Say I download an *.apk file from some site or I get one from a friend, could it potentially harm my phone, cost me money etc.? Basically what I'm wondering is, when I install an app it generally says what the app has/wants access to, is this "warning" coded by the programmer to tell the user what it's accessing or is it determined automatically by built in functions? I don't want to install and app that has access to stuff that I'm not aware of.
Regards,
B
Edit: On a second note. Say I do download some harmful application, would uninstalling it solve the problem or could there be remaining harmful files still at work? The whole Android OS is sorta worrying me...bad experiences with Windows is making me cautious.
if you can think of it
there can always be a chance of happening
yes, a malicious hacker could do something like that
yes, a pissed programmer might including something like that into their apps to stop people from sharing their apps without buying it
yes, the apk might be legit but might have been corrupted some how
yes, you might be able to uninstall if lucky
but worse case scenario if i were a malicious hacker i wouldn't code a way to uninstall the app, instead i'll probably code a way to lock the user out of all access forcing you to Flash the phone from scratch
You didn't really answer my one major question, or maybe you did but I didn't understand. Are the services that the app is able to access programmed or are they determined by a function?
Well when installing I've resorted to checking a few things:
1) Make sure the app that I've downloaded is the same size as the one in the market (for equivalent versions...obviously)
2) Compare the system permissions when installing with those found at www.androlib.com
This way seems pretty safe to me. If the size is the same and the permissions are the same...you can be quite (not 100%) certain that they are legit/the same.
Ok heres the deal. Apps have 2 types of access.
1. Standard permissions
So if u don't do adb-install (where u dont see an app's permissions), then market / copy to sdcard and install from there u'll see the permission screen. An app cannot do something w/o permissions. If an uninstaller is askin for email permissions u know somethings wrong.
2. Root
Most dangerous. An app will ask u for 0 standard android api permissions. But when u run it, u will be asked for a superuser allow/deny request. From their its up to you. An app could do anything behind the scenes from tht point.
So read reviews/ user comments before trying root apps. Standard apps, just look over the permissions thts all.
FYI : The permissions are read by android, they're not user defined. Any permissions will always show up when installing it using the native package manager.
To be honest I wouldn't advise downloading an .apk from a non-trusted source. If its on the market, you're near certainly ok, and if its from a trusted developer (say from these boards, or some other similar dev portal) then again, you are likely to be ok. In the second case, you are unlikely to be getting a finished app if you get a straight apk from boards, because when they are finished or at least solid, they go to the app store anyway, so harm in that case is more likely to be of the force close variety rather than bricked variety.
Outside of that, I can't see why you would get an apk from a friend rather than downloading it yourself, simply because that way it makes certain you get a clean, non-corrupted version. If apps don't show up in the market for you, its mostly because your device can't run them, in which case, again, force close.
Uninstalling it is possibly too late. All smartphones suffer this issue though.
As mentioned, if you get the files from market though, you are likely to be safe..
Also, not all melicious programs are obvious..
Daneshm90 said:
Ok heres the deal. Apps have 2 types of access.
1. Standard permissions
So if u don't do adb-install (where u dont see an app's permissions), then market / copy to sdcard and install from there u'll see the permission screen. An app cannot do something w/o permissions. If an uninstaller is askin for email permissions u know somethings wrong.
2. Root
Most dangerous. An app will ask u for 0 standard android api permissions. But when u run it, u will be asked for a superuser allow/deny request. From their its up to you. An app could do anything behind the scenes from tht point.
So read reviews/ user comments before trying root apps. Standard apps, just look over the permissions thts all.
FYI : The permissions are read by android, they're not user defined. Any permissions will always show up when installing it using the native package manager.
Click to expand...
Click to collapse
EXACTLY what I was looking for. Thank you.
Btw, just because security on App store says an app can do stuff like make phone calls etc, doesn't mean it's malicious.
A few people were misled by an article that stated that apps with such extreme permissions were malicious, but it's untrue. It isn't always the case, but if an app uses functionality you don't believe it should, it's possible it is dodgy
andrewluecke said:
Btw, just because security on App store says an app can do stuff like make phone calls etc, doesn't mean it's malicious.
A few people were misled by an article that stated that apps with such extreme permissions were malicious, but it's untrue. It isn't always the case, but if an app uses functionality you don't believe it should, it's possible it is dodgy
Click to expand...
Click to collapse
Aye, I know. Thanks for the advice. I've actually been comparing any app I download off the internet to the actual ones on the market (size and permissions).
Hi everyone im a noob member to the site but have read some interesting threads before membership but as usual joining when i have a problem that needs some of your help
I have had a .apk file download to my htc desire running 2.2.2. I was browsing pics of the fake kind when it started downloading. i did see some letters and numbers before the file ext. It is not an official .apk that im sure off. I have searched for it on my phone but cannot find it to delete .
can anyone help please
After hooking up htc to my pc by usb lead, I have managed to locate the file by searching. It was in the download folder, I deleted it via the pc and then did a factory reset on htc.
Would this get rid of it safely
Related
I just looked at my phone, and saw 'Su File Manager has been removed from your phone. You will receive an email with details.' No email yet, and I'm wondering WTF is up. I bought this app several days ago, checked my bank account and the payment for it has cleared, so it's not an issue of payment bouncing or something. Anyone else have this happen, or know what's up?
heldc said:
I just looked at my phone, and saw 'Su File Manager has been removed from your phone. You will receive an email with details.' No email yet, and I'm wondering WTF is up. I bought this app several days ago, checked my bank account and the payment for it has cleared, so it's not an issue of payment bouncing or something. Anyone else have this happen, or know what's up?
Click to expand...
Click to collapse
And this is why it is a good idea to keep a backup.
Seriously... huh?
Can you reinstall from the market?
lbcoder said:
And this is why it is a good idea to keep a backup.
Seriously... huh?
Can you reinstall from the market?
Click to expand...
Click to collapse
Went to the market, reinstalled with no problem, which makes it seem even more weird, cos presumably if the app was malicious they'd pull it from the market as well as deleting it from phones. None of my backup programs seem to have the capability to backup paid apps (MyBackup, Backup for Root, or Astro).
heldc said:
Went to the market, reinstalled with no problem, which makes it seem even more weird, cos presumably if the app was malicious they'd pull it from the market as well as deleting it from phones. None of my backup programs seem to have the capability to backup paid apps (MyBackup, Backup for Root, or Astro).
Click to expand...
Click to collapse
If you're rooted you can just use ADB pull to back it up over usb, and then use ADB install to re-install it over usb if anything happens.
bahnburner said:
If you're rooted you can just use ADB pull to back it up over usb, and then use ADB install to re-install it over usb if anything happens.
Click to expand...
Click to collapse
My cats have chewed through every mini-usb cable I own. Was planning to go to microcenter this weekend to buy more, but in the meantime, no ADB for me. Anyway to backup app-private from in phone, using the terminal? I have root of course.
heldc said:
My cats have chewed through every mini-usb cable I own. Was planning to go to microcenter this weekend to buy more, but in the meantime, no ADB for me. Anyway to backup app-private from in phone, using the terminal? I have root of course.
Click to expand...
Click to collapse
EDITED to protect the Devs.
to restore just install via astro.
bahnburner said:
mount -oremount,rw /dev/block/mtdblock3 /system
mkdir /sdcard/backup
busybox cp /system/sd/app-private/NAMEOFAPP /sdcard/backup
to restore just install via astro.
Click to expand...
Click to collapse
Ah, of course. Thanks!
do not abuse that command please. support the devs.
hiroots said:
do not abuse that command please. support the devs.
Click to expand...
Click to collapse
There was no mention of warez anywhere in the above posts that i noticed. She purchased the applications.
hiroots said:
do not abuse that command please. support the devs.
Click to expand...
Click to collapse
Warez-hunt and Witch-hunt start the same way. This is actual help, not theft.
sha.goyjo said:
Warez-hunt and Witch-hunt start the same way. This is actual help, not theft.
Click to expand...
Click to collapse
Exactly. I had every intention of helping someone retain something they have already purchased. I do no steal applications, and refuse to help someone else do the same. I wouldn't want people doing it to me, so I don't want to see it happening to them.
bahnburner said:
mount -oremount,rw /dev/block/mtdblock3 /system
mkdir /sdcard/backup
busybox cp /system/sd/app-private/NAMEOFAPP /sdcard/backup
to restore just install via astro.
Click to expand...
Click to collapse
You do NOT need to remount the /system partition.
1) You are copying files OFF, not on,
2) Those files are NOT EVEN on the /system partition. They're on the SDCARD (in your example) which is mounted within the /system path (but is not actually part of it), but are more likely in the /data partition (for those not using apps2sd).
*** IN THE EVENT that the apps are installed to SDCARD, you can simply turn off the phone and move the card into your computer to copy them directly to your hard disk for permanent backup.
heldc said:
Went to the market, reinstalled with no problem, which makes it seem even more weird, cos presumably if the app was malicious they'd pull it from the market as well as deleting it from phones. None of my backup programs seem to have the capability to backup paid apps (MyBackup, Backup for Root, or Astro).
Click to expand...
Click to collapse
The irony in this situation is that SU file browser will back up (copy protected apps) itself just fine.
Moving anything onto a fat partition that is protected is a grey area. If a mod comes across this post it will be edited. I know its only help, but xda has to cover their ass. This topic should be helped through PM's instead of being public broadcasted. The poster that helped with the commands and the person who quoted them should edit their posts now that the OP fixed their issue, the mods already got their hands full, we should help when we can.
if the devil was on earth he would wear all white and work for unicef!
Too many people allow the information of copying protected apps, so therefore people abuse this info anyone with a simple curiosity could find the info on there phone without people having to teach them like myself, but once I found the information I shared it with nobody and assume they could figure it out themselves!!! So please do not PLEASE DO NOT! Inform people how to backup paid apps! I don't know how many people read the comments in the marketplace but its full of people who steal and trade these apps blatently without regard for repercutions, leaving there email addresses and everything! So believe me intelligent people will figure this out themselves this is not information that should be googled I am personly trying to pass this information around to all moderators to ban this information so please help me in stopping this, root is a gift for people who understand not thos who follow the bandwagon to just steal apps (most of which don't cost more then 5$), strangley the people who need the help only have one thing in mind.
So please treust me if we don't stop this the idiots will win and the marketplace will crumble only the honest people keep it afloat only the intelligent should be able to obtain this precious info and they won't have to ask for the process they are smarter then that! They will find they file and already know the commands to do what they see fit for the application. This should not be easy! It should be protected by devs and moderators for the sake of the community knowledge is power unless you give a simple walkthrough to a thief or idiot or power hungry moron with no respect for others or creative artists and they use it for there personal benefit not the furthering of progress infact just the opposite!
It's only fair (as described in fair use) that users have the ability to backup their own purchases and downloads. As far as what they do with them, that's up to their own conscience. It's not ours to judge.
If they decide to illegally share it, then report them and be done with it.
The discussion on piracy is taking this thread off topic; please cease immediately.
I'd like to know more about the circumstances in which this app was removed, specifically whether it was "kill-switched" by Android Market or something else entirely.
jashsu said:
The discussion on piracy is taking this thread off topic; please cease immediately.
I'd like to know more about the circumstances in which this app was removed, specifically whether it was "kill-switched" by Android Market or something else entirely.
Click to expand...
Click to collapse
I doubt that it was kill-switched. If it was, then it would have coincided with the app being pulled from the market and it is unlikely that it would allow such simple reinstall. This is, of course, assuming that they even *can* kill-switch an app like that. I have heard discussion about it, but nobody has offered even a shred of proof, so I really doubt it.
jashsu said:
I'd like to know more about the circumstances in which this app was removed, specifically whether it was "kill-switched" by Android Market or something else entirely.
Click to expand...
Click to collapse
It seems pretty clear it wasn't kill-switched, since I was able to re-download it right away, and it's still available. I wish I'd thought to screenshot the alert that it had been removed, but I was so surprised to see such a thing I just didn't think about a screenshot until after I'd tapped ok.
The only explanation I can imagine, and this is purely hypothetical I've got no evidence for it, I'm just guessing, is that there was a server hiccup someplace when google went to actually collect the payment for the app. (The pre-auth for buying apps always hits my account immediately, but the money doesn't actually get taken from my account for 2-5 days.) So, google got told 'no moniez for you', and told my phone 'no app for you!', but then the server hiccup resolved itself, google got the payment for the app and I was able to re-download the app.
Since there wasn't a rash of people posting saying this happened to them, it seems clear this issue was somehow specific to me and my phone, and since I had bought the app a few days prior (well over 24 hours before the incident tho), the only explanation I can think of is the above. I wish I had some way to know what it was, but since I never did get an email about it, I'm stuck guessing.
anybody else???
has anybody heard of an instance of this happening since this original post?? anybody? or does it seem she is the only person to experience this? just for my curiosity and interests...
"fair use" huh, i wonder if that has a 24hr return policy on it?
I apologize if this has been answered earlier.
I use a stock N1 with ADW.Launcher and a bunch of other apps. I recently noticed that even when I uninstall an app from my phone, there are some directories / files that remain on the phone.
Is there any reason why these do not get deleted when the app is unistalled.
May be the same answer as installers written for windows. If the developer didn't do a good job with cleanup, you get trash leftover you need to manually clean.
i agree with both above. i found devs dont do good with uninstalling and leaving folders left behind, i wonder if there is an app that clears them?
The best way is to realize what should and shouldn't be there and manually take care of it. To write an application to clean up after 50,000+ other applications that are messy. Would be a programming nightmare and I would not want to support such an application.
or someone could make some sort of app similar to those on pc, montors what and where files are being installed to so if uninstall doesnt take em out alteast you know where to look exactly.
Edit: better yet, the app itself can uninstall everything on the users request! now that would be an app i wouldnt mind paying a good buck for.
I agree, apps itself should uninstall everything with user consent.
Also I don't think a lot of us mind taking the manual route as long as we know what to delete ..
Any way to find out what files belong to what apps?.... or is it the same as on any unix/linux platform.
thats what i was trying to say. windows has a simple app that makes a txt file of all files being installed including registery. launch the app to monitor first, install like normal. in this case, the app itself will make a database of the app then the user can use that app to delete everything catched that was installed. that would be very nice. i find myself doing google search to see where files came from and when i see i uninstalled that i have to delete it myself. this would save me lots of time. i dont really worry about it though i have a list of apps i must install and with all the froyo i keep wiping the os to try new roms. until everything is stable ill worry then but for now im good.
garryvirdi said:
I apologize if this has been answered earlier.
I use a stock N1 with ADW.Launcher and a bunch of other apps. I recently noticed that even when I uninstall an app from my phone, there are some directories / files that remain on the phone.
Is there any reason why these do not get deleted when the app is unistalled.
Click to expand...
Click to collapse
do you mean the directories on the sd card?
Yes directories and files on the SD card.
-------------------------------------
Sent from my Nexus One
garryvirdi said:
Yes directories and files on the SD card.
-------------------------------------
Sent from my Nexus One
Click to expand...
Click to collapse
You could have data that could be reused if you decide to use the app again. Settings, preferences, keys, notes, photos etc..
I do hope that the default folder for apps defaults to something like /sdcard/appdata/ instead of the root folder /sdcard/ (unless explicitly set)
i was just downloading the newest CM7 release.. my anti-virus kept saying there were viruses in the zip... is that normal ?
false positive i got the samething too, only thing is my antivirus took all the files and kill the zip so i had to redownload in a safe enviroment
also sometimes when I'm just reading android forums , my anti virus kicks in too. do android files just get recognized as virus on a windows computer?
ilostchild said:
false positive i got the samething too, only thing is my antivirus took all the files and kill the zip so i had to redownload in a safe enviroment
Click to expand...
Click to collapse
They are not viruses. What anti virus are you using?
Sent from space
it "disinfected" the cm7 zip... virus name is trojan-sms.androidos.jifake.a and also deleted some files in the zip.
koopakid08 said:
They are not viruses. What anti virus are you using?
Sent from space
Click to expand...
Click to collapse
optimusv45 said:
i was just downloading the newest CM7 release.. my anti-virus kept saying there were viruses in the zip... is that normal ?
Click to expand...
Click to collapse
Where did you download it from? I would stick to well-known sources for anything. If you got the file from CyanogenMod directly, I wouldn't worry.
Here, in the android development.
bobstro said:
Where did you download it from? I would stick to well-known sources for anything. If you got the file from CyanogenMod directly, I wouldn't worry.
Click to expand...
Click to collapse
Kaspersky internet security.
koopakid08 said:
They are not viruses. What anti virus are you using?
Sent from space
Click to expand...
Click to collapse
optimusv45 said:
Kaspersky internet security.
Click to expand...
Click to collapse
In my opinion thats one of the best antivirus out there. I would have not figured. Still it is one known to give false positives.
Sent from my NookColor using XDA App
I am pretty intense about checking what i put on my device, and I haven't had any problems with the ROMS posted here. (Unfortunately, apps are more likely to be the work of a single individual and are therefore less reliable).
Can you be more specific about which ROM you downloaded? If it was an official release, then so may eyes have been through that code, you basicallybhavebto have had a false positive. I would like to see the offending file, is there a way to quarantine and save the "disinfected" file through kapersky?
i downloaded the ROM from this http://forum.xda-developers.com/showthread.php?t=1344873 My anti virus give me very little freedom as far as modifying identified virus. i can only give location of the "virus" in the zip. on the report it shows "encore cm72-mirage-01262012.zip//system/framework/android.policy.jar//classes.dex" second one" encore cm72-mirage-01262012.zip//system/app/phone.apk//classes.dex"
mateorod said:
I am pretty intense about checking what i put on my device, and I haven't had any problems with the ROMS posted here. (Unfortunately, apps are more likely to be the work of a single individual and are therefore less reliable).
Can you be more specific about which ROM you downloaded? If it was an official release, then so may eyes have been through that code, you basicallybhavebto have had a false positive. I would like to see the offending file, is there a way to quarantine and save the "disinfected" file through kapersky?
Click to expand...
Click to collapse
Okay, i pulled the two classes files out of the zip. I ran them through a couple custom scans on some standard antivirus software and they came back clean. I expect that they are.
I have found problems hidden in classes.dex files before, but those were with user apps. It was easy to see the traffic they were sending (in those specific cases it was packets to ad sites and bogus http sites for keystroke capturing). Any traffic that could be sent through the associated .jar and .apk files would show up in my firewall/packet monitors as coming from the kernel or root (i believe, if anyone knows better on any of this, please chime in) which has traffic, especially in the kernel's case, coming from multiple sources. It would just be hard to pinpoint what, if anything, these specific packages are associated with.
/deep breath
However, I personally am insane and totally paranoid. A week or two ago i posted screenshots showing my kernel was communicating with an IP associated with Amazon, basically going straight down the rabbit hole. The person who responded just pointed out that it was Amazon Web Services and that the traffic could be anything and was nothing to worry about. I accept that to be almost certainly true, but it doesn't solve my curiosity. So i intend to take it out on your presumptive false positives.
To be clear: You are almost certainly fine. I do these things driven by mental illness!
I am going to attempt to run both classes.dex files through a dexdump Java script on Terminal IDE and repost the output. I then hope to have the data interpreted by some indulging soul familiar with the Jasmine syntax the program will hopefully output.
This is something that is far far beyond the skills I bring to the table, and has every chance of failing. If anyone out there knows an easier and/or softer way, feel free to stop me before i hurt myself. I only have access to the nook itself, hence all the hoop jumping, but i believe it is possible. Feel free to disabuse me of that in public or private.
At the very least, i hope i can learn something.
lol i have no idea what you are talking about but thanks !!
mateorod said:
Okay, i pulled the two classes files out of the zip. I ran them through a couple custom scans on some standard antivirus software and they came back clean. I expect that they are.
I have found problems hidden in classes.dex files before, but those were with user apps. It was easy to see the traffic they were sending (in those specific cases it was packets to ad sites and bogus http sites for keystroke capturing). Any traffic that could be sent through the associated .jar and .apk files would show up in my firewall/packet monitors as coming from the kernel or root (i believe, if anyone knows better on any of this, please chime in) which has traffic, especially in the kernel's case, coming from multiple sources. It would just be hard to pinpoint what, if anything, these specific packages are associated with.
/deep breath
However, I personally am insane and totally paranoid. A week or two ago i posted screenshots showing my kernel was communicating with an IP associated with Amazon, basically going straight down the rabbit hole. The person who responded just pointed out that it was Amazon Web Services and that the traffic could be anything and was nothing to worry about. I accept that to be almost certainly true, but it doesn't solve my curiosity. So i intend to take it out on your presumptive false positives.
To be clear: You are almost certainly fine. I do these things driven by mental illness!
I am going to attempt to run both classes.dex files through a dexdump Java script on Terminal IDE and repost the output. I then hope to have the data interpreted by some indulging soul familiar with the Jasmine syntax the program will hopefully output.
This is something that is far far beyond the skills I bring to the table, and has every chance of failing. If anyone out there knows an easier and/or softer way, feel free to stop me before i hurt myself. I only have access to the nook itself, hence all the hoop jumping, but i believe it is possible. Feel free to disabuse me of that in public or private.
At the very least, i hope i can learn something.
Click to expand...
Click to collapse
mateorod: another thing you might try is to upload those files to virustotal . com - that way you'd see what 40 or so A/V programs think of them.
Prob unrelated, but I've have gotten popups on the Cyanogen forums for supposed Javascript malware, alway seemed like a false positive. Running OS/X, Sophos for Mac, Firefox 10...
Ralf
I might try that. Currently, I am trying to use the smali editor to decompile the jar files through Terminal IDE, which has the Java toolset. When I try and run the command line, I get an I/o exception error, which is beyond my powers to diagnose/repair. I have sent the error to a couple people who may be able to help me figure out what my issue is. In the past, I have gotten that error set with apps that need internet access and cannot get it for some reason or another. I don't know why or how that would apply with this situation, but I am still looking at it. For something I consider to be a simple intellectual exercise, it has taken quite a bit of effort, but I haven't quit on it yet.
I didn't spot any thread around here covering the topic of debloating stock sony firmware. Not that it would be cluttered like other manufacturers firmware, but theres still room for improvement
Is there a guide somewhere or a list of all apk safe to disable/remove (provided root acces) on sony firmwares? Similar to a Samsung Galaxy S2 related guide here or another very exhaustive one here (<- preferred).
I'm from the X10i & the Arc forums, I use this as a guide
http://forum.xda-developers.com/showthread.php?t=1089470
Good Luck
* If you want to delete a app by Root-Explorer, don't update it by Playstore first before removing it. (Facebook)
* Some apps can be removed by Settings - Apps etc.
Sent from my LT30p using xda Hotline
Well on tx stock, I got the following apps disabled. ;/
my phone is running fine. From start up to everyday use.
This all depends on what functions you use for the phone. Deleting apps stops their functionality, so you always reduce the functions of the phone when deleting apps. It is persona l preference on which apps you want to delete.
However, there are plenty of apps that are "safe" to delete and still keep your phone working as a phone. The best way I have found of doing this is not by following other peoples list but by using Titanium Backup to "freeze" apps and then test the phone to see if it still works the way I want it. Then I could delete the app. If I ost some functionality I would defrost the app and no harm is done.
gregbradley said:
This all depends on what functions you use for the phone. Deleting apps stops their functionality, so you always reduce the functions of the phone when deleting apps. It is persona l preference on which apps you want to delete.
However, there are plenty of apps that are "safe" to delete and still keep your phone working as a phone. The best way I have found of doing this is not by following other peoples list but by using Titanium Backup to "freeze" apps and then test the phone to see if it still works the way I want it. Then I could delete the app. If I ost some functionality I would defrost the app and no harm is done.
Click to expand...
Click to collapse
What Greg says is right, but to add to it:
Apps that you can "disable" will not effect the functionality of the phone, you will just lose the function of the app in question.
Secondly, if you are using titanium back up to freeze system apps, and you are not sure what the app you are freezing does you might stop your system from working, so before you freeze anything you are unsure of, take a full backup first so you can restore it if your system becomes unstable.
Please post your results in this thread for others to learn from.
There is also a system app cleaner in flashtool, although I have not used it with the T yet.
Sent from my LT30p using xda app-developers app
gregbradley said:
Deleting apps stops their functionality, so you always reduce the functions of the phone when deleting apps. It is personal preference on which apps you want to delete. *snip* However, there are plenty of apps that are "safe" to delete
Click to expand...
Click to collapse
As for the first part of your post, I'm fully aware of. In fact thats the reason why I'd like to have some of useless stuff removed (numerous FB clients/apps/agents for example) But thanks for putting it here as other users might not be aware of the possible issues.
The part in bold is of most interest to me. I'm totally not an Android novice, I know most crucial system packages. Derping around in relatively pure Android releases like AOSP and CM10 and reading the same package names over and over again gives a feel what is Android related and what is vendor specific. For Sammy/Touchwiz I know which package does what, but with Sony I'm new and dont know which files are safe to remove without breaking the system. Hence this thread.
[email protected] said:
What Greg says is right, but to add to it: *snip*
Click to expand...
Click to collapse
Of course same as above. I do not use TiB though, I use an app called System App Remover. I know TiB very vell of course, but then, who doesn't But again, I'm not interested in getting informations what removing or freezing apk's means in general, I'm interested in which are essential to Sonys UI and will break the system if removed.
I'll have a look at the link provided to the Arc/X10 forums.
Gesendet von meinem ASUS Transformer Pad TF300TG mit Tapatalk 2
LitoNi said:
Well on tx stock, I got the following apps disabled. ;/
my phone is running fine. From start up to everyday use.
Click to expand...
Click to collapse
Yesterday I found out that disabeling Setup Guide resulted in me losing all APN settings and the phone refused to (automatically) recreate them. They got recreated without any fuzz after enabeling the setup wizard and running it. I'll eventually try to recreate this as I fight with myself if this connected or if I coincidentally hit a time where my network decided to derp on me.
schaggo said:
Yesterday I found out that disabeling Setup Guide resulted in me losing all APN settings and the phone refused to (automatically) recreate them. They got recreated without any fuzz after enabeling the setup wizard and running it. I'll eventually try to recreate this as I fight with myself if this connected or if I coincidentally hit a time where my network decided to derp on me.
Click to expand...
Click to collapse
not sure whats that got to do with it, Setup guide is one of the first apps i delte. Unless this an app from your carrier that loads the apn settings...mine are downloaded automatically from vodafone.
Hey,
Has anyone ever looked into how the Whatsapp Backup is stored? It can be used after reinstalling the app, but not after hard resetting/flashing/etc. So it should be stored on the phone, but not the normal isolated storage of the app since I can reinstall it and use the backup then.
Is there special access necessary or could other apps also access (and modify/export) this backup? I'm asking this because I hope to find a way to make a backup that really is useful, I almost only write via whatsapp because SMS cost way more than internet here. Thanks!
why do you think whatsapp isnt useing isolated storage? shure it is, but you still cant access it - unless you have a interopt unlocked device
the reason you can restore, is that the app id stays the same.. you could try to deploy an older (uncrypted) whatsapp xap to your phone, if the app id still stays the same (and im not shure it does! actually i think it doesnt..) you would gain access... again, thats total theory! i havent tryed this, and it has propably the potential to mess up your backup...
maybe GoodDayToDie has some more info about the app-id thing.. i'll also do a quick research
tfBullet said:
why do you think whatsapp isnt useing isolated storage? shure it is, but you still cant access it - unless you have a interopt unlocked device
the reason you can restore, is that the app id stays the same.. you could try to deploy an older (uncrypted) whatsapp xap to your phone, if the app id still stays the same (and im not shure it does! actually i think it doesnt..) you would gain access... again, thats total theory! i havent tryed this, and it has propably the potential to mess up your backup...
maybe GoodDayToDie has some more info about the app-id thing.. i'll also do a quick research
Click to expand...
Click to collapse
Thanks for the reply! I din't know files in the isolated storage keep being there after you uninstall the app..
I tried deploying an old Version (1.4) of Whatsapp and it replaced the current one, so it should use the same app id. I didn't find anything in the isolated storage, but the backup is still there when I reinstall it from the store. I'll try launching the deployed app first now.
have you checked out the IsolatedStorageSettings?
Let me have a quick look where this thing is on my harddrive... when i find it, i'll be able to tell you where / how it saves the backup
tfBullet said:
have you checked out the IsolatedStorageSettings?
Let me have a quick look where this thing is on my harddrive... when i find it, i'll be able to tell you where / how it saves the backup
Click to expand...
Click to collapse
Nope, I have no real clue how to do that, the only thing I can is deploying apps and watching their isolated storage thanks!!
they used "messages.sdf" & "contacts.sdf" before, but then at some version they started to migrate this files into a database.. not shure where it gets stored, or if you can access it with simply browsing the IsoStoreage... ill make a quick test project to test out how or if we could access it..
EDIT: actually i was talking **** the .sdf files are already databases, and the data still resides there... and forgot to mention: even if you couldn't see the database files, you should see the user-picture thumbnails that reside in "cphotos/" + some-sha1-hashed-userinfo...
IsoStore is cleared when an app is uninstalled. So far as I know, this is instant, as part of the app removal process, although I suppose I haven't actually checked that. However, apps can (and many do) implement a backup situation to cover this use case by using a unique identifier that survives a re-install. There are several places such IDs can come from. Since the one you have survives app installs but *not* OS reflashing (even though you presumably sign on with the same Live ID afterward), I'm guessing it's a value that uniquely identifies your OS install and is randomly generated the first time the OS boots. Re-flashing counts as a new install, I guess.
I'd have to investigate further to be sure. There could be other mechanics at play, such as the OS keeping the data around for a short time in case you re-install the app, or the app storing its data in some other (off-phone) location. It's not storing it in some special folder within the phone, though; there's nowhere else it could!
Backup history with Whatapp on Android. Then check the backup file on:
/sdcard/WhatsApp/Databases/msgstore.db.crypt
Or
/data/data/com.whatsapp/databases/msgstore.db and wa.db (root)
Coweri said:
Backup history with Whatapp on Android. Then check the backup file on:
/sdcard/WhatsApp/Databases/msgstore.db.crypt
Or
/data/data/com.whatsapp/databases/msgstore.db and wa.db (root)
Click to expand...
Click to collapse
Sorry, but this is Windows Phone, not android..
@GoodDayToDie so, there is no simple way like deploying an app with the same ID and trying to access the backup with it?
Since the data would have been deleted when the old app was removed (and since you can't sideload an app with the same Product ID as an existing Store app), no, that won't work (well, it didn't in WP7; I guess you could try again here; some things are somewhat less secure now than before).
th0mas96 said:
GoodDayToDie so, there is no simple way like deploying an app with the same ID and trying to access the backup with it?
Click to expand...
Click to collapse
Wait for a interop-unlock... thats the way to go in this case.
Until then, you can send your conversations to yourself by mail (option form the context menue)
GoodDayToDie said:
IsoStore is cleared when an app is uninstalled. So far as I know, this is instant, as part of the app removal process, although I suppose I haven't actually checked that. However, apps can (and many do) implement a backup situation to cover this use case by using a unique identifier that survives a re-install. There are several places such IDs can come from. Since the one you have survives app installs but *not* OS reflashing (even though you presumably sign on with the same Live ID afterward), I'm guessing it's a value that uniquely identifies your OS install and is randomly generated the first time the OS boots. Re-flashing counts as a new install, I guess.
I'd have to investigate further to be sure. There could be other mechanics at play, such as the OS keeping the data around for a short time in case you re-install the app, or the app storing its data in some other (off-phone) location. It's not storing it in some special folder within the phone, though; there's nowhere else it could!
Click to expand...
Click to collapse
GoodDayToDie, any news about this Whatsapp backup feature in Windows Phone? Is it possible to utilize this feature as an "ordinary" developer?
I would have to reverse engineer the app to see how its backup feature works. The most likely explanation - that it's storing the backup "in the cloud" using the device ID (which resets when you do a hard reset, I think) - is easily possible for any app so long as you provide the storage space...
GoodDayToDie said:
I would have to reverse engineer the app to see how its backup feature works. The most likely explanation - that it's storing the backup "in the cloud" using the device ID (which resets when you do a hard reset, I think) - is easily possible for any app so long as you provide the storage space...
Click to expand...
Click to collapse
That could be an explanation. But then the Whatsapp developers could easily offer a full backup, as on other platforms, linked to the phone number or something. Then you could restore the messages even after a phone exchange. But who knows what's in their heads ...
GoodDayToDie said:
I would have to reverse engineer the app to see how its backup feature works. The most likely explanation - that it's storing the backup "in the cloud" using the device ID (which resets when you do a hard reset, I think) - is easily possible for any app so long as you provide the storage space...
Click to expand...
Click to collapse
Nope, it doesn't seem to be online.. it backups pretty big chats extremely fast with 2 bars of GPRS, so it can't be via internet.. it even backups without connection at all. That's the weird thing.. how are apps even allowed to store files that keep being there after an uninstall?
There are a couple really sneaky ways you could do that; one that comes to mind is creating a fake "image" or "ringtone" or similar, serializing the data to it, and then looking for it the "first" time the app is run after installing. However, I'm definitely more curious now. There are folders which apps can request permissions to write to, but usually that's a trick limited to "second-party" apps (OEMs, etc.) and prohibited for third parties.
I've already looked into the code, as far as i can tell there is no online backup feature. it just stores the conversations in a database.
And to answer yout question schluff: no there is absolutley no way the usual developera to utilize this.
btw: @GoodDayToDie could you provide us the newest WhatsApp XAP (2.11.312.0)?
When I get the chance to extract it of my computer, yeah. It's really hard to get full FS access working these days, so I'm looking into other ways to access the install folders and storage of other Apps.
here you go
edit: I've changed nothing, so it's the whole install folder in this zip file
Thanks for the extraction! Obviously, I can't do anything with it
However, if anyone is interested in this too, in the following versions it seems to backup to the SD card, at least @Nazwzil8 reported so at twitter: https://twitter.com/Nawzil8/status/410486248156172288 he reported a lot about whatsapp, he seems a legit beta tester.