The students in our district have discovered a way to use an online emulator to emulate gameboy and gameboy advanced games without jailbreak. The website is called "gameplaycolor.com" where it tells the user to add the website to their homescreen in safari, download 'game' files to their google drives, then accesses their google drive to play said games. After learning about this, I quickly blocked the website on our firewall. However the web clip still functions 100% even with the wireless on the device turned off. The web app works offline and has access to your google drive by utilizing an access token. This is troubling because there seems like there is no way to block it or remove these web apps in mass from the devices that already have it installed. Even after clearing the safari cache, the web app still functions. Thoughts anyone?
"Allow trusting new enterprise app authors" was unchecked and not required for this emulator to install since it is just a web clip
"Allow App Store" was unchecked
"Allow installing apps using Apple Configurator" was unchecked
@rzoppi I installed it with one of my test iPads and there is no way I can think of to search for this Web Clip and then removing it. Because we keep the App Store on our device to allow the user to update their apps we install a whitelisted application profile with a list of our accepted apps downloaded from our App Catalog on the device. In order to make sure that web clips appear for this profile, I had to whitelist "com.apple.webapps"... assuming you guys are not using web clips for anything, you could create a whitelisted profile and add the apps in your catalog and exclude com.apple.webapps, this would cause all Web Clips on the device to disappear, solving your problem.
So I mostly work on the OS X side of Casper, so my mobility knowledge is limited. But is it possible to have Casper look for a process, or in this case, and web clip and delete it? If it was an app on a Mac I could add it as a restricted app and make sure it gets deleted before the user can even access it.
But you do have to hand it to these kids these days...they are getting pretty ingenious. I remember we used to program games on our Ti-82's back in my day.
Resolved. @anickless A firewall block wouldn't be a complete solution as we have a 1 to 1 in our HS and the students are allowed to take the devices home. Since we are blocking ios updates inside and outside our network by using the method described here, we just added gameplaycolor.com to this list. This way, the website is blocked in and out of district.
This allowed me to block anyone else from downloading, installing, and authorizing the game, but the web clip was designed to run offline! So anyone with it already installed would still have access to their games. It did this by using a token to gain access to google drive offline. Since google admin does not have an easy way to revoke these tokens in mass, I used GAM to find all of the users that had an association with the clientid "151379758364.apps.googleusercontent.com" then told gam to delete that association. Now they would be required to reauthorize, but would be blocked from doing so.
gam syntax is as follows: gam user email@example.com delete token clientid 151379758364.apps.googleusercontent.com
GAM is a command line tool that allows administrators to manage many aspects of their Google Apps Account.
What you can do with GAM
@rzoppi We currently use iBoss for our web filtering and are rolling out cellular iPads that will be going to students which they will be able to take home. In order to make sure they are filtered at home a Global Proxy with a PAC file (I'm new to the proxy world so I hope this makes sense). If they are off our network they are still are filtered and are unable remove the proxy as the device is supervised. Still in the testing phase but so far it seems to be working well. I know you already found a resolution but I hope this information helps.