Related
I'm finding a lot of threads about changing from pin/password to pattern unlock, but not having any luck in completely disabling the security feature BS...
Is it possible to completely eliminate the password lock required by my exchange server? I have tried lockpicker and no lock, neither of which worked.
I would like to keep syncing but am not going to deal with this unlocking all the time (they JUST started enforcing it)...any help would be appreciated.
BTW, running Calkulin's EViO 2 v 1.7 (sense, so HTC mail)
Nope, this is tightly integrated down to the OS in order to pass MS requirements, and it reports the control level back to exchange so it can make sure it's in compliance with their mobile device policy.
In theory you can make an app that proxies the API and lies about what the phone can do ... but it wont be done with a simple APK/market app ... it's integration goes much deeper.
Honestly your best best: this is clearly a new policy. complain repeatedly to your IT staff. You're probably not the only one upset ... and noise will result in policy change ... because reality: IT staff hate dealing with people. They want to deal with servers.
Option 2: if you have a buddy on the exchange team he can put you on the same policy he undoubtedly created for himself and his team, that's 10x as lenient so he can mess with his little pet projects he plays with on the side.
Justin.G11 said:
Nope, this is tightly integrated down to the OS in order to pass MS requirements, and it reports the control level back to exchange so it can make sure it's in compliance with their mobile device policy.
In theory you can make an app that proxies the API and lies about what the phone can do ... but it wont be done with a simple APK/market app ... it's integration goes much deeper.
Honestly your best best: this is clearly a new policy. complain repeatedly to your IT staff. You're probably not the only one upset ... and noise will result in policy change ... because reality: IT staff hate dealing with people. They want to deal with servers.
Option 2: if you have a buddy on the exchange team he can put you on the same policy he undoubtedly created for himself and his team, that's 10x as lenient so he can mess with his little pet projects he plays with on the side.
Click to expand...
Click to collapse
Thanks...I figured it wouldn't be that easy but I had to ask.
Justin.G11 said:
Honestly your best best: this is clearly a new policy. complain repeatedly to your IT staff. You're probably not the only one upset ... and noise will result in policy change ... because reality: IT staff hate dealing with people. They want to deal with servers.
Click to expand...
Click to collapse
I get complaints all the time about policies. 99.999% of the time, the policies are created/approved by steering committees, the legal department or executive management. There is usually nothing IT can do about it as the policies are put into place for legal reasons or company security.
Additionally, if IT departments are not compliant in company policies there could be legal ramifications if the company has to comply with certain government guidelines.
And IT staff don't hate dealing with people...it sounds like your work environment is not like others.
Check out this thread to see if it does what you are looking for.
http://forum.xda-developers.com/showthread.php?t=775007
They modified the actual email.apk app to remove the security requirement that was hardcoded in it.
It was taken from CM7 which is AOSP, so I cannot say whether or not it will work on sense.
EDIT: After searching some more, droidforums has a modified email.apk file that you can install, that you use instead of the HTC mail, which tricks your exchange server into thinking that you have your security enabeled.
http://www.droidforums.net/forum/dr...onal-froyo-bypass-exchange-server-policy.html
Just download the zip, and extract the apk from it, then place the apk on your SDCard and install it just like a regular app.
Khilbron said:
Check out this thread to see if it does what you are looking for.
http://forum.xda-developers.com/showthread.php?t=775007
They modified the actual email.apk app to remove the security requirement that was hardcoded in it.
It was taken from CM7 which is AOSP, so I cannot say whether or not it will work on sense.
EDIT: After searching some more, droidforums has a modified email.apk file that you can install, that you use instead of the HTC mail, which tricks your exchange server into thinking that you have your security enabeled.
http://www.droidforums.net/forum/dr...onal-froyo-bypass-exchange-server-policy.html
Just download the zip, and extract the apk from it, then place the apk on your SDCard and install it just like a regular app.
Click to expand...
Click to collapse
Will look into that. Thank you very much!
I ended up using the modified email.apk from CM7...works like a charm!!! The Droid forums version kept coming up with security errors. THANKS AGAIN Khilbron!!!
awenthol said:
I ended up using the modified email.apk from CM7...works like a charm!!! The Droid forums version kept coming up with security errors. THANKS AGAIN Khilbron!!!
Click to expand...
Click to collapse
Can you please post a link to the one you used?
Sent from my PC36100 using XDA App
Justin.G11 said:
Nope, this is tightly integrated down to the OS in order to pass MS requirements, and it reports the control level back to exchange so it can make sure it's in compliance with their mobile device policy.
In theory you can make an app that proxies the API and lies about what the phone can do ... but it wont be done with a simple APK/market app ... it's integration goes much deeper.
Honestly your best best: this is clearly a new policy. complain repeatedly to your IT staff. You're probably not the only one upset ... and noise will result in policy change ... because reality: IT staff hate dealing with people. They want to deal with servers.
Option 2: if you have a buddy on the exchange team he can put you on the same policy he undoubtedly created for himself and his team, that's 10x as lenient so he can mess with his little pet projects he plays with on the side.
Click to expand...
Click to collapse
Yes..this reply really isn't correct. There have been some sqlite modifications that can be made or using the mail.apk from this link (http://forum.xda-developers.com/showthread.php?t=775007) works perfect, even with the new CM7-RC2
Bypassing Exchange security
I had this same issue with my work email. My way of bypassing it and still using the stock Mail app is by installing widgetlocker. Unfortunately the newest version does not bypass your encryption, but the older version before the most recent update does. Also it allows you to fully customize your lockscreen and add widgets and what have you. All in all pretty cool app.
widgetlocker.teslacoilsw.com/general/widgetlocker-1-2-9/
(unfortunately because i have never posted before i cannot post links so pm if the link does not work)
Amazing! So you guys have a device in your pocket that has complete access to your work mail server (something you don't own), and you apparently don't care if that falls into the wrong hands?
I don't want to get preachy but this is serious stuff:
1. Are you aware of the damage that can fall on an organization, its IP and reputation if a hacker/spammer has access to a mail account?
2. Your company's mail server is an assett of the company. Gaining access and leaving it unlocked is like borrowing something from work and leaving it on the street.
I understand that IT policies are annoying to the end user, but they are there for good reason.
Would you leave the company vehicle unlocked because it is annoying to get the key out? No.
Oh, and by the way, you can be held directly liable for damages for disabling/ hacking around policies. I have seen employees get fired for it.
Sent from my device.
ramiss said:
Amazing! So you guys have a device in your pocket that has complete access to your work mail server (something you don't own), and you apparently don't care if that falls into the wrong hands?
I don't want to get preachy but this is serious stuff:
1. Are you aware of the damage that can fall on an organization, its IP and reputation if a hacker/spammer has access to a mail account?
2. Your company's mail server is an assett of the company. Gaining access and leaving it unlocked is like borrowing something from work and leaving it on the street.
I understand that IT policies are annoying to the end user, but they are there for good reason.
Would you leave the company vehicle unlocked because it is annoying to get the key out? No.
Oh, and by the way, you can be held directly liable for damages for disabling/ hacking around policies. I have seen employees get fired for it.
Sent from my device.
Click to expand...
Click to collapse
The issue I have is with the idea that the company gets to dictate how my entire device functions. Your points are valid, but why not just require a password on the email app, not on the whole phone? Why do I have to consent to allowing them to order a full device wipe, instead of just a wipe of the company data?
bkrodgers said:
The issue I have is with the idea that the company gets to dictate how my entire device functions. Your points are valid, but why not just require a password on the email app, not on the whole phone? Why do I have to consent to allowing them to order a full device wipe, instead of just a wipe of the company data?
Click to expand...
Click to collapse
Those are some good points and questions:
If you just locked the mail app then the app would need to encrypt/decrypt all data, which would make it MUCH slower. However, the main reason is that the app lock approach is much more hackable..one simple example would be to load a proxy on the phone to intercept communication before it could be encrypted.
The idea behind the device lock is that it happens on a deeper level and is the most secure answer.
The question about having a choice with your device is actually a simple one to answer...if you don't agree with the work policy then don't use your personal device for work email.
The other thing is that, besides not having a choice, the forced answer is beneficial for everyone....if I lose my device then I definitely don't want strangers crank calling my family or getting personal info. I have read about some horrible stories.
The real question is...If your phone is lost why would you NOT want it to be secure and erased asap??
Sent from my "locked" device.
ramiss said:
Those are some good points and questions:
If you just locked the mail app then the app would need to encrypt/decrypt all data, which would make it MUCH slower. However, the main reason is that the app lock approach is much more hackable..one simple example would be to load a proxy on the phone to intercept communication before it could be encrypted.
The idea behind the device lock is that it happens on a deeper level and is the most secure answer.
Click to expand...
Click to collapse
Yes and no. There are approaches that are easier if you aren't securing the whole device, but that doesn't mean it can't still be hacked.
The question about having a choice with your device is actually a simple one to answer...if you don't agree with the work policy then don't use your personal device for work email.
Click to expand...
Click to collapse
Overall I agree with that, although I think at a company that offers mobile email, there's a sort of "peer pressure" to use it. Not to say that's a good reason. I'd imagine that it'd be hard for a company to actually require you to use mobile email on your personal device -- if your job truly requires it, I'd think they'd have to provide you a device if you don't have a compatible device or aren't willing to use it that way. So yes, you're probably right that you have the choice. It doesn't mean that we can't complain though.
The other thing is that, besides not having a choice, the forced answer is beneficial for everyone....if I lose my device then I definitely don't want strangers crank calling my family or getting personal info. I have read about some horrible stories.
The real question is...If your phone is lost why would you NOT want it to be secure and erased asap??
Click to expand...
Click to collapse
If it's really lost forever, yes. But what if:
- The exchange admin sends the wipe command to the wrong phone. ("Hi, I'm John Smith and I've lost my phone.")
- The "wipe after X invalid passcode" policy is enabled. A friend or a kid picks up the phone and tries to play with it. Whoops.
- Something else goes wrong...bottom line is that the company should have no right to wipe anything other than their own data.
I understand the need for locking the device...I really do. But, if someone does happen to find my phone (knock on wood but HIGHLY, HIGHLY unlikely, as I've never even almost forgotten any phone, anywhere, ever) they aren't going to find ANYTHING of value in my emails. I'm pretty low on the totem pole.
If I had sensitive data on my phone...no questions asked, I would keep it p-word locked.
matt2053 said:
Can you please post a link to the one you used?
Sent from my PC36100 using XDA App
Click to expand...
Click to collapse
http://forum.xda-developers.com/showthread.php?t=775007
awenthol said:
I understand the need for locking the device...I really do. But, if someone does happen to find my phone (knock on wood but HIGHLY, HIGHLY unlikely, as I've never even almost forgotten any phone, anywhere, ever) they aren't going to find ANYTHING of value in my emails. I'm pretty low on the totem pole.
If I had sensitive data on my phone...no questions asked, I would keep it p-word locked.
Click to expand...
Click to collapse
Your Exchange Admin (or you depending on the version of Exchange you're using) has the ability to remotely wipe your device in the event it gets stolen/lost.
Could anyone give a brief possible explanation of why I can connect to my exchange server easily using Touchdown, but not using the Android integrated Exchange Account Sync?
Sent from my PC36100 using XDA App
Just found this thread as I've encountered the same issue on a HTC Sensation, just setup Exchange ActiveSync, and bam, have to set up the PIN lock on the phone.
However I've noticed that once you've done it, you can then go into Settings, Security and change the timeout before it locks up to 1 hour (I think that is dependent on your company setting). Mine was defaulting to every time the screen locked, but changing it to 1 hour I find I hardly ever have to unlock the phone now apart from first thing in the morning as I tend to use it regularly through the day.
We really need to rally and get Google to fix some major issues with the Android OS. If Android is going to be truly universal and be able to compete, and beat Apple, it needs to at least be able to do what it can do. Please read: http://claar.org/blog/?p=180 and call, email, post, blog, whatever you can to get Googles attention on these issues.
And thank you for your support.
P.S. Pass this url on to every android user you can.
http://claar.org/blog/?p=180
Sent from my ADR6300, not my wife's iPad...
You have a legitimate argument but those items you listed are never performed by me. =[ Sorry. Everything I need done, works. =]
[ Sent from an LG Optimus V ]
Android still has a way to go before being all things to all people. It has the potential though so i'm sure we'll see improvements in the areas where it's currently weak.
Nice write up though. I hope these issues are resolved for you soon.
Write your congressman. Attend your local PTA meeting.
Don't gey me wrong, I love my Android phone, just saying that Google is missing the boat on the Enterprise side of things. Used to have an iPod touch that worked flawlessly on our corporate intranet, can't say the same for my dinc. As the workforce continues to become more mobile, they'll be carrying iPads instead of Xooms or Galaxy tabs.
Sent from my ADR6300, not my wife's iPad.
are there really people who use android's and ipad's/iphone's for work???
o-o?
id rater use a PC or laptop. but yha.
think all the company's want to be cool?
i cant go suport this.because my android does what it needs to do.
remember. smartphones and tablets aren't pc's,so they shouldn't do the work of a pc.
ghost010 said:
are there really people who use android's and ipad's/iphone's for work???
o-o?
id rater use a PC or laptop. but yha.
think all the company's want to be cool?
i cant go suport this.because my android does what it needs to do.
remember. smartphones and tablets aren't pc's,so they shouldn't do the work of a pc.
Click to expand...
Click to collapse
Why shouldnt they? Why should they have limitations. I say the more capabilities the better!
Universally, I don't understand Googles LACK of contact and attention to it's customers. Like most people are aware that e-mailing google is a complete WASTE OF TIME. I'd love to meet someone who has yet to actually get a meaningful response from google. I understand that they are a HUGE company and can easily get overwhelmed by emails, but the complete lack of response in general is UNACCEPTABLE. Why do they act this way, ESPECIALLY to their customers? Eitherway, they should respond in some way to all emails, understandable for free products, but for PAYING customers like us Android users, should get a response.
Google is worse than Sprint when it comes to response. I don't get it or understand.
I'm an IT Director for a medium sized medical manufacturing company and I've been testing ipads as a laptop alternative for our salesforce, and I have to say, I would be absolutely pissed if I had to use an ipad(or any tablet for that matter) for work.
Don't get me wrong. They work. But do you want to do all your work on them? HELL NO.
I have a remote desktop app on my mytouch 4g and I use it every now and then when I need to fix something or get onto the server for any reason. That doesn't mean I'm going to ditch my computer because my phone is capable of doing something my laptop does. Tablets, smartphones, mobile devices in general...they should be used to supplement computers, not replace them.
And as far as google 'not listening to their customers', you obviously haven't been on any sort of development team before. Especially not one that had any sort of fast progress. I don't know if you've noticed, but chip manufacturers have released dual core mobile cpu's. So google can either work on your vpn problem and appease a small number of enterprise users(people who will actually use a vpn on their phones), or they can concentrate on optimizing their code so it will work well with the next generation of hardware. They're obviously going to concentrate their manpower(or womanpower) on development for next-gen hardware. If the support ticket exists, they'll work on it. But there are thousands of them, and people need to realize that just because it's important to you specifically, doesn't mean it's an important problem. VPN access doesn't effect the overall functionality of the os during normal use, so it's going be put on the back burner, that doesn't mean it won't be fixed.
And whoever said go to pta meetings, PTA = parent teachers association. Good luck getting heard there.
While on the subject of fixes, I'm more concerned about linked market data and being able to transfer purchases to different accounts. I.E. switching from a google apps account to a gmail account. Also, the 'master account' crap. There should be a way to change which login you use to connect to gtalk and the market without having to reset your device to factory. That just sucks.
LOL, I used to get those "wake-up" calls from the 3rd shift platform operators. I got my butt out of bed, got on my PC and fixed the problem or marked it "next day" and fixed it when I got to work.
I can't see using a phone's screen size to debug a couple hundred lines of JCL or batch COBOL program Not to mention, I was usually talking to the operator at the same time I needed to see something on the PC; very hard to do with a phone.
Can it connect to Microsoft's pptp? Yes - http://www.techrepublic.com/blog/smartphones/connect-to-a-pptp-vpn-from-your-android-phone/2145
problem 1. You can connect to a proxy (unless i'm not understanding your complaint) There's Proxy options under the settings menu.
Problem 2. I've noticed this but apparently some 3rd party browsers can do it.
Problem 3. Not sure about this one, but i connect to many different networks (public, domestic and at uni) and have never had a problem like this.
What you're saying is that you have various problems that the vast majority of people will never experience and you are wondering why Google aren't dropping everything to fix it immediately? These problems (to me at least) seem incredibly minor.
kccasey said:
Universally, I don't understand Googles LACK of contact and attention to it's customers. Like most people are aware that e-mailing google is a complete WASTE OF TIME. I'd love to meet someone who has yet to actually get a meaningful response from google. I understand that they are a HUGE company and can easily get overwhelmed by emails, but the complete lack of response in general is UNACCEPTABLE. Why do they act this way, ESPECIALLY to their customers? Eitherway, they should respond in some way to all emails, understandable for free products, but for PAYING customers like us Android users, should get a response.
Google is worse than Sprint when it comes to response. I don't get it or understand.
Click to expand...
Click to collapse
Because they already have your money, therefor they could care less. And they will continue to get your money, his money, her money etc because they make a product and provide a service that we all have come to rely on. They've got the hook set, you can't break free and they can let us dangle as long as they want.
But maybe the combination of google, samsung, and verizon has destroyed my outlook.
Samsung Fascinate
Frankenclean 2.8
EB16-ish Voodoo Kernel
Mob87's Honeycomb theme
Sent from XDA Premium App
I think many of these issues will take a long long time to see resolved.
You need to consider what motivates google RE Android. Hint: It is not paying customers.
Thing is, normal market forces are not at work in the Android space. This is
my BIGGEST issue with Android.
@andmiller
You don't think your needs are most important ones, do you? There are many, many things to do, not only these mentioned by you.
For me your "This is Important" bugs are minor. Actually I didn't know about them to this time. I care much more about NDK APIs, performance and UI improvements and this is exactly what Google does.
Also there is one good reason to focus on new APIs, standard libraries, developer tools, etc.: Google is only one who can improve them and sooner is better. They could fix bugs at any time, they could also port them to older versions of OS. But if they add new API, it will take some time for developers to use it, because new API won't be supported by most of devices. So it's much better to work on a new features first and fix minor bugs later.
BobPaul said:
I think many of these issues will take a long long time to see resolved.
You need to consider what motivates google RE Android. Hint: It is not paying customers.
Thing is, normal market forces are not at work in the Android space. This is
my BIGGEST issue with Android.
Click to expand...
Click to collapse
You have got that completely backwards. Iphone is not normal market space. Each manufacturer running android os have to set themselves apart from each other, hence skinning the os. If customers demand, need it, it will get fixed or innovated.
Apple controls all, What they say goes. Example: no flash, theming....
Amazon drops their android app store on tues. Why, market forces.
Sent from my SGH-T959 using Tapatalk
hey dude most of those issuses were fix sort of well i wouldnt say fix because google came out with a whole new O.S. most of ur issuses hav been resolved in the honeycomb os and greater but u dont need a fix u need a app that can handle what u need
> Can it connect to Microsoft's pptp? Yes - http://www.techrepublic.com/blog/sma...oid-phone/2145
No, or at least, not for several hundred people at least, some who have even provided logs of both sides of the conversation. Some bug comments are from companies, representing complaints from their customer base, so it is probably more. I could write an article that shows how to do it, too, but that doesn't mean that I've tested all combinations. If the author's VPN was not encrypted, he wouldn't have seen the problem, and--since his connection worked, and there's that encryption checkbox--he might have just assumed it worked. He might have even tried it: You can connect with encryption, you just can't stay connected for any length of time.
> problem 1. You can connect to a proxy (unless i'm not understanding your complaint) There's Proxy options under the settings menu.
I can manually set a proxy, although there are reports that this is not a standard part of android, but a value-add by the phone mfr. A third-party program could perhaps recognize which WAP I connect to and set values accordingly, but only if I want everything to go through the proxy, and not just some things. That would have worked at HP, but my ulterior motive is to proxy a specific blocked port so that I can pop my email to my wifi tab. OK, I'll admit, my actual reason isn't a compelling case for Google! ;-)
> Problem 2. I've noticed this but apparently some 3rd party browsers can do it.
I'm not surprised that some clever programmer patched around the breakage, but it needs to be solved generally. Really, this and VPN are the most important issues for me.
> Problem 3. Not sure about this one, but i connect to many different networks (public, domestic and at uni) and have never had a problem like this.
You have never had a problem like this that you know of! Most folks have been bitten by this when the run into a place with short leases, and only find out--if they do--by accident, since most places don't check for violators.
Other comments
For the person who asserted that these are fixed in the latest release, that doesn't appear to be the case, according to the bug reports.
Are there really people who use their portable device for work? Not if it is android-based! (I know, cheap shot, but--for many of us--a true statement).
I have a galaxy tab. With working VPN and ssh, I could login and do a simple database change "echo blah blah blah|mysql", restart a job, whatever. I'm not going to write a couple of thousand lines of code, but I might look at a couple of thousand lines of a log file! Instead, I have to fire up the PC, which means I have to be around the PC, and I'd rather have the freedom of mobility.
Let's think a common situation with the N10:
I have a lot of paid apps attached to my gmail account. The first thing I will do with the N10 is create 3 different profiles. Mine, my wife and my daughter. Every one with their own gmail account.
I have read that when one user gets an app from google play that is already installed by other it won't be downloaded again, and that's fine. But what happens with paid apps?
I'm pretty sure another user with other gmail account won't have access to bought apps by a different person in Google Play....
The situation I will face will be very common. I have bought several apps for my daughter (I have an Asus TF101) and I'd like to see them in her profile in the N10.
The only solution I can guess is to add my gmail account as a secondary one in her profile, but to keep things separated won't be a reality.
What do you think?
If it's the same as the n7 I think any users can use the same paid apps on that device, whether they bought it too or not. Much like a pc.
Unless they've changed this it worked with the hack to enable multiple accounts that was embedded in jb before.
Sent from my GT-I9300 using xda premium
skibadee said:
If it's the same as the n7 I think any users can use the same paid apps on that device, whether they bought it too or not. Much like a pc.
Unless they've changed this it worked with the hack to enable multiple accounts that was embedded in jb before.
Sent from my GT-I9300 using xda premium
Click to expand...
Click to collapse
That's good news. Let's hope the final version works that way.
That's why I have been purchasing my apps with a seperate family account for a while now. It only has the app licenses and some shared calendar items, which are thus available on my wifes phone and mine. And of course will be on the Nexus 10 on any family profile.
you are talking about several separate things here.
it was stated, that apps that are already installed on the device, but under a different user account, will be available instantly, and do not require to be downloaded again.
that is true, in the android developers office hours emea edition yesterday and last week, this was confirmed. however, it was not clearly stated, what the space requirements are in such a case. obviously, the apk itself must be stored on the device at least once. since all user settings are individual, the shared preferences files will be present twice and all apps that require external data, such as game data on the sd card, must be updated, to not store this data twice. the last point goes especially for apps with expansion apks on the play store, whether apps with data downloads from 3rd party servers (like rockstar games etc.) will work with this model, time will tell.
the way this entire system works, is through encryption and file system permissions.
even the same folder on the sd card, say /sdcard/Music/ can look differently to different users.
Also, up to now, this has not been tested with devices with external sd cards (for obvious reasons) and only works on ext4 file systems.
The licensing question is entirely different from that. the play store, while being able to check a lot of things about you and your device, primarily looks at your google account when you are looking for an app, and the app licenses you buy always are registered to your account (i.e. you as a person), as opposed to your device, which is great, if you are one person with several devices. mixing this system with per device licenses would create a massive issue, as people could just willy nilly create legit play store licenses for apps by adding friends' user accounts on their device with paid apps and the apps would be licensed for the friends as well (again, including all their devices).
of course the same goes for any other play store purchases as well (movies, music, books, in-app purchases etc.)
this has not officially been stated by the android developers office hours, but it only makes sense this way, again, as mixing per-user licensing with per-device licensing would open a hell-hole of piracy.
so, considering, what google officially stated about these things, i would not count on the feature being anywhere similar to the existing multi-user feature of 4.1. if it had been ready and perfected at the time, it would have been published in that state, but after another half a year of work, i expect it to have changed, much like the rest of the os.
if you want all of this information directly from google and in even lengthier explanations, check out the office hours:
http://www.youtube.com/watch?v=8IeU_sQzl3U&feature=plcp
http://www.youtube.com/watch?v=Z92fwFQntG8&feature=plcp
I am willing to bet that the shared APK system is based on the Play Store and might even only work when installed from there. In that case, in order to have an app available on another profile, you would need to "download" it from the store, only that it just registers it as visible somehow. That would require the corresponding google account on every profile using the app.
When it comes to additional files, I guess the "official way" introduced a while back with the two additional archives will be handled just fine, as it is done by the system itself. When the app downloads those themself, we will have to wait and see like you said. The same goes for other files - will I be aple to see e.g. the photos from other profiles? If not by default, can you manage the access rights? Devices with SD cards might prove quite interesting here, but they may as well be handled the simple way: if you use that storage, it is open for all.
However that turns out to work, multi-user will broaden the versatility of tablets, even if some scenarios don't work out as they might be wished or expected.
What I didn't get from your post - are you accusing me of abusing the multi-device functionality? If so, I don't feel ashamed of sharing paid apps with my wife (for now) and children (later on when they get smartphones). We also do not buy separate DVDs for each viewer or multiple instances of books.
Sharing a google account with paid apps with a multitude of friends as you described however could prove quite problematic. Who gets to register his credit card? Who decides which apps are bought? I guess it would be much easier to find a cracked version if unwilling to pay.
no no, i was not accusing you.
i was just presenting the official google standpoint of licensing and that with a per-device licensing in combination with a device with multiple users, it would be possible to create free licenses illegally.
let me elaborate on that, because i meant it entirely different from your last paragraph:
let's say, i have a nexus 10 and have bought a paid app with my account. if that meant, every user on my tablet would inherit an own license from this one purchase, i could theoretically have friends coming over all day, logging into my tablet with their account, and immediately have the right to this paid app (and all my paid apps) as well, so it would be licensed to their account and they could install it on their phones as well. that way, you could create an infinite account of pseudo-legit licenses for apps or generally all play store content. this is the reason, why i think it is impossible that google would use the per-device licensing all of a sudden.
actually, i forgot to mention, your model with a combined family account is actually a good way around such issues.
i am sure, many couples or entire families use this method and it is perfectly fine. at least, the app purchase is legit. sharing one account with two people, especially in this case on one device is something completely different from the fraudulent model i was talking about before.
my entire earlier post was about the question in the op, whether one paid app can be used from multiple accounts and again, technically, legally and morally, no.
i agree with your dvd example, translating that to apps, one account on multiple devices allows multiple app installations and whether both devices are operated by the same person or a couple does not matter.
long story short:
the only difference in the play store experience is that apps that are already installed don't have to be downloaded again (to save time), but the play store will still feel exactly the same, i.e. requiring a purchase for an app, that has not been bought with that account yet.
Chef_Tony said:
no no, i was not accusing you.
Click to expand...
Click to collapse
I was just asking to prevent misunderstanding.
i could theoretically have friends coming over all day, logging into my tablet with their account, and immediately have the right to this paid app (and all my paid apps) as well, so it would be licensed to their account and they could install it on their phones as well.
Click to expand...
Click to collapse
Even if you could just use any app installed by any profile (which as I described above is not the way I assume it will happen), at what point does that enable them to download the app to their devices? That would require them to have your profile (with your account details) on their devices.
PlanetJumble said:
Even if you could just use any app installed by any profile (which as I described above is not the way I assume it will happen), at what point does that enable them to download the app to their devices? That would require them to have your profile (with your account details) on their devices.
Click to expand...
Click to collapse
no it wouldn't require them to have your profile in this hypothetical story, here is the thing, as i understood the first couple of posts in this thread, this would be a possible scenario (but isn't):
User A has a phone, let's say a Gnex and a google account [email protected]
User B has a phone, let's say an S3 and a google account [email protected]
User A buys a Nexus 10.
User A logs in and has access to all the same paid apps as on the Gnex.
User B logs in and has access to all the same paid apps as on the S3.
User A installs a free app on the Nexus 10.
User B installs the same free app on the Nexus 10. it does not require another download, it is just there.
(so far, so good, all true, could happen)
User A buys an app from the play store on the Nexus 10.
User B looks at the same app on the play store on the Nexus 10.
(here comes the initial question: will he get this app for free, since it is already installed on the device?)
Situation 1:
User B gets the app for free on the Nexus10, since it is already present on the device, it does not even need to be installed again, it is just there.
User B looks in the play store, the app should now be listed in "My Apps", since it was installed on the device with the account [email protected]
User B gets his S3 and has the same app displayed as purchased on the play store, since he once was able to legitimately install it from his account (on the Nexus 10), which makes it his app on all his devices.
User B installs the paid app on his S3 for free, since it is present on his account.
User B's account gets removed from the Nexus 10.
Rinse and repeat through User Z. 25 free licenses, that can be replicated to all of the users' devices since they get the app transferred to their accounts if they once inherited it on the Nexus 10.
Situation 2:
User A looks at the app on the play store, it costs .99$. He buys it and installs it.
User B looks at the app on the play store, sees it costs him .99$
User B buys the app.
The app gets installed instantly, as it is already present on the device.
All I wanted to say with my two previous 2 posts is:
Situation 1 is never going to happen. Situation 2 is how it's going to be. If User A and User B are 2 separate Google Accounts on the same tablet, they need to buy apps twice.
People tend to confuse the instant install feature with an ability to share apps or transfer apps between accounts, but all it does is save you time and internet traffic. it does not influence paid apps at all. also, apparently, the half implemented multi-user feature in 4.1 gave wrong impressions as well.
P.S. i actually think, we were on the same page all along, just had different approaches to give examples of the situations.
Chef_Tony said:
P.S. i actually think, we were on the same page all along, just had different approaches to give examples of the situations.
Click to expand...
Click to collapse
I think so too, and I fully expect to skip the second payment with each profile having the personal and the shared family account.
Exactly. For 2 persons you make 3 accounts. One shared account for paid apps that both use, so you'd just need to purchase them once and 2 individual accounts for the two persons to have their personal email and other individual settings and files.
That seems to be the ideal solution. A week from now, we'll know exactly, how the separation works.
Can't wait to have the device here.
Sent from my GT-I9100 using Tapatalk 2
Chef_Tony said:
Situation 1:
User B gets the app for free on the Nexus10, since it is already present on the device, it does not even need to be installed again, it is just there.
User B looks in the play store, the app should now be listed in "My Apps", since it was installed on the device with the account [email protected]
User B gets his S3 and has the same app displayed as purchased on the play store, since he once was able to legitimately install it from his account (on the Nexus 10), which makes it his app on all his devices.
User B installs the paid app on his S3 for free, since it is present on his account.
User B's account gets removed from the Nexus 10.
Rinse and repeat through User Z. 25 free licenses, that can be replicated to all of the users' devices since they get the app transferred to their accounts if they once inherited it on the Nexus 10.
Situation 2:
User A looks at the app on the play store, it costs .99$. He buys it and installs it.
User B looks at the app on the play store, sees it costs him .99$
User B buys the app.
The app gets installed instantly, as it is already present on the device.
Click to expand...
Click to collapse
I don't see why it has to be only one of those two options. Why not this:
Situation 3:
User A buys and installs a $0.99 app on the play store.
User B Looks at the same app and Play store is smart enough to check that the app is already installed on the device and allows him access to it on this device but does NOT update his account information to say that he has purchased the app.
User B Looks at the same app on his phone, and it still shows up as costing $0.99.
Not saying that's definitely the way it will work, but that's the way I'd prefer it. That would allow a parent to buy and install apps for his children that they have access to on their profiles, without having to associate his own account and credit card information with his children's profiles, opening up the possibility for them to make purchases without his approval.
Another question I have about multi-profile access to apps is this: I keep hearing that the second user to install an app will not have to download it again. That's certainly nice for ease/speed of access to the new app, but it doesn't answer the question of how the app is stored on the device. Is there just one copy of the apk that all users can access? Or does the system make a copy of the apk for each profile that installs it, thus using up more storage space?
Profiles are just profiles under one GMail account I'd imagine, and not a completely separate and independent accounts.
BoneXDA said:
Profiles are just profiles under one GMail account I'd imagine, and not a completely separate and independent accounts.
Click to expand...
Click to collapse
Nah, that doesn't make sense, you don't want to be sharing an email account or whatever, it will be a separate (optional) account per profile.
As for the app purchase crappy, who cares, get titanium backup, use its profile switch option which works on all android versions to swap out apply and game data so multiple people can use them on the same device.
Sent from my GT-I9300 using Tapatalk 2
You don't seriously say using titanium is easier than native integration?
@je55ter only a few more days and we will know for sure.
BoneXDA said:
Profiles are just profiles under one GMail account I'd imagine, and not a completely separate and independent accounts.
Click to expand...
Click to collapse
that is definetely not the case as one can see in all available hands on videos so far, the profiles are different google accounts, which will then automatically give you access to all your google content. have a look at the videos, like the first video from the verge, the demo device clearly has hugo barra's account on it, as indicated by his google+ avatar on the lockscreen. it was also confirmed that these profiles will fetch all kinds of information from the corresponding google account, so it must be multiple accounts.
PlanetJumble said:
You don't seriously say using titanium is easier than native integration?
@je55ter only a few more days and we will know for sure.
Click to expand...
Click to collapse
I'm not saying it's easier, but if it turns out each user is supposed to purchase it, TB profiles is one solution.
Sent from my GT-I9300 using Tapatalk 2
A very similar example would be the Xbox 360 or PS3. These are devices that use multiple users accounts. On both consoles paid content is available to all profiles on the console.
Sent from my Nexus 7 using xda app-developers app
Yes, X360 and PS3 are excellent examples... of how it will not work on Android!
Actually it really makes sense that different profiles got different apps, unlike on consoles. If you can cross-license over profiles on the same device some way will be revealed next week.
PlanetJumble said:
Yes, X360 and PS3 are excellent examples... of how it will not work on Android!
Actually it really makes sense that different profiles got different apps, unlike on consoles. If you can cross-license over profiles on the same device some way will be revealed next week.
Click to expand...
Click to collapse
What evidence do you have for how it will be implemented? You can make a pretty strong argument for both systems.
If there is no cross-licensing it would seriously reduce the appeal of this feature. Would most people purchase 2 copies of GTA3 for instance just so they can have their own saved game on their profile? I don't think so.
(sorry about my chinglish )
So here's how:I locked my nexus10 and forgot the password, and I do not see the "Forgotten" button on the screen and also I didn't turn USB debugging mode on, so is there any possibility I can save my data instead of cleaning them up? Thank you (btw, I deleted the original recover files(because I once booted Ubuntu Touch on it) how can I reset it anyway?) Tanks a lot
EX_RIVER said:
(sorry about my chinglish )
So here's how:I locked my nexus10 and forgot the password, and I do not see the "Forgotten" button on the screen and also I didn't turn USB debugging mode on, so is there any possibility I can save my data instead of cleaning them up? Thank you (btw, I deleted the original recover files(because I once booted Ubuntu Touch on it) how can I reset it anyway?) Tanks a lot
Click to expand...
Click to collapse
If you have TWRP (not sure about Clockworkmod), "Factory Reset" will leave personal files on while clearing settings, custom apps, etc. FORTUNATELY, there is no way to bypass, other than resetting the device, the password for security reasons
dibblebill said:
If you have TWRP (not sure about Clockworkmod), "Factory Reset" will leave personal files on while clearing settings, custom apps, etc. FORTUNATELY, there is no way to bypass, other than resetting the device, the password for security reasons
Click to expand...
Click to collapse
Pretty sure that's not true, strictly speaking. Unless OP is talking about encryption, flashing a new ROM over top will preserve most user data saved on /sdcard (much to my annoyance).
Rirere said:
Pretty sure that's not true, strictly speaking. Unless OP is talking about encryption, flashing a new ROM over top will preserve most user data saved on /sdcard (much to my annoyance).
Click to expand...
Click to collapse
You are correct. I forgot that circumstance. TWRP specifically excludes the data/media area
Sent from my Samsung Galaxy Victory via XDA Developers App
dibblebill said:
You are correct. I forgot that circumstance. TWRP specifically excludes the data/media area
Sent from my Samsung Galaxy Victory via XDA Developers App
Click to expand...
Click to collapse
I mean, it's useful because if you flub a flash you can use a backup, but these recoveries are not secure and aren't designed to be.
EX_RIVER said:
(sorry about my chinglish )
So here's how:I locked my nexus10 and forgot the password, and I do not see the "Forgotten" button on the screen and also I didn't turn USB debugging mode on, so is there any possibility I can save my data instead of cleaning them up? Thank you (btw, I deleted the original recover files(because I once booted Ubuntu Touch on it) how can I reset it anyway?) Tanks a lot
Click to expand...
Click to collapse
USB debugging isn't required for ~all~ USB stuff, so you should try it anyways.
Then, as long as you still know your Google password you can install this to your Nexus, via the web (no log on to device actually needed):
http://www.androidlost.com/
I haven't actually tried or used that program, so cant say 100% it will work on N10 - but "in general" it seems like it should!
:good:
bigmatty said:
USB debugging isn't required for ~all~ USB stuff, so you should try it anyways.
Then, as long as you still know your Google password you can install this to your Nexus, via the web (no log on to device actually needed):
http://www.androidlost.com/
I haven't actually tried or used that program, so cant say 100% it will work on N10 - but "in general" it seems like it should!
:good:
Click to expand...
Click to collapse
I don't know if AndroidLost can unlock a device, and he doesn't seem to have lost it either. Unless an app had root/device admin access, I can't imagine that it would have the privileges necessary to remove authentication from a device (since that seems to be the pinnacle of bad security). Secure Settings + Tasker can do it, but you need to set that up beforehand.
Rirere said:
I don't know if AndroidLost can unlock a device, and he doesn't seem to have lost it either. Unless an app had root/device admin access, I can't imagine that it would have the privileges necessary to remove authentication from a device (since that seems to be the pinnacle of bad security). Secure Settings + Tasker can do it, but you need to set that up beforehand.
Click to expand...
Click to collapse
It says it can:
Lock the phone
You can lock and unlock the phone from the web. If you forget your pincode you can simply overwrite it or remove it from the web
bigmatty said:
It says it can:
Lock the phone
You can lock and unlock the phone from the web. If you forget your pincode you can simply overwrite it or remove it from the web
Click to expand...
Click to collapse
I don't think this means what you think it means (and I could be wrong). Many security apps like avast! offer a similar "locking" functionality, where the normal lockscreen (whatever security it is) is covered by a second lockscreen, superimposed over all system UI elements to prevent access. This lockscreen is controlled by the app, but it will not affect any underlying security (basically, think of it as a replacement lockscreen for security reasons, not much unlike HoloLocker or Go Launcher's lockscreen).
Rirere said:
I don't think this means what you think it means (and I could be wrong). Many security apps like avast! offer a similar "locking" functionality, where the normal lockscreen (whatever security it is) is covered by a second lockscreen, superimposed over all system UI elements to prevent access. This lockscreen is controlled by the app, but it will not affect any underlying security (basically, think of it as a replacement lockscreen for security reasons, not much unlike HoloLocker or Go Launcher's lockscreen).
Click to expand...
Click to collapse
I don't know man, and like I said I've never tried it. But its a super popular app, and has been featured in write ups. On their main page it states that text, as the fifth "main feature" which seems pretty straight forward to mean "the main lock screen"...
bigmatty said:
I don't know man, and like I said I've never tried it. But its a super popular app, and has been featured in write ups. On their main page it states that text, as the fifth "main feature" which seems pretty straight forward to mean "the main lock screen"...
Click to expand...
Click to collapse
No good, sorry. You're right on one count-- I just tested it, and it does interact with the stock lockscreen. Unfortunately, as I said earlier, unless the app is granted root/device admin privileges, no Android app can change the stock lockscreen...and since OP can't get into his device, he can't grant it device admin.
Rirere said:
No good, sorry. You're right on one count-- I just tested it, and it does interact with the stock lockscreen. Unfortunately, as I said earlier, unless the app is granted root/device admin privileges, no Android app can change the stock lockscreen...and since OP can't get into his device, he can't grant it device admin.
Click to expand...
Click to collapse
Nice on the testing! Too bad about the unlock. Perhaps he can still use it to offload his content though.
Did you try to "push" it to your device w/out installing it direct? I have wondered if I should pre-load this app on my devices, but "they" tout its remote-install-ablity, so I somewhat feel like I would not have to pre-install. (But then again, Im always apprehensive of claims that make things seem super easy.)
EDIT: Hmmm.... I see it requires "SMS" to install this on a device via Push - so I guess it NEEDS to be pre-loaded on a N10 if one wishes to use it to retrieve a lost N10, or even use it in this context! Now to decide if I install this or not...
bigmatty said:
Nice on the testing! Too bad about the unlock. Perhaps he can still use it to offload his content though.
Did you try to "push" it to your device w/out installing it direct? I have wondered if I should pre-load this app on my devices, but "they" tout its remote-install-ablity, so I somewhat feel like I would not have to pre-install. (But then again, Im always apprehensive of claims that make things seem super easy.)
Click to expand...
Click to collapse
I installed direct. I use Cerberus (and before that, avast! Anti-Theft) to help secure my devices, but these things are all a game of chance. My advice: completely disregard remote-install abilities. If you're going to use this kind of service, it really doesn't make any sense not to install it yourself, where you can change your preferences (such as install to /system or rename the application) to work for you.
The bigger problem is that, obviously, six hundred million things could go wrong. I noticed that AndroidLost noted that they were using Google to push messages, which indicates that they're using C2DM (unlikely, it's deprecated) or GCM push services, which require your phone being connected to a network (itself a big assumption) that will allow Google's ports to send traffic. This excludes no small number of places, particularly corporate networks (and many schools as well). It also looks like one of the wakeup methods if SMS, which is not only noticeable (to a thief), but potentially may be intercepted by other apps on the phone (such as an alternative SMS app).
The idea is that these apps intercept and delete any command SMS before any other app, but in practice this doesn't always happen. So test your setup before something happens!
Rirere said:
I installed direct. I use Cerberus (and before that, avast! Anti-Theft) to help secure my devices, but these things are all a game of chance. My advice: completely disregard remote-install abilities. If you're going to use this kind of service, it really doesn't make any sense not to install it yourself, where you can change your preferences (such as install to /system or rename the application) to work for you.
The bigger problem is that, obviously, six hundred million things could go wrong. I noticed that AndroidLost noted that they were using Google to push messages, which indicates that they're using C2DM (unlikely, it's deprecated) or GCM push services, which require your phone being connected to a network (itself a big assumption) that will allow Google's ports to send traffic. This excludes no small number of places, particularly corporate networks (and many schools as well). It also looks like one of the wakeup methods if SMS, which is not only noticeable (to a thief), but potentially may be intercepted by other apps on the phone (such as an alternative SMS app).
The idea is that these apps intercept and delete any command SMS before any other app, but in practice this doesn't always happen. So test your setup before something happens!
Click to expand...
Click to collapse
Thanks for the info, I will look into Cerberus. I am assuming you would recommend that as you are currently using it? Do you think its better than AndroidLost, even though you haven't spent as much time w/ AndroidLost?
bigmatty said:
Thanks for the info, I will look into Cerberus. I am assuming you would recommend that as you are currently using it? Do you think its better than AndroidLost, even though you haven't spent as much time w/ AndroidLost?
Click to expand...
Click to collapse
I like it a lot more, but I will admit I personally liked avast! better. Its uncertain future (plus a nice promotion) led me to jump ship to Cerberus. I'd have to play around with it a bit more to be sure though.
Rirere said:
No good, sorry. You're right on one count-- I just tested it, and it does interact with the stock lockscreen. Unfortunately, as I said earlier, unless the app is granted root/device admin privileges, no Android app can change the stock lockscreen...and since OP can't get into his device, he can't grant it device admin.
Click to expand...
Click to collapse
Yep, you're right I can't get root under this situation, thanks a lot I'm trying to figure out how to save my data mow
EX_RIVER said:
Yep, you're right I can't get root under this situation, thanks a lot I'm trying to figure out how to save my data mow
Click to expand...
Click to collapse
It's not root you need per se, it's device admin. But root isn't an easy option for you either, because unlocking your bootloader will hose your data. I also think most of the locked-bootloader exploits require the device to be on and unlocked. If you're signed into your Google account, you should have a fair degree of stuff backed up already-- what sorts of data are you trying to save?
Rirere said:
It's not root you need per se, it's device admin. But root isn't an easy option for you either, because unlocking your bootloader will hose your data. I also think most of the locked-bootloader exploits require the device to be on and unlocked. If you're signed into your Google account, you should have a fair degree of stuff backed up already-- what sorts of data are you trying to save?
Click to expand...
Click to collapse
Mostly..........Photos and videos
EX_RIVER said:
Mostly..........Photos and videos
Click to expand...
Click to collapse
...do you have a Google+ account? Slash have you ever opened the app? If so, you might actually be in luck and your data should have been backed up to your Google+ (or PicasaWeb if you prefer).
I just purchased the Amazon Moto G4 edition for my son who is 8yrs old, and I understand he's a little young for a phone. However, a few of his buddies have phones and I thought it was a great way to help him read and type better through texting. I'm also not planning on paying for Cell service but rather use Wifi for SMS and Calls through hangout. And maybe get him freedom pop for in an emergency.
Now, with that said I created a gmail account that I control (my password, my recovery email/phone #, etc.) and then used this to setup the Play store. I set up all the restrictions in the play store to what I believe is appropriate and of course I locked it by setting up my own PIN code so he couldn't change them.
I also setup his own google voice number and tied it to google hangouts/dialer but I can also monitor what he is doing on my phone periodically if I wanted. I'm not interested in him using Snapchat, WhatsApp, or any other kind of social network.
I've also setup OpenDNS on the wifi account he uses at home. So I think I have things pretty much locked down with the exception of installing from Unknown sources. And although he probably isn't computer savvy enough yet, at some point he will be.
So, with that said is there anyway I can build a rom that disables installing from Unknown Sources? Also, any other recommendations and tips from others are welcome.
Thanks.
He can get rid of everything you did if he could factory reset
seth.dean02 said:
He can get rid of everything you did if he could factory reset
Click to expand...
Click to collapse
Of course he could, but he's 8! He's probably not savvy enough to circumvent my efforts yet and when he is I'll change my approach.
pabdaddy1995 said:
Of course he could, but he's 8! He's probably not savvy enough to circumvent my efforts yet and when he is I'll change my approach.
Click to expand...
Click to collapse
Try one of the apps that allows you to lock apps. One is Applock and you may be able to lock down settings. That would prevent him from changing anything. You've probably thought of it already but some type of tracking app is a necessary safety measure for a child's phone. LOL, when he becomes a teenager you'll need the tracking for many more reasons.