Every time I deal with Android I hate it more. Trying to prep for moving data to a new phone, and there's a malicious "allowBackup=false" property apps can have that even purportedly pro-user Android dists are honoring and providing no way to override.
Conversation
Replying to
Most of the apps with allowBackup="false" added it because the backup system didn't differentiate between local vs. cloud backups and didn't want cloud backups.
Doesn't work that way for apps targeting Android 12+ (API 31+) where allowBackup="false" only disables cloud backups.
2
1
7
Since Play Store apps will be forced to target API 31+ later this year, the issue will mostly go away.
adb backup is deprecated and was replaced by backup services with device-to-device backup support. allowBackup="false" doesn't disable device-to-device for API 31+ anymore.
1
3
App backups are supposed to portable across architectures/devices so it's still possible for apps to exclude files or implement an agent for converting to/from a portable format.
It's fully split up for cloud vs. local which avoids what happened before:
1
2
Replying to
OK but how does this help migrating from an old device, when the new stuff is only on new devices?
1
Replying to
It doesn't help if your old device wasn't updated to Android 12. It's nice that the design flaw of conflating cloud vs. local backups was fixed going forward.
adb backup is essentially dead outside of development builds of the OS or apps and you need to use a backup service.
1
1
By the way, I'm pretty sure that the reason Signal started encrypting their database with the hardware keystore was to stop people with userdebug OS builds from making backups themselves. They don't set the hardware backed key as unavailable when locked so it's not very useful...
2
This Tweet was deleted by the Tweet author. Learn more
One of the main use cases is implementing FIDO2 which is extremely underused. It can be used for your Google account as an actual security key via Play services but it's mostly not supported for other apps/services.
Auditor uses it of course as does Seedvault to an extent.
1
2
Molly is a fork of Signal which actually uses the hardware keystore properly and puts the database back at rest when the screen is locked. It can optionally be combined with a passphrase but it provides a lot of value without needing one. Signal's usage is largely a waste...