guest / extra account modus - General Questions and Answers

Dear all,
I have a question about smartphone use(ers)
We have a number of smartphones here, the Huawei P9 Lite / P20 Lite which have the latest update on Android 8 / EMUI8.0.0.
But sometimes these phones are delivered back to us with an FRP and the user is no longer present in the meantime at the company.
So now we want to come up with something that we no longer have the FRP (Google FRP) '' preferably free '' Because enterprise solutions such as MobileIron, we do not really have much money for the company at the moment.
Are there solutions where the end user does not use the 'core account' but has a kind of guest account.
Because I know that Google has '' guest modes '', but I cannot find these types of solutions on the phones that we have that do not have FRP.
someone who can give tips?
I only get to see '' Android 5 '' on Google, not really specific to our devices.

Related

[Q] Remote Administration of Multiple Android Handsets

My situation:
In my company we have about 30+ handsets currently running Android (standard and custom ROMs from XDA). The handsets include HTC Desire HD, HD2, Desire S and Desire Z. The users cannot be trusted not to brick the phones if they are allowed to download apps and modify them in anyway (not to mention they are business phones so shouldn't have facebook etc on them any way).
I've heard about admin tools which allow control of handsets remotely.
Requirements:
So, if possible, what i would like does something along the lines of...:
1: Blocks further apps from being added to the handset without a password
2: A lock to keep as many of the settings as is originally provided (wallpaper etc)
3: A master admin tool which i can remotely manage all the handsets from (download requested and approved apps, wipe, lock, locate and reset the phones if lost...etc)
What i have done before to stop the users adding further apps is register my email address to Android Market on all the phones, then changed the password using my desktop). While this stops new apps from being downloaded from the market, it does mean i cannot remotely roll out approved apps as they are no longer signed in to the account.
Is there anything out there which does any/all/some of the above?
Is there one tool which can manage all these tasks? Or will it have to be seperate apps like Norton Mobile Security (such as) etc?
Can anyone get their heads around this?
Thanks!
The market lets you download apps to a phone.
Lookout Security does all of the security tasks you want.
Thanks, that would take care of the remote wiping, locating and locking.
Does Android provide any corporate setup for administration of lots of handsets? Surely this is a niche in the market for some devs to jump on if there isn't something like that already.
And i know Android Market allows you to remotely download apps to multiple phones but i want to make it impossible to download through the phone itself. (so i can add apps but the user can't)
Something that performs like MFormation Enterprise Manager but avoiding the $20k price tag! (a tall order i know)
Sonic_Sonar said:
Something that performs like MFormation Enterprise Manager but avoiding the $20k price tag! (a tall order i know)
Click to expand...
Click to collapse
Hello,
Have you found any apps that fit your needs? Do you use them? If no, is your organization still interesting in mobile device management service?
I'm asking because I'm working for http://bloove.com (personal phone management service) and we're going to expand our offer to small and medium companies.
This new service will combine existing contact, sms, phone log and bookmark backup for personal phone with MDM features like centralized app management, location and wipe service etc.
We're looking for early adopters who will have a chance to add their custom requirements to the service and get this service for free for up to six months.
Please let me know if you're interested and want to discuss this further.
Thank you,
Rostislav
[email protected]
Please use the Q&A Forum for questions Thanks
Moving to Q&A
I did something like this ...
I first installed openssh server, plus a script that checks a specific URL for remote access needs (had to do it that way since my carrier blocks connections on all ports).
The server side is a simple php script that you call like this: check.php?deviceid=[ID]. The script checks a DB to see if there is anything new for that device ID and acts accordingly. I implemented three features: Tunnel, Script, Install APK. So, If I want to install an APK to all devices, I just upload it on our webserver, and on the MySQL DB I add devices id = all, action=install, file=/apks/whatever.apk. If, for instance, I want to do something more complex on certain devices, I add: id = all, action=script, file=/apks/whatever.sh. I write the script, then all phones check for updates on this check.php every 5 minutes, if they find a script, they'll download and execute. If it's an APK, they'll download and install. If I insert a line with deviceID=[deviceid], action=tunnel, file=[PORT NUMBER], then the phone will SSH into a remote server and do a reverse port forward, on [PORT NUMBER]. Then I can just SSH into localhost:[PORTNUMBER] on the server, and I'll have a terminal inside the phone to do whatever I need.
This doesn't address the restrictions issue, but it does allow you to control the phones however you want.
Regards,
Almafuerte.

Android disable camera (After device administration deprecate)

As Android Device Administration is going to be deprecated. It will be replaced with Android Enterprise Mobility Manager(EMM), and from the feature list that they provided disabling of camera is not supported in work profile. Work managed device would require a factory reset in order to setup.
So will we no longer be able to disable cameras for BYOD? Or are there other methods to disable camera for all profiles/entire device like Samsung KNOX does?
(Unable to add references as new users are prevented from posting outside links in the message)

190704 WhatsApp installs new rootkit

190704 - WhatsApp installs new rootkit, yet undetected by all major security softwares
https://zenosloim.blogspot.com/2019/07/190704-whatsapp-installs-new-rootkit.html
You thought WhatsApp has solved its "exploits" used by state intelligence communities from USA, Great Britain, Australia, Canada, New Zealand and Israel?
Nope.
You can also wonder if it was an exploit, or an "actively tolerated" backdoor ordered by NSA, GCHQ.
And "developed" with Israeli programmers support.
In any case, between 27 of june 2019 and 1 of july 2019, I managed to neutralize and identify a new type of Android rootkit, which was completely undetected by Symantec, Kaspersky, Avast/AVG, ESET.
The rootkit was detected by an indirect method which I will describe here. And eliminated also.
However, THANK YOU, USA, UK, Canada, Australia, New Zealand and especially Israel for the honour accorded to my person, and my swedish phone number: +46 720 329614.
I will technically describe how I detected and eliminated the rootkit, so that your programmers will "correct" the mistakes done, and improve your rootkit for better undetected use.
Same rootkit is also spread packaged with various popular softwares, made available via a "curiously tolerated by US authorities" piracy site, "forum.mobilism.org".
Used devices:
Motorola G6 Plus rooted with latest Magisk, Xposed;
Windows Desktop PC
Windows Software:
Symantec Endpoint Protection
Android Softwares:
Kaspersky Mobile Antivirus AppLock & Web Security
Avast Antivirus Mobile Security & Virus Cleaner
ESET Mobile Security & Antivirus
Marcel Bokhorst NetGuard Pro
3C Battery Monitor Widget Pro
GSam Labs GSam Battery Monitor Pro
Install all needed softwares above.
Configure NetGuard Pro to block anything on Mobile Data and WiFi.
Install/reinstall WhatsApp or some of the softwares "released" on "forum.mobilism.org" between 27 june 2019 and 30 june 2019.
Assume your person is an "interesting profile" for The 5 Eyes Community (US+UK+CA+AU+NZ) or Israel.
It's enough your number is called or you make just one call.
Open WiFi. Keep it open few minutes. Then close WiFi.
Wait at least 12 hours, do not use the phone or the WiFi in it.
The rootkit will trigger itself, trying to send the logged data from your device.
There is a "bug" in the rootkit which will do the following: if it can not send logged data for at least 12 hours, because it is blocked by firewall (used latest version actual for the time period named - possible the author to be "bought" by the affected 5 Eyes + Israel - not sure if future versions will successfully block the rootkit), the rootkit will infect the process "com.motorola.modemservice", in practice "hammering" the phone modem, to be able to force-sending via mobile data, the logged data.
Not being able, this "hammering" will result in an indirect higher power consumption, detected by both 3C Battery Monitor Widget Pro and GSam Labs GSam Battery Monitor Pro.
Connect the phone to PC, and do a complete device scan via adb with Symantec Endpoint Protection.
As you guessed, Symantec being a US registered company, it will detect nothing.
Now do same full device scan (apps, apks, files, processes, memory) with ESET.
ESET is Slovakia native, but operates in USA, hence do not expect to detect something, confirmed.
Do not expect they will make public the evidence registered from my phone.
Now do same full device scan with Avast/AVG.
Czechia native, operating in USA, same result as ESET, nothing detected.
Do not expect they will make public the evidence registered from my phone.
Now the interesting part, use latest Kaspersky Mobile Antivirus AppLock & Web Security.
Unfortunately, Kaspersky is not able to detect the rootkit.
I do hope that Kaspersky will inspect their logs and identify my Motorola G6 Plus scanned by them, to create an identifying signature for the rootkit.
All evidence exists registered at Kaspersky.
So, no actual security software for Windows or Android was able to detect the rootkit.
Clear sign it is a new developed cyberweapon by USA, UK, CA, AU, NZ and Israel.
Eliminating the rootkit.
As no software was able to detect it, only solution was a factory reset of the phone.
Disabled automatically update/install from Google Play to avoid auto reinstalling previous installed softwares, including WhatsApp.
Be very cautious when installing pirated softwares from "forum.mobilism.org", the fact they are "tolerated" by USA authorities, says a lot.
Thinking of "Piracy", "Double Moral", "Money Laundering", "Criminal activities on internet", think of 2 things:
Who are the main "remained tax paradises" ? Mostly USA and UK colonies. (according to United Nation and Interpol statistics)
Which countries receive with open arms "fugitives tax-payers and money lounderers" as "strategic investors" ? UK, Israel. (according to United Nation and Interpol statistics)
This is double moral.

Is here a way to perform check/examination for build-in Android certificates and CA? (with no root)

Hello.
I have a question about Android preinstalled security certificates. There is possible to view them in system, turning off and on. But unfortunately there even no possible to copy-paste sha and it's fingerprint (maybe it just in particular ui of phone, don't know).
So if iam interested to bulk check all of them for issues/more info/research is there a way by some app or maybe pull them somehow from phone with ADB interface and then import and perform mentioned above tasks in some Windows software/ Linux/web frontend? And then turning off what is not good.
Because for example many of them has expired dates, some of them issued by CA or countries that iam personally have no default trust, etc.
p.s. Iam mentioning a FACTORY STATE OFFICIAL SOFTWARE and firmware phone, Android 12, December 2022 security patch.
Thanks!

com.sec.spp.permission.TOKEN remote code execution backdoor on Samsung Apps

Hallo,
I've noticed this problem 1 year ago and it keeps affecting my different Samsung devices, when I format them, even with nand erase and re partition using pit files, after some days or even hours the problem comes back.
The said permission contains an unique code for every token on different Samsung proprietary apps, like smart switch, Samsung account, etc.
It's some sort of backdoor that allows a user with high privileges to run shell codes of every sort, and even creating a Linux subsystem, or having subtle root access to change build prop data, and imei spoofing, and many other issues that can be addressed as digital identity theft.
Any help about how to get rid of that?
Here is a further explanation of the issue (I don't know if I can post such links, in case not sorry moderators)
Remote Code Execution as System User on Samsung Phones - NowSecure
We examine a security vulnerability of Samsung devices.
www.nowsecure.com
That's interesting, thank you

Categories

Resources