Backup apk with data

[Cyberavater]

Currently, backup apk options simply copy the original file. It'd be nice if AM can backup the app with data as a standalone apk so that I can install them with data on non-rooted devices.

Projects that can help in this regard; https://github.com/And42/SaveToGame (PC)

[MuntashirAkon]

Linking closed source/undocumented projects do not help as I don't get enough time to investigate the features. You should either describe the features like in #138 or use the standard feature requests template.

[Cyberavater]

I've already linked an open-source project for you to learn the mechanism, the closed-source one is just as a reference If you want to look further for design and such if you're interested. Anyway, I've removed the closed-source app name from the OP.

[MuntashirAkon]

I've already linked an open-source project for you to learn the mechanism, the closed-source one is just as a reference If you want to look further for design and such if you're interested.

The project has no build instructions/documentations so it's as good as a closed source project (also, I've last used Windows like 5 years ago). When you make a feature request, it is expected that you include a complete description of what you want (which is why I've added the issue templates). Please check out #138 and you'll get some idea on how to open a helpful feature request. I can only further investigate on the matter when I get some idea on what to do. I currently have no idea about this.

Also, if you're going to explain further on this feature, edit comment#1 instead of adding new comments because it becomes difficult to find them later.

[Cyberavater]

I currently have no idea about this.

I'll try explaining in TG and then update OP.

Update: Can't seem to see how it's not understandable so no changes were made to OP.

[RickyM7]

This link might be a bit useful, it leads to a page (translated by google translator) with a few information and screenshots of the SaveToGame project, the problem is that the screenshots are in Russian.

[MuntashirAkon]

This link might be a bit useful, it leads to a page (translated by google translator) with a few information and screenshots of the SaveToGame project, the problem is that the screenshots are in Russian.

Thanks for the link. My query, however, is that what exactly does the software do? Does it merge all the app data, shared preferences and databases into the APK itself? If so, then it has to inject some sort of Smali code so that it can copy them in their respective destination upon install. If this is correct, AM won't be supporting such insecure and hack-ish method that these apps are offering.

The purpose of creating AM (or any of the projects that I'm currently working on) is to promote free and open source software with privacy and security in mind (I have to study and spend a lot of my time reading about various encryption techniques and best practices for this reason) and I want to keep it that way. It is also understood that many people overlook the need for a threat model which is why I've taken the steps to ensure that the features in AM are not only useful but also effective. This is why I haven't implemented component blocking via PackageManager or pm but via Intent Firewall (which is the best that can be done on Android). It's also behind my decision of not providing support for unencrypted backups in the final release of backup/restore feature.

[MuntashirAkon]

Looking at the source code and the Russian-English documentations, it looks like that the app is indeed injecting Smali codes to restore the backup which unfortunately doesn't go well with AM's threat model.

[Cyberavater]

How this goes against any security measurement is beyond my conceit, the rebuilt APK will have a different signature!

Anyways, after knowing that, "It's also behind my decision of not providing support for unencrypted backups in the final release of backup/restore feature." I stop following this project as I don't agree with its nonsense ideology. Best of luck tho.

[MuntashirAkon]

How this goes against any security measurement is beyond my conceit

Storing app data in unencrypted format is a greater security risk, one small mistake and all your data will be available for sell.

I stop following this project as I don't agree with its nonsense ideology.

Then you shouldn't be here in first place. This project is built to protect users' privacy with sufficient security. If you're not interested in privacy, there are numerous other (closed source) tools that you can use such as Lucky Patcher, Jasi Patcher, App Cloner, 3C Toolbox Pro, MyAndroidTools, Swift Backup, Titanium Backup which can do a lot more than what AM is capable of.

Best of luck tho.

Thanks.

[Cyberavater]

Don't act that much overhead! I was here for this "Copylefted libre software (GPLv3+)" and "This single app combines the features of 5 or 6 apps any tech-savvy person needs!". Nowhere in the description, it says you're trying to create a community that fully follows your ideology. Simply adding a warning about what the dev thinks is/should be enough, after that what they do with their data is simply their business, while restricting/limiting user usage/ability for this is simply disgraceful. Me explaining this to a dev who claims to respect other people's privacy is really hilarious.

What next? Maybe remove support for users who are using Google services?

[MuntashirAkon]

I was here for this "Copylefted libre software (GPLv3+)" and "This single app combines the features of 5 or 6 apps any tech-savvy person needs!". Nowhere in the description, it says you're trying to create a community that fully follows your ideology. Simply adding a warning about what the dev thinks is/should be enough, after that what they do with their data is simply their business, while restricting/limiting user usage/ability for this is simply disgraceful. Me explaining this to a dev who claims to respect other people's privacy is really hilarious.

Now you're starting to talk about grey areas once again. I don't like to argue with people but it seems you like it very much.

Firstly, you have no place to talk about ideology since you seemed to be the one who talks out of your own ideology and prejudice considering the fact that you have publicly humiliated me in my group for my religion. Even other people there got so furious that they suggested me to ban you from the group but I still didn't mind because I respect the ideologies of others. I even made you one of the admins as you were one of the first users of AM and an active one. I had no prejudice against you nor did I thought low of you because of your different ideology.

Secondly, AM is made with privacy and security in mind and as I said earlier, I had to study a lot to understand security implications on Android. Restricting some usage is a necessity in this case. Backup encryption, supporting only systemless root and ADB, use of intent firewall instead of pm enable|disable are just examples. Calling these features disgraceful is like calling Signal a despicable piece of software as it is very restricted and doesn't seem to respect you definition of privacy.

Thirdly, it was very easy to allow these features instead of taking the trouble of implementing security features in first place, which would also decrease the development time almost by half. But you would come after me when you would find that one of your pirated software or an unknown Android malware is using AM as a vehicle to escalate its privilege and asking for ransom. This is just one example on how things could go wrong. That being said, enforcing encryption in backup/restore is announced long before the feature was even implemented (see #30). This was no secret yet you've failed to read the issue and start talking rubbish here.

[Cyberavater]

Now you're starting to talk about grey areas once again.

Again? Like, when was the first time? If you don't want to share your opinion on something it's totally up to you. Just saying things gray just to support inhuman Sharia law is pathetic.

I don't like to argue with people but it seems you like it very much.

Well, mostly agreed that's the reason I'm still replying here.

Firstly, you have no place to talk about ideology since you seemed to be the one who talks out of your own ideology and prejudice considering the fact that you have publicly humiliated me in my group for my religion. Even other people there got so furious that they suggested me to ban you from the group but I still didn't mind because I respect the ideologies of others. I even made you one of the admins as you were one of the first users of AM and an active one. I had no prejudice against you nor did I thought low of you because of your different ideology.

I didn't humiliate anyone! I just pointed out the pattern that you can expect from an average Muslim, and somehow you mostly fitted in that category. Also, I was never the one to bring up the topic! Your regular biased claims against France and other political views lead to this! Then, that was the off-topic group, not the support one! if you (or your prestigious members) don't like to hear opinion why there're in the Off-topic group in the first place? The group should be named "My perfect Ideology and propaganda" if you don't like to hear others' views! And this is not an off-topic group and you brought it here? Finally, in that group chat, I cleared that I had nothing against you or any Muslims as for that matter. My claim was against inhumane Islamic rulings and teachings. I even DMed you personally apologizing if you misunderstood me. Also, calling people "prejudice" won't work! You'll have to describe why! As I remember when I tried talking deep about it, you said it's a grey area and you'd like to keep it that way, and I even respected that!

Secondly, AM is made with privacy and security in mind and as I said earlier, I had to study a lot to understand security implications on Android. Restricting some usage is a necessity in this case. Backup encryption, supporting only systemless root and ADB, use of intent firewall instead of pm enable|disable are just examples. Calling these features disgraceful is like calling Signal a despicable piece of software as it is very restricted and doesn't seem to respect your definition of privacy. Thirdly, it was very easy to allow these features instead of taking the trouble of implementing security features in the first place, which would also decrease the development time almost by half. But you would come after me when you would find that one of your pirated software or an unknown Android malware is using AM as a vehicle to escalate its privilege and asking for ransom. This is just one example of how things could go wrong. That being said, enforcing encryption in backup/restore is announced long before the feature was even implemented (see #30). This was no secret yet you've failed to read the issue and start talking rubbish here.

Your tool your choice! I said my opinion as a user, what he thinks. So as said, I have nothing to talk about in this regard, do whatever! But don't bring up dumb reasons for it; No one in their right mind will come to you after their data is stolen when they gave storage access to an untrusted app. Even OABX suggests to encrypt it but not act this stupid. You sound like, "Headache? Then cut off the head! (Alahuakbar?)"

Lastly, just because I talk sarcastically doesn't mean I wish any ill to you! Don't get offended for nothing! As I said, Good luck!