though you have no reason to update it unless you're actually using the service(s) (Source). As it's a system app, you can uninstall it with Titanium if you are rooted. I've done so and it hasn't hurt anything thus far.
Just figured I'd let a few people know what was up, in case they get the notification as well. And if it's already common knowledge, *shrug* I guess I wasted a few minutes of my life
Click to expand...
Click to collapse
updated it last night as well running blazer 4.0, didn't know what it was just don't like "updates available" popping up on boot
Sent from my SPH-D710 using XDA
I just deleted it through titanium backup
Sent from my SPH-D710 using Tapatalk
Codename havent ever seen it lol
Sent from my SPH-D710 using XDA
More info here:
http://community.sprint.com/baw/thread/87271?start=0&tstart=0
Sprint reps said the service has always been on the phone but the recent Google Play Store update caused the update to show up. Supposedly Location Labs (the company created the software) is looking into why it is showing up as an update....
Link is already in the OP
Im using a HTC 10 (EU variant). Today i was scrolling through "Netguard" (if you dont know it, its an app to prevent other apps from internet access), since i configured it to show system apps it displays way more apps than the normal app overview in the settings. In there i found an app called "RootPA" and one called "root", which seems strange since i didnt unlock the bootloader or root on my own. The details in the RootPA entry say "com.gd.mobicore.pa", no idea if thats helpfull to determine the origin of this mysterious app.
Can you help me with this?
Did you Google it?
I did, but the results were not realy usefull. I found someone with a modded Galaxy S3 who deleted a RootPA on accident and broke stuff, but that ssems unrelated. Are there any things i could do to find out more about the app installed on my phone without root?
I cant say its something I've ever seen. If this person in the past removed it, and it broke stuff, that would suggest that it may have been a system app and he was rooted. From what I managed to find on google, it is part of a security suite (mobicore) used by networks to monitor what the state of the phone is, presumably incase something happens, and it was the user fault, and they know for a fact because they have logs of what the phone has done.
[ACCESS_NETWORK_STATE] Allows applications to access information about networks
[INTERNET] Allows applications to open network sockets. (i.e send information)
[READ_EXTERNAL_STORAGE] Allows an application to read from external storage.
[READ_PHONE_STATE] Allows read only access to phone state.
A friend of mine got his HTC 10 2 days ago, ill ask him to look for this app. Its unlikely we would have the same virus/whatever installed.
Edit: He just reseted his 10 (due to missing language options, but thats another topic), but still found "root" and "rootPA" on his phone, so its preinstalled (although i still dont understand whats its purpose).
RootPA is provides service for provisioning secure applications that run on ARM trustzone and t-base OS (formerly mobicore). It is preinstalled in some vendors Android devices (search for this string on the internet: htc-devices-to-incorporate-trustonic-t-base-tee), but mostly unused as far as I know. The source code of some versions is available on the Internet (e.g. on github /Faryaab/android_hardware_samsung_slsi_exynos5410/tree/master/mobicore/rootpa).
It has nothing to to with rooting or unrooting the device.
PA route is very dangerous I had some I have somebody who has hacked into my phone through this particular program so to speak I have a lot of issues right now with my phone trying to get them off of my phone and this seems to be the root cause or the start of it have anybody knows how I can clear my phone and my Ram from the Vicious hacker I appreciate it I'm tired of being watched and recorded everything I do
Illfidusoon12 said:
PA route is very dangerous I had some I have somebody who has hacked into my phone through this particular program so to speak I have a lot of issues right now with my phone trying to get them off of my phone and this seems to be the root cause or the start of it have anybody knows how I can clear my phone and my Ram from the Vicious hacker I appreciate it I'm tired of being watched and recorded everything I do
Click to expand...
Click to collapse
PA route..... .rootPA ......2 different things. Hacked ? Unlikely, I think some OCD is kicking in. Want to be clean? RUU the device and do not restore anything