My application will be running on hundreds of android devices belonging to a single owner and I may need to modify the software as an update at some point.
I decided I should include a feature to check with the server for updates and download them, which is currently working.
Installing the update is the difficult part. I need it done automatically. Preferably with no user interaction since there are hundreds of devices and it would be very time consuming to do each one manually.
This is the problem, even with the device rooted, I can not find a generic way that each device can install the update without system specific information.
I have read questions like this but can not find a proper answer: Install Android APK without prompt
The bottom answer executes but I can find no installed app, so I assume it failed.
What you want to do is not possible without some serious hacks. A private app store might be a better fit.
If your client is a Google Apps user, you can create a private channel in the Play Store.
Distribute Android apps in your organization
If not, you will have to rely on third party solution like these one:
Apperian Mobile Application Management
ManageEngine Mobile Device Manager
I didn't try any of these, so you will have to do some research to check that they fit your needs
Related
I want to access the apk file of any app before installation.
In more details: in google play store when the user clicks on Install button I want my application to access the apk file of the application that the user wants to download, and analyze this apk file and be able to whether allow the installation or stop it.
is that possible and if so how to approach this
On Android this functionality was introduced in Android 4.2. It is usually used by anti-malware products like Google Play Protect is known as a "Package Verifier". There is a good blog post on it here.
The short answer is this has to be done as part of the phone manufacturing process as it is so critical to security. So the answer is it can be done, but if you write this code you will need to get a phone manufacturer to include your code as part of a phone system image.
Most third party anti-malware products instead rely on analyzing the APK after the install happens by listening to the package added notification.
Definitely not possible in the way that you want. Android's OS is pretty well locked down. You might be able to do something if the device was rooted but at that point you may as well write your own OS fork. You can attempt to do someting with https://developer.android.com/reference/android/content/Intent.html#ACTION_PACKAGE_ADDED broadcast but you will not be able to analyze the apk freely nor will you be able to stop the installation of it.
I spend a lot more time in the iOS space than Android, so apologies if this is an obvious question ...
We have an enterprise Android app that we need to roll out to a lot of locations nationwide. Ideally, we'd like to be able to install our current app (and future apps) without involving the onsite staff. Is there a way to do remote installs for Android devices? We could do the installs ourselves then ship out the devices, but there will be additional apps added to this project over the next year, so we don't want to keep shipping the devices back and forth. And due to the nature of the industry and end users, it would be best if we could control install centrally instead of relying on those remote staff to do so. And we are looking at >1000 devices, if that affects the answer.
All the solutions I've found so far are more for individual users, not for a large setup like ours.
Unfortunately I think this question may be closed as it is off topic (https://stackoverflow.com/help/on-topic) - however having dealt with the problem I feel your pain.
There are a few options (I have done several of these myself):
1. Write your own store: Requires creating a service and client, not easy
2. Use a BYOD tool such as MobiControl: https://www.soti.net/mobicontrol/
There are some solutions for this case, some are better than others and may not be helpful for your case, but these are some of them:
1 - Put your APK on a Web Server and config your APK to look on this server for new versions. Using an intent you can download it and open it, but it should prompt the user to accept the install.
2 - If devices are rooted, you can use the ADB commands to install the new APK without prompt the user to accept it.
3 - If you're able to do it, you can configure a VPN on your client's network, and use it to remote connect and use ADB for each device trough the network.
4 - If your App is in the Play Store, your app should auto-update if the app is configured to auto-update from the Play Store.
I'm sure there are some others ways to do it, so if none of these help you at all, don't worry.
I'm building an MDM application for Android devices and I want to be able to silently update the MDM app in order to patch security holes, add new features, etc. I know it is possible to achieve this by accessing the Android Package Manager Installer but from what I can tell this requires the application to be signed with the same signature from a specific OEM.
Is it possible to do a silent update for an MDM application without rooting the device?
You cannot, and this is viewed as a Good Thing from the point of view of the user, because the code that I install cannot be changed by anybody except software signed by a trusted key (such as Google's Play), or with manual approval.
I can think of two workarounds:
Check if there's an update, download it, then refuse to do anything until the user updates the app.
Dynamically load most of your app's functionality at runtime from a JAR that your app downloads. You could silently update this at will.
Heck, you could even combine the two options, so that if the wrapper needs updating, it will bother the user. The second method will make the nags very infrequent.
You should probably let the user know that this is happening, at least in an initial info-screen. I know I would uninstall any app that tried to go behind my back in this manner, if I found out about it.
I'm currently developing a small Android app that will not be on the Play Store. It is a private business application that will be used for a non-emergency transport company. The Android app will show drivers a list of pickups and drop-offs that they will have throughout the day and allow them to update the status of those trips. What I'd like to do is have some method of updating the app during off hours or when the device is idle. Ideally, it would be great if someone has already written some kind of Android updater that can run as a service. However, I certainly wouldn't mind writing this on my own.
Either way, all it needs to do is pull an APK from our servers and install that APK. I usually don't like doing things sneaky like this, but our clients want it to be this way so that they won't have to go to each device and press OK on permission prompts and they don't want to leave the responsibility of updating the software to the drivers.
I understand the security concerns, but it seems to me that there should be some way to allow an app to auto-update itself if the user permits it. Also, our app is signed and includes a certificate on the device to verify that the downloaded app is legit.
As CommonsWare mentioned it's not supported by standard android. If you take the path of creating your own firmware and installer take a look at the existing PackageInstaller. The required changes are not so complicated.
I did it for a couple of custom versions and it works.
Either way, all it needs to do is pull an APK from our servers and install that APK. I usually don't like doing things sneaky like this, but our clients want it to be this way so that they won't have to go to each device and press OK on permission prompts and they don't want to leave the responsibility of updating the software to the drivers.
This is not possible, except via custom firmware or on a rooted device.
it seems to me that there should be some way to allow an app to auto-update itself if the user permits it.
You are welcome to build your own customized version of Android that has this capability. Stock Android does not offer this, except to the firmware itself.
A company asked me if I am able to program an Android-App for their internal process but with small mobile-device-management capabilites. I'm aware of the "enable manual apk-installation"-checkbox inside of the Android-Settings-Menu. I think it opens additional security holes if it is permanently checked.
So easiset way is to send a SMS with an URL to this APK, enable checkbox, install the update and disable checkbox manually. A lot to do, to update a program.
Coming from Windows Mobile and Symbian I was able to program a Facade.exe which starts a download and replaces some signed parts. The Application signing of Windows Mobile and Symbian allows this.
Is this possible with Android(not rooted)? I read some articles that it is possible to implement own Markets(like Amazon is doing it). Is it possible to use some of those APIs for the purpose of doing an auto-update. Where are thoes APIs, I am not able to find them.
Is this a solution:
Programming a torch-app(there are thousands around), publishing it to the android market. But with a small button to activate the whole application with a secret password. Updates can be rolled out via android market functionality.
A complete MDM (mobile device management) is overkill.
Is this possible with Android(not rooted)?
Not readily. You can use the techniques used by the Sideload Wonder Machine, extracting the requisite bits out of the SDK to do sideloads via USB. However:
Your Facade.exe implies the user runs Windows.
This implies that the user has the adb drivers for their device for Windows.
Neither of those are guaranteed.
I read some articles that it is possible to implement own Markets(like Amazon is doing it). Is it possible to use some of those APIs for the purpose of doing an auto-update.
You can download whatever you want, such as an APK. You can tell Android to VIEW whatever you want, such as your APK. If you VIEW an APK (and have the right MIME type in your Intent), that will trigger an install or update. The user will be prompted about the install or update -- on an install, for example, it will give them the screen listing all the requested permissions.