Is there a way (app?) to prevent others from installing apps on my phone? Like something that would require a password every time an app tries to install? Im running ICS on a G2X and it has a device admin section but i have no option to set it up. any ideas would be helpful. thanks.
Device admin is for certain options in an app, like turning the screen off. You have to enable it for that app, like a special permission, and disable it before you can uninstall the app. Only certain functions in certain apps require device administrator, and you must not have anything installed that uses it.
However if you could password protect the package installer using an app locking program then this would prevent others from installing apps. I don't know if any of those apps allow password protecting the package installer since I don't use them, but this would do it. You would need to password protect any means of uninstalling the app as well - settings, market, any uninstaller apps, your home replacement if it allows you to drag and drop to uninstall, etc. This would be a pain, and you'd be better off just password protecting the entire phone.
Thanks for the help. I'll try locking package installer and see how that goes. I'm just trying to keep my wife from installing apps that monitor my phone activity lol.
Greetings.
as you know, even if we disable "android device manager" from settings->security->device administrators, it still can be enabled from https://www.google.com/android/devicemanager "enable lock & erase"
from one side it is good, but from other side it is bad - i don't want that my phone can be remotely erased by google
this functionality definitely resides in gmscore.apk
of course, we can just kill all google services, but we loose too much.
so : probably someone from devs here already know answer what to patch in gmscore to disable this behavior ?
with latest gmscore update ( 6.1.74 (1511752-038) ) the only message i can see, when pushing "enable lock and erase" :
GCM message com.google.android.gms 0:1414056810224892%136ddda63e77bab2
Click to expand...
Click to collapse
of course, hex payload different each time.
disabling service
Code:
com.google.android.gms.mdm.services.GcmReceiverService
did job
:good:
Thanks you, I 'm searching since 10 minute.
the_laser said:
disabling service
Code:
com.google.android.gms.mdm.services.GcmReceiverService
did job
Click to expand...
Click to collapse
Thanks! I was wondering how to do that.
thanks, but...
the_laser said:
disabling service
Code:
com.google.android.gms.mdm.services.GcmReceiverService
did job
Click to expand...
Click to collapse
I can't seem to find that service, heck I can't even find gmscore.apk
When I use find / -name gmscore.apk in terminal nothing came up.
Running 4.4.2 on galaxy S5, google framework 4.4.2-940549
Any ideas?
I would really not want my device wiped If my google account was compromised (really only have it for android)
as i remember, this service because build into gmscore from 4.4.4 and enabling downloading some external application.
can be wrong, though.
damn it google!
This is really frustrating. I can't find a way to disable it and I can't find 'com.google.android.gms.mdm.services.GcmReceiverService'.
This a serious security flaw, let me explain why.... I have a company account on my phone, just for the purpose of receiving gmail, and that's very important to me. This also means this account can access my phone through android device manager. So, anyone that can log in to firm's gmail can lock and erase my phone and there's no way to disable it. Best I could do was turn off location reporting and hide my phone from showing in device list. However, anyone that can log in to this account, can also change this in settings and unhide it, enable lock and erase, make it ring and.... well, lock and erase it.
This is very worrying when you have a lot of people with access to gmail account that you also have on your phone. ATM only solution I see is to remove account on my phone and search for other email app.
Anyone knows how one could deal with this and still use gmail app?
gimche said:
This is really frustrating. I can't find a way to disable it and I can't find 'com.google.android.gms.mdm.services.GcmReceiverService'.
This a serious security flaw, let me explain why.... I have a company account on my phone, just for the purpose of receiving gmail, and that's very important to me. This also means this account can access my phone through android device manager. So, anyone that can log in to firm's gmail can lock and erase my phone and there's no way to disable it. Best I could do was turn off location reporting and hide my phone from showing in device list. However, anyone that can log in to this account, can also change this in settings and unhide it, enable lock and erase, make it ring and.... well, lock and erase it.
This is very worrying when you have a lot of people with access to gmail account that you also have on your phone. ATM only solution I see is to remove account on my phone and search for other email app.
Anyone knows how one could deal with this and still use gmail app?
Click to expand...
Click to collapse
Instead of a problem with ADM, this sounds like a massive security issue on your company's side. I don't know why your company need to share the same email account, but the more people who have access, the more likely someone will spill the beans. If I am you, getting my phone wiped will the least of my worries.
Sent from my iPhone using Tapatalk
Thank you, that is what I want. Great!
Ok so Im facing the same problem is there any way to disable this process ?
gimche said:
This is really frustrating. I can't find a way to disable it and I can't find 'com.google.android.gms.mdm.services.GcmReceiverService'.
This a serious security flaw, let me explain why.... I have a company account on my phone, just for the purpose of receiving gmail, and that's very important to me. This also means this account can access my phone through android device manager. So, anyone that can log in to firm's gmail can lock and erase my phone and there's no way to disable it. Best I could do was turn off location reporting and hide my phone from showing in device list. However, anyone that can log in to this account, can also change this in settings and unhide it, enable lock and erase, make it ring and.... well, lock and erase it.
This is very worrying when you have a lot of people with access to gmail account that you also have on your phone. ATM only solution I see is to remove account on my phone and search for other email app.
Anyone knows how one could deal with this and still use gmail app?
Click to expand...
Click to collapse
deadwolf666 said:
Ok so Im facing the same problem is there any way to disable this process ?
Click to expand...
Click to collapse
tamuin said:
I can't seem to find that service, heck I can't even find gmscore.apk
When I use find / -name gmscore.apk in terminal nothing came up.
Running 4.4.2 on galaxy S5, google framework 4.4.2-940549
Any ideas?
I would really not want my device wiped If my google account was compromised (really only have it for android)
Click to expand...
Click to collapse
Install My Android Tools then go to Service>Google Play Service then disable the corresponding service.
https://play.google.com/store/apps/details?id=cn.wq.myandroidtools&en
How about using a ROM without gapps?
Cyclu said:
Install My Android Tools then go to Service>Google Play Service then disable the corresponding service.
https://play.google.com/store/apps/details?id=cn.wq.myandroidtools&en
Click to expand...
Click to collapse
This dosent appear to be working, as after I disable all the above services, clicked on "enable lock and erase" from my google account it reactivated said services. So which service is activating and overriding the services I disabled?
Im running Android 4.4.2(goldeneye rom, Googymax kernal) on a Samsung i9505, I use Xprivacy, Android firewall, and Appmaster(app uninstaller & autostart manager)
Trying to secure an oem samsung Rom from google and its services while still using all the factory apps is going to be like herding cats...
It's similar to going to the pool and expecting to swim but not getting wet.
If you use Google apps and use the accounts feature of Android then you are going to have Google play services and other Google services running, and sadly you can stop them all you want they update and restart themselves regularly.
You just can't get away from Google, if you still use Google play, the Google mail app, Google voice search, Google account verifier, Google download manager, Google hangouts, Google plus or the host of other Google services and apps that a baked into your rom.
All you will do in find yourself with a lot of force closes from apps, and less hair more cats.
What @Cyclu said was the right way. there are several services and receivers that have "mdm" , probably what you could do is use the search function in the app while viewing the services for GooglePlayServices. at the top of the screen, click menu, toggle full, (full/short option) then tap the magnifying glass, then the search box and type "mdm" , then do the same thing under the receivers section
This is so annoying. Can you imagine disabling admin on the phone, knowing that after reading the description in that area of the settings that it cannot be used to wipe the phone? Then someone testing it to prove it and they click "Enable" and wipe the phone? Know how dangerous that is? My phone is an S5 mini, stock firmware and rooted with SuperSU. What can I do to just prevent admin mode being enabled? I want to be able to track my phone's location but I do NOT want my phone able to be remotely wiped by anyone including myself, remotely.
I tried all. Looks like there is no way to disable ADM. Even if u disable corresponding service for ADM still when u restart that service gets re-enables it self again. Had any got a solution to disable this crappy android device manager fully?? thx in advance.
Forgive me, but this thread is just pathetic. If you have Gapps, your device is not yours. It is Google's. Period. If you can't live without hangouts and similar garbage, then enjoy them, but stop *****ing about remote wipe. You can't be half-pregnant. By the way, remote wipe is not the worse thing that could happen to you. Anything could be silently installed on "your" phone, even if you somehow disable ADM. It could be done through Google play and google services framework. Not to mention thar google analytics record everything about your activities and gsf regularly reports the same "home" i.e Google.
To gmail at work guy: if you can't use another client to access your work gmail, get a separate feature phone.
even "android = google" ? much less gapps , eh ?
"all i can really do is stay out of my own way and let the will of heaven be done"
mrrocketdog said:
even "android = google" ? much less gapps , eh ?
"all i can really do is stay out of my own way and let the will of heaven be done"
Click to expand...
Click to collapse
Android, unlike Gapps, is open source. So, you can get under the hood and clean lots of things.
Hy, I have rooted phone and now I want to give battery some extra juice with freezing sistem apps.
I have list of apps which drains my phone most, so please help with yout advice.
Thanks
application installer
assistent menu
google acc manager
auth service
google play service
bootagent
google service frame
clipboard save service
input devices
clipboard ui service
interaction control
colour adjustment
key chain
com.an.wallpaper back
mhdr services
com.an.android.sm.provider
mtp application
com.sec.epdg
samsung setup wizard
device maintance
security storage
device key string
sec video engine
filter installer
sem factory app
fingerprint
svc agent
fused location
tui service
If you have recovery installed (TWRP) then there is a very good debloat script for nougat that you'll find on XDA. It will take care of most of the pesky bloatware you are experiencing and really does slim down the phones software a lot and gives much better battery life. You can edit it too in case there are a few things you want to rather keep.
Just make sure you have backed up your rom before you run the script, just in case you run into any issues of course.
The script can be found at :
https://www.androidfilehost.com/?fid=529152257862715210
And the discussion can be found at :
https://forum.xda-developers.com/s7-edge/themes/nougat-debloat-script-t3580666/page1
This guide is for people who enjoys privacy, and want to enjoy a fully controlled experience even on a stock Android, and it dosen't only concerns the Samsung A20 but all powered Android phones, after applying all the steps you'll enjoy a stock firmware free from all bloatwares, free from non useful bandwidth consumption, free from unnecessary battery drains, Without having to root and without the need for a computer.
First make sure you use a non bloated firmware you can tell by its size, if not compare and download and flash the lighter stock rom you find, don't be scared your sim card will work. or just follow this guide to the end and all bloatwares will vanish ?
IN THIS GUIDE I'll be focusing on how to regain your privacy without root, and without needing a computer.
DEBLOAT GOD without root :
You can use adb (you'll need a computer for that), there's fully explained guides here on how to debloat using adb. But as I said I'll be focusing on how to regain control over your phone without the need for a computer.
I don't use Google accounts or Services, so my debloating method will block even Google play Services.
Let's start by hard reset :laugh: but before that, make sure to remove all entered accounts and lock screens before going any further with hard reset, so you don't encounter any problems. (of course you can keep your data, but I don't recommend keeping Google or Facebook apps and accounts.)
1)- Hard reset (enter stock recovery by pressing " Power button + Volume up" and wipe cache, and data)
After rebooting don't connect to wifi, it's preferable if you don't have data connectivity on your sim card either, don't be scared it will launch Android even without internet : on the welcome screen, accept only the first two agreements from the four agreements , then hit "Skip" and "Ignore" buttons always, don't enter any Google or samsung accounts, then click finish.
Once on home screen enter Settings app,
Head to applications, on the right corner select show system apps, disable everything that can be disabled, see my attached screenshots.zip for a full detailed list.
How to disable Google Play Services:
After you disabled the unnecessary things, go to the Settings app again and enter "Biometric and Security" - "Other security settings" - "Device admin apps" and uncheck the "find my Mobile".
Now in the settings application go to applications and you can now disable "Google Play Services" and "Device Health Service" as well.
Reboot :fingers-crossed:
Congratulations now you debloated your phone from unnecessary background Services.
2) - Privacy Bonus : Netguard. For an ultimate Control over your bandwidth and internet privacy (everyone can use this following guide especially rooted phones)
Install Netguard pro or netguard. In the settings Go to advanced options, tick manage system apps, notify on internet access if you want to get notified about what apps are requesting on your behalf ?, ("log internet access" optional only if you want to see what apps are requesting internet inside a log)
Now go back to the main Netguard interface, you will see all system apps, and user apps inside this screen,
Turn everything to red, then click the dollar sign in the left corner, and click "lockdown traffic" in the right corner.
Now you can enable only your browser to access the internet and leave all the rest blocked.
You can enable internet to a certain app by clicking the bandwidth sign and turn it from red to green, then click the arrow in the left next to the application name and tick "allow in lockdown mode", and this app will get internet.
See screenshots zip for more details.
That's all of it ! That's how to regain control over processes and bandwidth, only you can decide what should connect, and what are they doing on your behalf and without your consent.
In the screenshots you'll find out that I did disable Google play store, I always download apps from apkmirror dot com, or apkpure, and install them manually. I don't use Google play store, and with doing so you won't be needing a Google account watching you 24/7
Other steps :
Enter the Settings app - "Biometric and security" - " app permission" , and remove unwanted permissions.
THAT'S ALL OF IT !! NOW ENJOY your new phone speed performances, and it's long battery life
Some questions and answers:
Q- Why did I had to do all of this ?
A- If you install Netguard firewall app you'll notice a traffic from all the apps even what we thought are offline, to some unknown servers, like Amazon, and such, and I didn't agree with this, and they didn't say anything about it. I noticed that the disabled apps are sending internet request even if they are disabled and even I did turned off mobile data, and background activity, that why I used the Netguard Firewall to block them all.
Q- How to install apps if you blocked or deleted google play store and Samsung store ?
A- I download APK from apkmirror (dot com), they are clean, and by this you can always have them in case you want them after you 'reset' your phone or uninstall them, and especially no internet is required in order to install apps
.
.
If you liked my post or find it somewhat informative hit Thanks or comment :fingers-crossed: , if not I'm sorry for wasting your time :laugh: i just wanted to share my experience with some people like me. Peace.
I get a daily "some processes are using cpu restart phone" prompt in my notification bar. I can't find what is causing the error. Dev options only shows ram usage. As the title says, what's up why did they remove this troubleshooting option for non root users? Any input on this error? Good to be back btw.
Meh, that's one reason I'm still running Pie on my 10+.
When it happens look to see what was cache last. I use Device Care for this but my version is the factory load one. The Developer options one may not be as useful as you can't clear them like you can in DC.
I've found the root cause for many nasties like this...
If you haven't done a factory reset after the 11 upgrade... it's time to.
Appreciate the advice. Will try what you recommend
demize! said:
Appreciate the advice. Will try what you recommend
Click to expand...
Click to collapse
This is one of the reasons I'll still running on Pie, I know 11 is a mess. Securing the phone from the user is bs... unless they're morons. No way to protect that sort of user anyway
Maybe you can use ABD to enable logging in Karma Firewall or other advanced features now blocked in other trusted apps.
You can use the trial and error approach, something which I use a lot in lieu of proper diagnostics. Be aware that dependencies can cause a ripple effect as well as false usage reporting. Especially with Google system apks
Disabling, firewall blocking, clearing their data, clearing system logs can be much more effective than rebooting the phone. I normally now keep Google Play Services package blocked except when needed; it's a known trouble maker to me.
All cloud apps, Google Transport/Framework*, all carrier/Samsung/Google feedback as well Google Firebase are package blocked or disable.
Use this Package Blocker:
Home - Package Disabler
The only NON-root solution that let’s you disable any unwanted packages that come pre-installed / installed with your phone / tablet.
www.packagedisabler.com
Block Android Systems UID 1000 with Karma Firewall as it's almost never needed. It's not neccessary to firewall block Google Play Services if it's packaged blocked otherwise try doing so. Both of the above apks needlessly ping the internet constantly sucking up resources.
Karma Firewall uses virtually no battery, it's a gem.
Karma Firewall - Apps on Google Play
Karma Firewall app lets you block internet traffic to and from specific apps.
play.google.com
*Framework's dependencies still run in the background or is falsely reported as Framework albiet at a greatly reduced usage level with Framework being blocked.
Awesome I'm dl'ing it now. It's just beyond me on an octacore cpu any process would cause this error unless it's erroneous. But than how can you tell when they remove such a basic ability like monitoring app cpu usage.
demize! said:
Awesome I'm dl'ing it now. It's just beyond me on an octacore cpu any process would cause this error unless it's erroneous. But than how can you tell when they remove such a basic ability like monitoring app cpu usage.
Click to expand...
Click to collapse
Google sucks elephant balls bad. It was hard with Pie but now it's even worse.
Google doesn't care because you aren't the customer, you're the product.
The lack of user monitoring makes Google's data mining easier than ever for them to do.
Makes MS look like saints... one look at the Google Firebase data on my Google account made me puke; all 6700 whatever of my songs -were- listed there. It just did it even though nothing on my device I use need it to function properly. Meanwhile it's sucking up cpu cycles to build and maintain it... or it was
Out of such frustrations comes WhatsRunning - my response to Android's denial of low-level access. See if it helps: https://mirfatif.github.io/WhatsRunning/help/cpu_usage_per_process_android