Hi all,
I've just found out that the exchange server I connect to at work will soon enable remote wipe capabilities for security purposes.
I'm running cyanogenmod 5.0.7 on my HTC Dream. Not knowing a lot about remote wipe, will they still be able to do it even though I have this custom Rom?
I'm assuming that if they do a remote wipe, I can just boot into the recovery and restore a nandroid backup?
I don't expect them to do it but I just want to understand the repercutions if I enable email on my phone.
Geoff
IIRC, that feature was included in Android 2.2.
I'm currently using 5.0.7 of cyanogen though so it's only 2.1. I'm assuming then a remote wipe can still be done on a custom rom?
Is it as easy as going into the recovery and restoring a backup in the event a remote wipe is done?
If the exchange client and server both support it then yeah, you'll be able to remote wipe. This will only wipe your emails though.. not your whole phone..
You cannot enable remote wipe as a feature in the stock email client in android 2.1 regardless of which rom you are using
You have 2 options, either install Touchdown from the market (which costs money) or run Android 2.2, currently the only rom that I know of built on 2.2 is here http://forum.xda-developers.com/showthread.php?t=686105
I'm already using touchdown. I was told at work though that a remote wipe will wipe the phone, not just email.
sounds like a need for a new app
Seems like what is needed is an app that tells the server that it supports remote wipe, complex passwords, etc, and then doesn't do anything unless the end user allows it.
When somebody pays for my phone they can put whatever back door on it they want. Until then, I'll put in my own back doors...
rich0 said:
Seems like what is needed is an app that tells the server that it supports remote wipe, complex passwords, etc, and then doesn't do anything unless the end user allows it.
When somebody pays for my phone they can put whatever back door on it they want. Until then, I'll put in my own back doors...
Click to expand...
Click to collapse
And then have that app fake it's device string so it would appear as Touchdown or some other well-behaved app. I like it.
gleff1 said:
I'm already using touchdown. I was told at work though that a remote wipe will wipe the phone, not just email.
Click to expand...
Click to collapse
Heh. That would be contrary to android security implementation. Letting windoze to remotely interfere with an android phone would be REALLY BONEHEADED.
Simply put, the application would have to have SYSTEM permissions, which it simply isn't going to / can't have unless it was installed as part of the system image. ANY kind of add-on application WILL NOT have the permission required to interfere with your phone unless you do something REALLY dumb, like authorizing root access (assuming that the application even knows to ask for it, which is unlikely).
There *IS* a possibility that froyo "enterprise" features would implement this capability, but if you have control over the device, it would simply be a matter of disabling that application.
IN GENERAL, such security features would only be possible on devices that are (1) owned by somebody besides you, (2) configured by those who own it to do so. Simply connecting to some MS server MUST not be sufficient for them to interfere with your phone.
And to be honest with you, I would NEVER allow anything I use to connect to an MS server. I absolutely do NOT trust them. MS probably steals all your information without telling you. They're evil like that.
The person in your IT dept that told it wiped the entire device is not telling you the entire truth. This is taken directly from Microsoft Technet:
Perform a Remote Wipe on a Mobile Phone
[This topic's current status is: Content Complete.]
Applies to: Exchange Server 2010 Topic Last Modified: 2009-10-13
Microsoft Exchange Server 2010 enables you to send a command to a mobile phone that will perform a wipe of that phone. This process, known as a remote device wipe, clears all Exchange information that's stored on the mobile phone. You can use the EMC or the Shell to perform a remote wipe on a mobile phone.
You can use this procedure to clear data from a stolen phone or to clear a phone before assigning it to another user.
Now, there are MANY administrative options for the Remote Wipe tool. Most organizations only worry about the Exchange side. The other options are dependent on a device having a true 1to1 ActiveSync Partnership. Android devices do not have this, Only WinMo devices do. So, no, your phone will not be wiped clean if they initiate a remote wipe, only your corporate email.
W.O.P.R said:
The person in your IT dept that told it wiped the entire device is not telling you the entire truth.
Click to expand...
Click to collapse
Actually, I.T. staff member *is* correct: "In addition to resetting the mobile phone to factory default condition, a remote device wipe also deletes any data on any storage card that's inserted in the mobile phone"
http://technet.microsoft.com/en-us/library/bb124591.aspx
I am a noob with a history of 3-4 phones stolen , so it prompted me to search a antitheft app. One thing I found out that antitheft apps only work till phone is switched on or it has not been wiped and flashed with a new ROM. I struck me that is there a way that we can circumvent it.
The idea was
1) Make a partition in memory which is very small that it is not noticed by the thief who is flashing it to wipe every thing.
2) This new partition should not be wiped while flashing a new ROM and should be hidden to computers.
3) Install a anti theft app app on that new partition.
4) The app should get installed automatically even after flashing new ROM.
5) The app should retain its data.
6) The app should be hidden in the menu.
7) We can access the app to trace the mobile.
See I don't have any necessary skill to do any of these task so I ask you security pundits CAN IT BE DONE?
If possible we can ask a developer to do it and fund it I am sure there will be many to fund this work.
anurag09 said:
I am a noob with a history of 3-4 phones stolen , so it prompted me to search a antitheft app. One thing I found out that antitheft apps only work till phone is switched on or it has not been wiped and flashed with a new ROM. I struck me that is there a way that we can circumvent it.
The idea was
1) Make a partition in memory which is very small that it is not noticed by the thief who is flashing it to wipe every thing.
2) This new partition should not be wiped while flashing a new ROM and should be hidden to computers.
3) Install a anti theft app app on that new partition.
4) The app should get installed automatically even after flashing new ROM.
5) The app should retain its data.
6) The app should be hidden in the menu.
7) We can access the app to trace the mobile.
See I don't have any necessary skill to do any of these task so I ask you security pundits CAN IT BE DONE?
If possible we can ask a developer to do it and fund it I am sure there will be many to fund this work.
Click to expand...
Click to collapse
+1
i like it.
Please dont qoute OP
It is possible
But our devices are flashed completely if we flash a new rom
Every 1 is changed to zero
And if some devs figure out how to create such partition then people will figure out how to disable it
If a thief know how to flash new rom then he might find out a way to disable it.
We can change kernel and system so its not so much secure.
I don't have enough knowledge
For example you own a Samsung device and you created partition like that and a thief will just flash a stock rom including pit file so your partition will be merged or wiped
Sent from my C6502 using XDA Premium 4 mobile app
anurag09 said:
I am a noob with a history of 3-4 phones stolen , so it prompted me to search a antitheft app. One thing I found out that antitheft apps only work till phone is switched on or it has not been wiped and flashed with a new ROM. I struck me that is there a way that we can circumvent it.
The idea was
1) Make a partition in memory which is very small that it is not noticed by the thief who is flashing it to wipe every thing.
2) This new partition should not be wiped while flashing a new ROM and should be hidden to computers.
3) Install a anti theft app app on that new partition.
4) The app should get installed automatically even after flashing new ROM.
5) The app should retain its data.
6) The app should be hidden in the menu.
7) We can access the app to trace the mobile.
See I don't have any necessary skill to do any of these task so I ask you security pundits CAN IT BE DONE?
If possible we can ask a developer to do it and fund it I am sure there will be many to fund this work.
Click to expand...
Click to collapse
There Are many of them:
NQ Mobile Security Free
AVG antivirus
Quickheal
Avast
Mobile Tracker
(according to my theory)
Unless you can modify your hardware, it is highly impossible to have anti-theft app or security which persist through wipe (full wipe).
What if you have access to your hardware ? You can make system like Knox. Let say if your device is tampered, you can make the (Let say X-hardware) flag become 1. Now what should it do when the flag become 1 ? Either locks entire rom or make the device looks like bricked or etc (which make the device useless until you reset it). In hardware part, you should also modify how device should behave when it is turned on. Let say you have a microcontroller which see this X-hardware flag. If it is 1, skip entire process and turn off the device. How about software side ? Of course you need modified OS to support this.
The theory looks easy, but implementation is the hardest one.
There is a very easy way to implement this.
Most all new comouter hard disk and solid state disks sjpport what is known as HPA.
HPA stands for Host Protected Area or Hidden Protected Area.
It can be set or queried with the linux tool hdparm.
It effectively makes the disks report a smaller total size to the OS at the firmware level. Anything can be put inside including anti-theft software (see: computrace)
Easy enough.
anurag09 said:
I am a noob with a history of 3-4 phones stolen , so it prompted me to search a antitheft app. One thing I found out that antitheft apps only work till phone is switched on or it has not been wiped and flashed with a new ROM. I struck me that is there a way that we can circumvent it.
The idea was
1) Make a partition in memory which is very small that it is not noticed by the thief who is flashing it to wipe every thing.
2) This new partition should not be wiped while flashing a new ROM and should be hidden to computers.
3) Install a anti theft app app on that new partition.
4) The app should get installed automatically even after flashing new ROM.
5) The app should retain its data.
6) The app should be hidden in the menu.
7) We can access the app to trace the mobile.
See I don't have any necessary skill to do any of these task so I ask you security pundits CAN IT BE DONE?
If possible we can ask a developer to do it and fund it I am sure there will be many to fund this work.
Click to expand...
Click to collapse
I dont know if you live in a developed country, but phones have thing called IMEI that can be tracked. The guys who steal phones and who buy stolen phones are obviously stupid enough to believe that reselling phones is a thing.
Really, if you get your phone stolen so much, my suggestion would be buy two phones this time. One feature phone and a smartphone you keep at a safeplace. You use the smartphone only in safe situations and the dumbphone in all other cases.
Works fine, believe me. A feature phone costs less than an SD card nowadays.If you got your phone stolen 4 times, dont use or get a smartphone in the places you work or pass.
Software cant help if you are surrounded by thieves.
Sounds a great idea.
def a good idea. but as the previous post mentions., imei does a moderately good job of keeping blacklisted phones of the network
came across this article, and made me think of this post
its talks about an anti-theft method called poison pill
here is an excerpt:
The loss or theft of a company laptop can cost far more than the replacement hardware. It can cause significant disruptions to business. It can result in legal or financial exposure. It can put your company in breach of compliance with HITECH, HIPAA, and other stringent rules and regulations regarding data security and privacy.
Laptops with an Intel® Core™ processor with Intel® Anti-Theft Technology (Intel® AT) provide IT administrators with intelligent protection of lost or stolen assets.
With Intel® AT, you can now disable a lost or stolen PC with a local or remote "poison pill". This poison pill can delete essential cryptographic material from system hardware in order to disable access to encrypted data stored on the hard drive. The poison pill can also block the laptop’s boot process, rendering the system a "brick".
Intel® AT’s flexible policy engine allows you to specify the detection mechanism that asserts theft mode, the thresholds for timer intervals, and the theft-response action(s) to take. Because the technology is built into PC hardware, Intel® AT provides local, tamper-resistant protection that works even if the OS is reimaged, the boot order is changed, a new hard-drive is installed, or the laptop is disconnected from the network. When the laptop is recovered, you can reactivate it quickly and easily using your choice of methods: pre-provisioned passwords, one-time codes generated by IT, security questions, and more.
Intel® AT is activated through service subscriptions from Intel® AT-enabled software and service providers.
Source
If you have a Samsung phone, Enable "Reactivation Lock" from Settings->Security.
Wouldn't you have to use a custom PIT file to realize this? I think the best thing at the moment is the reactiviation lock, which is coded into the bootloader as far as i know.
Try Android Lost. If you convert it to a system app, you'll have a great security app (the best, in my opinion) that should survive a reset.
Sent from my SCH-I545 using XDA Premium 4 mobile app
Great idea! I would like a developer to make a recovery (such as CWM) that could be able to give you an option to put a password on the recovery. That'd be awesome.
Try using Hidden Eye. It captures a photo using front camera every wrong password. The full version have an ability to send the photo to your email. Check it out.
Never underestimate a kid whose poor in cash but rich in time.
https://play.google.com/store/apps/details?id=com.lsdroid.cerberus
Cerberus does all of the things mentioned in this thread except create a hidden partition and survive a new rom flash but does survive factory resets.
If the person was tech savvy enough to flash a new rom then they are tech savvy enough to change the IMEI to circumvent blacklisting. The reality is that the vast majority of people would at most do a factory reset on a stolen device.
Hello friends,
I have a Galaxy Note 5 from Verizon; Over the years, I've used this phone extensively for sending SMS messages ("texting") and now would like to gain access to the data files/database backing Verizon's Message+ app. As far as I can tell, none of the App binaries and their associated data are accessible via the standard [non-rooted] Phone-->USB-->PC interface?
A couple questions:
1) Can you confirm that Rooting a Galaxy Note 5 WILL NOT wipe the data that is currently on the device?
(I assume the Root process will not require the device to revert to a factory state, wiping the data files I seek to preserve?)
2) Can you confirm that rooting the device is necessary to access the App binaries & their associated data files?
3) Years ago I read that rooting the Galaxy Note 5 would permanently break the "KNOX" security mechanism as some type of tamper fuse would be blown. I assume this is still the case?
(This phone is no longer my primary phone so while I seek not to damage the phone any more than I have to, I'm now willing to bulldoze the KNOX functionality, if it means I can access the data I want)
(I'm aware the messaging data is likely stored in a proprietary data format, though I have heard rumors Sqlite is used. Regardless, the data format is not a concern provided I can access it)
Thank you in advance for your help!
bump
bump
Bump
SMS Backup & Restore – Apps on Google Play
A simple app that backs up and restores SMS & MMS messages and call logs.
play.google.com
Whoa, there is life out there! Thanks for the response
I'll definitely check out the app, but would definitely be interested in gaining access to a low-level filesystem copy of the messaging data directly from my device.
Can you confirm whether rooting an Android device generally leaves pre-exisisting data (before the root) in place?
it depends what root method you use
if you use magisk or supersu via twrp, you need to unlock bootloader which when you unlock bootlaoder it wipes all data (bootloader is safekeeper to phone partitions, so they can be edited)
but if you use some one clikck root (like kingroot) you wont lose data.
and with root, even if you do access database in /data folder, it will be in sqlite database, and a lot, and completely unsorted.
you can copy it to pc, and create app which can read and sort from database, but otherwise is not usable other than archive, you cant use it in any other app again
but with app without root, you gain same thing, even if you cant use in any app again, you can keep it as archive, as it exctracts (without root)
but with app i think you would be able to recover and use again, depends on device, (like, you wont be able to use those messages from samsung to lg messagess app)
Awesome, thank you for the info. At some point, I would like to explore all of the various ways to root a device, but in this particular case where I want to backup all SMS conversation data (text, pictures, etc.) from the existing (non-rooted) device, it sounds like the one click approach is definitely what I need (vs. unlocking the bootloader)
Your comments about using an App (without root) are also very intriguing. Is there an Android app that can give me access to all the data (or at least all the data that the SMS app would have access to) on the phone without rooting it? (Can you recommend one?) The SMS Backup & Restore App you mentioned earlier seems interesting, but I'd like to get something that will generally allow me to get data from the internal filesystem.
Ideally, I just need some way (ssh/ftp/other) to transfer data from the phone to my PC. I'm fully expecting that I'll have to do some reverse engineering on the database/data files that I copy from the device and alsi do some custom coding to extract the messages (including embedded pictures/ movies) that I wish to preserve.
Thank you again for any other advice or suggestions you can offer!
Hello community!
I think this is the best place to ask this question as this is a forum of default for all developers.
Why is Android not providing backup of app data?
On iOS, factory reset and restore is a breeze. The process is extremely simple, and there is absolutely no user intervention required after a factory reset. iOS simply puts everything in its place as if nothing happened. Same is true for macOS, WatchOS & iPadOS. This is just a wonderful implementation. The only limitation is if an existing app is no longer available on the Apple AppStore. In that case, the app data would still remain in the cloud (or iTunes backup), and can be easily restored if the app (.ipa file) is backed up using iTunes (or similar 3rd party software).
Can someone answer why the same is not available on Android, despite it being the more versatile software?
As far as I know, backup over ADB isn't reliable. And more importantly, ADB isn't for everyone.
Thanks.
android is google. there exist native backup option to backup app data in google drive. adb backup is androids native backup option. it will save apps data to PC and can restored even to other devices.
so your question should be, why android provides solution to app developers protecting their app data from backup.
aIecxs said:
android is google. there exist native backup option to backup app data in google drive. adb backup is androids native backup option. it will save apps data to PC and can restored even to other devices.
so your question should be, why android provides solution to app developers protecting their app data from backup.
Click to expand...
Click to collapse
The native backup solution doesn't backup most of the apps data. As a result, most things must be setup from scratch after a factory reset. The process isn't automatic and requires plenty of manual work. This is clear from the numbers below:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Size of actual backup:
It is clear that most apps are not backed up, and only a very few apps' data is included, which I believe is mostly Google stuff.
That said, why does Android allow developers to prevent their apps' data from being backed up? This doesn't make sense because the data belongs to the user, not the developer of the app.
what you don't understand app data can be perfectly backed up. it's just the app developers they decide whether it's allowed or not. It's controlled in AndroidManifest.xml
android:allowBackup="true" API level < 30
android:debuggable="true" API level > 30
https://developer.android.com/about/versions/12/behavior-changes-12#adb-backup-restrictions
btw your screenshots refer to EXTERNAL_STORAGE
https://developer.android.com/training/data-storage
aIecxs said:
what you don't understand app data can be perfectly backed up. it's just the app developers they decide whether it's allowed or not. It's controlled in AndroidManifest.xml
android:allowBackup="true" API level < 30
android:debuggable="true" API level > 30
https://developer.android.com/about/versions/12/behavior-changes-12#adb-backup-restrictions
btw your screenshots refer to EXTERNAL_STORAGE
https://developer.android.com/training/data-storage
Click to expand...
Click to collapse
On iOS, the backup doesn't include apps' own data (those that are required for the app to run properly), instead only the data that the app has collected from the user, such as settings, login credentials, etc. So that when the user restores a backup, everything simply works like nothing happened. And this includes crucial apps like Banking apps too.
During the restore process, the system downloads the apps automatically from the Store that comes with the entire database, libraries and other files that the app needs to run properly, which isn't part of the backup. The user doesn't have to worry about any of these things as the system handles EVERYTHING automatically.
I don't understand why App Developers should have a say in whether the user specific data that they collect and store in their working directories should be part of the backups. That data belongs to the user and as such only the user should decide whether it needs to be backed up or not, just how it is in iOS.
On Android, where does the app save all of user configurations and files?
I think we can track it down to simple rule.
if you wanna have control and responsibility about your phone in your hands, use android.
if you don't care a f** about what's stored in cloud - buy iPhone
aIecxs said:
I think we can track it down to simple rule.
if you wanna have control and responsibility about your phone in your hands, use android.
if you don't care a f** about what's stored in cloud - buy iPhone
Click to expand...
Click to collapse
You missed an important point: on iOS, user decides whether his data that is collected by an app should be backed up to the cloud or not. You get to control what to backup, and what not to backup. If user chooses to save in the cloud, Apple is pretty good in keeping that data secure. Most cases of breach are users' own stupidity.
With Android, it is absurd that the app developers make this decision for the users. And you are saying one should use Android if he wants to take control of this. I don't see a simple or reliable way to do that.
Yes because Android is highly customizeable. I know how to backup my data. There exist TWRP, Migrate, Titanium, and I never used any cloud. Btw the last thing I would backup is /storage/emulated/0/Android this is the first directory I always delete, and I never lost any app data (although I don't know what obb really contains as I never played games, used WhatsApp or any other memory wasting stuff)
It's okay if it is absurd to you, but sure it's not a technical reason. I have linked the documents explaining. To me it would scare me to dead if my device would re-install everything and becomes in the exact same state as before factory reset
TheMystic said:
The native backup solution doesn't backup most of the apps data.
Click to expand...
Click to collapse
can you give example app please, let's do reality check
It's simple, main reason is GDPR, cmiiw
Data needs to be separated between application data (config, everything that is not stored any customer/user/client information) and user's data (login sessions, anything that might compromise customer/user/client information).
For most application data, it can be safely assumed, google, huawei, or any third party software, can back it up, stores it in any kind of their backup storage (cloud, ftp, you name it), and restores it as they wished. However, as the user's data, they cannot. At least without user's consent. And it's because of GDPR.
And @Alecxs is correct. Imagine if someone can restore your data in their phone, and then they were identified as you, imagine the horror. If you think no it's impossible, think again. If you think Apple is secure and that's not possible, think again.
And now, why many backup apps exist in play store that can do that? Simple, they don't provide any kind of agreement that they will store your data in their storage, it's always in your local storage or your own cloud storage (dropbox, drive, you name it). And because there isn't any clear protocol from android to do so (separated backup between application or user data), most of them needs to be operated under root.
aIecxs said:
Yes because Android is highly customizeable. I know how to backup my data. There exist TWRP, Migrate, Titanium, and I never used any cloud. Btw the last thing I would backup is /storage/emulated/0/Android this is the first directory I always delete, and I never lost any app data (although I don't know what obb really contains as I never played games, used WhatsApp or any other memory wasting stuff)
It's okay if it is absurd to you, but sure it's not a technical reason. I have linked the documents explaining. To me it would scare me to dead if my device would re-install everything and becomes in the exact same state as before factory reset
Click to expand...
Click to collapse
Less than 2% of Android users install a custom recovery and/ or root their device. And a much smaller number use ADB to take care of a few things on their non-rooted device. I'm talking about backup solution for the remaining over 98% users.
Pretty much everyone knows how to backup their stuff. It's just that there is a lot of work to do and requires patience. An automated backup solution helps in saving plenty of time and unnecessary work for the user.
There are, however, some situations where the user is helpless. I was playing a game for a long time, spent a good amount of money on in-app purchases, and when I bought a new phone, there was no way to transfer all that stuff. That game provided no means (either using Google Play Games or Social Media integration) to backup the user account. I wrote to the developer several times, but never got any response. I even complained to Google, but nothing happened for a pretty long time. I stopped buying stuff in that game. Many months later, the developer finally allowed saving game data to Google Play Games. Although I could now move my stuff to my new device, it was just too late. I lost interest in that game. In my case, I still had the old device with me, and working fine. So I could save all my details to Google Play Games. Imagine if someone lost their device, or broke it, or sold it...for them all that money spent in that game would be gone.
'As with your scare me to death' statement, I think you haven't understood how backup & restore works on iOS. iOS will wipe everything on your phone, do a fresh installation of the OS, download all your apps again, and then restore user settings, login credentials, etc, which pretty much takes care of EVERYTHING. The user has no work to do here. But the system is fresh, and all the junk built up over time by both the system and the apps are now gone! It is NOT a system image and restore that will bring everything back, including the unwanted stuff. So your device isn't actually in the exact state like before. It is much leaner, cleaner and much more efficient. The exact same thing happens when you migrate to a new device. Only the things that matter are migrated, the rest are not.
Do note that the user has full control over which apps to backup, and therefore, which ones will be restored/ migrated.
aIecxs said:
can you give example app please, let's do reality check
Click to expand...
Click to collapse
If I factory reset my Android phone, the backup will only restore call logs, sms, contacts, and a few basic stuff. It will also download all my apps from the Google Play Store. But here ends the similarity. Beyond this, the user has to setup every app from scratch, with the exception of a few like Google's and Microsoft's cloud based apps. User also has to setup all the permissions for apps from scratch. There is a lot of work involved, which can be easily avoided if Android provided an automated way of getting this done.
User configuration files and login credentials belong to the user. You haven't explained why app developers can choose whether this information can be backed up or not. To me, it seems like Android has a big limitation in the way it is designed, and so is unable to provide a simple backup solution that takes care of these things like in iOS.
x3r0.13urn said:
It's simple, main reason is GDPR, cmiiw
Data needs to be separated between application data (config, everything that is not stored any customer/user/client information) and user's data (login sessions, anything that might compromise customer/user/client information).
For most application data, it can be safely assumed, google, huawei, or any third party software, can back it up, stores it in any kind of their backup storage (cloud, ftp, you name it), and restores it as they wished. However, as the user's data, they cannot. At least without user's consent. And it's because of GDPR.
And @Alecxs is correct. Imagine if someone can restore your data in their phone, and then they were identified as you, imagine the horror. If you think no it's impossible, think again. If you think Apple is secure and that's not possible, think again.
And now, why many backup apps exist in play store that can do that? Simple, they don't provide any kind of agreement that they will store your data in their storage, it's always in your local storage or your own cloud storage (dropbox, drive, you name it). And because there isn't any clear protocol from android to do so (separated backup between application or user data), most of them needs to be operated under root.
Click to expand...
Click to collapse
GDPR? Seriously?
Is GDPR not applicable to Apple?
And GDPR is not about backup and restore. It is about collecting user data without authorization AND using it for purposes that benefit someone else.
For the purposes of backup, all data remains with the user account and not used for any purpose other than to restore the same to the user's device(s), subject to credentials verification.
By your logic, there cannot be any cloud based solution either, including emails!
As mentioned before, Apple is pretty good in taking care of their cloud services. And so is Google. Most cases of breach have been found to be a fault at the users' end. Someone keyed in their credentials in the wrong place and then complained that their account is compromised, their photos have been leaked - not Apple's fault.
TheMystic said:
it seems like Android has a big limitation in the way it is designed, and so is unable to provide a simple backup solution that takes care of these things
Click to expand...
Click to collapse
please give me example app pkgname so I can double check
aIecxs said:
please give me example app pkgname so I can double check
Click to expand...
Click to collapse
You can take any app on your phone which isn't cloud based. Take the file manager app for example. I have set up several remote connections on my file manager. There is no way this information will be restored from the stock Android backup. I will have to setup all remote connections again if I were to uninstall this app and reinstall it. Same holds true if I factory reset my phone or migrate my information to a new device. Android will only reinstall the app for me automatically. I will have to setup all remote connections manually, AND also setup all the custom configurations for the app that I have setup in System Settings.
Only if the app itself provides a built-in way to export all the configurations, will I be able to export them and import it back after a factory reset/ migration. Even then, the configurations (or permissions, etc) for the app under System Settings must be redone manually on Android.
can you please provide pkgname (or google play link) of your file manager, so I can double check?
aIecxs said:
can you please provide pkgname (or google play link) of your file manager, so I can double check?
Click to expand...
Click to collapse
Because this is applicable for all non-cloud based apps which are the majority, I don't have to be specific.
But, since you asked, here are a couple :
1. https://play.google.com/store/apps/details?id=com.alphainventor.filemanager&hl=en
2. https://play.google.com/store/apps/details?id=com.teslacoilsw.launcher&hl=en
okay I am not going to test crappy google one backup on my daily driver, as I don't want to safe my phone to cloud for reason.
Haven't checked Nova Launcher but for File Manager I can say android:allowBackup="true" is allowed in AndroidManifest.xml, so adb backup and restore of app data will work (I can test it later)
Not sure what you mean with non-cloud based apps, are you trying to say these apps can't backed up from google drive? If so, who decides if an app is "cloud based" or not?
aIecxs said:
okay I am not going to test crappy google one backup on my daily driver, as I don't want to safe my phone to cloud for reason.
Haven't checked Nova Launcher but for File Manager I can say android:allowBackup="true" is allowed in AndroidManifest.xml, so adb backup and restore of app data will work (I can test it later)
Not sure what you mean with non-cloud based apps, are you trying to say these apps can't backed up from google drive? If so, who decides if an app is "cloud based" or not?
Click to expand...
Click to collapse
Most of the important/ critical information are already in the cloud for almost everyone. This includes emails, photos & videos, documents, etc. for those who use Cloud Storage (which is pretty much everyone, with an exception of an insignificant minority, insignificant being purely in terms of numbers).
Which also means that all login credentials are already with the service providers in encrypted form, in the cloud. So there isn't really anything critical in the app backups that isn't already there in the cloud. App specific configurations don't come under critical information, and as such all that data should never leave the device, unless it is part of the system backup. More importantly, that data belongs to the user, and there is no reason app developers should have a say in whether that should be available for backup or not. It simply shows that Android is most likely limited by its flawed design on this issue.
Pretty much everyone uses the built-in Backup feature provided by Google, and it makes sense to use that over others like Samsung Cloud because a Google backup is available on all brands of Android devices. I haven't used Samsung Backup or other OEM specific backups, but I guess they are pretty much the exact same like Google Backup, the only difference being the service provider.
By cloud based apps, I mean apps that save all data in the cloud, e.g. Gmail, Outlook, Google Keep, Microsoft OneNote, Google Drive, OneDrive, etc. Apps like file managers, launchers, clipboard managers that don't use a cloud, firewall apps, etc that work locally are the apps whose data must be backed up to the cloud. Again, by app data I mean the user configurations (e.g. remote/ cloud connections set up in a file manager) and login credentials that belong to the user, and not the app or its maker.
user configurations (e.g. remote/ cloud connections set up in a file manager) and login credentials for com.alphainventor.filemanager can backed up, I don't see a problem here besides the fact the app developer seems to agree with your opinion and does allow it (there are good reasons for app developers to deny, I can give you example if you want)
lets stay at facts, regardless of your opinion post #2 applies. Android is providing backup of app data
aIecxs said:
user configurations (e.g. remote/ cloud connections set up in a file manager) and login credentials for com.alphainventor.filemanager can backed up, I don't see a problem here besides the fact the app developer seems to agree with your opinion and does allow it (there are good reasons for app developers to deny, I can give you example if you want)
lets stay at facts, regardless of your opinion post #2 applies. Android is providing backup of app data
Click to expand...
Click to collapse
Please, adb doesn't come under official backup feature provided on phones. ADB, root, custom recovery, etc. are for a niche of users who are an insignificant minority of the user base.
So, Android needs to provide a way or redesign itself where it's Backup & Restore function is just as seamless and effortless, as it is on iOS.
Do let me know what 'good reasons' app developers have to opt out of data backups. Hope they do realise that no one is interested in the app specific stuff, they only care for their own configuration files. And those who do, they know how to root and extract all app data.