We have moved to a new Sailfish OS Forum. Please start new discussions there.
3

Unique Android-ID

asked 2014-02-22 23:46:09 +0300

concarve gravatar image

I'm struggling with a problem: I want to use an Android-App that does a device-specific registration. (App is called "Good for Enterprise"). So when I run the app and want to register my phone, I get an error message, that there is already an account registered with my device and then the app shows me my android-id. My device serial-number is listed as 1234512345 (which does not look like a real serial to me). So I'm guessing that the virtual android environment on all the Jollas have this same Serial-Number / Android-ID, which is why I get the message, that my device is already registered (not by me, but presumably by another Jolla-User). Am I right? If so, that is really not ideal....I guess there are other apps out there, which will fail with the same problem. Also in terms of security, it's a bit worrying if all devices have same android serials.

My request would be, that each Jolla has a unique Android device ID.

Or maybe someone has another fix for this problem??

PS: That would really help me a lot, because I need this app in my job. The Good app is very common in companies which offer a User-Owned-device service for their employees.

edit retag flag offensive close delete

Comments

I'm not sure that having a unique device-id should be called a "feature". Besides, it is spoofable, so unusable for security. Imo it would be better to file a feature request at the developer of the app, to drop the dependency on the device-id.

Fuzzillogic ( 2014-02-23 01:56:31 +0300 )edit

I doubt the developer will change this. As mentioned this is a wide spread app in business. In my case for example, I'm working for a large german car manufacturer with 100k+ employees. You get a security token which then will be linked to your device-id to use the app. And IMO that makes sense, because it adds another security layer. Yes, you can spoof that ID, but you would have to know which ID to use. So in a way, this acts like a password.

concarve ( 2014-02-23 08:16:08 +0300 )edit

I have an issue with the fake IMEI, as Mobile Bank ID is looking for it as it's same over all Jolla devices the company behind the application will cancel the ID within hours after it has been issued. As I'm not a microsoft windows user this causes me a lot of issues, as I can't electronically identify myself as the support for GNU/Linux is zero.

Trizt ( 2014-05-22 22:37:52 +0300 )edit

2 Answers

Sort by » oldest newest most voted
0

answered 2014-02-23 02:08:07 +0300

00prometheus gravatar image

A better solution would be to have a manually settable ID. Obviously the ID is easily spoofable (the number you have sounds very much a spoof), so there is no security in the number. That makes it merely a nuisance, so letting us set it manually seems like the best solution. Perhaps with a random-number generator built in for convenience.

edit flag offensive delete publish link more

Comments

1

That would help. I was missing some kind of Settings for the android environment to check this. But thinking one step ahead about user-experience and average users, who are not much into tech and don't know what's going on, it seems to be quite an advanced work-around. So I agree a ID-randomizer would be the solution, but I don't think the user should be forced to do this himself. It would be better out of the box (like on real android devices), instead rolling out all Jollas with the same ID.

concarve ( 2014-02-23 08:45:52 +0300 )edit
0

answered 2014-02-23 09:45:21 +0300

sebsauer gravatar image

updated 2014-02-23 09:59:36 +0300

This is not bug. Its the same with a lot of Android devices, see https://groups.google.com/forum/#!topic/android-developers/U4mOUI-rRPY

Same with IMEI: http://m.stockwatch.in/government-bans-chinese-mobile-sets-imei-24201

See here: http://android-developers.blogspot.com/2011/03/identifying-app-installations.html "For the vast majority of applications, the requirement is to identify a particular installation, not a physical device. Fortunately, doing so is straightforward."

Its not a bug but a security-feature to prevent tracing of users across apps. Tracing single app-installs, rather then devices, is possible, easy, straithforward.

For "Good for Enterprise" it seems that android_id problem is rather wide-spread. See e.g. http://rootzwiki.com/topic/32836-any-good-for-enterprise-app-experts-out-there/ On page 2 are comments that indicate that GoodFE may also lock if the device is rooted... sometimes... :-/

Did you try one of the many Android apps that allow to change that ID? See for example https://play.google.com/store/apps/details?id=com.vcastroi.changeid

edit flag offensive delete publish link more
Login/Signup to Answer

Question tools

Follow
1 follower

Stats

Asked: 2014-02-22 23:46:09 +0300

Seen: 1,145 times

Last updated: Feb 23 '14