Android - Un-erasable application - android

Is it possible to make my application "un-erasable"? By that I mean a lot of things...
1-Cannot be uninstalled unless the user enters a password for example.
2-If the user restores factory settings then my application and its data won't be deleted.
3-User cannot kill the application; as in force it to end while it's running.
*Note: Sometimes this can be beneficial to the user. In my application, my client almost necessitates such an option to exist.

No

Here's what you're looking for.
No, it's not possible. That would be terribly unfriendly to the user.

One way of making an app uninstallable is getting it baked into the firmware of the handset before its launch. This is usually done by having a tie-up with the wireless carrier, who requires the app to be preloaded by the OEM. But for normal apps delivered through Android Marketplace it is not possible.

Even the apps which comes with system images, >> i mean which comes preinstalled, can be killed by os when it need resources. But user can not erase system apps, So if you want to have your app permanently, start selling you own phone with yours OS in it, with your app isbuilt with os.

Yes it is possible, you need root and chmod your app to 0000
or just put the apk in /system/ partition

Related

Is there a way to programmatically delete other app's cache folders in android 12?

Delete other app's cache folders, I was looking at other questions and it seems u can't use IPackageStatsObserver anymore, so any way to do it now?
Short answer: (In most cases) No, It is not possible
Longer explanation:
If you take a look at the security mechanisms of the android 12, you will notice that every one of the apps runs in it's own separate sandbox
Android assigns a unique ID to every app and runs it in separate processes.
In terms of Linux, each running app is a unique user with access to personal space on the disk. Without necessary permission, it cannot access/interact with another user (app).
This controls the access of each app and prevents any malicious app from interacting with other apps or the OS.
That sandbox wraps all of the application data and prevents other apps from reading/changing it:
The kernel enforces security between apps and the system at the process level through standard Linux facilities such as user and group IDs that are assigned to apps. By default, apps can't interact with each other and have limited access to the OS. If app A tries to do something malicious, such as read application B's data or dial the phone without permission, it's prevented from doing so because it doesn't have the appropriate default user privileges. The sandbox is simple, auditable, and based on decades-old UNIX-style user separation of processes and file permissions.
However, there are some ways to alter other application's data:
if you are a developer of both of the apps you can make sure the sharedUserId is the same (making the ID the same, and both of the apps would run in the same sandbox)
using a rooted device
edit: you might an even more technical explanation here :)
Cheers!

shut down android device programmatically

I am trying to switch off android device through my program. It actually gets switched off but it restarts itself. I want the phone not to restart again by itself. How can I do that?
This has been asked on StackOverflow in the past. The effective answer is that you would require the DEVICE_POWER permission in order to shut the phone completely off, but the user would need a rooted phone to give your app permission to that control anyway.
Best you could hope for is PowerManager.goToSleep()
I suppose you have found the answer,but this might help other users.
It's not possible to turn off your device.
Here is an easy way to lock it :
Download an application that locks/turns off the screen
Launch it from your application Launch an application from another application on Android
You won't need any permissions, because some are only granted for system apps(like DEVICE_POWER and REBOOT).
You also won't need to root your device.

Uninstallation password

I am making one phone security application in android.
The point where I stuck is that How to set uninstall password for this app.
When application is installed user can set the security password and this password will be used for uninstalling this app.
So please someone suggest me how to put code for uninstall event.?
Is there any event or service called when apps are going to uninstall.?
No, sadly there is no uninstall event that you can catch for your own app.
You can only watch the installation and uninstallation of other apps via the Intent.ACTION_PACKAGE_ADDED (and similar) broadcast(s).
Maybe you can use a deamon runing in background, that can intercept the uninstall of you application.
This deamon would be executed when the phone turns on, or when your application is used.
To run an application when booting your phone: http://www.androidcompetencycenter.com/2009/06/start-service-at-boot/
Refer to Intent.ACTION_PACKAGE_ADDED (and similar) broadcast(s) as alextsc said. (sorry cannot add comments)
android does not give you freedom to perform code when app is uninstalled.
All the settings and application data is deleted which is set by the applicaion
The only thing that will persist is the data that is written to the SD-Card and the changes to phone settings

Is it possible to prevent an app from being uninstalled? [duplicate]

Does anyone know if there's a way to either keep the user from uninstalling an app from an Android phone or reinstall it on removal? Before you flame me, please know that I have an app that's intended to be installed on the phone by a parent/employer/etc. and has a password-protected settings screen; the user would need to enter the password to remove the app.
What if you have it send an email alert to a registered email address on uninstall?
On the topic of email notification when your service is uninstalled--
A lot of security software runs multiple processes which monitor each other, so that it's more difficult to shut the system down. You could do something similar with two services installed, each monitoring to see if the other is installed. If something goes wrong, they can send off the e-mail.
Not without modifying the kernel, or reducing the user priviledges on the device. Think of it as a Linux computer, where the cell phone user has root.
Can you prevent them from removing your app? No.
But you can make it painful and difficult enough that it's not worth it, and include alerts that indicate it has been removed.
First, I would modify the software so it requests and successfully answers a cryptographic challenge/response periodically from a remote server - daily should be enough, and wouldn't impact battery use. This way your server knows when it has been disabled (could be sold as an additional $10/yr service charge) and you can alert the purchaser.
Second, I would tie the software into the system at the driver level so that removal also removes text services. There are drivers or services that the texting application uses that could be replaced with your custom versions, and on removal would render the texting app useless. Chances are good that you already tie into the system in a similar way to block the texting app (and other apps) while traveling too fast.
Third, I would consider installing a monitoring program that runs as a separate process (check out how the latest viruses operate for clues). It would check to make sure that not only is the app still running, but it's running the latest version, and there isn't a GPS simulator or other program that prevents your app from getting correct GPS data.
I'm curious how you differentiate between the driver texting and a friend in the passenger seat texting on the driver's cell, though.
-Adam
Well, solution would be to mount /system/apps/ to be writable and put your app there once.
When you restart the phone it would automaticly install it and prevent a user from uninstalling (as every app in that folder, list it to see it). That's how mobile providers force user to have they app.
However, user could always delete this app by rooting + mounting /system/app/ to writable and then to delete. But "normal parents" can't do that :)
Regards
P.S. This question is two years old, I've notice it just now... :S
I'd highly doubt that's possible. The permission structure of Android is going to give the user full control over what's happening on their phone (to some degree) and not being able to uninstall an app would be a pretty large security risk.
If you modified the Android core, it would probably be possible, but if you're trying to force something onto an end-user, that's a bad idea.
Maybe there's a better approach to what you're doing? If there's some required functionality in the app to keep the user from uninstalling it, that would be a small incentive to keep the app, but there's no way to keep a user from removing something they really don't want. You could have the app report uptime to a seperate server so you could be notified if the app was removed, but I think that's as far as you're going to get.

Is there any way to prevent an Android app from being removed?

Does anyone know if there's a way to either keep the user from uninstalling an app from an Android phone or reinstall it on removal? Before you flame me, please know that I have an app that's intended to be installed on the phone by a parent/employer/etc. and has a password-protected settings screen; the user would need to enter the password to remove the app.
What if you have it send an email alert to a registered email address on uninstall?
On the topic of email notification when your service is uninstalled--
A lot of security software runs multiple processes which monitor each other, so that it's more difficult to shut the system down. You could do something similar with two services installed, each monitoring to see if the other is installed. If something goes wrong, they can send off the e-mail.
Not without modifying the kernel, or reducing the user priviledges on the device. Think of it as a Linux computer, where the cell phone user has root.
Can you prevent them from removing your app? No.
But you can make it painful and difficult enough that it's not worth it, and include alerts that indicate it has been removed.
First, I would modify the software so it requests and successfully answers a cryptographic challenge/response periodically from a remote server - daily should be enough, and wouldn't impact battery use. This way your server knows when it has been disabled (could be sold as an additional $10/yr service charge) and you can alert the purchaser.
Second, I would tie the software into the system at the driver level so that removal also removes text services. There are drivers or services that the texting application uses that could be replaced with your custom versions, and on removal would render the texting app useless. Chances are good that you already tie into the system in a similar way to block the texting app (and other apps) while traveling too fast.
Third, I would consider installing a monitoring program that runs as a separate process (check out how the latest viruses operate for clues). It would check to make sure that not only is the app still running, but it's running the latest version, and there isn't a GPS simulator or other program that prevents your app from getting correct GPS data.
I'm curious how you differentiate between the driver texting and a friend in the passenger seat texting on the driver's cell, though.
-Adam
Well, solution would be to mount /system/apps/ to be writable and put your app there once.
When you restart the phone it would automaticly install it and prevent a user from uninstalling (as every app in that folder, list it to see it). That's how mobile providers force user to have they app.
However, user could always delete this app by rooting + mounting /system/app/ to writable and then to delete. But "normal parents" can't do that :)
Regards
P.S. This question is two years old, I've notice it just now... :S
I'd highly doubt that's possible. The permission structure of Android is going to give the user full control over what's happening on their phone (to some degree) and not being able to uninstall an app would be a pretty large security risk.
If you modified the Android core, it would probably be possible, but if you're trying to force something onto an end-user, that's a bad idea.
Maybe there's a better approach to what you're doing? If there's some required functionality in the app to keep the user from uninstalling it, that would be a small incentive to keep the app, but there's no way to keep a user from removing something they really don't want. You could have the app report uptime to a seperate server so you could be notified if the app was removed, but I think that's as far as you're going to get.

Categories

Resources