Hey guys, I've been searched for many hours trying to find a solution to this problem I'm having. Let me first explain what I'm trying to do and the reason for it.
Basically I have Dropbox setup to auto sync encrypted files to a folder on my sdcard, lets say:
/storage/sdcard1/encrypted_notes/
Then I have Cryptonite installed and have created an encfs mount in my data folder here:
/data/data/share.encrypted/
I've created the mount point there because simply put, I don't want my decrypted files on the sdcard accessible by every other app that has access to the entire sdcard.
At the moment, /data/data/share.encrypted is chowned by the uid & gid that is assigned to Cryptonite.
Now I want my note reading app to be able to access all files in that folder so my plan was to simple add the note reading apps' UID to the GID of Cryptonite.
That's what I've been searching google to figure out how to do, add a UID of an app to a GID of another app in android.
Sounds simple enough, but I have no idea how to do it. There is no "groupadd" command in android as far as I can tell, nor does busybox have this command.
Is there some other way to do do this?
Or even... some other way I can setup my system so the decrypted notes are still available by both apps and no other app?
Any help is really appreciated. Thanks
I thought I had something going, I managed to change the group owner of the notes folder
/data/data/share.encrypted/ to uid of the notes program and gid of cryptonite and successfully mounted
/storage/sdcard1/encrypted_notes/ into that directory using cryptonite, and on top of that was able to edit the files in the notes program only to discover two things.
Firstly, mounting that encrypted notes folder to the data folder uses the filesystem permissions of the encrypted_notes folder on the SD Card (obviously), something I didn't think of - basically making /data/data/share.encrypted/ world write/readable to any app that has access to SD Card.
So doesn't really help me in terms of keeping things secure.
So then I thought of a new idea, creating a separate partition ext4 on my SD Card, making *that* folder my encrypted notes sync folder owned by the notes program uid and cryptonite as group and instead mount that, until I then realized, I need a 3rd app to have r/w access to this encrypted notes folder... my notes syncing app - FolderSync -
So now I think I'm back to square one. The easiest way to do all of this that I can think of (on a Linux system) would be to add the 3 apps to a group and just have the folder r/w by that group (and therefore those 3 apps).
But after lots of continued research the past few days... I'm finding that Android is very very anti-this-idea in the fact that it really really doesn't like apps sharing data (except universally shared data on the SD Card) and I can't figure out a way to assign apps to additional groups beyond their initial group that is created just for them. :crying:
I found another similar discussion about the non-security of storing your cryptonite unencrypted notes on world readable sd card here:
http://forum.xda-developers.com/showthread.php?t=1561339
With the following two points which are my personal concern as well:
http://forum.xda-developers.com/showpost.php?p=25837127
http://forum.xda-developers.com/showpost.php?p=26265852
I'm having a really difficult & frustrating time here.
Any thoughts anyone?
Related
Playing around with the ls -R command, I found where the SMS database is kept, and it's somewhat readable in a text editor...
UPDATE (thanks staulkor): This database is viewable, and searchable using an SQLite database viewer.
Code:
/data/data/com.android.providers/telephony/databases/mmssms.db
Just run the following command to back it up to the SD Card:
Code:
busybox cp /data/data/com.android.providers.telephony/databases/mmssms.db /sdcard
Happy hacking
You can use an SQLite viewer to read the database correctly
Would seem simple enough to write a script to run on a PC/Mac to back up the database and load it into some sort of viewer... searchable perhaps?
I'm not too familar with databases, but would seem simple enough to make a lightweight app to keep the SMS archive...
Cool, maybe we'll soon see a port of PIM Backup. Would be nice...
Hmm...
/data/data/com.android.providers/telephony/databases/mmssms.db
Click to expand...
Click to collapse
and
busybox cp /data/data/com.android.providers.telephony/databases/mmssms.db /sdcard
Click to expand...
Click to collapse
are two different paths - I think both are supposed to be
Code:
/data/data/com.android.providers.telephony/databases/
(since I can't cd to the other one).
At any rate - thanks for the tip, but can anyone else confirm this works for them? On my android (R30) I get "opendir failed, Permission denied" if I try to read the contents of that directory.
Seeing as it's fully possible to write an application to back up the database to the sdcard (or even to a website), wouldn't that make more sense?
Afterall, there's no need to have the actual database -- and the method is highly restrictive to both people with root on their phones and those with a USB cable and computer handy.
Also, backing up this database will not backup any MMS attachments, which are stored here:
/data/data/com.android.providers.telephony/app_parts/
Refer to the "part" table for an index matching the files there to messages/filenames. (For each MMS, there should be an XML file that helps identify the type of message, and then the file itself, such as a jpeg).
is this the best and safest way to back up sms database as of yet? I have about 1000 sms and it slows down my messaging so I've been try to find a way to free that up. Backing them up would be great so i can clear them.
If anyone has tried this, please share with the rest of us on its effect on the phone.
Thank you,
Hbguy
P.S: This site is truely GREAT because pros are patient with noobs
i don't understand this...i downloaded the file managers on marketplace, and cannot when i click on data file, there is nothing in there..so i dowonloaded a terminal program and still don't understand how to use the commands to move sms from memory to sim...can u do a quick step-by-step? do i have to use any specific programs to do this? sorry, so used to the simplicity of WM6 on my old phone, having trouble adapting to this platform..thanks for any help.
jazzmanmonty said:
i don't understand this...i downloaded the file managers on marketplace, and cannot when i click on data file, there is nothing in there..so i dowonloaded a terminal program and still don't understand how to use the commands to move sms from memory to sim...can u do a quick step-by-step? do i have to use any specific programs to do this? sorry, so used to the simplicity of WM6 on my old phone, having trouble adapting to this platform..thanks for any help.
Click to expand...
Click to collapse
You need to have root on your phone to follow the instructions given above (if you don't know what that means, you don't have it). For non-root users, most of the Android system on the G1 is locked down -- including /data and all its subfolders.
If you do have root on the phone, you can follow the instructions at the top from a terminal while logged in as root. You can verify you are root by running the program "id":
# id
uid=0(root) gid=0(root)
From there, to copy the SMS/MMS database to your sdcard, you can follow the above instructions. If you don't have busybox (ie, "busybox: not found"), you can use the "cat" command as so:
cat /data/data/com.android.providers.telephony/databases/mmssms.db > /sdcard/mmssms.db
You may also want any files stored here:
/data/data/com.android.providers.telephony/app_parts/
Which are from MMSs (if you've no MMSs saved, then you've no need to bother).
Also, not sure if there is a clarification needed for you. The instructions provided offer no way to access SMSs stored on the SIM, as Android uses a PDU interface that doesn't use the SIM's SMS storage space. It is possible to read SMSs off the SIM, however, and into the internal memory storage. See the settings window in the messaging application.
If someone does take the time to create an application to do this, then it would not require root access. Applications are allowed to access the SMS/MMS database, provided the user grants them permission, and could then be used to read the data from the database and into a new database or other file (eg, csv).
do ya think it would be posible to move these permanently to the memory card? ummmm.... ill try if i get a chance ..... ya can connect to phone via adb in recovery mode right ? an undo whatwver i break?
how would you view your backed up sms messages using staulkors sql database?
step by step would be great
hbguy
Just to be clear - for most people on RC30, this probably will not work.
Per http://forum.xda-developers.com/showthread.php?t=442480 the hacks to gain root access have been blocked since RC30 was deployed in early November. Someone should write an application to support this, but instead everybody is busy creating new useless calculators and niche geolocation applications.
If I'm wrong about the above, it would be terrific for anyone to chime in and clarify that.
goodwinm said:
Cool, maybe we'll soon see a port of PIM Backup. Would be nice...
Click to expand...
Click to collapse
https://github.com/jberkel/sms-backup-plus
Okay what I want is a way to encrypt files on my SD Card transparently. For example, when I make a "Compressed Folder" in Astro File Manager called "b" it makes a file called "b.acd"
What I want is a way to encrypt file like that, where it makes a file on the SD Card but like b.acd, it's encrypted (I assume b.acd isn't because I am assuming anyone who has Astro can read it).
So I want the folder to act like any other folder on my phone (and in order to access it I have to unlock my phone, no one who doesn't know my unlock pattern can't use it) and if they take out the card and use a card reader all they see is a file that they cannot open.
I guess whatever app does this will ask me for a key when I install it so then the app will encrypt and decrypt the data as I am using it.
I have searched the market for encryption software, but with the apps I found I had to manually encrypt and decrypt the files myself unlike how Astro uses ACD archives...
Possibly maybe there could be a program I can run on my PC to access the encrypted files when I provide it with the key...
I have a similar requirement
What I did was make a disk image and call it pagefile.sys
Then I mount the image to a folder when I want access
If you use an ext filesystem on the image when you plug it into windows all you see is a 1gig file called pagefile.sys and can't access it.
It is not very secure, but hidden well enough so someone can't stumpble upon it. Unless they are a bit computer savvy.
So it depends what your hiding and who your hiding it from.
Where did you put the file, on your card? How did you mount it to a folder? I want something a little more secure. Should the phone get stolen or something, even if the crackhead that steals it doesn't know how to access the files, they might find someone who can...
Yep. The file can go anywhere on the SD and be called anything.
it is mounted with a terminal emulator to any folder in the same way you would in Linux.
the command would be
# mount -o loop -w -t ext2 filename foldername
If you want something more secure I would look elsewhere.
Truecrypt is excellent. But you won't be able to access your files on your phone. Truecrypt for android would be the nuts if someone wants to port it. It is open source.
Oh so you can get a termnal emulator? Where did you get yours from, the market?
Yep. Connectbot is the best.
It says ConnectBot is an SSH client, so do you have to connect to localhost or something?
That's right. You get 3 options in connectbot.
Telnet
SSH
Local.
You can set a shortcut to local on your homescreen if you like.
Anyways, does anyone here know how to actually encrypt the files?
I found a program on the Market that lets you store text and pictures (in the paid version) and acesss them directly without encrypting and decrypting them. But it would be nice if there was a free app that let you store files like normal...
APG is what you want if you want security.
An android port of GPG, which is basically NSA quality encryption depending on how you set your keys.
Create your filesystem as mentioned above, and then encrypt it using APG. Delete the original. Now you have an encrypted filesystem. When you want to access, decrypt, mount, make changes, unmount, reencrypt, delete original.
A pain in the butt, but you won't be able to be more secure.
Would you have to repeat those steps everytime you change the filesystem?
Hello there!
I've chosen to work on building a user interface for file managing on android tablets for my special problem, one of my subjects this semester. So in order to graduate, I need the help of some willing testers to test out my app.
Here's a demonstration of the features it has:
http://www.youtube.com/watch?v=gNcyT5iwLyU
Some things to take note of:
There's no up folder button, so you can't go past /mnt/sdcard when going up the directory hierarchy
if /mnt/sdcard is not your internal sdcard's default mount path, then it'll crash
When you swipe horizontally too fast to switch tabs, it does some funky stuff making one pane invisible. touch the other pane again to make it appear again.
You CAN'T cancel a copy or past operation when it has started.
Don't do stuff like copying or moving a file to the same folder it currently is in. if you move a file or folder to the same folder, it will get deleted.
Just perform normal file operations. Avoid trivial cases as mentioned above.
I'll admit, it's not the best file manager. Features are scarce, the code is not that optimized both in running time and in memory allocation, and there are a lot of checking that needs to be done (like when your sdcard is currently mounted in usb mass storage mode). But my focus is the user interface and not the back end, so please excuse these things.
So here's the link for the app: http://dl.dropbox.com/u/16398746/Files.apk
And here's the link for the evaluation form: https://docs.google.com/spreadsheet/viewform?formkey=dEVQeElJb3QyR05kLUN0akliV0ExbEE6MQ#gid=0
Thank you very much! I'm open to comments here in XDA so just comment ahead and please be gentle with me, it's my first app.
Hi,
im thinking about this problem some time and i dont understand why there isnt yet app for it. If i understand its technicaly only moving files from one place to another where we have r/w access on both of them. So basicly is possible to create app, where could be some user defined database for example - user could click to add button and define icon, name and path to Android/Data folder for app/game and then add it to database. Now user can see app in list and for example by click on it could move this Android/Data using this teoretical app to extSdCard and back to internal storage.
Or there could be something like moving Android/Data folder for specified app to extSd while adding it and when user want to start it will use button in app (which use process like move back to internal storage and then run the app) or some modified shotcut generated by app (with same process) insted of original. There could be some background process controling if executed app is still running and while not it can move data back to extSdCard.
Its not the best method to do that but i dont see here anything requiring root access. Maybe i missed something?
I hope U understand what I want to say, im sorry english is not my primary language
Hello,
I was searching about a feature to limit the access of apps to certain files or directories.
Use Case: I may have a directory I store music and do not want to share this with (amazon music, ....)
I may have a directory where I store pictures which should not be seen by other applications.
Today I use a of the shelf Samsung A3 2016 Android 7.0, but I used Xposed, CM and rooted devices. in the past. I'm not registered as developer here did never codded Android app or kernel but developed on embedded Devices and Linux in the past. I would be happy if you could share a ready to use setting, app or development idea (even if you did not got it running).
What I investigated and did not work so far:
Option A - .nomedia
I know already there is a possibility to use .nomedia file in the directory to avoid pictures being shown in Gallery, BUT this is a feature of the Gallery app (as far as I see). So the developer of the Gallery app could also access to the pictures in the directories, if they would like. So I'm not happy with this.
Option B - using cryptography
So I could simply put the sensitive data into a container, there are apps out e.g. EDS.
But I found out if the application who should access the data is not providing a "path" where the data is stored or doesn't provide an interface to a cryptography it can not be used. And once I entered the password and the directory is mounted all the applications running are able to access the files.
Option C - restrict media access
The Android allows to restrict the access to media, so I simply could switch off the access in the app I do not want to allow. But this doesn't work if the app need to store data. Android Music should be able to store the music on the phone but should not be allowed to access the other directories on my SD.
In pure Linux it would be quite easy you can use different users and access to files.
But Xposed may provide a solution as I could filter requests to the file system, but is there a example out there.
Thank you for reading all the stuff
I'm looking forward to read about your ideas
gonso
Hello,
no one has an idea or solution? I'm not able to post in the developers section may be one of you
may move the post into the Development part.
If not existing yet I would try to find out how to develop
Regards
gonso