禁用/检查模拟位置(prevent GPS欺骗) [英] Disable / Check for Mock Location (prevent gps spoofing)
问题描述
展望找到prevent的最佳方式/检测GPS欺骗在Android上。如何对此有何建议得以完成,可以做些什么来阻止它?我猜测,用户必须打开模拟地点恶搞GPS,如果这样做,那么他们可以欺骗GPS?
Looking to find the best way to prevent / detect GPS spoofing on Android. Any suggestions on how this is accomplished, and what can be done to stop it? I am guessing the user has to turn on mock locations to spoof GPS, if this is done, then they can spoof GPS?
我想我会只是需要检测,如果启用了模拟地点?任何其他建议?
I guess I would need to just detect if Mock Locations are enabled? Any other suggestions?
推荐答案
我已经做了一些调查,并在这里分享我的结果,可能对他人有用的。
I have done some investigation and sharing my results here , may be useful for others.
首先,我们可以检查是否MockSetting选项是打开的。
First we can check whether MockSetting option is turned ON
public static boolean isMockSettingsON(Context context) {
// returns true if mock location enabled, false if not enabled.
if (Settings.Secure.getString(context.getContentResolver(),
Settings.Secure.ALLOW_MOCK_LOCATION).equals("0"))
return false;
else
return true;
}
其次,我们可以检查是否有在设备中其他应用程序,它使用的是android.permission.ACCESS_MOCK_LOCATION。 (地点欺骗应用程序)
Second we can check whether are there other apps in the device , which are using android.permission.ACCESS_MOCK_LOCATION . ( Location Spoofing Apps)
public static boolean areThereMockPermissionApps(Context context) {
int count = 0;
PackageManager pm = context.getPackageManager();
List<ApplicationInfo> packages =
pm.getInstalledApplications(PackageManager.GET_META_DATA);
for (ApplicationInfo applicationInfo : packages) {
try {
PackageInfo packageInfo = pm.getPackageInfo(applicationInfo.packageName,
PackageManager.GET_PERMISSIONS);
// Get Permissions
String[] requestedPermissions = packageInfo.requestedPermissions;
if (requestedPermissions != null) {
for (int i = 0; i < requestedPermissions.length; i++) {
if (requestedPermissions[i]
.equals("android.permission.ACCESS_MOCK_LOCATION")
&& !applicationInfo.packageName.equals(context.getPackageName())) {
count++;
}
}
}
} catch (NameNotFoundException e) {
Log.e("Got exception " + e.getMessage());
}
}
if (count > 0)
return true;
return false;
}
如果两个以上的功能第一和第二属实,那么有一些位置可能是伪造的或假的大多数机会。
If both above functions first and second are true , then there are most chances that location may be spoofed or fake.
现在,欺骗,可避免使用位置管理器的API -
Now ,spoofing can be avoided by using Location Manager's API -
我们可以从两个供应商请求位置更新(网络和GPS)
We can remove the test provider before requesting the location updates from both the providers (Network and GPS)
LocationManager lm = (LocationManager) getSystemService(LOCATION_SERVICE);
try {
Log.d(TAG ,"Removing Test providers")
lm.removeTestProvider(LocationManager.GPS_PROVIDER);
} catch (IllegalArgumentException error) {
Log.d(TAG,"Got exception in removing test provider");
}
lm.requestLocationUpdates(LocationManager.GPS_PROVIDER, 1000, 0, locationListener);
我已经看到,removeTestProvider(〜)的作品非常好了软糖及以后的版本。直到ICS此API将似乎是不可靠的。
I have seen that removeTestProvider(~) works very well over jellybean and onwards version. Till ICS this api would appears to be unreliable.
这篇关于禁用/检查模拟位置(prevent GPS欺骗)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!