Bloody Android Kit-Kat and SD Cards

Posted on by Mark Myers Leave a comment

I’m a bit late with this one, but it has only just bit me* and I still feel it’s worth a blog entry.

So basically with Android 4.4 (kit kat) Google decided to do something about the “all or nothing” nature of the security of the Fat32 file format used with most SD cards, because any given program can write anywhere it likes on an SD card plugged into your phone/tablet and that is a bad thing right?

Actually in my opinion its only bad in theory, because I and lots of people like me use the SD card as general data storage for music/movies/pdfs and the like so we WANT all programs to reach them.

Google however disagrees and have locked the whole sodding card down, so that a program can only access the one directory they own, no general directories any more….WTF!!!

(To get a more balanced less ranty description plus the background thinking that went into it read THIS post)

Thankfully what the stupid vendor taketh away,the hacker community giveth back and we can over ride this ill thought out setting.

  1. Firstly we have to root the phone, which might be a deal killer for a lot of us, if it is you might have to end up moving all the “common data folders” you want to use into the single folder that your app has access to. (for dropsync this is /Android/data/com.ttxapps.dropsync/files (see their blog for details)
  2. If/Once you have decided that rooting is an option, you have to decide how, now I’m not a windows user (except when it comes to client VMware machines) so I really did not want to use one of the windows only tools, I used https://towelroot.com/ which is just an unsigned .apk that you install and run on your phone (yes I know but its no worse than an unknown .exe installed on your desktop), you should now have a rooted device (it worked perfectly on the 2 tablets I tried it on)
  3. Now Install and run “NextApp SDfix” from https://play.google.com/store/apps/details?id=nextapp.sdfix&hl=en_GB ,this lovely bit of software will revert the rights of the card to what you want, but does need root access to run.
  4. Now both of the previous programs say your don’t need a restart but I found that any program that ran as a service i.e. dropsync needed to be restarted for the change to take effect (just reboot)

You should be back to what you were now (though I would be a bit more paranoid on what you install from now on as the rooting makes you more vulnerable to nasty programs if they get on your device)

Going forward I would personally like it if Google would either allow a developer option to turn this off (just like they do for unsigned code), or a better solution would be to have “public” folders that allowed the traditional fat32 access from any program.

*in that, it does not apply to my main phone as that is a nexus 5 with no SD cards, and my tablet vendor has only just updated their firmware

LDC Via Cross Post: Why oh why oh why (Part One)

Posted on by Mark Myers Leave a comment

Excerpt from some thoughts on LDC Via, See the full post is here

Alongside this gradual shift in focus away from Domino, has been a recent and fairly rapid rise in “NoSQL” databases. The irony, of course, is that Domino’s NSF data structure is itself a NoSQL database. But it’s an ageing one, with undoubted issues of performance and scalability when compared to some of the younger contenders. And with the rise of these databases has been a parallel rise in acceptance of new development architectures to make the most of them, most notably the “MEAN stack”. Here at LDC Via we opted to develop first against the MongoDb back-end, as that is arguably the most accepted and widespread of these modern NoSQL databases.

Where the Domino NSF database has always been a market-leader is in its security structures. Readers fields, Authors fields, encryption keys, database encryption, etc. There just isn’t anything else like it. Except, well, now there is: LDC Via.