Please help me, I'm trying to find some documentation about pre-installed applications at Android.
I need to know what does it means, what permissions it has and how can I "pre-install"
my app for testing.
Thanks.
what does it means
It means applications that ship as part of the firmware build on a device.
what permissions it has
A pre-installed app has no special permissions simply by being pre-installed. An app installed on the firmware can hold signatureOrSystem permissions that otherwise would be unavailable (e.g., WRITE_SECURE_SETTINGS).
how can I "pre-install" my app for testing
You would have to build your own firmware. Light testing might be achieved by rooting your device and putting your app in the spot where pre-installed apps live (/system/app IIRC), but since most consumer devices are not rooted, your tests may be flawed.
Related
I'm developing an Android native app. To support my feature, I need to lock some of the smartphones (request from my stakeholder).
I thought to use an AppLock that can be found on the Play store.
But, in a model of smartphone "Wiko Y61" this type of app doesn't work because the "overlay permission" setting isn't active on the system. The message is "disable for performance issue".
Can someone help me to resolve this issue?
The overlay/"Display over other apps" permission is disabled on Android Go device as of Android 10 for, as the message notes, performance reasons. There is an exception for apps that were installed and received the permission before the device was upgraded to Android 10, but otherwise, there is no way for apps to receive that permission.
If you need to lock down a device, you should look at the APIs for managing dedicated enterprise devices. Normal Android apps are otherwise generally restricted from doing things that could lock down a device, as that capability is also quite useful for malware seeking to take over a device. You're better off using the APIs that were intended for this, as hacky workarounds in this area are likely to be broken in the future (see, for instance, other restrictions being imposed on the overlay permission).
I'm developing a enterprise app for my client. He got the Companys phones rooted, but he need an app where he can control the background. But the problem is, he dont want so the app can be uninstalled. I know that you can make the app an system app, but it can still be deactivated.. Also you can use device admin, but it can just get unregistered, and then uninstalled.. Any way to make the app uninstallable? Of course is the app only going to get installed on the Companys phones, and not released om google play. Ask if you dont understand my question.. :-)
Depending on the manufacturer of the device, this might be possible. I'm most familiar with Samsung devices.
On Samsung devices, there is a special SDK called Knox which has many useful APIs. One of those allows you to disable uninstallation for any app you choose. Even with this, the app could still be removed by a factory reset (but Knox can disable factory reset as well).
If you aren't on Samsung, it's possible that whatever manufacturer you use has a similar SDK, so you should look into it. If you are on Samsung, you will need access to the Knox SDK, which isn't free, but since you said this is for a client maybe he would be willing to pay?
I have brought one plus one and tried to install an app. But then it says your phone it's rooted.. Finally it didn't install. I'm aware that if a phone is rooted, then there are two disadvantage . One your phone warranty will not work if the phone is damaged while rooting. And two.. You will get support user acces .
My question is what is the problem from an application perspective, if a phone is rooted.? Why few apps are blocked to get installed on rooted phon . ?
Functions of some apps require root access to the operating system. For example, they might require tuning the kernel options, writing to a raw device or accessing privileged resources.
Android apps typically run in a closed "jail" to protect the system and other apps from contamination of a malicious or poorly written app.
By rooting your phone, you take the risk of this contamination on yourself. It is why carriers will often not honor the warranty after rooting.
That being said, there are often methods of flashing back to a non-rooted version if you do need to claim a warranty. It really depends on your skill level and patience. If you are interested in rooting, there are many resources out there. If it sounds scary, it probably isn't for you, and the app that requires root probably isn't something you should mess with.
I am working with WSO2's EMM (Enterprise Mobility Management) which is an open source MDM (Mobile Device Management) and MAM (Mobile App Management) solution. Specifically to implement a BYOD (Bring Your Own Device) program. I am unhappy with a few features.
One main feature I want to implement myself is strict control over which apps can be installed by the user.
1) By not allowing installation of apps from 'Unknown Sources'. That is to not allow the user to check the 'Allow Installation of Apps From Unknown Sources' option or at least to be able to flag it if they do.
2) Black-Listing only specific apps that can be downloaded from the Play Store.
3) Even better would be the ability to White-List apps that can be downloaded form the Play Store
4) And in a perfect world I would like the ability to mix both an Enterprise App Store and the above restrictions to Play Store app downloads. (The benefit to that would be the ability to push corporate software to users, and still allow a safe and user friendly experience through the Play Store.)
Android's Device Administration API does not explicitly allow for these controls. Yet paid enterprise MDM solutions such as AirWatch boast these features. Any help would be much appreciated.
After much research I have found a few things I would like to share:
The current Android Device Administration API is very limited the features included are:
Device password restrictions
Disable camera
Lock and wipe device
Device Encryption
Beyond that (as Victor Ronin described in the above answer) your app can only check for compliance but can not enforce it.
The only way to enforce policies beyond the scope of the Device
Administration API is to have system level permissions. The only way
to get these system level permissions is to have your app signed by
the OEM of the device running your software. This is exactly how
enterprise MDM solutions can enforce such rules, their apps are
actually signed by the OEM and then returned and distributed. Once
your UID is given the system permissions you can enforce most policies
needed to secure a device in the MDM scenario.
If interested watch this video it describes this scenario and a detailed system level exploit.
Most of the time support of such features are patchy. As example Samsung SAFE provides more API (which will allow to do what you want) and Motorolla had some additional enterprise API.
So, you can't implemented it on generic Android, but rather you can implement it on some devices.
Second approach is compliance. May be you can't prevent installation or remove apps, but you can detect them and do some actions associated with it (revoke credentials, turn off enterprise email and so on).
Usually, MDM solutions have some mix of these two things.
I don't know if this is programming-related (much) but I've recently started playing around with writing my own applications.
My phone is running cupcake/1.5. There is no "unknown sources" option, anywhere, at all. Carrier is AT&T.
Does anyone know how I can overcome this issue?
I you are writing applications, you have installed the SDK... the eclipse debug install mechanism should work, so should 'adb install whatever.apk' Even on AT&T.
If you didn't have the sdk, you could get "sideload wonder machine" which is a packaging of a small part of the SDK capability for non-technical users to enable them to install non-market apps in the way you can with the SDK.
You may have no recourse unless your phone can be rooted; AT&T locks down many of their phones and prevents installing non-Market apps. In their words from their Q&A:
Q. Why can't apps be installed from sources outside of the Android Market?
A. Android Market, managed by Google, is open to all developers. There is no approval process for applications, they are all accepted by default and Google has stated that they place apps in the Android Market within 24 hours of their submission. AT&T selected Android Market as the exclusive source for applications because it forces developers to be accountable for the apps they submit. If the Android community has issues with an app, the app can be flagged and removed. This minimizes the risk of malicious apps harming customers and provides more protection to the customer’s private data stored on the phone.