I want to build an android service that uses the Device Administration Api (http://developer.android.com/guide/topics/admin/device-admin.html).
The problem is that i dont want the user to enable my service. I know that this is not possible for a regular application by i am cooperating with an oem so i am going to use a custom rom and my application can be a pre-installed system app.
So my final question is if a system app with the right permissions is able to use Device Administration Api without needing user activation of the app as device administrator. If this is possible can someone tell me how this is done? Please help me.
Related
We have our own rooted hardware device with android OS 7.0
We are building an app for that device. We have to restrict the users to performing some of the actions who will purchase that device. Here are the list of actions We want user to be restricted to perform on the device through the app.
Stop installing/uninstalling any other apps from OS.
On/off wifi
Pair Bluetooth
Change wallpaper
Basic idea behind is to make an app which will be the system app and will restrict user from the things mentioned above.
Is this possible to make such app? Looking for help in any of the above tasks. Thanks
Shor answer: NO.
Here is why;
The Android operation System is based on permissions, and no app can restrict that actions even with the users' permission. The reason for this is because of the Android App Layer that provides all the capabilities you described above.
The only way you can do such thing is to Customize the ROM of the CellPhone. In this case, you can override the functions that allow the user to use such services.
I've just found an app that allows to disable Samsung apps without root, and in the background:
https://play.google.com/store/apps/details?id=com.hecorat.packagedisabler
And also this free one:
https://play.google.com/store/apps/details?id=com.ospolice.packagedisabler
How could this be? It doesn't even show a system-type alertDialog to ask the user if it's ok to disable the app. Did they find a flaw that allows doing so?
Is it only for Some Samsung apps? What about other apps and other companies? Is is possible there too?
Could the same mechanism be used for other operations? Like enabling apps?
I currently don't have a Samsung device, so I can't even check this app.
You can hide or unhide the apps provided you make your app as device owner with the api setApplicationHidden of DevicePolicyManager
Your app needs to be the device owner of the device. In order to become a device owner, you either need to do an NFC configuration or adb command shell. You can find a very well written blog by Florent here.
However, there is a new method of getting your application to become a device owner starting with Android Marshmallow. With a lot of limitations though. You have to be an EMM provider and your client has to have a google business or edu licensing for this to work.
There is no application on the google play store that allows your app to become device admin. As a device owner you have a lot of things you can control on the device and hence, I believe Google may not want to provide this kind of control without proper safeguards.
With regards to Samsung Devices, they provide their knox sdk as mentioned with other answers here which gives you access to certain APIs that are not allowed via stock Android.
I've recently created an app which is basically a webview component that displays a website, when I want to install the app on an android phone (havent tried on iOS yet) the privacy setting and device permissions/access you have to agree with are far more than what the app requires, if it is a simple webview app it should not need access to anything other than full network access, however other requirements that you have to agree with before installing the app are "read contacts, read texts, make calls, send texts... etc." it pretty much requires all the possible device permissions that there is, and so some people might not want to install the app due to this reason. Is there any way I can cancel or disable the device access/permissions that the app requires?
I am creating a application in android similar to Device Policy Administration that can remotely clear the data on the Android device.I have followed the sample in the android docs here http://developer.android.com/guide/topics/admin/device-admin.html
I need some assistance on how this is implemented.I have come across some apps that perform such tasks of remotely accessing the device(like clear data on the device,Ring the device to full volume).My doubt is
1.How did they implemented this functionality in android what concept have they used to send request to the app to ring the device?Is it via Push notification?
2.Also even if i mark Settings->Security->Device administrators->Android Device Manager(ADM)->Deactivate and from the console (https://www.google.com/android/devicemanager?u=0)
I Ring the Device...the device Rings.Shouldnt it not ring until and unless i dont activate the ADM.
3.Also even if i do not launch(start) the app ,I am still able to Ring my device.Does it mean that whenever i start my device my Device Administration App gets launched automatically?
Any help will be highly appreciable.
How did they implemented this functionality in android what concept have they used to send request to the app to ring the device?Is it via Push notification?
The Android Device Manager is a proprietary service and piece of software. You will need to get a job at Google, join the ADM team, and then learn how it is done.
That being said, a GCM-style push notification is a likely solution.
Does it mean that whenever i start my device my Device Administration App gets launched automatically?
No. Device administration != always running. Device administration status simply gives you access to other APIs that normal apps cannot use.
Note that a GCM-style push notification can be delivered to an app that is not already running.
The rest of your question has nothing to do with programming and everything to do with the proprietary implementation of ADM, which makes it off-topic for StackOverflow.
I wish to filter the applications installed on the device so that the person, using that device can't open any app rather than few basic apps... or i wish when he/she opens any application password will be asked......
That somewhat of a more low level task. I guess you will have to either root the device, or build your own System image and install that on your device.
By reading 'Logcat' logs in the background we can detect other applications launch; as working of any lock application.