[Q] how to adminstrate ANDROID phones - General Questions and Answers

I am responsible for our companies phones.
Since there are coming more and more ANDROID phones I like your suggestions on how to get control of those phones.
That means full control of what the user is allowed to install and use.
Due to company security reasons we like to keep full control of installed apps.
Is this even possible?

Related

[Q] General Android Security Question

Hello,
Seeing that latest HTC EVO scandal I'm beginning to understand how crappy Android security is.
Are you guys familiar with known mobile security products today? Such as Good?
My question is this:
Say I got an android platform (phone, tablets, etc.) that has a mobile security product implemented into it. For the sake of the argument, lets say its Good - a sandbox operated within the android OS implementing encryption and data protection.
Now, lets say that the device has vulnerabilities similar to the HTC issue. In fact, lets make it even worse - an unrooted device has an extreme vulnerability which may allow a user to take control of the system as IF the device was rooted.
Is there any theoretical scenario, in which someone who can take such control of the device, also takes control of the mobile security product processes and by doing so - manages to compromise the sandbox, as in - extract data from it?

The Future of Android ...

So, Heres what I'm seeing..
Windows eventually removing their heads from the warm dark places which inspire them, and bridging the gap between Win 8 and WinPhoney.. and giving users back a powerful PDA-like experience where we can once again do powerful things on our devices besides swipe & play games
iPhone6 or iPhone7 actually functioning more like a tablet, the iPad functioning more like a macbook, and people actually getting work done on their phones again.
Both the above phones docking into docking control stations which go to myDP out to Flatscreen + mouse & keyboard, for a Full Office Pocket Computing Combo
and Android clinging to their obsolete wanabe iPhone, pain-in-the-butt smartphone experience they seem overjoyed about... without anyplace to progress to but the dreaded Linux OS, losing all of its users but the current Linux users when the bridge from Phones to Desktops is complete
Google, Apple, & MS working like crazy to be sure phones stay as far away from desktops as possible for as long as possible, by continued slothful micro-trickling of RAM, ROM memory, Internal Memory, GPU & CPU speeds, and very un-user-friendly software which keeps phone users confined to a small phone box to expand their profitability
the rise of Hardware companies like ASUS, Huawei, etc, who offer devices able to support Win8.. Apple quickly changing their game to follow suit, and the inevitable end of this little current SmartPhone-only empire
and Android left diddling themselves making a few diehard Desktop Linux OS Phones
and I dont see Android having much of any future at all in that rapidly approaching time period they seem completely oblivious to.
anyone agree with that forecast & assessment?
Android is very popular among all the OSs & the combination of a cool software & high end latest hardware makes it endlessly happening.
ak070 said:
Android is very popular among all the OSs & the combination of a cool software & high end latest hardware makes it endlessly happening.
Click to expand...
Click to collapse
ok.. so the "cool apps" you feel will make it to be "endlessly happening", regardless of the generation or era?
and "the latest hardware" remember is all relative...
You dont think INCREASED hardware capabilities able to support a larger more fully functioning, & more useful OS will make these little apps seem a trivial waste of time?
chinarabbit said:
ok.. so the "cool apps" you feel will make it to be "endlessly happening", regardless of the generation or era?
and "the latest hardware" remember is all relative...
You dont think INCREASED hardware capabilities able to support a larger more fully functioning, & more useful OS will make these little apps seem a trivial waste of time?
Click to expand...
Click to collapse
I never mentioned cool apps. I'm talking about the overall OS. Its Open source. So there are many manufacturers that use this OS & come up with their own ideas & devices with different designs which gives users a very wide variety to choose from. And as far as new hardware is concerned, manufacturers like Samsung & Sony use new hardwares to add new features which were never implemented before & completely redefine the 'Smartphone' experience.
I'm not saying that other OSs are bad. It's the matter of one's own taste finally.
Seems to me your assessment is based on your usage/desired usage.....in reality many many people don't really even need a Windows pc, and use the internet primarily for media/social applications, which android favours.
So there will always be a market out there regardless I reckon
Nice fortune telling but i really dont agree ...
ak070 said:
I never mentioned cool apps. I'm talking about the overall OS. Its Open source. So there are many manufacturers that use this OS & come up with their own ideas & devices with different designs which gives users a very wide variety to choose from. And as far as new hardware is concerned, manufacturers like Samsung & Sony use new hardwares to add new features which were never implemented before & completely redefine the 'Smartphone' experience.
I'm not saying that other OSs are bad. It's the matter of one's own taste finally.
Click to expand...
Click to collapse
ya... but is it really just about OSs? or do u think the manufacturers play a larger role in it?
For example, if Samsung & HTC were to create the majority of their devices for use with a new "Windows Mobile 7" because of its design & functionality & usefulness exceeding that of Android - which would inevitably happen, because even though Android is useful for certain things, a Phone OS who encompassed those things, and surpassed it in many others, creating a wider-use platform able to satisfy a broader user base would have to dominate - Dont you think that the number of Android users would dwindle to near nothing?
if every new HTC & Samsung was built with, say, a "Windows Mobile 7" which out-performed Android, and was preferred by companies like ASUS, Huawei, HTC, & Samsung, because of the OS having more use in Government & Job-specific applications that Win CE is often used for, which WinMo 6 started to see a bit of before it was sat on.. Users would of course move from Android to WinMo7, and I really dont see that there would be many android users left at all
Linux is Open Source, yet very few there are who use it & develop for it..
Windows is the largest OS on earth.. Like it or not - like MS or not - developers still create freeware and awesome programs according to the specifications of the device. and if that device allowed for more control, functionality, & customizability, it stands to reason that most devs would migrate as well
If this is a arguent thread well here we go..
i walked into the windows store and messed with the 41mp phone and all i did was spend 10min scrolling down and up to find apps
end of my argument...
androidfoshizzle said:
If this is a arguent thread well here we go..
i walked into the windows store and messed with the 41mp phone and all i did was spend 10min scrolling down and up to find apps
end of my argument...
Click to expand...
Click to collapse
ya, it can get a bit silly... apparently they are alphabetized, and i think you can sort different ways too..
For 100% sure, WindowsPhone will never amount to anything unless its a full Win8 they call WinPhone some day
but I do think win MOBILE 7 is whats needed, and what could sink android.
Android won't sink..Ubuntu will have a phone out that has a full desktop OS by the time windows does anything.. Android is a mobile operating system anyways
sent from 9 month old nexus 4
open source
i agree with androidfoshizzle..linux (android ubuntu) is open source and have many supporters..its free but gives high end support and availability of features.they understood that linux has to become user friendly and it has come to a very reasonable level!
chinarabbit said:
So, Heres what I'm seeing..
Windows eventually removing their heads from the warm dark places which inspire them, and bridging the gap between Win 8 and WinPhoney.. and giving users back a powerful PDA-like experience where we can once again do powerful things on our devices besides swipe & play games
iPhone6 or iPhone7 actually functioning more like a tablet, the iPad functioning more like a macbook, and people actually getting work done on their phones again.
Both the above phones docking into docking control stations which go to myDP out to Flatscreen + mouse & keyboard, for a Full Office Pocket Computing Combo
and Android clinging to their obsolete wanabe iPhone, pain-in-the-butt smartphone experience they seem overjoyed about... without anyplace to progress to but the dreaded Linux OS, losing all of its users but the current Linux users when the bridge from Phones to Desktops is complete
Google, Apple, & MS working like crazy to be sure phones stay as far away from desktops as possible for as long as possible, by continued slothful micro-trickling of RAM, ROM memory, Internal Memory, GPU & CPU speeds, and very un-user-friendly software which keeps phone users confined to a small phone box to expand their profitability
the rise of Hardware companies like ASUS, Huawei, etc, who offer devices able to support Win8.. Apple quickly changing their game to follow suit, and the inevitable end of this little current SmartPhone-only empire
and Android left diddling themselves making a few diehard Desktop Linux OS Phones
and I dont see Android having much of any future at all in that rapidly approaching time period they seem completely oblivious to.
anyone agree with that forecast & assessment?
Click to expand...
Click to collapse
fortune teller!
androidfoshizzle said:
Android won't sink..Ubuntu will have a phone out that has a full desktop OS by the time windows does anything.. Android is a mobile operating system anyways
sent from 9 month old nexus 4
Click to expand...
Click to collapse
I think it already does
The problem with Linux is its just over complicated and not much fun to use.. everytime you want to do something, you have to pull out your programmers reference book.. or google it.
I had thought early on that Android would be a way to enter Google into direct competition with Apple & Windows Desktop OSs, and give us all another viable option..
the problem is two-fold..
1stly, Linux Devs are overly left-brained. and they dont have any creative oversight or people in charge of non-geeky usability engineering.. making Linux the choice of OS for people who enjoy doing what would only be done by IT guys if your computer had serious problems on other OSs
2ndly, Google's own shortsightedness.. their Android dev team has created an implementation of the Powerful Android Platform that is really anything but powerful... and these google OS's are designed inside and out to be phones, and have little use outside the mobile phone market, except as equally-functioning tablets, which make them little more than large phones, without great calling ability
the Ubuntu OS is starting to be developed for Android, rather than the other way around.. its looking more and more like a Phone interface.. It actually seems to be optimized for touch screens, and if not, the developers think "making Linux more user-friendly" means making it work like a phone..
Users want an OS thats fun to use.. we're not all retards... i dont think the devs get the difference.
at any rate, Ubuntu is definitely NOT replacing Win7 or Win8 or OSXs anytime soon, thats much has been made painfully transparent by google..
further, google really wants to make you know you are using a Google product.. it has Google DNA on it from top to bottom.. which is great if you think Google is the way you should be doing all of your computing.
I think, still, a powerful Windows Mobile 7 Solution would quell Android, and take all wind out of its sails, and eventually pretty much squash it for all but Ubuntu Desktop users
But Even given its complexity and difficulty of use, how many of us would still prefer to have a Linux Desktop on our Phone, rather than a Google Phone for our desktop???
I most certainly would

Blackberry OS alternative for companies

Hello guys,
I'm working for a medium-sized company in europe (international company, just about 1500 employees). My company uses Blackberry OS and phones. Sadly (?) Blackberry won't continue developing their OS. Instead they will switch to Android without keeping the features that made Blackberry OS interesting for companies. For many companies however (for as far as I know), Android with especially GAPPS is not an option, at least not, if not secured or separated from the business side.
Now we are looking for an alternative OS that includes the following:
- separated areas for business and private applications
- the business area has full support and integration for VPN and the companies application running via VPN
- ideally the phone application can access both areas at the same time or has the possibility to always see who is calling, not depending on an unlocked business area
- full separation between private and business area
- ideally supporting Android apps.
These are just some ideas that we like to see included. My research for now did not come up with anything similar to the Blackberry OS.
I'd also like to point out that developing such an OS for a (specific?) phone also could be an option.
Does anyone know an alternative for Blackberry OS? Is anyone interested and capable of developing such a system?
Best regards
amalaiteko

Remaking Web OS inbuilt applications from scratch and replacing it with existing system Apps?

The new RootMyTV exploit brings a lot of ideas to my mind one of them being , replacing the inbuilt system apps with rebuilt versions that have much more control and maybe a better UI.(But still a similar UI otherwise it will become super hard for people to use it.)
The new Inbuilt app (Settings app in this case) can have (Not limited to):
Finer control over the options
Always upto date UI (Web OS 5.0 UI on older devices , Web OS 6.0 seems to be a fully non-multitasking OS)
Adding newer features from the newer devices as soon as possible.(Game optimizer comes to mind)
But there is a problem , the OS seems to be using Verified Boot so is this possible? Will we have to create some kind of Magisk but for Web OS?(Web Os is based on Linux)
If you do have any ideas please do share.
We probably will not be testing them immediately on the TV's (No one wants a 2000+ dollar paperweight) and instead using the emulator.
Since I have been changing the system a lot myself for quite a while now, I can say that at least the UI of the apps should be relatively easy to replace (most of them are based on web technologies). The easiest way to modify / replace webOS / default palm apps should be via overlayfs.
But I'm also always a little 'confused' (in a lack of a better friendly description) about the countless strange questions from several users, whether you can e.g. install webOS 6 on a device with webOS 4, if you can enable feature X of a newer generation on your TV or how you can use the root access to defeat copy protection mechanisms for obviously illegal purposes.
There's obviously a lack of a basic understanding how an operation system in general and especially on a TV works. The different generations have different hardware that require the corresponding proprietary drivers, kernel modules and system services written by LG (which are of course closed source).
Obviously, this means that it is virtually impossible for most features of newer devices to be made available on older devices.
For example, you can rebuild the UI of the Game Optimizer, but the functionalities of it are not easily backward portable. If a TV does not support VRR, for example, there is nothing you can activate in this regard.
There are a very few exceptions, like OLED Motion Pro, which can be enabled on 2019 models - but only because this feature is already supported by the TVs and was disabled at the last minute before release. OLED Motion Pro will never activate on a 2018 (or earlier) model!
I hope this helps a little better to understand what is possible and what is not. UI / UX yes, functionalities and features not or only to a very limited extent.
I do know about the feature enabling limitations etc.
By adding newer features I meant the UI/GUI of the newer features , we cant really do anything other than that.

How did android reach this point?

As advanced android users, we quickly became obsessed with rooting, unlocking, and controlling our phone. On the other side of the poker table, we have device manufacturers and carriers trying to lock the ecosystem down. It's curious to me how this came to be.
Looking at personal computers: I wanted to install linux on my personal computer because I am a developer by trade, so I installed linux. I took a USB, loaded the linux ISO, and followed the installer (actually I didn't, arch btw). I did not need to get unlock codes from my device manufacturer or my internet company, I just did it and no one complained (aside from windows who was glitching out as I tried to reboot)
This computer ecosystem feels healthy, it's my computer, and I can use it as I wish. I'm curious how and why android got to this point where 90% of manufacturers:
1. Don't allow unlocking
2. Make you jump through hoops to get an unlock code
3. Have hardware root checks
Of course, before we even start talking about verizon (they forgot to lock my pixel )
Is the fact that mobile devices are harder to unlock and modify them computers a flaw in android? Is there some actual reason life is like this?
That's even before we start talking about update cycles. I used my old computer for 10 years, going from god knows what to windows 10 before finally deciding that I just could not. My device manufacturer did not control the updates I got, they just came. Why is it the case that updates come from the manufacture, not directly from modifications to the android codebase? Shouldn't the manufacture just add "drivers" to the device to handle the peripherals?
I presume in some way google is complient with this, because android is based on linux, and linux has no such problems.
Many times, consumers that bootloader unlock their devices have no clue that they will lose features such as banking and Widevine D1; these users are oblivious as to what rooting truly does to their device and instinctively contact their OEM's support to get a device replacement as many times relocking the bootloader is impossible.
Verizon's thought process is somewhat similar, but there is likely a darker undertone to their practices: preventing bootloader unlocks and processes of the sort could aid them when blacklisting their devices, as there is no way to circumvent something tagged to a permanent IMEI kept by the same bootloader and firmware. There is a reason why T - Mobile requires you to have your device completely paid off before you can make any modifications to the system firmware.
Compared to laptops and computers, it is, generally, a one - time purchase and not an investment; carriers depend on their consumers to keep paying their devices off time and time again to make money.
Drivers are essentially non - existent on Android; the only thing that comes somewhat close is the kernel and any OEM modifications to the firmware.
Xryphon said:
Many times, consumers that bootloader unlock their devices have no clue that they will lose features such as banking and Widevine D1; these users are oblivious as to what rooting truly does to their device and instinctively contact their OEM's support to get a device replacement as many times relocking the bootloader is impossible.
Verizon's thought process is somewhat similar, but there is likely a darker undertone to their practices: preventing bootloader unlocks and processes of the sort could aid them when blacklisting their devices, as there is no way to circumvent something tagged to a permanent IMEI kept by the same bootloader and firmware. There is a reason why T - Mobile requires you to have your device completely paid off before you can make any modifications to the system firmware.
Compared to laptops and computers, it is, generally, a one - time purchase and not an investment; carriers depend on their consumers to keep paying their devices off time and time again to make money.
Drivers are essentially non - existent on Android; the only thing that comes somewhat close is the kernel and any OEM modifications to the firmware.
Click to expand...
Click to collapse
This explains why carriers do do this, and it makes sense, but how can they do this? The fact that should someone in the black box want to, loose control over my device no matter what I do is frankly scary. Could a laptop manufacturer do the same thing if they wanted to? (Ignoring the fact they could not because of the outrage). I had always thought somehow android as an operating system was connected to this, somehow complient, but perhaps it is really just a choice by the manufactures that android has nothing to do with. (Google could enforce this via GMS I think, but I don't expect them to)
Scaledish said:
This explains why carriers do do this, and it makes sense, but how can they do this? The fact that should someone in the black box want to, loose control over my device no matter what I do is frankly scary. Could a laptop manufacturer do the same thing if they wanted to? (Ignoring the fact they could not because of the outrage). I had always thought somehow android as an operating system was connected to this, somehow complient, but perhaps it is really just a choice by the manufactures that android has nothing to do with. (Google could enforce this via GMS I think, but I don't expect them to)
Click to expand...
Click to collapse
Chromebooks are a prime example of locking down the bootloader. So is the same with macOS laptops and related devices - albeit Apple lets you boot into other operating systems, the process to do so requires jumping through quite a bunch of loopholes due to Apple's Secure Boot, file system, etc.
Just to play devil's advocate for a moment (because in reality, I, too, prefer to own my equipment).....
Security can be a lot more critical on mobile devices than stationary devices like desktop computers. Even in *some* respects, compared to rackmount servers. This is because it can be pretty simple to grab someone's phone and do what you want with it. Having physical access to a piece of equipment is 99.999% of the task of breaking into it. Its relatively far fetched for someone to break into your home or a high security datacenter in order to gain physical access to your equipment, so the need to have it protected against the kinds of intrusions that become possible through physical access is much lower than it is on a phone, which you just might accidentally leave on the counter at a coffee shop.
And that is about the only part of the move towards lockdowns that I actually understand. The rest of it is either ill-conceived "security" or coercion to separate you from your money.

Categories

Resources