menu MaxLock Website
keyboard_arrow_up

Safeguard MaxLock

Table of contents

  1. Introduction
  2. Enable device administrator
    1. From MaxLock
    2. From Android Native Settings
  3. Vulnerability of Xposed Installer
  4. Selecting Xposed Installer in the list of apps to be locked
  5. Vulnerability through adb
  6. Disable superuser rights for adb
  7. Disclaimer

MaxLock by default will be locked with your previously selected locking method, so you do not have to worry about someone breaching MaxLock to unlock your chosen apps.

However MaxLock is still prone to be uninstalled. You can prevent this from happening by enabling the "Device Administrator" of MaxLock from MaxLock itself or the native Android Settings.

Doing this will also prevent MaxLock's Data from being cleared!

Enabling from MaxLock

  1. Go to MaxLock main page, under "About" tap on "Protect app from being uninstalled".
  2. A "Device Administrator" will pop up requesting authorisation for the MaxLock app.
  3. Simply tap on "Activate" and you're done

Enabling from the Android settings

  1. Open Android Settings from your app drawer or any other means available.
  2. Tap on "Security"
  3. Tap on "Device Administrators"
  4. Tap on "MaxLock"
  5. Tap on "Activate" button

Vulnerability of Xposed Installer

After enabling the Device Administrator, MaxLock will not be uninstalled easily. However there is a catch though! MaxLock can still be disabled from within the Xposed Installer! You can prevent this by locking the Xposed Installer as well. Not only you protected MaxLock, you could also protect all of your other favourite modules from being uninstalled.

Selecting Xposed Installer in the list of apps to be locked

  1. From MaxLock's main screen, tap on "Choose apps" under the "Choose apps" section
  2. Find "Xposed Installer"
  3. Enable lock for Xposed Installer

Vulnerability through adb

As you might have already know, adb is Android Debugging Bridge which allows you to do various things to your phone through a terminal shell.

Since it is powerful, adb also can have superuser rights. If adb is granted superuser rights, MaxLock will be automatically prone to be uninstalled without encountering the "Device Administrator" warning nor the MaxLock lock screen. This is because, a person can delete MaxLock's apk from the system directory, rendering MaxLock as uninstalled on the next reboot. Besides that, the person can also deletes MaxLock's data which will expose your apps instantly, without a reboot at all!

This might likely happen when you have a friend that knows Android like you, and yet he has a hand of your smart phone.

To fix this is fairly easy. Since accessing the root file system of your Android device requires superuser permission, all you need to do is to disable the automatic granting of superuser for the adb.

Disable superuser rights for adb

For SuperSU users

  1. Open Android Settings from your app drawer or any other means available.
  2. Enable USB debugging first
  3. Connect your device to a computer
  4. Open a terminal window
  5. Enter adb shell
  6. Enter su
  7. Now on your device, a superuser request window will appear, requesting superuser rights for adb shell
  8. Choose to "Ask everytime" and choose your preferred timeout duration
  9. It is also recommended to have your SuperSU app PIN-protected

For Cyanogenmod or Cyanogenmod-based ROMs

This section is composed based on the CyanogenMod ROM's Settings app

  1. Open Android Settings from your app drawer or any other means available.
  2. Get into Developer Options

    • If Dev Options does not exist, summon it by going to About Phone and tap on Build Number multiple times
  3. Find "Root access" and tap on it
  4. Choose "Apps only"

NOTE: When you choose Apps only, this will ultimately silently deny superuser access to adb. If you feel like wanting to use superuser rights for adb, you will need to change this setting again in the future.

Disclaimer

Although MaxLock is created to add a layer of security, it is not 100% secure in preventing unauthorised access to your apps. You should practise proper security methods if you wish to prevent absolute unauthorised access to your apps and data. You can combine MaxLock with other security measures to add more into securing your apps.