Related
Hey folks,
I recently installed NoRoot Firewall and found it really interesting to dis/allow network traffic without root. The app uses a local VPN to tunnel traffic and selective adjust the access. It needs permission for startup and networkaccess, the dev says it only needs this for rooting issues (see in-app explanation). The funny thing is, the app runs perfectly even without the INTERNET permission.
Unfortunately, the app isn't open source, the dev is a ghost and it hasn't been audited for security flaws. Although on a German blog, a security specialist has partly audited it for 30 minutes using Wireshark and network analysis. This resulted in no unusual traffic and no manipulations (instead of Mobiwol firewall).
My concern is: Is the app able to manipulate the traffic, that's rooted through itself, to point it or copy it to another destination? I ask, because it even works without internet and wasn't manipulating traffic in the test I read. And if really sensitive data is routed through the app and it's possible to ship this data cloned to another place, it's really disturbing.
I hope someone is able to clarify the technical background.
Greetz
traceless said:
Hey folks,
I recently installed NoRoot Firewall and found it really interesting to dis/allow network traffic without root. The app uses a local VPN to tunnel traffic and selective adjust the access. It needs permission for startup and networkaccess, the dev says it only needs this for rooting issues (see in-app explanation). The funny thing is, the app runs perfectly even without the INTERNET permission.
Unfortunately, the app isn't open source, the dev is a ghost and it hasn't been audited for security flaws. Although on a German blog, a security specialist has partly audited it for 30 minutes using Wireshark and network analysis. This resulted in no unusual traffic and no manipulations (instead of Mobiwol firewall).
My concern is: Is the app able to manipulate the traffic, that's rooted through itself, to point it or copy it to another destination? I ask, because it even works without internet and wasn't manipulating traffic in the test I read. And if really sensitive data is routed through the app and it's possible to ship this data cloned to another place, it's really disturbing.
I hope someone is able to clarify the technical background.
Greetz
Click to expand...
Click to collapse
Has Droidwall been tested?
crobjam said:
Has Droidwall been tested?
Click to expand...
Click to collapse
Doesn't answer my question, but it's open source in contrast to NoRoot Firewall.
I use XPrivacy and it works OK without any additional bakdoors.
It has even more functions (blocking permissions for apps) for privacy protection.
Very good question OP.
This is a extremely useful app but I also would like to know about the possible risks involved.
One would assume that removing the internet access permission (thanks for that suggestion) would render the app harmless but I can't be sure...
EDIT: After removing the app's internet permission with APK Permission Remover I found that the app does run without any error message but it won't allow any app to connect to the internet whatsoever. Which I guess is totally logical since all connections are routed through NoRoot Firewall...
mp107 said:
I use XPrivacy and it works OK without any additional bakdoors.
It has even more functions (blocking permissions for apps) for privacy protection.
Click to expand...
Click to collapse
with the difference that you need root..
I'm looking for no root firewall, NetGuard (alpha) seems to be the alternative
http://forum.xda-developers.com/android/apps-games/app-netguard-root-firewall-t3233012
stpol77 said:
with the difference that you need root..
I'm looking for no root firewall, NetGuard (alpha) seems to be the alternative
http://forum.xda-developers.com/android/apps-games/app-netguard-root-firewall-t3233012
Click to expand...
Click to collapse
riesdepies said:
Very good question OP.
This is a extremely useful app but I also would like to know about the possible risks involved.
One would assume that removing the internet access permission (thanks for that suggestion) would render the app harmless but I can't be sure...
EDIT: After removing the app's internet permission with APK Permission Remover I found that the app does run without any error message but it won't allow any app to connect to the internet whatsoever. Which I guess is totally logical since all connections are routed through NoRoot Firewall...
Click to expand...
Click to collapse
Xprivacy cannot block Android system internet access, as that breaks your internet connection. Another limitation is that it cannot restrict android native apps. So, you need a real firewall to deal with that.
Noroot firewall is a horrible concept: your internet traffic is routed through some unknown server. Whatever you send though the internet is totally exposed to any kind of attacks/exploits. Plus, the issue of open source vs. close is totally irrelevant as applied to servers: so what if they open source their server? You will never know whether that server was built out of that open source.
The only solution is a real firewall.
Please stop listening to dopes who tell you not to root your device. They have an agenda: most of them are either advertisers, spooks or Google employees. The argument that a user doesn't know what he/she is doing and therefore should not have root is false: every known operating system on Earth (windows, mac, linux et al) provides root access/administrative rights to a user. So, how is that the same PC/MAC/Linux user all of a sudden becomes a dummy when it comes to a smart phone? The answer is he does not. But when he gets root, he can restrict advertising, spooking and spying by Google, carriers, advertisers and others.
optimumpro said:
Noroot firewall is a horrible concept: your internet traffic is routed through some unknown server. Whatever you send though the internet is totally exposed to any kind of attacks/exploits. Plus, the issue of open source vs. close is totally irrelevant as applied to servers: so what if they open source their server? You will never know whether that server was built out of that open source.
Click to expand...
Click to collapse
From what I understand, the concept of NoRoot Firewall isn't routing your traffic through an external server but using a local or virtual VPN as a firewall. The Android VPN service is only used to provide control over your connections. This was explained on their web page which now seems to have disappeared. The problem is that one shouldn't just take their word on this and that's why it is relevant that this program is not open source.
There's an interesting discussion on the subject here.
riesdepies said:
From what I understand, the concept of NoRoot Firewall isn't routing your traffic through an external server but using a local or virtual VPN as a firewall. The Android VPN service is only used to provide control over your connections. This was explained on their web page which now seems to have disappeared. The problem is that one shouldn't just take their word on this and that's why it is relevant that this program is not open source.
There's an interesting discussion on the subject here.
Click to expand...
Click to collapse
If that were so, then why would users complain that NoRoot Firewall is increasingly being blocked by various services? That surely indicates a unique IP address, which is different from your mobile/wifi IPs. Android local vpn won't create a separate external IP address. I bet if you go to what's my ip, you will find a curious IP address.
I am always amused by people saying I am looking for a no root app when it comes to security. You just can't secure a system without administrative rights. This is like saying I need protection for my car, which has a habit of swerving around, but do it without using a steering wheel.
optimumpro said:
If that were so, then why would users complain that NoRoot Firewall is increasingly being blocked by various services? That surely indicates a unique IP address, which is different from your mobile/wifi IPs. Android local vpn won't create a separate external IP address. I bet if you go to what's my ip, you will find a curious IP address.
Click to expand...
Click to collapse
I don't know where you read that 'NoRoot Firewall is increasingly being blocked by various services' but maybe it had to do with the fact that you can't use a VPN service while using NoRoot Firewall because it already uses the Android VPN functionality as a firewall.
I also verified my IP adress online and it does not change when I use NoRoot Firewall.
BTW, I am rooted because I like to have full control over my Android but I haven't come across a root firewall app with granular control like NoRoot Firewall. Do you have any suggestions?
I attached a screenshot of the app explaining itself and its permission.
stpol77 said:
with the difference that you need root..
I'm looking for no root firewall, NetGuard (alpha) seems to be the alternative
http://forum.xda-developers.com/android/apps-games/app-netguard-root-firewall-t3233012
Click to expand...
Click to collapse
NetGuard is open source and very easily audited or checked - no Internet access itself.
It isn't as granular as other firewalls, but it has no battery drain, since the VPN service is only used for sinkholing traffic. So for now it's an all or nothing way to block an individual app from network access. There's more details in the thread, and the source is quite readable too.
Its using Vpn so its a power consuming app
Can anyone suggest best root app for restricting internet traffic to apps over wifi/mobile data. And also works as a VPN. The same option is there is noroot firewall. but from somehow from the above discussion, it is not 100% secure.
optimumpro said:
Xprivacy cannot block Android system internet access, as that breaks your internet connection. Another limitation is that it cannot restrict android native apps. So, you need a real firewall to deal with that.
Noroot firewall is a horrible concept: your internet traffic is routed through some unknown server. Whatever you send though the internet is totally exposed to any kind of attacks/exploits. Plus, the issue of open source vs. close is totally irrelevant as applied to servers: so what if they open source their server? You will never know whether that server was built out of that open source.
The only solution is a real firewall.
Please stop listening to dopes who tell you not to root your device. They have an agenda: most of them are either advertisers, spooks or Google employees. The argument that a user doesn't know what he/she is doing and therefore should not have root is false: every known operating system on Earth (windows, mac, linux et al) provides root access/administrative rights to a user. So, how is that the same PC/MAC/Linux user all of a sudden becomes a dummy when it comes to a smart phone? The answer is he does not. But when he gets root, he can restrict advertising, spooking and spying by Google, carriers, advertisers and others.
Click to expand...
Click to collapse
Some of us are just stuck with phones that are locked up tight and can't root to begin with. So I to am looking for a no-root solution. Before this phone I had all the others rooted, when it was an option. I came across this in a search because I just got a gopro, and the app creates a wifi connection between the gopro and the phone. Soooo, if I'm driving with the gopro, the phone, and all other apps think it's on wifi. So while I'm controlling the camera, other apps like Pandora, Amazon Music, and the sort search and search for a connection on that wifi network that's only between phone and camera, and won't resort to mobile data as long as that connection exists. Anyway, calm down.... not everyone has an agenda. Rooting is indeed relatively simple, but it's also equally simple for someone who missed one detail to ruin their phone. Anyone that ever asked me about it, I'd help them and give them a good "what you need to know" before I show them how to make sure they understand how important it is to read read read. If I get the impression they're a little impatient, or this kind of thing goes over their head, I discourage them from rooting. Just because I care and would hate for them to ruin an expensive device.
Hey folks,
I recently signed up in this forum, and I'm aware of it's professionalism. First, I was a simple observer because I wanted to try to understand the basics and it wasn't not a long time I discovered Android.
I installed NoRoot Firewall. My smartphone is rooted and I also installed LightningWall.
I blocked (with LightningWall) outgoing and inbound access concerning "NoRoot Firewall", and NoRoot Firewall is running fine.
Is it the good action to be sure that NoRoot Firewall doesn't export my data to an external server ?
Or it's not the good action because NoRoot Firewall uses a VPN ?
Sorry if my first post is too basic.
I hope someone is able to answer me.
Due to my recent installation of app Network Log, I have examined the I/O on the Net made by NoRoot FireWall.
It appears (by examining the log) that NoRoot FireWall is making I/O on the Net, but unfortunately I can't determine if those I/O are on behalf of applications crossing NoRoot FireWall (through Android VPN functionality), or for app NoRoot FireWall itself.
I don't know how to determine it.
If anybody has an idea.
iwanttoknow said:
Due to my recent installation of app Network Log, I have examined the I/O on the Net made by NoRoot FireWall.
It appears (by examining the log) that NoRoot FireWall is making I/O on the Net, but unfortunately I can't determine if those I/O are on behalf of applications crossing NoRoot FireWall (through Android VPN functionality), or for app NoRoot FireWall itself.
I don't know how to determine it.
If anybody has an idea.
Click to expand...
Click to collapse
guys,
maybe we could just block the noroot firewall app itself in the app list from using data/wifi.
it's running fine for me.
micmaccc said:
guys,
maybe we could just block the noroot firewall app itself in the app list from using data/wifi.
it's running fine for me.
Click to expand...
Click to collapse
Hi,
I blocked output of Noroot Firewall in the list of its controlled app.
I also blocked Noroot Firewall with LightningWall (input and output).
And I observed I/O made by Noroot Firewall in Internet, by using app NetworkLog (examining its log file).
I can't determine if I/O made by Noroot Firewall are really made by Noroot Firewall by itself, or for allowed app crossing Android VPN used by Noroot Firewall.
Is there a tool to determine it ?
Amusons-nous avant tout !
Hello. Please excuse the necro.
A few questions please:
I'm not a networking expert. I do not understand the difference between the pre- and post- filters. Does it need to be redundant, ie mirror the rules on both filters?
How do you know if it's incoming or outgoing?
Also, why is it that even if there is a rule blocking a domain, such as *.domain.comort, I still see a connection being requested?
micmaccc said:
guys,
maybe we could just block the noroot firewall app itself in the app list from using data/wifi.
it's running fine for me.
Click to expand...
Click to collapse
How do you do this? I always thought blocking NoRoot from within NoRoot didn't make sense. Do I need to install another FW?
fpjones3 said:
Hello. Please excuse the necro.
A few questions please:
I'm not a networking expert. I do not understand the difference between the pre- and post- filters. Does it need to be redundant, ie mirror the rules on both filters?
How do you know if it's incoming or outgoing?
Also, why is it that even if there is a rule blocking a domain, such as *.domain.comort, I still see a connection being requested?
How do you do this? I always thought blocking NoRoot from within NoRoot didn't make sense. Do I need to install another FW?
Click to expand...
Click to collapse
Install another FW dosen't make sense, because all traffic through NoRoot. The another FW can't recognize the network access by apps.
---------- Post added at 07:14 AM ---------- Previous post was at 06:58 AM ----------
iwanttoknow said:
Hey folks,
I recently signed up in this forum, and I'm aware of it's professionalism. First, I was a simple observer because I wanted to try to understand the basics and it wasn't not a long time I discovered Android.
I installed NoRoot Firewall. My smartphone is rooted and I also installed LightningWall.
I blocked (with LightningWall) outgoing and inbound access concerning "NoRoot Firewall", and NoRoot Firewall is running fine.
Is it the good action to be sure that NoRoot Firewall doesn't export my data to an external server ?
Or it's not the good action because NoRoot Firewall uses a VPN ?
Sorry if my first post is too basic.
I hope someone is able to answer me.
Click to expand...
Click to collapse
You can think of it as a router on the network.
Which unique identifiers of my android device are available to app developers of app installed via the play store with no granted root access? For example, Android ID, IMEI, serial number, etc. And among those unique identifiers, how many of them can be changed with root access? For example, Titanium Backup can change Android ID easily with root.
Essentially what I'm asking is: If a particular app developer bans my device from using their service, would it be possible to make the device look completely unique from their point of view? Obviously there would be external factors like public facing IP, but I'm just concerned with the device itself. This is also assuming that the device has been factory reset.
lucidstate said:
Which unique identifiers of my android device are available to app developers of app installed via the play store with no granted root access? For example, Android ID, IMEI, serial number, etc. And among those unique identifiers, how many of them can be changed with root access? For example, Titanium Backup can change Android ID easily with root.
Essentially what I'm asking is: If a particular app developer bans my device from using their service, would it be possible to make the device look completely unique from their point of view? Obviously there would be external factors like public facing IP, but I'm just concerned with the device itself. This is also assuming that the device has been factory reset.
Click to expand...
Click to collapse
Hows about not giving anyone a reason to ban you? :silly:
Anyway, XDA isn't here to help anyone bypass restrictions put on anyone for getting banned from anything.
Thread closed.
Darth
Forum Moderator
Most things that restrict actions in Android use the applications uuid to identity it.
UUID is an immutable representation of a 128-bit universally unique identifier (UUID).
However recently I installed firefox and firefox beta..
Both share the same uuid..
And when I installed firefox beta. It gained all the rights and permissions and internet access that firefox had..
Both applications are installed on my device both run separately
But I cannot secure one with out the other getting the same security access.
If you look at system files many of them have the same uuid
That is a huge security issue with Android..
Is there a way to assign a new uuid to a application
Even if you have to rebuild the apk?
(Almost everything I have is open-source so I can build it from scratch if required)
In android, apps can share the UUID by declaring it in the manifest:
android:sharedUserId
The name of a Linux user ID that will be shared with other applications. By default, Android assigns each application its own unique user ID. However, if this attribute is set to the same value for two or more applications, they will all share the same ID — provided that they are also signed by the same certificate. Application with the same user ID can access each other's data and, if desired, run in the same process.
So if you just resign the APK with a different certificate (you can quickly generate one) they won't share the same ID anymore (because you don't have the mozilla certificate)
And FYI, it is not a security issue. In fact, it is an added security measure. Because apps that need to communicate with each other can share the same memory space and filesystem. The security is based on the signature of the app. So it is as strong as your ability to not leak the certificate
h4oxer said:
And FYI, it is not a security issue. In fact, it is an added security measure. Because apps that need to communicate with each other can share the same memory space and filesystem. The security is based on the signature of the app. So it is as strong as your ability to not leak the certificate
Click to expand...
Click to collapse
Except that many apps can be installed under the same id number.
If they where given a completely unique number for every app installed then I would agree
But that is not the case.
Multiple apps with the same id is just bad security
It's like giving two different people the same identification because they share an office.
I will look into resigning some apks and see what I can find.
Thank you for the info.
nutpants said:
Except that many apps can be installed under the same id number.
If they where given a completely unique number for every app installed then I would agree
But that is not the case.
Multiple apps with the same id is just bad security
It's like giving two different people the same identification because they share an office.
I will look into resigning some apks and see what I can find.
Thank you for the info.
Click to expand...
Click to collapse
Signatures have nothing to do with uid. If you have the same app with a different signature, you will simply not be able to install them together. Uid has to do with app's internal name like com.xxx. Apps with the same internal name will always have the same uid (like firefox stable and beta) and different apps will always have different uid, except for some system apps that come from os makers, which is true for many, if not all os. A third party app will never have any of the system app uid. So, there is no security issue at all.
ukanth talked about the android:sharedUserId attribute.
Android's documentation says that apps have to be signed by the same certificate.
Having the same package name (or a similar one) is not mandatory to share the same UID (example: dev tools & fused location).
Firefox and firefox beta..
Two similar apps
Same uid last time I installed both..
So a unscrupulous developer could create a separate app with separate functions with the same uid and if you installed it where would you be?
And god knows that no one ever has an issue with developers creating unscrupulous apps that try to get data from your device.
nutpants said:
So a unscrupulous developer could create a separate app with separate functions with the same uid and if you installed it where would you be?
Click to expand...
Click to collapse
He could only do that if both apps were his, and if both apps were his, he doesn't gain access to anything that he didn't already have access to.
nutpants said:
Firefox and firefox beta..
Two similar apps
Same uid last time I installed both..
So a unscrupulous developer could create a separate app with separate functions with the same uid and if you installed it where would you be?
And god knows that no one ever has an issue with developers creating unscrupulous apps that try to get data from your device.
Click to expand...
Click to collapse
Your scenario is impossible. Firefox can only obtain permission from another firefox and both must be made by the same developer. And Firefox cannot get permissions from apps made by others.
optimumpro said:
Your scenario is impossible. Firefox can only obtain permission from another firefox and both must be made by the same developer. And Firefox cannot get permissions from apps made by others.
Click to expand...
Click to collapse
Firefox is an example.
But a similar situation could come from any developer.
Develop one good popular app
And one data mining, soul stripping life stealing app with the same uid and maybe even a hidden icon..
Personally I give apps only the access the need. Not what they ask for.
With marshmallow everyone can restrict information
But you can not when two apps share the same uid.
For example Firefox stable had no serious privacy holes
Firefox beta could. It's beta.
Two apps one uid..
Bad idea..
nutpants said:
Firefox is an example.
But a similar situation could come from any developer.
Develop one good popular app
And one data mining, soul stripping life stealing app with the same uid and maybe even a hidden icon..
Personally I give apps only the access the need. Not what they ask for.
With marshmallow everyone can restrict information
But you can not when two apps share the same uid.
For example Firefox stable had no serious privacy holes
Firefox beta could. It's beta.
Two apps one uid..
Bad idea..
Click to expand...
Click to collapse
"Develop one good popular app. And one data mining, soul stripping life stealing app with the same uid and maybe even a hidden icon."
But that doesn't make any sense. If there is another (bad) app by the same developer with the same com.name, it will install only on top of the good one and it will be a totally different app. By the way, beta firefox shouldn't have the same uid as stable (unless they, as a big developer, have a special arrangements with Google, so that their certificate is preinstalled, but you don't really think that firefox would need another app to steal your data, they can do it anyway). Also, what's the point of having both firefox beta and stable? It is bad for system. Firefox is known to stay in the background after you exit it, unless you literally kill it with a specially configured back button. So, now, you have 2 web browsers in the background.
optimumpro said:
"Develop one good popular app. And one data mining, soul stripping life stealing app with the same uid and maybe even a hidden icon."
But that doesn't make any sense. If there is another (bad) app by the same developer with the same com.name, it will install only on top of the good one and it will be a totally different app. By the way, beta firefox shouldn't have the same uid as stable (unless they, as a big developer, have a special arrangements with Google, so that their certificate is preinstalled, but you don't really think that firefox would need another app to steal your data, they can do it anyway). Also, what's the point of having both firefox beta and stable? It is bad for system. Firefox is known to stay in the background after you exit it, unless you literally kill it with a specially configured back button. So, now, you have 2 web browsers in the background.
Click to expand...
Click to collapse
Check out Firefox and firefox beta..
Different names, different app.Same developer, Same uuid
Both together on your device at the same time.
Unless there is something wrong with my nexus
You can get both from Google play and see for yourself.
Which means that any developer could do it.
The next question would be how secure is the app signing method. Can it be duplicated? Coerced ? Or just commandeered by the fbi on the off chance some one committed a crime that could support terrorism.
Uuid sharing bad idea.
How does Android assign the uuid to each app?
And yes I test beta apps to see if they have fixed bugs that are present in stable
I support open source every chance I can.
nutpants said:
Check out Firefox and firefox beta..
Different names, different app.Same developer, Same uuid
Both together on your device at the same time.
Unless there is something wrong with my nexus
You can get both from Google play and see for yourself.
Which means that any developer could do it.
The next question would be how secure is the app signing method. Can it be duplicated? Coerced ? Or just commandeered by the fbi on the off chance some one committed a crime that could support terrorism.
Uuid sharing bad idea.
How does Android assign the uuid to each app?
And yes I test beta apps to see if they have fixed bugs that are present in stable
I support open source every chance I can.
Click to expand...
Click to collapse
Signing process cannot be replicated. However, if you use Google services (including Googleplay), then it is possible to have Google sign a modified application to take over your phone, but this could be defeated completely by removing google services and google services framework and using roms and apps that you have compiled by yourself. Moreover, before compiling, you will have to re-generate all build keys (test key, platform key and media key). In this case, the only way to take control over your phone would be over the air through the operator's sim card and if that fails, then through the king of all - baseband/modem...
nutpants said:
Check out Firefox and firefox beta..
Different names, different app.Same developer, Same uuid
Both together on your device at the same time.
Unless there is something wrong with my nexus
You can get both from Google play and see for yourself.
Which means that any developer could do it.
The next question would be how secure is the app signing method. Can it be duplicated? Coerced ? Or just commandeered by the fbi on the off chance some one committed a crime that could support terrorism.
Uuid sharing bad idea.
How does Android assign the uuid to each app?
And yes I test beta apps to see if they have fixed bugs that are present in stable
I support open source every chance I can.
Click to expand...
Click to collapse
Just to clear the record: previously I said that signatures make no difference to uid. This was not entirely correct.
Signatures identify a unique developer. Package name/internal app name identify a unique application. The only way an app can get a shared uid is if it has the same signature, i.e., made by the same developer. In other words, an app cannot have a shared uid with an app by another developer.
Now, security: apps using a shared uid share data/database with each other; they also share the same permissions. This creates no additional security threat.
Your example of a dev creating a good app and then adding a bad/data stealing app that would have the same permissions as the good one. This absolutely makes no sense, as data stealing features could be easily implemented in the good app. In addition, the bad app cannot have higher level permissions than the good one.
If you, however, don't want to have shared uid for 3rd party apps, there is an easy way do that: all you need is to sign any third party app with your own signature, which will prompt android to assign a different uid.
optimumpro said:
If you, however, don't want to have shared uid for 3rd party apps, there is an easy way do that: all you need is to sign any third party app with your own signature, which will prompt android to assign a different uid.
Click to expand...
Click to collapse
So if I sign firefox beta, it will automatically have a different uuid,
What happens is I also sign the original Firefox also?
Will that cause the uuids to again be the same or will they both be different?
Can a apk be signed from an Android device?
Is there any other way to change how Android assigns uuids to apps?
(Ie force Android to assign new uuids to every app, extract the rom and change the uuids on the apks so every apk have a truly unique id (which I would expect form something called universal unique id)
Why would anyone ever want a uuid to be shared with another app (Even system apps)?
Thanks for the info btw..
nutpants said:
So if I sign firefox beta, it will automatically have a different uuid,
What happens is I also sign the original Firefox also?
Will that cause the uuids to again be the same or will they both be different?
Can a apk be signed from an Android device?
Is there any other way to change how Android assigns uuids to apps?
(Ie force Android to assign new uuids to every app, extract the rom and change the uuids on the apks so every apk have a truly unique id (which I would expect form something called universal unique id)
Why would anyone ever want a uuid to be shared with another app (Even system apps)?
Thanks for the info btw..
Click to expand...
Click to collapse
In order to have a shared uid, both apps must have that permission in their manifests. Having this benefits performance and minimizes space on the device. Since android apps run in a sandbox/virtual machine, you can imagine the slowdown if you have system apps with unique uids.
You shouldn't sign the other firefox with the same key , as you will defeat your purpose.
I am not aware of a procedure to sign the app on the device, however, you can search xda. You can certainly sign the app on linux or windows. You can also generate multiple keys for signing.
Hello all,
for my project I want to know if its possible to delete another apps data on Android?
Project context:
In supermarkets staff workers will use shared android devices. After one work shift the phone gets passed to the next shift and should erase all personal data from the previous user.
Users will get access to apps kinda like Single Sign On over a password manager, providing the credentials for the needed apps.
So again my question is: is it possible to somehow force delete the used app's data on work shift change?
I am talking like a automatic process instead of going into the settings and clearing data manually one by one.
Thank you in advance.
I guess to clean the data automatically for now I have never found that, and even until now I only clean the data manually.
Nextechie said:
Hello all,
for my project I want to know if its possible to delete another apps data on Android?
Project context:
In supermarkets staff workers will use shared android devices. After one work shift the phone gets passed to the next shift and should erase all personal data from the previous user.
Users will get access to apps kinda like Single Sign On over a password manager, providing the credentials for the needed apps.
So again my question is: is it possible to somehow force delete the used app's data on work shift change?
I am talking like a automatic process instead of going into the settings and clearing data manually one by one.
Thank you in advance.
Click to expand...
Click to collapse
Yes and no. Data from user apps that have been installed should be fairly easy to delete in bulk. Data from system apps won't be as easy, but it can be done.
Will the device be stock? Or will it be rooted? Will it have stock recovery or will it have TWRP?
Will you be attempting to setup something like multiple user accounts with one of the accounts being the Admin/device manager?
Sent from my SM-S767VL using Tapatalk
Droidriven said:
Yes and no. Data from user apps that have been installed should be fairly easy to delete in bulk. Data from system apps won't be as easy, but it can be done.
Will the device be stock? Or will it be rooted? Will it have stock recovery or will it have TWRP?
Will you be attempting to setup something like multiple user accounts with one of the accounts being the Admin/device manager?
Sent from my SM-S767VL using Tapatalk
Click to expand...
Click to collapse
I don't have detailed information yet but I assume the device is stock, not rooted and has a stock recovery.
The desired outcome is that a user can log in and has access to the credentials via a password manager which pulls the credentials from a backend service.
There will be multiple users accessing the phone but only one at a time.
What exactly do you mean by admin or device manager?
BryanHafidz said:
I guess to clean the data automatically for now I have never found that, and even until now I only clean the data manually.
Click to expand...
Click to collapse
I am aware that it is possibly to clear the data manually but I am trying to implement a mechanism to clear the data automatically on log out event.
Nextechie said:
I don't have detailed information yet but I assume the device is stock, not rooted and has a stock recovery.
The desired outcome is that a user can log in and has access to the credentials via a password manager which pulls the credentials from a backend service.
There will be multiple users accessing the phone but only one at a time.
What exactly do you mean by admin or device manager?
Click to expand...
Click to collapse
I mean, like a PC, where the "owner" is the administrator of the device and their account to login to the PC is an administrator account profile but any other users that create a profile on that device will be limited to a user account profile. These user accounts can use the device but they can't affect or change anything at the system level, they can only affect data from their own user profile. This basically puts them in a box within the device when they are using the device and they can't mess with anything that is outside the box they are in.
Sent from my SM-S767VL using Tapatalk
Droidriven said:
I mean, like a PC, where the "owner" is the administrator of the device and their account to login to the PC is an administrator account profile but any other users that create a profile on that device will be limited to a user account profile. These user accounts can use the device but they can't affect or change anything at the system level, they can only affect data from their own user profile. This basically puts them in a box within the device when they are using the device and they can't mess with anything that is outside the box they are in.
Sent from my SM-S767VL using Tapatalk
Click to expand...
Click to collapse
Currently it is only planned to do the different access types via the provided credentials in the password manager.
The project is currently in a planning phase and will be implemented later next this year.
Is it possible to have this kind of adminstrator account on an android phone? I am not very familiar with android's work profiles but if they provide the needed functionality they would be taken into consideration.
Nextechie said:
Currently it is only planned to do the different access types via the provided credentials in the password manager.
The project is currently in a planning phase and will be implemented later next this year.
Is it possible to have this kind of adminstrator account on an android phone? I am not very familiar with android's work profiles but if they provide the needed functionality they would be taken into consideration.
Click to expand...
Click to collapse
I'm not sure, it may be possible.
The only reason I asked was more of a question of whether it was somewhat what you were looking for than it was a suggestion of something that is possible.
Sent from my SM-S767VL using Tapatalk
Droidriven said:
I'm not sure, it may be possible.
The only reason I asked was more of a question of whether it was somewhat what you were looking for than it was a suggestion of something that is possible.
Sent from my SM-S767VL using Tapatalk
Click to expand...
Click to collapse
We may look into it as a possible addition in a later phase of the project.
The main priority right now is a single sign on functionality that enables users to get access to many apps with one pair of credentials.
I'm looking for a way of stopping my kids phones from being used as a hotspot, as it allows them to share their data with others. I'm not fussed whether it worked on Android or iPhone as long as a workable solution was available. Changing the password is no good as they'll just share the new password.
mudddy said:
I'm looking for a way of stopping my kids phones from being used as a hotspot, as it allows them to share their data with others. I'm not fussed whether it worked on Android or iPhone as long as a workable solution was available. Changing the password is no good as they'll just share the new password.
Click to expand...
Click to collapse
It would require rooting the devices and then using root permissions to delete the system app or apps that control the hotspot feature. If you successfully root the devices and successfully remove the app or apps and are successful in stopping the hotspot functionality, you will then have to un-root the device so that the changes that you made can not be reversed.
Or, it is possible that you may be able to use adb(Android Debig Bridge)without having to root the devices to disable or remove the app or apps that control hotspot. You would just have to identify the exact name of the specific system app or apps that control hotspot on your device and then use adb commands to disable or remove those specific apps then reboot the devices.
To learn how to use adb to remove the system apps on each specific device in question, do a Google search for:
"Remove system apps via adb without root (the specific device model number)"
That should find many different guides to explain the process even if it doesn't find anything specific to the device model. The important things to remember are, you must identify the specific system apps(the specific file name of the .apk files for those apps) that control hotspot, then use those specific .apk file names in your command lines that you enter in adb and the command must be the correct uninstall or disable command.
mudddy said:
I'm looking for a way of stopping my kids phones from being used as a hotspot, as it allows them to share their data with others. I'm not fussed whether it worked on Android or iPhone as long as a workable solution was available. Changing the password is no good as they'll just share the new password.
Click to expand...
Click to collapse
If you wish to permanently disable mobile hotspot, please provide here your Android device, model number and Android version presently installed.
jwoegerbauer said:
If you wish to permanently disable mobile hotspot, please provide here your Android device, model number and Android version presently installed.
Click to expand...
Click to collapse
Its a Xiaomi Redmi Note 9 64gb/3gb running Android 10 and Miui 12. But as mentioned I'd change this to any mobile which has a workable solution.
Does anyone know of any guide I could use to do this?
Not fussed on what phone its on.