Is there a way to keep the phone from not locking the screen and asking for my PIN number?
My employer is forcing me to install a certificate to be able to connect to the exchange server at work. And with this certificate comes a security policy that forces me to use the PIN-code lock. Furthermore the time setting for the lock is hardcoded to be as small as one minute.
This is way to short to be reasonable and I'm about to go nuts from having to enter my PIN-code over and over again.
So, is there an application out there that can solve my problem?
Like a G-sensor app that keeps the device alive as long as I'm having it in my hand and thus moving it?
Or perhaps a tweak or hack that can make me get at least 3 or 5 minutes before the device locks up...
Some advice would be appreciated!
I have the same problem. maybe there is a way to extend the locking time to more than 10 min!?
my company enforces 10 minutes, the problem with that is that even while driving and using tomtom it keeps locking!!!
Would love a work around for this, i dont mind it locking (i'd use this feature anyway), but it's stupid that it still forces a lock while using tomtom, how stupid!
Just in case u didn't find a solution yet. There is a small app that monitors the registry and prevents the locking. U only have to unlock the device like once a day. The name of the app is StayUnlock and u can check it here:
http://www.zenyee.com/2008/02/28/stayunlock-at-your-peril/
My girl has a Bionic on VZW and a Nexus 7 Tablet. I installed FoxFi on the Bionic to hotspot for the Nexus 7. Thing is, after we were done and shut down FoxFi, all of the prior networks she had visited on the Bionic are now on the Nexus 7, passwords included. We didn't realize until she came to my house and the Nexus 7 automatically jumped on my network bypassing all security encryption when it had never been set up to gain access.
This raises the question that if someone jumps on your hotspot even if just for a second, can they potentially have access to every network you have saved in the past? Since there is no way to distiguish who is the actual owner of a device this can mean the casual aquaintance that asks to use your wifi really quick to check his email, or the friend you used to have, or the guy who jumps on your connection because you forgot to require a password, all now have unrestricted access to all of your systems you have ever been on.
Maybe I'm missing something but there is no toggle that I can see to turn this off and it seems to be a very major security hole. I understand the convenience factor but it should be able to be shut off to avoid information falling into the wrong hands. Anyone else notice this?
Hmm, I'll have to try it...
Either way, I never never share any network, mobile or not, with someone I dont know or trust.
Yea I'd be interested to know if it's device specific or a software feature. I do my best as well to protect my networks which is why I think software that gratuitously copies login credentials without consent are dangerous. Granted if you are just using it for your own secured device it is a nice feature I just want the option. Let me know what you find.
Will be interesting to see what comes of this.
I have concerns related to the security of S4 as a hotspot. While using the device as a hotspot it
became extremely hot, and started to malfunction. I could see that no one other than myself was
connected to the hotspot. Other unusual activity was observed as well, and the carrier has taken
extreme & unusual steps to prevent me from discussing it with their employees.
When using an S4 with (selinux enforcing) as a hotspot, is there any risk that a malicious webserver operator
can somehow access the device using the carrier assigned (dynamic) ip address?
What type of protections (on the wan side) should be in place to properly secure an S4 with 4.3 for use as a hotspot
so the device itself can't be compromised? (assuming no 3rd party apps are installed) I assume device encryption would
not help this situation because the device has to be decrypted to run the hotspot. It's unclear samasung knox 1.0 could
provide anything useful, and I think they force packets through lookout so it slows the connection.
greens1240 said:
I have concerns related to the security of S4 as a hotspot. While using the device as a hotspot it
became extremely hot, and started to malfunction. I could see that no one other than myself was
connected to the hotspot. Other unusual activity was observed as well, and the carrier has taken
extreme & unusual steps to prevent me from discussing it with their employees.
When using an S4 with (selinux enforcing) as a hotspot, is there any risk that a malicious webserver operator
can somehow access the device using the carrier assigned (dynamic) ip address?
What type of protections (on the wan side) should be in place to properly secure an S4 with 4.3 for use as a hotspot
so the device itself can't be compromised? (assuming no 3rd party apps are installed) I assume device encryption would
not help this situation because the device has to be decrypted to run the hotspot. It's unclear samasung knox 1.0 could
provide anything useful, and I think they force packets through lookout so it slows the connection.
Click to expand...
Click to collapse
bump
greens1240 said:
Other unusual activity was observed as well, and the carrier has taken
extreme & unusual steps to prevent me from discussing it with their employees.
Click to expand...
Click to collapse
would you elaborate on that?
keen36 said:
would you elaborate on that?
Click to expand...
Click to collapse
Those are actually 2 separate issues even though the carrier's actions may seem unusual.
I don't see https in the url for this site, and when I try to force https it redirects to remove the ssl,
so privacy didn't matter here?
Some of the unusual activity involved messages about "sim data" refresh/change when no 3rd party
apps were ever installed, the phone wasn't rooted, and updates turned off. Apps that were turned off
showed subsequent network activity. After a factory reset, disabling some apps and changing other
settings, the main issue was the phone getting extremely hot when using the hotspot to test a vpn
service (vpn settings config on pc not on android).
If your phone number ends up on that "list" you should expect management to take an approach with you
as if litigation is underway. Expect very little cooperation, leave 15 messages over a 30 day
period with 5 different corporate managers to finally get a return call from yet a different manager who
finally admits they have ways to prevent your phone from getting through to support or customer service.
They must have thought none of their customers would figure out that advanced call rejection features
can do all kinds of things, such as put select callers on hold indefinitely, forward the call to a number that
rings but never answers, have the caller hear fast busy signals, have the caller hear a message that no
one is available to take their call, etc, etc. A word to anyone with a cell phone - If you can't get through
using 611 or the carrier's toll free numbers, try calling from a different phone, and if you get through
with the different phone, then you know.
xda admins probably thought that encryption is not overly important, this being a public forum and all... i would also prefer ssl everywhere, but it does add a layer of complexity and also increases demand on the server, so i can see why it is not implemented here.
what do you mean with
Code:
"sim data" refresh/change
? what do you mean when you say you have apps "turned off"?
i can easily see you getting blocked if you annoy any support-hotline too much. i do not see something especially suspicious about that.
if i may be honest: you appear to be a little paranoid.
keen36 said:
xda admins probably thought that encryption is not overly important, this being a public forum and all... i would also prefer ssl everywhere, but it does add a layer of complexity and also increases demand on the server, so i can see why it is not implemented here.
what do you mean with
Code:
"sim data" refresh/change
? what do you mean when you say you have apps "turned off"?
i can easily see you getting blocked if you annoy any support-hotline too much. i do not see something especially suspicious about that.
if i may be honest: you appear to be a little paranoid.
Click to expand...
Click to collapse
As network packets travel over the Internet, anyone with physical access to a network device (within the packet route) can view your activity without your knowledge. There are redirection protocols used by thousands of businesses and ISPs to divert port 80 traffic to web caches, internet filtering appliances, and data mining "honeypots". Not sure if still true today that network router and Layer 3 switches manufactured by Cisco ship with a redirection protocol (WCCP) that can be used to re-reroute HTTP traffic through an external filtering or a logging device. Most would agree when it comes to discussions about network security- exchanging plain text email, and requesting advice on plain text message boards is not the best practice.
"refreshing sim data" was a message I observed after the s4 was rebooted. It seemed odd that the message appeared when there was no update or installations. But I'm not an expert on the device, for all I know it might be normal to see the message when there's no activity. As far as turning off apps, it's normal to turn off apps that use resources, drain battery, etc. if you don't need them. Turning off, not deleting, and changing permissions doesn't appear to be an option on 4.3 without a 3rd party app.
As far as sounding paranoid, there's a lot more to the story that I didn't go into involving what looks like attempted identity/phone theft by the carrier's own employee(s) or reseller(s). The way the situation was handled it genuinely looked like a cover up, and still does.
There is still the issue of securing a hotspot which no one from any tier 2 support centers has been able to answer. Not sure if a droidwall or other firewall would be doing anything beneficial since I assume any port scanning would be of the device connected to the hotspot rather than the s4 itself.
yes, anyone along the route can intercept the packets and even read them if they aren't encrypted. yes, there exist man-in-the-middle attacks. yes, most would agree that when exchanging security related information, it would be best to encrypt. that doesn't change what i said: this board is not security oriented, it is a public, developer oriented board. encryption is not very important here, so the admins must have thought that the benefits of not encrypting outwheigh the risk. if you really have sensitive security-related questions, this is not the right place to ask them, i fear.
what do you do exactly when you "turn off" an app? step-by-step?
have you tried googling what "refreshing sim data" does and why it is happening? it looks harmless to me!
last thing, to get this clear: you think that someone hacked your hotspot because the phone gets hot and unstable when you use it? no, wait, you have about a thousand small other things that also point to that explanation, right? this sounds like a case of unfounded paranoia to me. i have some experience with paranoid schizophrenics, and while i am not (!) calling you that, i have to advise you that the way you argue reminds me of them.
you are looking for suspicious things and you do not understand enough about these phones (they are ridiculously complex, so that is quite normal i might add) to see whether something is suspicious or not.
keen36 said:
yes, anyone along the route can intercept the packets and even read them if they aren't encrypted. yes, there exist man-in-the-middle attacks. yes, most would agree that when exchanging security related information, it would be best to encrypt. that doesn't change what i said: this board is not security oriented, it is a public, developer oriented board. encryption is not very important here, so the admins must have thought that the benefits of not encrypting outwheigh the risk. if you really have sensitive security-related questions, this is not the right place to ask them, i fear.
Click to expand...
Click to collapse
Do you know a better place to ask advanced security related questions about Samsung/Android? Google and Samsung tech support are unable to answer many basic security questions. Anything advanced is a foreign language to them.Ask 1000 Samsung employees "What is Knox?" and 999 will answer "Never heard of it." Most don't care about security, and never will unless and until they become a victim, and have a substantial loss.
keen36 said:
what do you do exactly when you "turn off" an app? step-by-step?.
Click to expand...
Click to collapse
I used app manager. I'f you're familiar with S4 running 4.3 then you're familiar with app manager.
keen36 said:
have you tried googling what "refreshing sim data" does and why it is happening? it looks harmless to me!
Click to expand...
Click to collapse
This message may be related to updating network tower(s) info which I agree, by itself would be harmless.
keen36 said:
last thing, to get this clear: you think that someone hacked your hotspot because the phone gets hot and unstable when you use it? no, wait, you have about a thousand small other things that also point to that explanation, right? this sounds like a case of unfounded paranoia to me. i have some experience with paranoid schizophrenics, and while i am not (!) calling you that, i have to advise you that the way you argue reminds me of them.
Click to expand...
Click to collapse
There's constant network inbound/outbound activity while the device is idle according to the indicator. The activity could be perfectly benign. Many native apps communicate with the network, but it is also possible to turn off (restrict) background activity to limit which apps have network access. I wouldn't know what it is without running a program such as wireshark. A paranoid schizophrenic might think an app that had permission to access the microphone, recorded audio in the room, then encrypted & uploaded it to a server for later retrieval. That could never happen in the real world right?
I'm merely asking questions about various events which may or may not be signs that there's a problem, but I've not concluded anything. More importantly I'm hoping to find information on how to properly secure a hotspot. You've not offered any information about this so I assume you feel no hardening, modifications, or additions are necessary, and in using default settings the device is impenetrable.
keen36 said:
you are looking for suspicious things and you do not understand enough about these phones (they are ridiculously complex, so that is quite normal i might add) to see whether something is suspicious or not.
Click to expand...
Click to collapse
I agree, they are complex. Tech support is of no use, they simply are not trained to respond to a question such as "Is there a firewall running on the device?" "Is code checked for malware by human eyes before an app is put on playstore, or simply trust unknown authors and feedback?"
no, i am sorry, i do not know about any android security related web communities.
i use a sony phone on kitkat, so no, i have no idea what you mean with "app manager". i just want to know what that program did; did it uninstall the apps, did it disable them, did it freeze (rename) them? i have never heard of an app being "turned off", that's why i ask.
what you describe with the microphone listening and uploading what it records to the internet, that is happening every time you open google voice search or -if you use the google now launcher- everytime you go to the homescreen
i do not know how you got the idea that i think that your device is impenetrable ([email protected] sentence btw. )? that is a ridiculous thought, i would never say such a thing. in fact, i am of the conviction that no absolute security can exist on a device which is connected to the internet. there is a reason why some security-related programs are built on machines with no internet access at all.
if you know how to use wireshark, why don't you just use it? if i had to take an uneducated guess, i would think that you would then realise that the network activity you see is benign (not malicious i mean, you might very well discover some nice datamining activity by google etc. ).
i do not know your usecase, if you are living in a country which has an oppressive regime, if you are a general target for hackers somehow (public figure / working at a security-related position etc.), then yes, it might make sense to look at your phones security in detail. if that is not the case, however, then no, i do not think that additional hardening of your hotspot is needed...
Is it possible to use fingerprint scanner to unlock (the lockscreen) when device encryption is enabled ? If you encrypt your device, this usually disables certain unlock methods (firmware dependant).
Yes!
I came across this post when I was wondering the same thing (and not enough battery to just test).
After charging I am happy to report that yes you can still use the fingerprint reader after turning on full device encryption.
nsmart said:
Is it possible to use fingerprint scanner to unlock (the lockscreen) when device encryption is enabled ? If you encrypt your device, this usually disables certain unlock methods (firmware dependant).
Click to expand...
Click to collapse
hey have you tried it yet? are there any addition passwords required after phone boot?
is there any difference from non-encryption at all?
This is probably a bit of a naive question for the advanced crowd here, but I could use some help in determining if I am just missing something obvious.
My company uses MobileIron MDM to manage work profiles on devices. On my S21 Ultra, there is a setting in work profile security called "Auto lock work profile" where you can choose a timeout before your work profile will lock and require a re-auth of some kind (fingerprint, password, whatever).
On my Pixel 7 Pro I noticed this setting is conspicuously missing. The effect is that every time my screen locks, and I then open a work app after unlocking my device, I also need to unlock the work profile again. This is pretty annoying and greatly impacts the usability of the work profile on the Pixel.
Both devices are running Android 13 (OneUI 5 on the S21), so my gut feeling is that this is one of those custom Samsung/Knox enterprise features that isn't part of Google's vanilla implementation of work profiles. I am hoping the community here can confirm my suspicion, in which case I'll probably have to return the Pixel and be bound to Samsung.
Also, yes I am aware that "One Lock" would probably solve this, but it's unfortunately disabled by my MDM, so not an option for me.
Appreciate any feedback.
I recently purchased Pixel 7 and observed the same thing. Your company server is probably is set to require re-entering Work profile passcode every few days but only Samsung devices recognizes that setting. Other device types will be forced to enter passcode after 5 minutes of inactivity.