I know that there are similar questions on stackoverflow and i read then all. My question is little bit different. I implement some small app that with iptables and I need to know if user install some app and this is not downloaded yet. My app must wait then until this app is installed. I know how to make an receiver for android.intent.action.PACKAGE_ADDED but how can I get information about apps that are installing now?
Getting specific app info is messy: not sure you can get it. This link provides some info about how to listen to the Download Manager app: there might be a way for you to use that and determine if what is downloading is actually an apk.
Related
I want to access the apk file of any app before installation.
In more details: in google play store when the user clicks on Install button I want my application to access the apk file of the application that the user wants to download, and analyze this apk file and be able to whether allow the installation or stop it.
is that possible and if so how to approach this
On Android this functionality was introduced in Android 4.2. It is usually used by anti-malware products like Google Play Protect is known as a "Package Verifier". There is a good blog post on it here.
The short answer is this has to be done as part of the phone manufacturing process as it is so critical to security. So the answer is it can be done, but if you write this code you will need to get a phone manufacturer to include your code as part of a phone system image.
Most third party anti-malware products instead rely on analyzing the APK after the install happens by listening to the package added notification.
Definitely not possible in the way that you want. Android's OS is pretty well locked down. You might be able to do something if the device was rooted but at that point you may as well write your own OS fork. You can attempt to do someting with https://developer.android.com/reference/android/content/Intent.html#ACTION_PACKAGE_ADDED broadcast but you will not be able to analyze the apk freely nor will you be able to stop the installation of it.
I have created an android app and when i try to install it shows a notification in the image.
- image
I know how to install it. But when i give that to others they don't have to see the notification.
So to bypass it?
They have to change their settings to allow non play store apps. There are plenty of articles you can point your users to that describe how to do it. For instance, here's one: http://support.frostwire.com/hc/en-us/articles/204106319-How-to-fix-Install-Blocked-error-while-installing-FrostWire-Plus-on-Android-
My application will be running on hundreds of android devices belonging to a single owner and I may need to modify the software as an update at some point.
I decided I should include a feature to check with the server for updates and download them, which is currently working.
Installing the update is the difficult part. I need it done automatically. Preferably with no user interaction since there are hundreds of devices and it would be very time consuming to do each one manually.
This is the problem, even with the device rooted, I can not find a generic way that each device can install the update without system specific information.
I have read questions like this but can not find a proper answer: Install Android APK without prompt
The bottom answer executes but I can find no installed app, so I assume it failed.
What you want to do is not possible without some serious hacks. A private app store might be a better fit.
If your client is a Google Apps user, you can create a private channel in the Play Store.
Distribute Android apps in your organization
If not, you will have to rely on third party solution like these one:
Apperian Mobile Application Management
ManageEngine Mobile Device Manager
I didn't try any of these, so you will have to do some research to check that they fit your needs
I need to downloads and install apk from server to devices and i tried to do this task but it ask for user permission like "Insall" , "Cancel" . and if hits "Install" then it works fine and installed but i dont need this permission as i am to install 30 apk from server .
Thanks in advance .
The security model of android won't let you do such things without user interaction. It could be, if the particular phone was rooted, but I think you can't rely on that.
You can not do this on Android as said because it's a security limitation.
It could be possible if you create a system app but based on your question I think that is not what you are after.
However there is a possible workaround:
If those apps that you are installing are made by you and it is possible to modify them to act like plugins/libraries(Don't worry you can keep the activities and stuff) then you could load them dynamically when your apk is run, thus essentially giving you new code to be run on the device (Elements of these apps will run under same user ID but you can start them in a new process if you want with android:process=":YourProcessName".
Check out this tutorial on how to load external libraries at runtime http://xianminx.blogspot.com/2011/12/dynamic-loading-android-custom-library.html
AppBrain has a fantastic new app that lets you automatically install applications on your phone using your web browser. Similar to the Chrome push. In their case, they are using it to let you install apps without a prompt directly on the phone. Engadget has a good video demonstrating their system.
http://lifehacker.com/5582169/appbrain-upgrade-installs-android-apps-instantly-from-the-web
My question is: What mechanism are they using to avoid asking for a prompt on the phone and to do the installation directly?
The reason I'm asking is that have a couple hundred android phones that run some custom software, the users have to manually update the software by clicking through the install process. And ideally I'd prefer to be able to do push updates without having to prompt people (in exchange for a free phone+service you have to run the software, so 'you shouldn't do that' doesn't invalidate the question of how do you do that). The biggest problems are that if you're doing rapid development/testing it's a pain to get everyone up to the right versions and it's hassle for people.
What AppBrian does sounds like a perfect fix to this problem, but how does it work? The only permission the AppBrain fast installer asks for is access to your accounts and network access. Now, there was the interesting development about Jon Oberheide's REMOVE_ASSET and INSTALL_ASSET which he says uses the GTalk service to imitate prompt-less installs. The interesting this is that AppBrian's FastWeb installer works on a 2.01 Droid but does not work on a 2.2 Nexus One (maybe one of the last round of Froyo updates disables AppBrain's access to the INSTALL_ASSET intent).
http://jon.oberheide.org/blog/2010/06/25/remote-kill-and-install-on-google-android/
Can anyone shed any light on this? I know auto update is coming for the Market but I'm not sure if this would be a usable workaround. I'm fine with saying 'you need to click to install this once', but having hundreds of people waste their time clicking 'ok' is a waste.
I personally think that this is something Google should support for Enterprise users in the future with the Device Administrator features. If I went with Android and could easily stage and keep people up to date with apps it wold be pretty useful.
So I think I have a reasonably good idea on how app brain is able to work its magic. I have found a couple of links you might find interesting and then you can always refer to the discussion on this other question.
Link 1: Here is a link on how the first app that was built by a researcher shows how a person with malicious intent can easily use two commands that google has put in for "our" convenience for silent install and uninstall...!!
Link 2:Here is how the exploit works and you could use it...