Is there an API for Kiosk apps on Android?
With this publication, I would like to provoke a discussion of the problem that takes place in the Android system: the impossibility without tricks and hacks, using methods approved by official guidelines, to create applications for execution in a protected environment (kiosk applications).
The kiosk software should protect the Internet kiosk (in this case, the android terminal) from unauthorized activity. The kiosk should be protected from the possibility of invoking system dialogs, access to device settings, access to the file system, etc.
The application I work on should be installed on terminals that are located in public places, such as shopping centers, cafes. Accordingly, any default user should be considered an attacker who wants to enter the system settings, change them, reset the system or install a malicious application. Any such action system kiosk should stop.
Another class of similar applications - electronic menus in restaurants. I have seen such menus implemented on both Android and iPad devices. Moreover, both here and there the same software was used, differing only in design for a particular restaurant. So, the iOS device was in my opinion better protected, since in the Android version, I was able to enter the settings without problems, I had the opportunity to change them. In iOS, all system functions for the user were disabled and all that was suggested to me was to enter a certain pin-code, which, apparently, unlocks the kiosk.
')
A search for documentation on developer.android.com did not provide a complete picture of the kiosk issue. On stackoverflow, such questions are periodically asked, and people even offer private solutions to some kiosk tasks. For example, some of them:
1. It is possible to launch the Activity or the entire application in full screen mode by hiding the statusbar. Google seems to call it immersive mode. Also, you can temporarily hide the system buttons (bottom panel of the screen). Good for video players, games, programs for presentations. Unfortunately, the user can “pull out” the statusbar back by swiping at the top of the screen (swipe down), and also return the panel of system buttons.
2. It is possible to get an instance of the statusbar system service and use reflection to call a hidden disable method. Unfortunately, by doing this we get a SecurityException, because Only system applications are allowed to hide the statusbar. To become a system one, you need to sign your application with the key received from the device developer. This possibility is not always.
Also, invoking a hidden undocumented method is not a good idea. Apparently, the system developers for a reason did not provide an open interface for this method.
3. We can override the onBackPressed method in the Activity class by blocking the “Back” system button. We can hang the intent filter on the HOME action by intercepting the “Home” system button. But we cannot intercept the action of the “Recent” system button.
4. You can grapple with pressing the “Recent” system button or calling the statusbar by intercepting the “loss of focus” event. If our Activity loses focus, we immediately return it. Unfortunately, between a loss and a return of focus can take about a second (maybe less, maybe more - depending on the speed of the system) and the user can manage to enter the settings menu or remove our application, or do something else.
5. We can disable the system buttons altogether by editing the file /system/build.prop:
But, firstly, for this you need root-access, secondly, I would like to be able to do it programmatically (yes, you can programmatically edit this file, pre-remount read only filesystem, then reboot the device, but this is still a hack) .
It turns out that Android lacks a holistic concept for creating kiosk applications. I would like to have a separate API section that solves the questions posed. I would like to have a set of recommendations from Google to create such applications.
Yes, I understand - the creation of such applications imposes additional responsibility on the developer. This opens the way to the creators of viruses-lockers. But how did this problem solved by developers on other platforms?
The kiosk software should protect the Internet kiosk (in this case, the android terminal) from unauthorized activity. The kiosk should be protected from the possibility of invoking system dialogs, access to device settings, access to the file system, etc.
The application I work on should be installed on terminals that are located in public places, such as shopping centers, cafes. Accordingly, any default user should be considered an attacker who wants to enter the system settings, change them, reset the system or install a malicious application. Any such action system kiosk should stop.
Another class of similar applications - electronic menus in restaurants. I have seen such menus implemented on both Android and iPad devices. Moreover, both here and there the same software was used, differing only in design for a particular restaurant. So, the iOS device was in my opinion better protected, since in the Android version, I was able to enter the settings without problems, I had the opportunity to change them. In iOS, all system functions for the user were disabled and all that was suggested to me was to enter a certain pin-code, which, apparently, unlocks the kiosk.
')
A search for documentation on developer.android.com did not provide a complete picture of the kiosk issue. On stackoverflow, such questions are periodically asked, and people even offer private solutions to some kiosk tasks. For example, some of them:
1. It is possible to launch the Activity or the entire application in full screen mode by hiding the statusbar. Google seems to call it immersive mode. Also, you can temporarily hide the system buttons (bottom panel of the screen). Good for video players, games, programs for presentations. Unfortunately, the user can “pull out” the statusbar back by swiping at the top of the screen (swipe down), and also return the panel of system buttons.
2. It is possible to get an instance of the statusbar system service and use reflection to call a hidden disable method. Unfortunately, by doing this we get a SecurityException, because Only system applications are allowed to hide the statusbar. To become a system one, you need to sign your application with the key received from the device developer. This possibility is not always.
Also, invoking a hidden undocumented method is not a good idea. Apparently, the system developers for a reason did not provide an open interface for this method.
3. We can override the onBackPressed method in the Activity class by blocking the “Back” system button. We can hang the intent filter on the HOME action by intercepting the “Home” system button. But we cannot intercept the action of the “Recent” system button.
4. You can grapple with pressing the “Recent” system button or calling the statusbar by intercepting the “loss of focus” event. If our Activity loses focus, we immediately return it. Unfortunately, between a loss and a return of focus can take about a second (maybe less, maybe more - depending on the speed of the system) and the user can manage to enter the settings menu or remove our application, or do something else.
5. We can disable the system buttons altogether by editing the file /system/build.prop:
qemu.hw.mainkeys=0But, firstly, for this you need root-access, secondly, I would like to be able to do it programmatically (yes, you can programmatically edit this file, pre-remount read only filesystem, then reboot the device, but this is still a hack) .
It turns out that Android lacks a holistic concept for creating kiosk applications. I would like to have a separate API section that solves the questions posed. I would like to have a set of recommendations from Google to create such applications.
Yes, I understand - the creation of such applications imposes additional responsibility on the developer. This opens the way to the creators of viruses-lockers. But how did this problem solved by developers on other platforms?
Source: https://habr.com/ru/post/215141/
All Articles