Related
OP deleted on account I am knot vary smert.
That's nice. Do you want some French Cries with that Whaa Burger?
Sent from my SCH-I500 using XDA App
Nice. You know, my mom always told me that if you don't have anything good to say, then just don't say anything.
Good advice in my opinion.
You've lost your keys or have problems accessing them - it's your problem, not Google's. This is called security - it's a feature, not a bug.
And you can't delete app for quite obvious reasons: in IT world you should try to not delete anything ever. Want some more practical reason? If you would delete your app and release new one with same package name, but signed with different keys, then people who already downloaded your first app wouldn't be able to install a new one.
Yeah, I guess y'all are right. OP deleted because apparently 15 years of work in IT and 2 degrees makes me stupid for losing a file. Thank god no one else has ever lost a file
Yeah... the android market system is pretty well thought out. But can you imagine if they lost the key to angry birds, or to some corporate app?
Lakers16 said:
Yeah... the android market system is pretty well thought out. But can you imagine if they lost the key to angry birds, or to some corporate app?
Click to expand...
Click to collapse
This is the reason why there are all of these "Keep backup(s) of your private key." warnings
You know, there may be much, much, much worse consequences of losing private keys. Many devices or technologies are designed to restrict access to themselves using keys of their manufacturers. Lets imagine Apple lose keys they use for app signing: there would be no more apps for any existent device - for millions of them! Same for other technologies: one harddisk failure and thousands or millions of devices around the world become totally useless.
Private keys are one of the most important and most secured things in many companies.
Rootstonian said:
OP deleted on account I am knot vary smert.
Click to expand...
Click to collapse
Don't forget childish. 8-D
carnegie0107 said:
Don't forget childish. 8-D
Click to expand...
Click to collapse
Always Never plan on getting old, even though the "50" mark is around the corner! LOL
It wasn't too painful to re-create the app. Now I have my keystore files saved on computer, external drive and burned to CD. Live and Learn I guess
Well, I never did find the keystores to my first 2 apps. Thankfully the user interface is really just there for pulling from my hosted databases. I can update the databases outside of Market updates.
Sorry about "whining" about this, but when I first created these apps, i had NO idea how important that keystore file was. I wish the Eclipse Export popped-up a 30 point font dialog box with:
"WARNING! DO NOT LOSE THIS FILE OR YOU WILL NEVER BE ABLE TO UPDATE YOUR APPLICATION!"
I actually thought the keystore was somehow integrated into the apk (which it might be, I don't know, but you still need the keystore file).
I've gone the extra steps and copied my current keystore files to my hosted site AND e-mailed them to myself. That makes 5 copies! LOL
I'm finding a lot of threads about changing from pin/password to pattern unlock, but not having any luck in completely disabling the security feature BS...
Is it possible to completely eliminate the password lock required by my exchange server? I have tried lockpicker and no lock, neither of which worked.
I would like to keep syncing but am not going to deal with this unlocking all the time (they JUST started enforcing it)...any help would be appreciated.
BTW, running Calkulin's EViO 2 v 1.7 (sense, so HTC mail)
Nope, this is tightly integrated down to the OS in order to pass MS requirements, and it reports the control level back to exchange so it can make sure it's in compliance with their mobile device policy.
In theory you can make an app that proxies the API and lies about what the phone can do ... but it wont be done with a simple APK/market app ... it's integration goes much deeper.
Honestly your best best: this is clearly a new policy. complain repeatedly to your IT staff. You're probably not the only one upset ... and noise will result in policy change ... because reality: IT staff hate dealing with people. They want to deal with servers.
Option 2: if you have a buddy on the exchange team he can put you on the same policy he undoubtedly created for himself and his team, that's 10x as lenient so he can mess with his little pet projects he plays with on the side.
Justin.G11 said:
Nope, this is tightly integrated down to the OS in order to pass MS requirements, and it reports the control level back to exchange so it can make sure it's in compliance with their mobile device policy.
In theory you can make an app that proxies the API and lies about what the phone can do ... but it wont be done with a simple APK/market app ... it's integration goes much deeper.
Honestly your best best: this is clearly a new policy. complain repeatedly to your IT staff. You're probably not the only one upset ... and noise will result in policy change ... because reality: IT staff hate dealing with people. They want to deal with servers.
Option 2: if you have a buddy on the exchange team he can put you on the same policy he undoubtedly created for himself and his team, that's 10x as lenient so he can mess with his little pet projects he plays with on the side.
Click to expand...
Click to collapse
Thanks...I figured it wouldn't be that easy but I had to ask.
Justin.G11 said:
Honestly your best best: this is clearly a new policy. complain repeatedly to your IT staff. You're probably not the only one upset ... and noise will result in policy change ... because reality: IT staff hate dealing with people. They want to deal with servers.
Click to expand...
Click to collapse
I get complaints all the time about policies. 99.999% of the time, the policies are created/approved by steering committees, the legal department or executive management. There is usually nothing IT can do about it as the policies are put into place for legal reasons or company security.
Additionally, if IT departments are not compliant in company policies there could be legal ramifications if the company has to comply with certain government guidelines.
And IT staff don't hate dealing with people...it sounds like your work environment is not like others.
Check out this thread to see if it does what you are looking for.
http://forum.xda-developers.com/showthread.php?t=775007
They modified the actual email.apk app to remove the security requirement that was hardcoded in it.
It was taken from CM7 which is AOSP, so I cannot say whether or not it will work on sense.
EDIT: After searching some more, droidforums has a modified email.apk file that you can install, that you use instead of the HTC mail, which tricks your exchange server into thinking that you have your security enabeled.
http://www.droidforums.net/forum/dr...onal-froyo-bypass-exchange-server-policy.html
Just download the zip, and extract the apk from it, then place the apk on your SDCard and install it just like a regular app.
Khilbron said:
Check out this thread to see if it does what you are looking for.
http://forum.xda-developers.com/showthread.php?t=775007
They modified the actual email.apk app to remove the security requirement that was hardcoded in it.
It was taken from CM7 which is AOSP, so I cannot say whether or not it will work on sense.
EDIT: After searching some more, droidforums has a modified email.apk file that you can install, that you use instead of the HTC mail, which tricks your exchange server into thinking that you have your security enabeled.
http://www.droidforums.net/forum/dr...onal-froyo-bypass-exchange-server-policy.html
Just download the zip, and extract the apk from it, then place the apk on your SDCard and install it just like a regular app.
Click to expand...
Click to collapse
Will look into that. Thank you very much!
I ended up using the modified email.apk from CM7...works like a charm!!! The Droid forums version kept coming up with security errors. THANKS AGAIN Khilbron!!!
awenthol said:
I ended up using the modified email.apk from CM7...works like a charm!!! The Droid forums version kept coming up with security errors. THANKS AGAIN Khilbron!!!
Click to expand...
Click to collapse
Can you please post a link to the one you used?
Sent from my PC36100 using XDA App
Justin.G11 said:
Nope, this is tightly integrated down to the OS in order to pass MS requirements, and it reports the control level back to exchange so it can make sure it's in compliance with their mobile device policy.
In theory you can make an app that proxies the API and lies about what the phone can do ... but it wont be done with a simple APK/market app ... it's integration goes much deeper.
Honestly your best best: this is clearly a new policy. complain repeatedly to your IT staff. You're probably not the only one upset ... and noise will result in policy change ... because reality: IT staff hate dealing with people. They want to deal with servers.
Option 2: if you have a buddy on the exchange team he can put you on the same policy he undoubtedly created for himself and his team, that's 10x as lenient so he can mess with his little pet projects he plays with on the side.
Click to expand...
Click to collapse
Yes..this reply really isn't correct. There have been some sqlite modifications that can be made or using the mail.apk from this link (http://forum.xda-developers.com/showthread.php?t=775007) works perfect, even with the new CM7-RC2
Bypassing Exchange security
I had this same issue with my work email. My way of bypassing it and still using the stock Mail app is by installing widgetlocker. Unfortunately the newest version does not bypass your encryption, but the older version before the most recent update does. Also it allows you to fully customize your lockscreen and add widgets and what have you. All in all pretty cool app.
widgetlocker.teslacoilsw.com/general/widgetlocker-1-2-9/
(unfortunately because i have never posted before i cannot post links so pm if the link does not work)
Amazing! So you guys have a device in your pocket that has complete access to your work mail server (something you don't own), and you apparently don't care if that falls into the wrong hands?
I don't want to get preachy but this is serious stuff:
1. Are you aware of the damage that can fall on an organization, its IP and reputation if a hacker/spammer has access to a mail account?
2. Your company's mail server is an assett of the company. Gaining access and leaving it unlocked is like borrowing something from work and leaving it on the street.
I understand that IT policies are annoying to the end user, but they are there for good reason.
Would you leave the company vehicle unlocked because it is annoying to get the key out? No.
Oh, and by the way, you can be held directly liable for damages for disabling/ hacking around policies. I have seen employees get fired for it.
Sent from my device.
ramiss said:
Amazing! So you guys have a device in your pocket that has complete access to your work mail server (something you don't own), and you apparently don't care if that falls into the wrong hands?
I don't want to get preachy but this is serious stuff:
1. Are you aware of the damage that can fall on an organization, its IP and reputation if a hacker/spammer has access to a mail account?
2. Your company's mail server is an assett of the company. Gaining access and leaving it unlocked is like borrowing something from work and leaving it on the street.
I understand that IT policies are annoying to the end user, but they are there for good reason.
Would you leave the company vehicle unlocked because it is annoying to get the key out? No.
Oh, and by the way, you can be held directly liable for damages for disabling/ hacking around policies. I have seen employees get fired for it.
Sent from my device.
Click to expand...
Click to collapse
The issue I have is with the idea that the company gets to dictate how my entire device functions. Your points are valid, but why not just require a password on the email app, not on the whole phone? Why do I have to consent to allowing them to order a full device wipe, instead of just a wipe of the company data?
bkrodgers said:
The issue I have is with the idea that the company gets to dictate how my entire device functions. Your points are valid, but why not just require a password on the email app, not on the whole phone? Why do I have to consent to allowing them to order a full device wipe, instead of just a wipe of the company data?
Click to expand...
Click to collapse
Those are some good points and questions:
If you just locked the mail app then the app would need to encrypt/decrypt all data, which would make it MUCH slower. However, the main reason is that the app lock approach is much more hackable..one simple example would be to load a proxy on the phone to intercept communication before it could be encrypted.
The idea behind the device lock is that it happens on a deeper level and is the most secure answer.
The question about having a choice with your device is actually a simple one to answer...if you don't agree with the work policy then don't use your personal device for work email.
The other thing is that, besides not having a choice, the forced answer is beneficial for everyone....if I lose my device then I definitely don't want strangers crank calling my family or getting personal info. I have read about some horrible stories.
The real question is...If your phone is lost why would you NOT want it to be secure and erased asap??
Sent from my "locked" device.
ramiss said:
Those are some good points and questions:
If you just locked the mail app then the app would need to encrypt/decrypt all data, which would make it MUCH slower. However, the main reason is that the app lock approach is much more hackable..one simple example would be to load a proxy on the phone to intercept communication before it could be encrypted.
The idea behind the device lock is that it happens on a deeper level and is the most secure answer.
Click to expand...
Click to collapse
Yes and no. There are approaches that are easier if you aren't securing the whole device, but that doesn't mean it can't still be hacked.
The question about having a choice with your device is actually a simple one to answer...if you don't agree with the work policy then don't use your personal device for work email.
Click to expand...
Click to collapse
Overall I agree with that, although I think at a company that offers mobile email, there's a sort of "peer pressure" to use it. Not to say that's a good reason. I'd imagine that it'd be hard for a company to actually require you to use mobile email on your personal device -- if your job truly requires it, I'd think they'd have to provide you a device if you don't have a compatible device or aren't willing to use it that way. So yes, you're probably right that you have the choice. It doesn't mean that we can't complain though.
The other thing is that, besides not having a choice, the forced answer is beneficial for everyone....if I lose my device then I definitely don't want strangers crank calling my family or getting personal info. I have read about some horrible stories.
The real question is...If your phone is lost why would you NOT want it to be secure and erased asap??
Click to expand...
Click to collapse
If it's really lost forever, yes. But what if:
- The exchange admin sends the wipe command to the wrong phone. ("Hi, I'm John Smith and I've lost my phone.")
- The "wipe after X invalid passcode" policy is enabled. A friend or a kid picks up the phone and tries to play with it. Whoops.
- Something else goes wrong...bottom line is that the company should have no right to wipe anything other than their own data.
I understand the need for locking the device...I really do. But, if someone does happen to find my phone (knock on wood but HIGHLY, HIGHLY unlikely, as I've never even almost forgotten any phone, anywhere, ever) they aren't going to find ANYTHING of value in my emails. I'm pretty low on the totem pole.
If I had sensitive data on my phone...no questions asked, I would keep it p-word locked.
matt2053 said:
Can you please post a link to the one you used?
Sent from my PC36100 using XDA App
Click to expand...
Click to collapse
http://forum.xda-developers.com/showthread.php?t=775007
awenthol said:
I understand the need for locking the device...I really do. But, if someone does happen to find my phone (knock on wood but HIGHLY, HIGHLY unlikely, as I've never even almost forgotten any phone, anywhere, ever) they aren't going to find ANYTHING of value in my emails. I'm pretty low on the totem pole.
If I had sensitive data on my phone...no questions asked, I would keep it p-word locked.
Click to expand...
Click to collapse
Your Exchange Admin (or you depending on the version of Exchange you're using) has the ability to remotely wipe your device in the event it gets stolen/lost.
Could anyone give a brief possible explanation of why I can connect to my exchange server easily using Touchdown, but not using the Android integrated Exchange Account Sync?
Sent from my PC36100 using XDA App
Just found this thread as I've encountered the same issue on a HTC Sensation, just setup Exchange ActiveSync, and bam, have to set up the PIN lock on the phone.
However I've noticed that once you've done it, you can then go into Settings, Security and change the timeout before it locks up to 1 hour (I think that is dependent on your company setting). Mine was defaulting to every time the screen locked, but changing it to 1 hour I find I hardly ever have to unlock the phone now apart from first thing in the morning as I tend to use it regularly through the day.
I have the US version of the HD2 on T-Mobile. Currently reset to factory defaults. Any idea if this phone has Carrier IQ installed?
Is there a way to check for CIQ on WinMo 6.5?
So far I've seen tons of discussion on Android and iOS, and most of the talk has been about Verizon/Sprint/AT&T, but I haven't seen anything about WinMo or T-Mobile in the midst of all that. (And yes, I *have* searched the forums, thankyouverymuch!)
Any ideas?
Nope.
http://forum.xda-developers.com/showthread.php?t=1373226
Thank you!
Thank you! Could not, for the life of me, find this on the forums!
Problem resolved
lol, why have you put a date at beginning of your topic??
n00b question I think, but can one safely assume that it's not on a hacked device running Android off either SD or NAND? This is assuming a task29/full wipe and installation of an XDA-sourced Android ROM. I.E--can we safely assume it's not hidden in any ROMs, unbeknownst to the chef?
"Rootkit", in itself, means a piece of malicous code that is hidden well beyond the capabilities of a file system to be read. I.e. it exploits various APIs so that it essentially appears as a bunch of numbers that the OS is unaware of existing. It has lowest level of access to your device such that it is virtually undetectable without special means.
That being said, I would doubt it would be in any kind of "ROM" someone can cook. It has to be on the BIOS/Flash level were it can be essentially untouched--but that's just my opinion, mind you.
jo_iii said:
"Rootkit", in itself, means a piece of malicous code that is hidden well beyond the capabilities of a file system to be read. I.e. it exploits various APIs so that it essentially appears as a bunch of numbers that the OS is unaware of existing. It has lowest level of access to your device such that it is virtually undetectable without special means.
That being said, I would doubt it would be in any kind of "ROM" someone can cook. It has to be on the BIOS/Flash level were it can be essentially untouched--but that's just my opinion, mind you.
Click to expand...
Click to collapse
That's about what I thought...hard for me to imagine it could be so hidden that a fully wiped phone loaded with a cooked from scratch ROM would still have this insidious little sneak in it. Hard for me to imagine it'd be hidden in the kernel or elsewhere and the Devs wouldn't have caught on to it a long time ago. I'll keep my eyes and ears open for a firmer answer and will share it here if/when I do...thanks!!
So I got a bug in my head, and thought I'd share it. My idea is for a phone lock/lock screen kind of app that uses a cipher for the password. That is to say, that the actual password will change periodically based on the cipher. For example, the date could be used as the cipher:
December 2, 2013 could also be written as 12/2/2013 which if you treated as a math problem would be .0029806
or you could multiply it: 12*2*2013 = 48312
If you wanted to get really fancy, you could make the numbers into letters: 48312 = dhcab
There are probably quite a number of things that can be used to cipher the PW.
I'd love to hear your thoughts.
NJ
nijohnson said:
So I got a bug in my head, and thought I'd share it. My idea is for a phone lock/lock screen kind of app that uses a cipher for the password. That is to say, that the actual password will change periodically based on the cipher. For example, the date could be used as the cipher:
December 2, 2013 could also be written as 12/2/2013 which if you treated as a math problem would be .0029806
or you could multiply it: 12*2*2013 = 48312
If you wanted to get really fancy, you could make the numbers into letters: 48312 = dhcab
There are probably quite a number of things that can be used to cipher the PW.
I'd love to hear your thoughts.
NJ
Click to expand...
Click to collapse
sorry, i am not sure i got that, you want to develop an lockscreen application with a non static password, so eg. you set that the date and time added up could be used at login. eg. at 12:20 on 12.2.2013 you it would be 12+20+12+2+2013= 2059.. and then typing in 2059 is the password?
.. sorry it's already hard to draw my unlock pattern, when i am drunk, for summing up those numbers, i would take more than a minute.. and then it would be already OUTDATED O.O .. damn
the problem is that, that the security of those locked screens only depends of the function you are using to produce the number! .. could be easely bruteforced, 'cause humans would need to much time for an complicated function -> function must be easy :/
thenobol said:
sorry, i am not sure i got that, you want to develop an lockscreen application with a non static password, so eg. you set that the date and time added up could be used at login. eg. at 12:20 on 12.2.2013 you it would be 12+20+12+2+2013= 2059.. and then typing in 2059 is the password?
.. sorry it's already hard to draw my unlock pattern, when i am drunk, for summing up those numbers, i would take more than a minute.. and then it would be already OUTDATED O.O .. damn
the problem is that, that the security of those locked screens only depends of the function you are using to produce the number! .. could be easely bruteforced, 'cause humans would need to much time for an complicated function -> function must be easy :/
Click to expand...
Click to collapse
I think I am a bit of a math geek, and the number come pretty easily for me. The time function might be a bit much, but yes, you have the gist of it. If you skipped the time function, the PW would really only change daily. Additionally, the actual function could be changed so that its not just addition.
nijohnson said:
I think I am a bit of a math geek, and the number come pretty easily for me. The time function might be a bit much, but yes, you have the gist of it. If you skipped the time function, the PW would really only change daily. Additionally, the actual function could be changed so that its not just addition.
Click to expand...
Click to collapse
the idea is quite nice, but the the security weak, because like i said, the only security is in keeping the algorithm as a secret :/
but also geeky enough to be developed :good: :cyclops:
thenobol said:
the idea is quite nice, but the the security weak, because like i said, the only security is in keeping the algorithm as a secret :/
but also geeky enough to be developed :good: :cyclops:
Click to expand...
Click to collapse
Hehe! Yea, its no huge barrier. Really, I just thought is was fun. Probably more secure than a static PW. But not by much.
Sorry if this is a completely nonsensical and stupid question but I wanted to make sure on how encryption with Android 6 works. Because I thought I had read somewhere that encryption is only done on certain parts but not others such as System partition. Of course, I could be completely wrong about what I thought I read.
And yes... I'm not completely crazy and I know it's called "Full Disk Encryption" for a reason. I think I'm just paranoid. Even the Android page description uses the terms "all user created data... " is encrypted. So, part of me was wondering why they emphasize the "user created" part.
Also, wondering how much effect, if any, an unlocked bootloader and rooting has
I just want to make sure that, for example, if I put my keepass database on my phone, that I don't have to worry. Thanks!
mattkroeder said:
Sorry if this is a completely nonsensical and stupid question but I wanted to make sure on how encryption with Android 6 works. Because I thought I had read somewhere that encryption is only done on certain parts but not others such as System partition. Of course, I could be completely wrong about what I thought I read.
And yes... I'm not completely crazy and I know it's called "Full Disk Encryption" for a reason. I think I'm just paranoid. Even the Android page description uses the terms "all user created data... " is encrypted. So, part of me was wondering why they emphasize the "user created" part.
Also, wondering how much effect, if any, an unlocked bootloader and rooting has
I just want to make sure that, for example, if I put my keepass database on my phone, that I don't have to worry. Thanks!
Click to expand...
Click to collapse
Well, that's a pretty good question.
My assumption is that it is just the user data that is indeed encrypted, and not anything in the system partition.
Why would the system partition need encryption? It is supposed to be left alone, and only accessible by certain apps that Google grants such access.
As to your KeePass database, it seems that it is always encrypted, irrespective of whether your device is encrypted.
That stated, you'd probably be better off leaving encryption enabled rather than decrypting your device, especially if you're the least bit concerned about it.
Rooting your device and data encryption are discrete issues, and therefore seem to be separate security concerns; ie, rooting and unlocking your bootloader opens your system partition to meddling, hopefully by you and no one else, while encryption keeps all of your data on your device encrypted unless someone has your password, pin or pattern unlock.
Ultimately all of this is about choice.
Sent from My Nexus 6P, #WhiteUIsMustDie, #EndDarkAppOppression
Thank you for taking the time to answer my question. I thought it may have been a dumb question because considering it is called 'Full Disk Encryption", I thought maybe it should have been obvious.
True, KeePass is already encrypted but it's nice to know the storage medium it is on is encrypted as well.
I'm definitely leaving encryption enabled. Thanks again.