I recently installed Cyanogenmod 11 Pepper on my Xperia sola phone. Happily, CM 11 natively supports Short and Media Message Service encryption. I found this very convenient.
Because of this reason I immediatly registered in WhisperPush (pre-installed app with CM11). It all went fine and I got my TextSecure verfication code via SMS.
1. Do I have to do additional steps after receiving that TextSecure verification code?
I tried to text my gf who's using TextSecure but she could not initiate a encrypted session with me. If she tries to do so, I receive the key but nothing more.
2. How I can verify from within the CM "Messaging" App if encryption is working? (is there a flag of something)
Thx in advance and all the best,
"2. How I can verify from within the CM "Messaging" App if encryption is working? (is there a flag of something)"
I believe that there is currently no way of telling whether the message is encrypted or not and this is something that the devs are working on. IMHO this is terrible for a system that boast high security.
Related
Reading the ARP table and accessing the MAC address of devices on network is working just fine. But when I upgrade the targetSDK to 30, suddenly the "ip neigh" command won't return a value anymore.
I'm guessing this has something to do with the restrictions on android. Is there any way to fix this issue?
I see you've asked this before. Others have asked similar questions as well, and it seems that there is no real solution:
Android 10 introduces several privacy-related restrictions that disallow apps to access certain information that could be potentially misused for fingerprinting and data collection. One of among them is the restriction on access to /proc/net filesystem on devices that run Android 10 or higher, apps cannot access /proc/net, which includes information about a device's network state. Apps that need access to this information, such as VPNs, should use the NetworkStatsManager or ConnectivityManager class.
The current APIs in Android doesn't allow apps to access the ARP cache. I see a bug is raised in Google issue tracker that is currently in the below status - https://issuetracker.google.com/issues/130103885
Status: Won't Fix (Infeasible) We've passed along your input to our internal teams, who are evaluating it for a future release. We're closing this issue for now, and thanks for sending us your feedback!"
https://developer.android.com/about/versions/10/privacy/changes#proc-net-filesystem
Related thread [ Acccess to /proc/net/tcp in Android Q ] - https://stackoverflow.com/a/58501039/4694013
I need some help with an excruciating problem...
I have an app using DatagramSocket sending broadcast udp messages on my local network, and this work perfectly when I run it on mobiles android L (5.x) or lower.
The project has the follow permissions: internet, access_network_sate, access_wifi_state, change_wifi_state, change_wifi_multicast_satate, interact_across_users, and other permissions.
This bolded permissions was used on my app, during traffic of messages.
During the implementation TimerTasks, AsyncTasks and Threads was used to create the DatagramSocket properly, depending of the use, because I know this is necessary to send messages on network (it is necessary run network reader|writer out of main thread).
But the app not working properly when mobiles android M (6.x); anyone message is sending, and I don't have any ideia what the cause of this problem.
I'm try search about permissions on Android M, and I can see news on system permissions, but don't see anything about my specific case.
I will be very grateful if somebody can help me.
My app is working fine, until Android 5.0.2 doesn't allow third party app to connect to HID device over Bluetooth low energy.
myGatt.setCharacteristicNotification(gattChar, true);
06-01 17:39:35.356: W/BluetoothGatt(21599):
java.lang.SecurityException: Need BLUETOOTH_PRIVILEGED permission:Neither
user 10157 nor current process has android.permission.BLUETOOTH_PRIVILEGED.
<uses-permission android:name="android.permission.BLUETOOTH_PRIVILEGED" />
BLUETOOTH_PRIVILEGED permission doesn't work on a third party app. It's only for system or manufacturer apps.
The latest changes from Android note:
Enforce BLUETOOTH_PRIVILEGED permission for HID-over-GATT
https://android.googlesource.com/platform/packages/apps/Bluetooth/+/02bebee
Code snippet:
private static final UUID[] HID_UUIDS = {
UUID.fromString("00002A4A-0000-1000-8000-00805F9B34FB"),
UUID.fromString("00002A4B-0000-1000-8000-00805F9B34FB"),
UUID.fromString("00002A4C-0000-1000-8000-00805F9B34FB"),
UUID.fromString("00002A4D-0000-1000-8000-00805F9B34FB") };
if (isHidUuid(charUuid)) enforcePrivilegedPermission();
My question: is there a way to overwrite HID_UUIDS or enforcePrivilegedPermission? Can I use reflection to by pass it?
Every times Android released a new version, it breaks the previous code.
Thanks!
The question is old, but still worth answering.
The HID (and FIDO https://fidoalliance.org/) service is protected and indeed requires system permission source. Only apps signed with the system key may use this service, that is only Bluetooth settings. This is to ensure that 3rd party apps are not able to listen to keys typed on a wireless keyboards, as all notifications and indications are transferred to all BluetoothGatt objects. Without this protection you would be able to connect to a HID device (you still can), enable notifications using gatt.setCharacteristicNotification(.., true) and receive updates whenever a key is typed. With a bit of knowledge about Report characteristics you can then get all the keys and mouse positions, including passwords, etc. So it's not a break, but a bug fix. On KitKat you still may do this.
The only solution is to compile your own AOSP Android version and sign your app with the same key. Otherwise it would be useless protection.
Btw, starting form Android 8 or perhaps earlier you don't get SecurityException. The call just returns true as if any other and you never get any callback.
This might have been changed here: https://android.googlesource.com/platform/packages/apps/Bluetooth/+/32dc7a6b919375aede777f3c821fa316d85449ae%5E%21/#F2
I am into a new project which requires me to use a USBconnected "Webcam".
The whole fun should run on Android 4.4.
my little story was:
I try multiple apps which do this - all work on both my testing devices
adapting some NDK lib that directly uses /dev/video0. This didnt work due to read-permission that was not granted in a new File("dev/video0").canRead() check. Although my unix permissions are correct, this seems to not work due to some new check on Android 4.4. (the whole thing was suggested here: Connect Android phone to a USB Web camera )
next: discover the UsbAccessory API that supposedly easens a lot of the above.
´find no documentation or anything about how to correctly handle a webcam
I still try, but don't come further than finding no device via
usbManager.getAccessory();
I've also tried to discover devices by filtering for a USB_ATTACHED broadcast but nothing triggers.
So I am starting to ask myself how the hell do others find the devices & communicate with them to get the pictures?
Anyone has sources from which i could learn, or a tutorial or something?
Little update from my side:
- I've gotten access by using the Android USB Host API e.g. UsbDevice instead of UsbAccessory.
- I have the connection and everything setup fine, and can now send binary data to my webcam and supposedly receive.
I can now send controlCommands via connection.controlTransfer(...) or use a "UsbRequest" in order to receive data.
However, I couldn't find any documentation to "make the camera submit pictures" to me. My Endpoint is of type XFER_INT (=interrupts).
I am continuing to try sending out various commands (e.g. binary values) but haven't had any success so far.
I'm working on a project that requires my app to be able to send DTMF tones on the voice's uplink frequency during an active call.
My 2 conditions are:
We don't use a customized Android platform
We don't need to root the phone
I've spent several days doing my homework and am aware that in-call DTMF sending is not supported by the current SDK/standard APIs. However, by using the relevant classes in com.android.internal.telephony I am hoping to mimic how the native Phone app does this. I followed this site on how to use internal APIs for standard 3rd party apps.
I've also set myself up with the Android OS dev environment and am able to run the Phone app in debug mode on an emulator to figure its inner workings.
I tried various ways on a stock standard emulator but the errors I got were:
After trying to install a renamed app based on Phone.apk's source using the sharedUserId of android.uid.phone, I got:
Installation error: INSTALL_FAILED_SHARED_USER_INCOMPATIBLE
No doubt due to the fact I don't have the system cert to sign it.
After trying to write a custom app based on the relevant DTMF tone sending code from Phone.apk's source, I get the following error at setting up the PhoneFactory;
java.lang.SecurityException: Permission Denial: not allowed to send broadcast android.provider.Telephony.SPN_STRINGS_UPDATED.
No doubt due to the fact my app doesn't have the right permissions, although AndroidManifest.xml is setup with the same permissions as Phone.apk.
I'm at a loss as to what else I could try. Does anyone have any suggestions?
Thanks in advance,
Simon.
You've taken an interesting approach, and I commend your efforts. Unfortunately, there are some reserved internal privileges (evidently, such as SPN_STRINGS_UPDATED) that you aren't allowed to use as an app developer, which more or less breaks this approach. You could try removing the area of code causing this, but I'm fairly certain you will run into a blocking problem.
Hence, I'm afraid this is not possible at the moment. There's an open feature request on Android for sending DTMF tones over an existing phone call, but it has been dormant there for almost two years.
I understand that this doesn't resolve your problem, but take note that you can send DTMF tones directly after dialing a number:
Intent i = new Intent("android.intent.action.CALL",
Uri.parse("tel://" + number + "," + dtmfTones));
Simply put, you won't be able to do it without customizing at least the Phone app, which has to run as a system user in order to access the modem. In order to do this, you have to root your phone.
To meet your requirements the only possible solution is to enhance the android platform. We did just that, and already sent in our patches to the AOSP project:
https://android-review.googlesource.com/32820
https://android-review.googlesource.com/32821
We are currently waiting for the Google developers to review and accept our contribution. If you are interested, please let Google know on the various AOSP lists (android-contrib, android-platform). It will hopefully expedite the review.
Best Regards,
Gergely
You can't send DTMF tones during an active call, but you can send them when you "program" them when you initiate the call.
see the following post: https://stackoverflow.com/a/12986066/475472