I want to hide our Android application from remote Device Access like TeamViewer, anyDesk for security reasons.
Requirement is when user phone is given for remote access, if my application is opens then other person has to see black screen instead of my app.
For example:-
In Mobile A has my app let's say ABC App, Now Mobile A given remote access to Mobile B.Now when Mobile A opens ABC App then Mobile B has to see black screen instead of ABC App.
If FLAG_SECURE does not work (it is blocking screenshots and screencasts but not blocking a particular remote-support app), then the remote-support app vendor has partnered with the device manufacturer for low-level access (e.g., direct access to framebuffers). There are no defenses against this.
The best that you can do is try to come up with a blacklist of apps, use PackageManager to see if any of those apps are installed, and refused to show various screens in your app until the user uninstalls those other apps.
The best that you can try getWindow().getWindowManager() before setContentView() on Activity which you don't want to share. This will protect the screen.
Related
If I create an application, which the user installs on his Android device, is it possible for that application, that from the background, it can access the currently opened browser tab, and if the user navigates to a specific domain with his browser, the app sends a push notification, or maybe notifies the user about a promotion on that domain?
well, for usual apps this isn't possible for security reasons obviusly. but it probably may be done using AccessibilityService. note that Google is filtering apps which have such big privileges and won't let your app to Play Store if it will be using AccessibilityService to such "trivial" operation (isn't very helpful, for sure isn't accessibility-kind-of)
I am working on a retail app. I would like to use the mobile app for allowing guests access to FREE Wi-Fi in their stores.
The ideal outcomes is if a user already has their mobile app, the user is automatically logged into the wi-fi without any manual intervention.
If the user does not have their mobile app, the user sees a Splash page and is given the option to download the mobile app. once the mobile app download is selected, he is given access to the network
3 specific questions:
Is there a way in which an app can get access to all available WIFI SSID's seen by Iphone / Andriod? and can the App then join a chosen SSID? How is this done
Is there a way in which the app then fills out the splash page information to get access? How is this done
Is there a recommended best practices for enabling this- i know this more of an opinion, but looking for any examples I could learn from.
Thanks,
NB: I have tried splash pages / captive portals but don't want that additional step that causes friction in adoption
How to block some url (site) on android default browser???
I want to restrict user to access some url which are black listed.
eg. If i want to block facebook then phone inbuilt app browser will not access this facebook site.
Thanks in advance!
Do you want to block some websites on a user's device by letting them install an app?
If that is the case, it will only work if they are rooted. If they are, then you could add an entry of the url to the hosts file and redirect it to another ip address (eg 127.0.0.1). But since they need to be rooted, they will probably get a popup asking for permission to access root. This could raise some suspicion with the user.
On a device that's not rooted, preventing the standard browser from accessing a certain website is not possible by installing an app.
You can't prevent the user from using their browser on their device to access any site.
If you want to do this, make your own browser and replace the one on their device with it (may not be possible without root).
There's a work around which is using a VPN service to monitor and filter all the traffic.
An example of this is the NetGuard project:
https://github.com/M66B/NetGuard.
Of course, the user should give his permission to permit this service to take control of the traffic. And in some systems, some system applications are not directed to this service (I've noted that the Samsung Web Browser traffic is not sent through the system VPN).
How do I show lock screen if user tries to access critical part of my application. I want him to be able to access the critical part only if he can then unlock the device using the device credentials.
You can create a password screen for your application rather then depending on secure lock of android.
Because you can't manage lock screen on all versions of android.
a customer ordered us a tablet application, but they need a lot of access restriction to lock device functions such as:
Permit datas transfer only inside the application not outside
Restricted user access on the device (something close to admin and normal user permissions)
A framework/API that permit to create an internal mail reader/sender
Public API of iOS makes impossible to fulfill those requirements. I was wondering if Android makes life easier when there are those kind of restriction.
UPDATE: To make understand better the field of use. I'm talking about an application that "force" the device to be used just only with that application for an Enterprise use. The app is just like a CRM but the device should be blocked in some functions to make users only work with them and NOT playing or use facebook, market etc.
Not sure you can achiev all of those, but you should look into the device policy for android here and here.
1) Not sure what you mean by point 1. If you mean controlling all data transfer from the device, you might be a in a bind considering the only way to get a firewall running on android is by rooting the device. Perhaps you could look into writing a custom launcher/home like KidZone that only shows approved apps? - Not nearly as secure, though.
2) Honeycomb, so far, doesn't have multi-user support - though you can have multiple google accounts registered. The custom launcher could help in this regard though.
3) I don't see the point of doing this unless they already have a custom mail infrastructure in place. Otherwise just go with exchange.
Permit datas transfer only inside the application not outside
Do not request the INTERNET permission.
Restricted user access on the device (something close to admin and normal user permissions)
You would have to implement this yourself.
A framework/API that permit to create an internal mail reader/sender
I have no idea what this means.