Develop Bugs

Security

Please can anyone expand on some of the security issues that are worrying me. I have been a pocket PC user up till now (HTC HD).
Every time I download an application I am informed that the application will may access one of the following:
1. SD card
2. The internet
3. The local network
As I keep many private things on my Desire I am worried that I am unknowingly "opening doors" for people to steal information.
What should I turn off or on to secure my Desire?
Are items downloaded from the Market secure?
Are items downloaded from other places secure?
Thanks
Sams

Don't worry about those security warnings, I just ignore them

samcory said:
As I keep many private things on my Desire I am worried that I am unknowingly "opening doors" for people to steal information.
Click to expand...
Click to collapse
Essentially, yes you are!
When you install an app, it requests certain permissions so it is in your interest to review that list and make sure that the permissions that the application is asking for reconcile with what the application is supposed to do.
For example, if I'm installing a video player, I don't expect that it should need access to my contacts, emails, or SMS messages, so if I installed one that asked for those permissions I would refuse it.
Are items downloaded from the Market secure?
Are items downloaded from other places secure?
Click to expand...
Click to collapse
Unlike the Apple AppStore, applications on the Market are not vetted so there is always the potential that someone could post up some malware - it is one of the few downsides of being an open platform.
Regards,
Dave

security
Virtually every other app seems to want acces to the internet, that does seem a bit dangerous!!
What we need is a nice site setup that vets the apps and makes a small charge for the service. I certainly would be happy to pay for such a service toavoid having my Exchange contacts and notes being used by some nasty stranger.
Sam

^ but then every other app needs internet access. Even if it was just to post a high score. More worrying is when an app wants access to contacts/SMS/ or wants read AND Write access to something.
I was unaware the apps were not vetted.

Gmail adduced account swap

EDIT: Mod please correct spelling in topic title. Rushing combined with no proofreading isn't good.
I searched, couldn't really find what I felt was accurate information with what little was available. I need to change Gmail cause the one associated with my DInc is years old & become cluttered with junk. I realize I can export my contacts from the original then import to the new at which point they should sync with that account.
Big question. What about apps? How can the purchase history be changed, app info backed up. Just any opinions, advice or whatever. Prefer to do it right the first time.
Basically would like to have work completely as is but with fresh address.
Sent from my ADR6300 using Tapatalk

Since everything is associated with your Gmail account, I presume you'll have to contact Google about it. I am not sure if they've made changes to allow that or not. You also could contact the developer of the app, they may be able to help out too. It seems like it is an issue for a lot of people, so if you find an answer, please share your steps!

For apps I guess it would depend upon how you paid for them. I use Google Checkout so all my app purchases are linked to my account. The dev has to keep that information somewhere to verify that you bought it but not sure that you could get it out of them that easily a lot are just ma and pa devs and who knows what they keep around. Also not sure if Google allows you to rename your email address but it might be an option in account settings. That way you don't have to open a new account and all your Google accounts would be updated.
I went into my account but didn't see any thing in the settings which would allow you to rename the email account. Google tech support might be able to do it if you contacted them.

Best cloud storage for viewing files online?

I'm looking for a cloud storage app for my phone, I need to be able to get access to pics and other media files?

jonas000 said:
I'm looking for a cloud storage app for my phone, I need to be able to get access to pics and other media files?
Click to expand...
Click to collapse
Erm. Dropbox?
There are a host of threads on this bud.
Sent from my HTC One X using xda premium

if security is a must take a look at wuala, not as user friendly as dropbox but it is secure.

Sent from my HTC One X using xda premium

For non-personal data (video,photo) -> Dropbox/Boxee/Skydrive depending on your need.
For personal data (personal documents) -> Wuala (Secured, none except you can access your files, not even Wuala. Files get encrypted before sending to server).

H-Cim said:
For non-personal data (video,photo) -> Dropbox/Boxee/Skydrive depending on your need.
For personal data (personal documents) -> Wuala (Secured, none except you can access your files, not even Wuala. Files get encrypted before sending to server).
Click to expand...
Click to collapse
Let's face it. Depending what you are tyring to secure, nothing is unbreakable. Whoever develops the encryption, generally has a back door. Be sure NSA, has a way.So nothing is safe. You have to develop other ways to be secure.
This is from Wuala's "About us"
"Nobody - not even we as storage provider - can access your data without your authorization. "
Your authorization is the key word here.
Then read in fine detail in the EULA what you Agreed To, when you accepted the use of their software.

+1 for Wuala, even hosted my ROM there, but I'll also be using Dropbox a bit more now thanks to HTC
Bottom line, they're both very good in my experience.

In my opinion Dropbox gives a really good service with an awesome integration on our Android phones. If you've got a data plan there are more possibilities, for example you can share a photo/video/data with your friends in a public folder so your friends can check out this folder whenever they want.
Definitely, Dropbox is gorgeous

Dropbox for me is better than sugarsync or box.net, the weak point only give 2.5 GB

globalgpj said:
Let's face it. Depending what you are tyring to secure, nothing is unbreakable. Whoever develops the encryption, generally has a back door. Be sure NSA, has a way.So nothing is safe. You have to develop other ways to be secure.
This is from Wuala's "About us"
"Nobody - not even we as storage provider - can access your data without your authorization. "
Your authorization is the key word here.
Then read in fine detail in the EULA what you Agreed To, when you accepted the use of their software.
Click to expand...
Click to collapse
I'm not saying it unbreakable, just less breakable then Dropbox. Which is important if there are some personal documents in it.

H-Cim said:
I'm not saying it unbreakable, just less breakable then Dropbox. Which is important if there are some personal documents in it.
Click to expand...
Click to collapse
But what kind of documents are we talking about here? A shopping list? A degree certificate? A CV? People really fuss about personal security nowadays. I believe dropbox when they say that they're not giving out information without a court order and even then inform the user first. Why? Because if there was a single substantial case that they provided information with less than that, they'd soon be out of business. Hello anonymous-and-whatever-else-backed ****storm.
Let's face it, 99.98% of us aren't important enough to be spied upon in a cautiously planned and we'll executed manner. And even then we should be rather worried about our post, calls and home.
A social security number? Credit card pin? Dropbox + Keepass ftw.
Sent from my HTC Desire HD using XDA

baum01 said:
But what kind of documents are we talking about here? A shopping list? A degree certificate? A CV? People really fuss about personal security nowadays. I believe dropbox when they say that they're not giving out information without a court order and even then inform the user first. Why? Because if there was a single substantial case that they provided information with less than that, they'd soon be out of business. Hello anonymous-and-whatever-else-backed ****storm.
Let's face it, 99.98% of us aren't important enough to be spied upon in a cautiously planned and we'll executed manner. And even then we should be rather worried about our post, calls and home.
A social security number? Credit card pin? Dropbox + Keepass ftw.
Sent from my HTC Desire HD using XDA
Click to expand...
Click to collapse
Nah It's not because I'm paranoid, I just prefer my documents like college stuff, bank account stuff (not the login info obviously), bills, contracts to be encrypted before they are uploaded.
If you can encrypt your documents for free anyway, why don't do so? (You never know if Dropbox/Wuala get hacked, I rather have a little layer of security then).

besides wuala is cheaper

In my opinion Dropbox, Box, Google Drive, and SkyDrive will be the perfect fit for the mentioned task. From the box android app when you signup you get 50 GB free space for life time. It a free app and easy to use and with Dropbox, you will get 5GB of storage free. You may also browse some useful information on best cloud storage providers!

-Zork- said:
Dropbox for me is better than sugarsync or box.net, the weak point only give 2.5 GB
Click to expand...
Click to collapse
I use Dropbox heavily, friends around Australia all share through it so have access to all our photos and videos (we 4wd quite a lot )
Carry out as many space earning things as you can, I got 4 or 5GB doing that, plus 25GB for the one x deal and 50GB for the S3 LTE deal so currently have 80GB storage space

[APP][2.3+] [MSafe] Password Management

Hi there! I need some help testing an app I just published on the android market.
The app can be found here: https://play.google.com/store/apps/details?id=com.codfishworks.msafe
It's really simple to use. You just need to set a main password and you're ready to go!
The purpose of this app is to give users a way to safely store their most important passwords (bank accounts, e-commerce sites, etc).
It encodes the password using the main password (using AES) and then you can save it on a NFC tag and carry it around in their wallets, or print a QR code in a normal sheet of paper and save it on a ring-binder at home.
This is for people who don't trust the cloud or don't like writing their passwords on a piece of paper in plain text either.
I would really appreciate any honest feedback and hearing suggestions about what you would change.

LineageOS 14.1 - How to enable Email app for restricted user (for Exchange)?

Hi,
finally I found LineageOS as a suitable OS for the Moto G4 Plus in a work environment, where employees get an restricted user profile. In my test, everything seems to work fine up to now. But the problem is now that I cannot enable the "Email"App for the restricted profiles to connect to the Exchangeserver 2010.
Since k9-Mail does not work with Exchange, it could not work as a replacement.
I read, the reason is that a google account cannot be used in restricted accounts. That is fine. But I don't want to use a google but an exchange account. Does anyone has an idea how to solve this?

risaer said:
Hi, finally I found LineageOS as a suitable OS for the Moto G4 Plus in a work environment, where employees get an restricted user profile. In my test, everything seems to work fine up to now...
Click to expand...
Click to collapse
I don't have this device but, your best bet is to post this question within the following Official LineageOS thread for your device.
https://forum.xda-developers.com/showthread.php?t=3522101
If all else fails, and you don't receive any responses from the above thread, you can always try to obtain some member guidance within the following Q&A thread that's specific to your device.
https://forum.xda-developers.com/showthread.php?t=3526598
Good Luck!
~~~~~~~~~~~~~~~
I DO NOT provide support via PM unless asked/requested by myself. PLEASE keep it in the threads where everyone can share.

risaer said:
Hi,
finally I found LineageOS as a suitable OS for the Moto G4 Plus in a work environment, where employees get an restricted user profile. In my test, everything seems to work fine up to now. But the problem is now that I cannot enable the "Email"App for the restricted profiles to connect to the Exchangeserver 2010.
Since k9-Mail does not work with Exchange, it could not work as a replacement.
I read, the reason is that a google account cannot be used in restricted accounts. That is fine. But I don't want to use a google but an exchange account. Does anyone has an idea how to solve this?
Click to expand...
Click to collapse
So you have gapps installed. Do you really need it in this setup? Without gapps you get the default aosp mail. No Google account on the phone.

Hmm. I suppose it is not a device specific problem, but a general one.
Maybe even a general Nougat one? <-- UPDATE: Stock seems not to have the selection list **
And no. No GAPPs. It is the modified Version with MicroG. Email app is com.android.email (Version 7.1.2). I will try the unmodified version also.
If I go to the user page where I can allow, which apps can be used, more or less every app is listed but (UKW-Radio, Recorder AND E-Mail).
I also tried to move the Email from /system/app to /data/app which only caused force closes.
Maybe another reason could be that by entering exchange data you will be forced to add it as device administrator so it is not in the list?
Any help is apreciated.

I tested several mail-apps now, but either they do not support the Exchange server or they send a lot of data to other obscure servers so I have not found any alternative. I also installed the "Gmail" app (which is also usable with an exchange account) but this also does not appear in the share list and I absolutely do not understand why.

risaer said:
I tested several mail-apps now, but either they do not support the Exchange server or they send a lot of data to other obscure servers so I have not found any alternative. I also installed the "Gmail" app (which is also usable with an exchange account) but this also does not appear in the share list and I absolutely do not understand why.
Click to expand...
Click to collapse
Looks like you should install something from Microsoft.

kurtn said:
Looks like you should install something from Microsoft.
Click to expand...
Click to collapse
Sorry, if I do not understand if there is a hidden meaning behind this. If this is a serious tip I do not know what app? The android outlook app (which really looks neat) happily transfers AND STORES your account credentials and the content on their servers (see e.g. https://www.pcworld.com/article/288...s-new-outlook-apps-over-privacy-concerns.html , article is from 2015, but I suppose it is still valid. Some time ago I checked it and found out that there is no connection to my but only to some foreign servers). That is not only critical in my sense of privacy but also illegal in the sense of the GPDR. Funny that some people advertise certified Microsoft cloud products for the GPDR.
Nevertheless: Even if I would not use an MS server this would not solve the problem that I cannot select Email or GMail as an allowed app for an restricted user. I also tried the unmodified Lineageos but it has the same issue.
I really do not understand how all the companies work with android phones in working environments. All this fiddeling around just do protect the phones by encrypting the content in case of loss, to give the user restricted access so that they cannot install apps that must not be on the device and to care about privacy. Like on a usual work pc. Do they all use I-Phones?

possible Explaination (?)
(arrg. Always copy your text before you try to send your post) short summary of what I've written:
according to these links my understanding like this:
https://support.google.com/nexus/answer/3175031?hl=en and https://android.stackexchange.com/q...restricted-accounts-on-phone-running-lollipop
"Normal user" and "restricted user" is not equivalent to windows "admin" and "restricted user". "restricted users" are not allowed to use accounts so you need to use "normal user" which has some rights less than the owner. All allowed apps has to be installed again (but are just links, no duplicates).
The store and some other apps can be locked with a pattern.
I will test this. If you have further ideas or a suiable management solution for more than 10 phones to hesitate to write.