This will only hide installed apps from naive attackers as the APKs are still not encrypted and even then other attacks would be possible.
However, it allows us to simplify our storage plugin API.
We ask the user to generate a new key, because actively asking for the old one is training bad security habits, but technically verifying the old key will also work.
* 'master' of https://github.com/seedvault-app/seedvault: (50 commits)
Bump version to 11-2.2
Changelog: Update till 11-2.1
Restrict exported components
Allow launching restore through a dialer code
Add expert settings with an option for unlimited quota
Prevent screenshots of recovery code
Use clearer more generic strings
Ask for system authentication before storing a new recovery code
Split up validating, verifying and storing of recovery code
Disable Nextcloud restore when not installed and no store available
Disable spell-checker on recovery code input
Add warning for third-party tools to README
document potential information leakage through the long-lived SQL caches
Provide an overview over key derivations
Compares kotlin-bip39 library with bitcoinj library
Link FAQ in Readme to make it more discoverable
Move LocalContactsBackup to product partition
Add newline at the end of all files
Improve .editorconfig setup
Don't backup on metered networks
...
Conflicts:
app/src/main/res/values-de/strings.xml
app/src/main/res/values-es/strings.xml
app/src/main/res/values-pt/strings.xml
app/src/main/res/values-zh-rCN/strings.xml
Conflicts resolved by simply checking out translations from android11,
since they are not modified in master at all.
Change-Id: I0a83c72dbc78b38985b46f9b75ce92e27acd2e03
User-facing changes:
* Don't backup on metered networks
* Disable spell-checker on recovery code input
* Disable Nextcloud restore when not installed and no store available
* Ask for system authentication before storing a new recovery code
* Prevent screenshots of recovery code
* Add expert settings with an option for unlimited quota
* Allow launching restore through a dialer code
* Restrict exported components
Others:
* Improve .editorconfig setup
* Move LocalContactsBackup to product partition
* Link FAQ in Readme to make it more discoverable
* Compares kotlin-bip39 library with bitcoinj library
* Provide an overview over key derivations
* document potential information leakage through the long-lived SQL caches
* Add warning for third-party tools to README
Change-Id: I095af13d0ff010c9602bc323267c074ce7d019a2
* We don't show Restore in menu by default since it's
not the best idea to restore a running system
* However, at the same time, it's good to have a way to do
that for those who'd like to restore anyway, and the only
current way is adb, which is not ideal
* Dialing "*#*#RESTORE#*#*" will launch the restore activity
Change-Id: I258fead82f7e916a4de0b314e1840d7aa4b3746c
This is may be inconvenient for some people, but it is way more secure as screenshots can be accessed by malicious apps that look our for BIP39 codes. Better to store the code on paper.
This will help to prevent data extraction via seedvault when somebody gets hold of an unlocked phone. However, it will not help against someone able to force you to provide fingerprints or other device secrets.
Currently translated at 100.0% (135 of 135 strings)
Translated using Weblate (Ukrainian)
Currently translated at 25.9% (35 of 135 strings)
Co-authored-by: Tymofii Lytvynenko <till.svit@gmail.com>
Translate-URL: https://hosted.weblate.org/projects/calyxos/seedvault/uk/
Translation: CalyxOS/Seedvault
Currently translated at 99.2% (134 of 135 strings)
Translated using Weblate (Slovak)
Currently translated at 11.8% (16 of 135 strings)
Co-authored-by: František Oboňa <frantisekobona@gmail.com>
Translate-URL: https://hosted.weblate.org/projects/calyxos/seedvault/sk/
Translation: CalyxOS/Seedvault
Currently translated at 95.5% (129 of 135 strings)
Translated using Weblate (Telugu)
Currently translated at 65.1% (88 of 135 strings)
Co-authored-by: Shashi A <bitcoinbabu401@gmail.com>
Translate-URL: https://hosted.weblate.org/projects/calyxos/seedvault/te/
Translation: CalyxOS/Seedvault
Attempting to install Nextcloud in SetupWizard on a device
that has no app store installed results in a crash.
Disable the option and use an appropriate summary.
Change-Id: Ie3dff8d85ed68b27858fa37b3efb97eb345fa372
* We better not overuse metered networks as such connections
* are usually sensitive to heavy data usage due to monetary costs and/or data limitations.
* Only change here is the BIP39 dependency replacement, however
I'm still bumping version so that it's easy to figure out in case
there ever was a build with just 2.0 and not this due to whatever reason
Change-Id: I9783d5e038d002e871c09be6fe61174c5a5b901f
* delete all storage backups for current user
* clears the storage backup cache
* start a new app data restore set and initializes it
The reason is that old backups won't be readable anymore with the new key. We also can't delete other backups safely as we did before, because we can't be sure that they don't belong to a different device or user.
Previously, we would put our files directly in the root of the storage location and delete any existing backups there. When used by different devices or user profiles, these would keep deleting each other's backups.
Currently translated at 51.1% (69 of 135 strings)
Translated using Weblate (Burmese)
Currently translated at 50.3% (68 of 135 strings)
Translated using Weblate (Burmese)
Currently translated at 48.8% (66 of 135 strings)
Co-authored-by: Chirayu Desai <chirayudesai1@gmail.com>
Translate-URL: https://hosted.weblate.org/projects/calyxos/seedvault/my/
Translation: CalyxOS/Seedvault