Conversation

Every time I deal with Android I hate it more. Trying to prep for moving data to a new phone, and there's a malicious "allowBackup=false" property apps can have that even purportedly pro-user Android dists are honoring and providing no way to override.
4
16
Replying to
Most of the apps with allowBackup="false" added it because the backup system didn't differentiate between local vs. cloud backups and didn't want cloud backups. Doesn't work that way for apps targeting Android 12+ (API 31+) where allowBackup="false" only disables cloud backups.
2
7
Replying to and
Since Play Store apps will be forced to target API 31+ later this year, the issue will mostly go away. adb backup is deprecated and was replaced by backup services with device-to-device backup support. allowBackup="false" doesn't disable device-to-device for API 31+ anymore.
1
3
Replying to and
By the way, I'm pretty sure that the reason Signal started encrypting their database with the hardware keystore was to stop people with userdebug OS builds from making backups themselves. They don't set the hardware backed key as unavailable when locked so it's not very useful...
2
This Tweet was deleted by the Tweet author. Learn more
Show replies