Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Android IOS Iphone Apple

Android Phones Get Dual Accounts 109

holy_calamity writes "AT&T is adopting technology that gives a person with an Android device two user profiles, enabling company email and other data to reside in an encrypted partition separate from a user's apps, games and unfettered web browsing. AT&T is calling the feature Toggle, and plans to release it later this year. Toggle is a regular app that, once installed, creates its own encrypted desktop under the control of company IT bosses. Toggle is a rebranding of an app developed by startup Enterproid, which continues to develop its own version. AT&T think this move will encourage smartphone adoption in the enterprise. Interestingly, Apple's current version of iOS and app guidelines exclude multiple profiles on one device."
This discussion has been archived. No new comments can be posted.

Android Phones Get Dual Accounts

Comments Filter:
  • <wish_this_was_only_humor>

    Attention all employees of XYZ Corp, Inc. :

    On this date, xxxxxx, XYZ employees are no longer permitted to have Android devices on site. The fact that the maker of said devices regards them as secure devices designed for use by corporate entities, this device is not completely closed-source and has not yet been investigated thoroughly by XYZ. Therefore, this device is not only discouraged for use because we're scared, but any employee using an Android device on company premi

    • by jhoegl ( 638955 )
      Well, this app is a good move in the right direction. I tested my Android against the Exchange 2k7 ability to remotely wipe emails from a phone and it wiped my whole phone.

      Hopefully this fixes that.
      • by gfxguy ( 98788 )

        That's the policy at my company... if you want the VPN software required to access email through a regular email client, you have to sign a waiver agreeing to give them the ability to wipe your entire phone. I said "no thanks, I'll just keep using OWA when I want to check, even though it sucks."

      • Oh, I know, I was talking about Corporate misconception and fear of it. It's a great idea and a good move.

        Apparently whoever looked at my comment saw it as overrated. I guess people don't understand what I'm saying. If I take the humor out, I sound like a robot, and I HATE that.

      • Wow, apparently predicting the future based on past observations is also a Troll move. :)

      • by PNutts ( 199112 )

        That's how a remote wipe works. There is an Android / iPhone app that keeps the Exchange account separate and only that application's data (mail / calendar / etc.) are wiped. The Exchange passcode requirement only applies to the app so the phone itself doesn't require one.

      • That's precisely why I use TouchDown for Android on my phone - it only wipes the data associated with the account that requested the wipe, not the entire world. The corporate policy also requires that data is locked behind a PIN code - if you use Android's built-in mail app, that means locking the whole phone, but with TouchDown you only get PIN request when you activate the app.

  • by Anonymous Coward on Friday October 14, 2011 @07:26AM (#37712508)

    Smart phones today are, in terms of performance and architecture, not that much different from a notebook computer of a few years ago. Why are people surprised when smart phones today can do stuff that normal PCs could do decades ago, even when these PCs were a small fraction of the power and capability of today's smart phones? Why do so many people mistakenly consider stuff like this to be "innovation", when rather it's just a case of not intentionally limiting the device's capabilities?

    • There's a certain company that has a large mobile market share that's been working hard at making people believe that limiting functionality is a feature, and that whenever they do something, even when it's been done before, it's an innovation.
      • And a commercial for that company, from decades ago, has been playing over and over again for the past few weeks?

        Please, , make it stop!

        • ... Apparently, the preview thingie -is- useful. Slashdot interpreted my (openingbracked) $_DEITY (closingbracket) as a html hack to be removed.

      • Maybe not everyone wants to carry a full-fledged PC in their pocket? The world isn't made up of people just like you, you know.

        • by RCL ( 891376 )
          They actually want, if you carefully educate (a very slow process) how useful it can be for them. And this is what Apple is/was basically doing, step by step.

          Apple products are scaled down to "mass user" needs - so just avoid them if you think that you are on higher level of human development. There will *always* be more sophisticated devices (like, say, N900), albeit the higher level they target, the more skills they require to use them, and the fewer (and the costlier) they are.
    • by AJH16 ( 940784 )

      The same reason people thought the iPhone was innovative for being the first product to bring multi-touch to market. They don't understand technology and see something shinny.

    • Indeed, anyone who's ever SSH'ed into their iPhones would see it was just another UNIX machine, with a /home/mobile directory where the user's data is located. I had wondered what would happen if I made several directories under /home and just symlinked mobile to one of those directories, would that make the iPhone a multi-user device?

      I gotta try that with my iPod this weekend...

  • does it have a backdoor for big brother?
    why should only business data get protection from thieves and the government?

    • If they encrypt Everything , what room does it leave for data mining companies to give you suggestions?
    • Apparently yours and my opinion of this is overrated.
      Company's perception of danger from Android devices, as well as curiosity, has gone up 10 fold.

      My comment [slashdot.org]

      • by PNutts ( 199112 )

        Considering your comments were moderated as Troll, I'll just mention that your companies perception is more accurate than your rhetoric.

    • by JustOK ( 667959 )

      big bro is already in the house

    • by egamma ( 572162 )

      does it have a backdoor for big brother? why should only business data get protection from thieves and the government?

      ActiveSync policies don't connect to your phone, they just impose policies on the phone. The remote wipe doesn't work if the thief can shut off the active sync before you enable the remote wipe. You could get remote wipe too if you sign up for Office365's E1 plan and use ActiveSync with the service. I know, you probably don't want to give MS any money. But, the option is there, and it's a lot cheaper than buying your own Exchange server. My company just moved away from BPOS (previous version of Office365) d

    • Well, for one, battery life. These things already have shrinking battery lives as more features get added with each iteration. Now you want to do something computationally expensive (relatively speaking) for everything on the device? That battery life will be killed.
    • From TFS, the important bit is "under the control of company IT bosses". We looked at using Android phones, but stopped because the apps are a lot more wild-west, and locking out all apps would not sell the idea to the C-levels. With this approach, the business controls the emails and business side of things, which I'm going to jump to the conclusion that also means they can disallow applications from seeing that data and completely lock out applications from that zone. You still get to install all your

    • by Lehk228 ( 705449 )
      because if you wanted your phone to be actually secure you would have gotten a blackberry anyway, android security is skin deep and physical access long enough to install a hostile rootkit will bypass userland security anyways. though this is better than IOS which does not even pretend to be secure
  • Tagging (Score:5, Interesting)

    by SimonTheSoundMan ( 1012395 ) on Friday October 14, 2011 @07:32AM (#37712558)

    Why is this tagged as "Apple", "iPhone" and 'iOS"?

    • Re:Tagging (Score:4, Insightful)

      by realityimpaired ( 1668397 ) on Friday October 14, 2011 @07:44AM (#37712644)

      Because TFS mentions them in the last paragraph, and some folks only read the first and last sentence of a paragraph and make up the middle, not realizing that this story has nothing to do with the iPhone beyond mentionning that such a service would be against Apple's TOS.

      • by PNutts ( 199112 )

        beyond mentionning that such a service would be against Apple's TOS.

        I would classify this as grandstanding. There are already iOS / Android apps that separate Exchange accounts from the rest of the phone including the remote wipe. Not the described dual persona nirvana but in most cases I assume should satify the balance between controlled corporate data and your personal phone.

    • by Rennt ( 582550 )

      Maybe because it mentions Apple and and iOS in TFS.

      Not saying it's right, but what can you expect?

    • Why is this tagged as "Apple", "iPhone" and 'iOS"?

      Only way to get the fandroids interested in a submission - bait them with the prospect of Apple-bashing.

      Tag a submission as "Android" and "malware" and the Apple fan boys will flock just as fast...

    • by cbope ( 130292 )

      Because it's a glaring missed opportunity in iOS devices. I don't want to mix my personal and work contacts/calendars/email, but in iOS there is little separating them. Give me a work profile and a personal profile. At least good old Nokia/Symbian was smart enough to have this 5-6 years ago starting with their first generation smartphones, although the data is not partitioned or encrypted. But at least it was easy to keep work stuff separate from personal stuff on the smartphone. Why Apple continues to be b

      • Because it's a glaring missed opportunity in iOS devices. I don't want to mix my personal and work contacts/calendars/email, but in iOS there is little separating them. Give me a work profile and a personal profile. At least good old Nokia/Symbian was smart enough to have this 5-6 years ago starting with their first generation smartphones, although the data is not partitioned or encrypted. But at least it was easy to keep work stuff separate from personal stuff on the smartphone. Why Apple continues to be blind to this I'll never understand.

        At Apple, work is play. Play is work. There is no difference.

        Besides doing it that way is complicated. And Lord, we don't need complicated.

      • by Cinder6 ( 894572 )

        I've never really seen the use for multiple accounts on my phone, but multiple profiles (same data, apps, etc., only some data is emphasized over others in different profiles) would be useful. Another nice thing would simply be a "game mode", for handing my phone to my nieces and nephews, that would only let them play games and not access anything else on the phone.

      • by PNutts ( 199112 )

        Because it's a glaring missed opportunity in iOS devices. I don't want to mix my personal and work contacts/calendars/email, but in iOS there is little separating them. Give me a work profile and a personal profile. At least good old Nokia/Symbian was smart enough to have this 5-6 years ago starting with their first generation smartphones, although the data is not partitioned or encrypted. But at least it was easy to keep work stuff separate from personal stuff on the smartphone. Why Apple continues to be blind to this I'll never understand.

        There are already iOS / Android apps that separate Exchange accounts from the rest of the phone including the remote wipe. Not the described dual persona nirvana but in most cases I assume should satify the balance between controlled corporate data and your personal phone. Even without the app I disagree that they are not separated. You choose which contacts/calendars/email you want to display if not all of them. Each maintains your own identity, signature, etc. But without the app a remote wipe nails the w

  • This will be awesome when it becomes more widely accepted in the corporate space (RIM better have a backup plan!), but how will companies deal with work phone lines? This must put them in a catch-22 position, where they either provide (limited) service for work AND personal use (which is unlikely; most people abuse free things) or compensate users for using their own personal plans for work use. If the latter is the case, will employees feel comfortable with their employers going over their records to justi
    • by Specter ( 11099 )

      Or employers stop paying for mobile phones at all. Very few companies pay for broadband Internet access these days and that used to be fairly common.

  • by AYeomans ( 322504 ) <ajv.yeomans@org@uk> on Friday October 14, 2011 @07:45AM (#37712652)

    ... in a decade far, far away we used to use multi-user operating systems. Which used to keep one user's data private from another - unless they explicitly wished to share. They also let the sysadmin install software packages for everyone to use, or each user could run their own local programs - which could not access other user's data.

    Sounds familiar? So why propose a "solution" that only gives application-layer (rather than OS-layer) protection between users? That only protects properly one (corporate) user - isn't my personal data of at least equal value? That can't easily be extended to several users (think "e-banking user" which shares no data at all with "games user")? And there's no inherent reason why the different user programs can't share the same display screen either, with different passwords and screen lock timeouts - so you don't need a password to run Angry Birds, but do to unlock your contacts.

    • by trampel ( 464001 )

      Android already uses different Unix user IDs ("accounts" if you will) to isolate different applications from each other. This gives you better protection than a desktop operation system, because applications running on the same screen are more isolated from each other.

      I'm pretty certain every app under this Toggle scheme will also run in its own context.

      • And several Android phones (like the Motorola Droid 3) use chroot and other sandboxing techniques to isolate apps even further from each other. Right down to randomising the UID of the "normal user" account on the phone.

        This is one of the reasons it's been so hard to root the Droid 3.

  • RIM is in Danger (Score:5, Insightful)

    by chill ( 34294 ) on Friday October 14, 2011 @08:01AM (#37712794) Journal

    This idea was discussed in a meeting with the various CxOs yesterday, where I work. While the recent Blackberry outage brought this to everyone's attention, the big kicker is people don't like carrying two phones.

    In government, really only RIM has gone thru FIPS compliance testing and that is one of the big reasons they are so popular. Our CIO brought up that Apple has been taking the iPhone thru FIPS compliance testing and he was looking forward to being able to get an iPhone instead of the Blackberry.

    That is until I pointed out the only way it'll pass compliance is if the iTunes Store is disabled and you can't load any apps on the phone. Did he want an iPhone with only the default Apple apps? "Uh, no." was the answer. And neither will anyone else.

    Being able to have one phone is the key. This could be an interesting step in that direction.

    • Re: (Score:3, Informative)

      by hawkbat05 ( 1952326 )
      Apparently everyone missed that RIM is already doing this: http://us.blackberry.com/apps-software/business/server/full/balance.jsp [blackberry.com] They're taking a bit of a beating right now but I have to say, if I want to actually type quickly and accurately I won't be using my Android, I'd rather do it on a BB. I can type about twice as fast when there's a real, well designed, keyboard.
      • Apparently everyone missed that RIM is already doing this: http://us.blackberry.com/apps-software/business/server/full/balance.jsp [blackberry.com]

        They're taking a bit of a beating right now but I have to say, if I want to actually type quickly and accurately I won't be using my Android, I'd rather do it on a BB. I can type about twice as fast when there's a real, well designed, keyboard.

        RIM has the momentum against them though. Businesses have a desire to move away from RIM, but have no options with similar security. This feature will provide similar security and be one of the last hurdles for the switch.

        • There are actually plenty more hurdles. For example S/MIME support, which BB has supported for years has just been included in iOS 5, as far as I know there's no good solution for it on Android. How about support SmartCards like DoD CAC? Currently an adapter seems to be required for the iPhone (besides the reader itself). Don't forget about FIPS 140-2 (which is only in progress on iOS4), CAPS, CC and the various international governments and NATO certifications. These are all time consuming to achieve
        • by Lehk228 ( 705449 )
          this function provides nowhere near the same level of security

          a physical world analogy would be comparing a sheet metal locking cash box to a time locking bank vault with glass and thermal re-lockers
      • by chill ( 34294 )

        I used to have the same opinion about the keyboard until I got used to Swype. I'm much faster and more accurate using that. Give it a try.

        • I have Swype, it's still much slower. I will admit it's much better than the standard keyboard though.
          • by karnal ( 22275 )

            same here; bought a samsung galaxy s2 and was worried about lack of a physical keyboard. Swype has me going quick enough to not even care at this point.

      • by lewiscr ( 3314 )
        If a keyboard is important to you, buy a model with a physical keyboard.
        • Most Android phones have keyboards that aren't very ergonomic. It's hard to argue that BB doesn't have an edge if you seriously use a keyboard.
          • by lewiscr ( 3314 )
            I prefer the landscape keyboards, the buttons are too small and too close together on the portrait keyboards. I agree that the BB keyboards are higher quality, but I still have trouble using them.
  • Nokia's Symbian OS has offered a similar feature for years... not that the rest of Symbian was that great. Congrats(?) to AT&T for making it sound like an exciting new idea.
  • by Leebert ( 1694 ) * on Friday October 14, 2011 @08:43AM (#37713186)

    Maybe I'm misunderstanding, but if you compromise the phone, don't you also compromise the app? This is like some of the "solutions" I've seen from people that want to use their home computers to connect to sensitive enterprise resources (e.g., VPN). "Oh, why don't we distribute organization-approved VM images to the people to run on their home desktops?"

    I mean, if you can't trust the host, you sure as heck can't trust the guest. And the encryption is just a feel good red herring that doesn't really solve that problem.

    • by maxume ( 22995 )

      The user desktop might be the guest of the business desktop.

    • Little to do with that.

      Everything to do with me dictating how you will use the company phone I am providing you - security vs usability.

      Now, I have the security and micromanagement that I need (in theory)... and I can also give you the herd-of-cats usability you desire, without threat (hopefully) to why I provided you the device in the first place.

      Also has everything to do with me owning the phone and data that is on it... you can imagine that co-mingled data is a nightmare when you own half the crap on the

  • by anti-pop-frustration ( 814358 ) on Friday October 14, 2011 @08:53AM (#37713294) Journal
    How about a phone that can use two SIM cards at the same time? So we can actually make carriers compete against each other. This is a feature that Android is sorely lacking.

    What, carriers don't want any features that might actually empowers their consumers or helps them get away from the "subsidized" (aka bought on credit) phone handset scam? Not to mention, having multiple plans or prepaid SIM cards is also a great way to dramatically cut international roaming costs.

    Remember the technologically advanced 90s? Phones used to have that feature back then.
    • by bmoore ( 106826 ) on Friday October 14, 2011 @09:27AM (#37713696) Homepage

      Android DOES support dual-SIM phones, so don't place the blame there. Just Google it, you'll find Android-based dual-SIM phones. Just not sold by AT&T, or TMobile.

      I'm not sure why AT&T doesn't carry any, and maybe they soon will, now that they're using Enterproid. There's no reason to say that your two SIM cards won't both be locked to AT&T. You pay for two plans, but only carry one phone. Seems like a win for them.

  • Sure is a lot cheaper than a rack of Nauri.
    http://www.wired.com/science/discoveries/news/2006/04/70619 [wired.com]

  • Now Dual Networks (Score:5, Insightful)

    by Doc Ruby ( 173196 ) on Friday October 14, 2011 @09:12AM (#37713536) Homepage Journal

    What we really need is the 3G/4G/++ telco cartel broken so that my phone can have accounts on two networks simultaneously, so I'm not locked into a single failurepoint - that frequently fails. Just like LANs to the Internet, which can have dual WANs without prohibitive subscription rates.

    In fact a second WWAN connection that's rarely used could cost more per bandwidth than the primary WWAN, so the telcos would each make a fatter profit off the "insurance" second WWAN.

    So it's obvious that the telcos care more about their cartel and its power to do whatever it wants without consequences (universal warrantless wiretapping, anyone?) rather than actual increased profit and improved service for their customers.

    • 1. Turn phone off
      2. Remove SIM #1
      3. Insert SIM #2
      4. Turn phone on

      OK, this isn't the same as instant, live switching, but if your concern is just for handling network failures, it should work well enough.

      • Only AT&T uses SIMs in the US, and AT&T sucks.

        But indeed I want the network device to use different WAN interfaces. Mid-call, or mid Internet session. If the primary network is going up and down, I don't want to power cycle the device over and again.

        • T-Mobile also uses SIMs. Although they are being bought by AT&T, they haven't been yet, and the buyout has a lot of challengers.

          For now, if you're on AT&T, you can switch to T-Mobile. People have been unlocking iPhones to run on T-Mobile for as long as the iPhone has been around.
        • by karnal ( 22275 )

          Verizon has SIM cards with their LTE network. I have a nifty little access point that uses one, and their 4g usb sticks use them as well.

    • by Rexdude ( 747457 )

      So I guess something like this [samsung.com] won't be sold in the US. Dual SIM phones are quite popular here (India), but they tend to be mostly dumbphones. People use one operator for long distance calls and another for local, or one's a company provided SIM and the other's their personal one, obviating the need to carry 2 phones.

      Haven't seen any smartphones with this though - apart from a few no name Chinese ripoffs of Nokia handsets.

      • Of course what would be awesome would be a smartphone with a real multiport expansion bus. So multiple SIMs, or other expansions that aren't simply serial connections.

        The whole model, where features are locked into HW, is a strike at the heart of the openness that's always been part of the PC, and of networking. Which is what people outside the US still can expect more of in their phones.

        • by Rexdude ( 747457 )

          You could build one, then it would have to be FCC (or equivalent) certified, and that's the stumbling block.

          • Has anyone ever hacked an ARM/Android smartphone to add devices to a CPU bus? Like solder on an FPGA...

    • by DaveGod ( 703167 )

      Wouldn't it be better if the networks agreed that phones can use each other's networks under specified circumstances?

      They supposedly already do it here (UK), though I have never noticed any evidence of it bar a couple of operators who have a strategy of sharing towers. I do recall reading that there are phone settings, which the operators set so that it basically never happens except for 999 (911) calls, but some people claim to have been able to convince the operator to allow them to change it.

      • No, why? There are geographically overlapping networks. Any one of them fails (as happens often in the US), and the other is still almost always available.

        What you're describing is available in the US. The "specified circumstances" is "roaming", which costs far more than even the robbery they charge for service on the home network. If your phone even supports the different frequencies, or entirely different technologies (CDMA, GSM, WiMAX, LTE, etc) selected by different telcos partly to keep "their" phones

    • This exists already. Some World phones are also satellites phones. If you want fail-over service, you have to be willing to pay for it.

  • When I got my Nexus 1 back in Jan 2010 I loved everything about it except one thing. Using the search function on the phone did not return results from the calendar. I was trying to manage about 48 patients and frequently needed to be able to look at their appointment schedules going out a year. Before getting the Nexus 1 I had used Palm PDAs for almost 10 years. The search function in Palm OS brought back calendar items from day one. How could it be that a search company's operating system could miss

    • It is probably the same reason there isn't native syncing of tasks. My US Robotics Pilot 1000 was a more capable PDA than my Dell X51v or my HTC Desire when used out of the box. Contact, Calendar and ToDo searching was so darned fast. I think makers of current smartphones have dropped the ball on the PDA side of things. Why don't my Exchange tasks sync? Why do I need an add on app for Google Calendar tasks to sync. Just stupid!
  • Android versions 2.0 and later already support multiple accounts. My own phone has 2 accounts associated with it, and would have more if I could stomach using MotoBlur. Things like securely checking (and, depending on the infrastructure, syncing) corporate email and calendar can be done without a "split personality" device, but I guess that just doesn't fly in the case of IT control freaks.

    • by cynyr ( 703126 )

      Not like that, but multiple users of the device. I would really like this on my tablet. An unlocked account on my tablet for anyone to use, that has no access to my gmail account.

  • It's about time! For those who have Communal IPads at work that you have to manage and share this is a very exciting step in the right direction. This is the biggest downfall of many of these "Do everything Portable Devices", especially for business purposes, but for phones it doesn't seem all too necessary and may be a pain in the arse. Why would you need 2 accounts, just encrypt the whole shabang. GET TO THE MULTIPLE USER ACCOUNTS ON THE IOS APPLE and Make my job easier.
  • Cyanogenmod & I'm pretty sure vanilla android has supported this Nativity in the OS for what feels like years...
  • They essentially want to create sandboxes or jails like on my favorite OS Freebsd.

    It can only work if android had been created with this in mind. The problem is that hackers will probably figure out how to get into the other sandbox if the sandbox mechanism isn't well designed. Encryption isn't enough since the decode key resides on the device. Further what about one sandbox sniffing the others network traffic? That's why the OS has to be designed with it in mind.

    But the idea of a separate desktop contr

  • Because they want you to have one phone for personal, and another phone for the business...to boost the sell!

    Is that so hard to understand?

Time is the most valuable thing a man can spend. -- Theophrastus

Working...