Disable unencrypted backups

[MuntashirAkon]

Allowing restoring unencrypted backups by default allows an attacker familiar with the internals of App Manager to install malware quite efficiently.

Consider the following situation:

1. User has at least one backup (regardless of the encryption setting) of an app that is uninstalled in a shared directory that is accessible to the attacker.
2. Attacker generates a malicious unencrypted backup by the same package name that is compatible with App Manager.
3. User triggers restore inside App Manager.
4. App Manager successfully installed the malware in the system.

The only viable solution to this vulnerability is by disabling unencrypted backups, at least, by default. Even if it can be enabled, there should be sufficient warnings and tasks that need to be carried out before an user can enable it.