Related
Being certified by Microsoft and specializing in Internet security, I know that Windows is the most targeted operating system for viruses, trojans, malware etc. Surely there must be an anti-virus by now for WP7.
After doing a search in the Market Place I didnt find any. There were anti-virus applications for WM6x, Iphone, Android and even Symbian but what about WP7. My guess is it wont be long before we need some sort of anti-virus protection for our devices. Picture this, you see a nice application from an independent website which wets your whistle. You install it by Toms Xap installer and your phone goes off. You try to restart but it refuses. The boot screen comes up with a message saying you are a victim of a virus which has now rendered your phone into a very expensive paper weight. It is possible and installing Xap applications through Toms Xap installer makes us even more exposed to malicious applications. WP7 Market Place scans applications and games to make sure you are protected. I'm not trying to scare people here so please dont get me wrong but I am trying to open peoples eyes and urge you to be cautious when installing applications which are not from WP7 Market Place or Xda.
I thought I would create this threat for the Xda community to share their views on this.
Personally I wont bother, its up to the users. Its all documented on Google.
see here: http://www.techgazing.com/2010/01/11/do-i-need-an-anti-virus-for-my-phone/
Russ
I would have to say that is a very interesting read. Nothing in there were mentioned about WP7. All I am saying is to be careful. That article claims there are 420 mobile phone viruses and most targeted is Symbian. This is because Symbian have been out longer than Android, Iphone and WM. Symbian certainly bought out more phones over the years so this would explain why they were targeted.
The case where the anti-virus company actually had a virus and passed it on through updates was shocking. That should never have happened and was very negligent of the anti-virus company.
Although people may think it will never happen to them, for the occasional few it does. People take out mobile phone insurance but how any people claim insurance? Why pay money for insurance when you dont take measures to backup your data and protect your device?
The internet is full of traps and data collecting nasties and you never can be sure that what ever you are downloading is 100% safe. Dont you think better to be safe than sorry should be a moto well remembered?
What you are missing is the fact that WP7 apps run completely sandboxed - they cannot reach out of their own little world.
Sure, installing a homebrew app which includes native code may circumvent this but I'd say that's the risk you take when geeking around with your phone
I think an antivirus-software is a totally useless investion of money for now.
You say, windows is the most targetted OS for viruses. Yeah, for sure, because most of people use it.
But its another thing if you look onto the mobile operating systems. The users are spread in 3-4 groups there: WM, Android, iOS and maybe the Blackberry OS.
So the virus-programmers need to choose first, for which platform they are going to write some malicious code. They are never gonna hit that much users as they would hit with Windows for Desktop.
I never heard of any popular virus for any mobilephone including WM-phones.
Secondly, WP7 is a totally new OS. For now, the count of people using this OS is way lower than that of Android and iOS - Users.
So why should hackers choose WP7 especially now as their victim?
My opinion for my last 5 years of using mobile operating systems is: You dont need it.
You have the same ability for sideloading apps with android and iOS too for now and they are much longer on the market than the new WP7 and I never heard of any viruses.
Anti-virus software is a complete waste of money, i dont use it on any of my 3 windows computers or any phones...
mideel said:
I never heard of any popular virus for any mobilephone including WM-phones.
Click to expand...
Click to collapse
Norton and Kaperski have both had anti-virus on Symbian and WM
scbrother said:
Anti-virus software is a complete waste of money, i dont use it on any of my 3 windows computers or any phones...
Click to expand...
Click to collapse
OMG are you trying to commit online suicide lol
AndHD2 said:
Norton and Kaperski have both had anti-virus on Symbian and WM
Click to expand...
Click to collapse
read my post again. I didnt mean anti-virus-software, I meant viruses!
mideel said:
read my post again. I didnt mean anti-virus-software, I meant viruses!
Click to expand...
Click to collapse
I think I had a Homer Simpson moment then.....Duh lol
i do not think antivirus on Phone is necessary. it will rather slow down stuff.
There is only 1 (ONE) existing virus for WM 6.x. Funny enough it was created by Kaspersky in order to demonstrate that viruses are possible and ppl should install AV software
Viruses for WP7 are almost useless as apps are completely sandboxed. Same thing with iOS. Only Android offers enough freedom for malicious code and then again only if rooted.
AndHD2 said:
Being certified by Microsoft and specializing in Internet security, I know that Windows is the most targeted operating system for viruses, trojans, malware etc. Surely there must be an anti-virus by now for WP7.
After doing a search in the Market Place I didnt find any. There were anti-virus applications for WM6x, Iphone, Android and even Symbian but what about WP7. My guess is it wont be long before we need some sort of anti-virus protection for our devices. Picture this, you see a nice application from an independent website which wets your whistle. You install it by Toms Xap installer and your phone goes off. You try to restart but it refuses. The boot screen comes up with a message saying you are a victim of a virus which has now rendered your phone into a very expensive paper weight. It is possible and installing Xap applications through Toms Xap installer makes us even more exposed to malicious applications. WP7 Market Place scans applications and games to make sure you are protected. I'm not trying to scare people here so please dont get me wrong but I am trying to open peoples eyes and urge you to be cautious when installing applications which are not from WP7 Market Place or Xda.
I thought I would create this threat for the Xda community to share their views on this.
Click to expand...
Click to collapse
Apparently the certificate and specialization doesn't help much when there is lack of reading. Sorry, you've started your post with that sentence and it only makes you look silly.
If you've read even ONE review of this OS you'd realize that it lacks multitasking! That saidb there is no possibility (yet) of an application (AV) running in the background to check files/processes. Besides this OS is so closed you can't even download unsupported files! Today I couldn't download a simple .rar archive - it said that WP7 doesn't support this filetype
As for sideloading applications it's not officially supported by MS so it's just one of the "risks" advanced users need to cope with as Microsoft is checking each application before posting it on the marketplace. Plus the applications written are all in managed code and we don't even have access to system functions. Even simple functions like reading the battery percentage are unsupported.
So there is technically an extremely low risk of viruses in this pretty much closed OS.
I can't imagine AV's impact on already poor battery performance on HD2 WM7.
P$YCH0 said:
Apparently the certificate and specialization doesn't help much when there is lack of reading. Sorry, you've started your post with that sentence and it only makes you look silly.
Click to expand...
Click to collapse
Agreed. And most of us are used to flashing a new ROM every week, which is all you'd really need to do to recover from a 'virus'. I'm struggling to see what the danger is, especially on WP7.
Poor battery performance?
iBimmer said:
I can't imagine AV's impact on already poor battery performance on HD2 WM7.
Click to expand...
Click to collapse
What exactly are you doing to cause poor battery performance with WP7 on your HD2? It is probably the best battery life I have had on my phone other than an energy rom.
whycali said:
What exactly are you doing to cause poor battery performance with WP7 on your HD2? It is probably the best battery life I have had on my phone other than an energy rom.
Click to expand...
Click to collapse
i think most ppl who say something about poor battery perfomance on wp7 hd2 never used push mail on their phones
whats more likely is that you get a virus on you PC that trashes your phone on flash.
ah the good old days when virus wiped BIOSs and totally ruined your day.
I think its highly unlikely anything could happn on the device its self for the reasons mentioned above, worst case you could hard reset, unlike PCs most stuff is backed up, hopefully everything soon (Myphone please MS!!) and it takes a few min to reinstall, doing the same on your PC would mean a day watching movies whilst you set it all back up again.
Obviously this is a pretty safe OS, but if they do get something like Lookout Security I'll get it, simply for peace of mind.
virus/worm problem
I landed here after a search for antivirus for wp7. i use a htc hd7 chevron unlocked and over the last two days i experienced unwanted outgoing email on my live.com account. i use live.com account on the phone and also on PC via live.com and also using outlook connector...
how can i check which is affected with a virus - pc scan using avg shows clean. the unwanted emails go out apparantly when my pc is off - so is the virus on my wp7 or actually on live.com?
according to this post, there couldnt be a virus on wp7 is it??
any help/thoughts will be much appreciated.
TIA
I think my HD2/WP7 has something dodgy monitoring my actions as after I registered my debit card with the Market & made the first 79p payment for the XDA app I get a dodgy email to my Live email claiming to be from my bank saying there has been unusual activity with a html attachment.
This is a fake, but they new my bank and Live email address and the fact that I made some unusual activity: as in the 79p app.
WP7 is open somewhere!
Of course, my mom gets another virus on her laptop. How can I remove this?
Thanks.
Wow, you have just loaded us down with information, 'rolls eyes'
Even though I'm not a expert, I think people will need some more info/specs to help you out
Sent from my SilverBullet "RootedHTCDesireZ"
easy go here
http://www.bleepingcomputer.com/virus-removal/remove-antivirus-.net
Ahh, my apologies, It just needed a good googling
Sent from my SilverBullet "RootedHTCDesireZ"
virustotal.com - the best scanner online
Once the virus has been removed, i recommend you download microsoft security essentials...
Most unobtrusive anti-virus software i've found yet!..
And its made by microsoft, so its free and you never have to worry about it being outdated...
urbanengine1 said:
And its made by microsoft, so its free and you never have to worry about it being outdated...
Click to expand...
Click to collapse
on the other hand , u do have to worry about it being useless ...
statistically , how many things(from companies) for free are not garbage ??
souljaboy said:
on the other hand , u do have to worry about it being useless ...
statistically , how many things(from companies) for free are not garbage ??
Click to expand...
Click to collapse
mac fanboy
Jk... but seriouly, it actually works really well, saved my mums comp a few times.
urbanengine1 said:
mac fanboy
Jk... but seriouly, it actually works really well, saved my mums comp a few times.
Click to expand...
Click to collapse
MSE is a great program, if only Microsoft would have done that right before now. They have two good ideas, MSE and the Zune. Maybe version 3.11, I liked the windows.
you can always get malwarebytes (free for personal use) and scan with it in safe mode (full scan is best) and see where that gets you, it gets most stuff.
I had one of these at work today.
Google "Manually remove antivirus.net" and after some googling you will find the registry lines and files you need to remove. YOu wont find it by searching and the website will tell you [random.exe] for the name. It truly is just random letters. Follow the first RegEdit you have to do and you will find the name of it.
Just use Combofix from bleepingcomputer.com Then run a full scan from malwarebytes. I can also confirm that Microsoft security essentials is the best free AV available.
what do you folks think? it scans everything i install from the Play Store -- but seemingly only AFTER it's been installed. and really, if i only install from the Play Store, is there even a point?
AM Radio said:
what do you folks think? it scans everything i install from the Play Store -- but seemingly only AFTER it's been installed. and really, if i only install from the Play Store, is there even a point?
Click to expand...
Click to collapse
I say all antiviruses on android are pointless. Android isn't really affected by viruses to be honest. If there are viruses, it would be on your memory card and you need a pc for that. This is my opinion though. Never had any viruses on any of the androids i've owned so far
Sent from my Compact Beast The Third.
found this review
http://uk.pcmag.com/avg-antivirus-s...2/review/avg-antivirus-security-4-for-android
reviewer was not that impressed
The secret is that android itself is a virus, it makes its users crave updates and they begin to dribble, get irritated and have arguments when they see possible new features on the horizon.
Sent from my D5803 using XDA Premium HD app
Imo you only need a virus scanner if you have realy no idea what you are doing and have the check mark "install untrusted apk" in security settings set .or you use a 3rd party app store. I think it is safe to assume that Google checks their app market for obscure apps.
When installing a new app just check the properties it may use, e.g. a background image supplier app should have no need to dail numbers or send texts, use your personal information etc.
Other than that, the avg supplied is bloatware / scareware and just a trail for 30 days.
I have the worst virus scanner on my PC (ms secueity essentials) it gives the impression of blocking the really bad stuff but doesn't eat all your resources as eg avg or McAfee does.
As long if you know the differents between a softonic installer and the real application you are fine
Cut the crap y'all. See the professional analysis here http://www.av-test.org/en/antivirus/mobile-devices/android/january-2015/ and decide for yourself.
(I'm on Eset Mobile Security, for almost a year, never disappointed me http://www.av-test.org/en/antivirus.../eset-mobile-security-&-antivirus-3.0-150113/)
Sent from my D5833 using XDA Free mobile app
Hiya,
I guess its debatable like task killer?
it really depends on what is defined as "anti virus" and what is "trusted"
are popular social network apps trustable? =p
ultimatsz said:
Hiya,
I guess its debatable like task killer?
it really depends on what is defined as "anti virus" and what is "trusted"
are popular social network apps trustable? =p
Click to expand...
Click to collapse
Task Killers are NOT debatable, Google gave an official and final response years ago by explaining how memory management works on Android. I have a task killer, but I only use it manually to kill certain apps, not to free memory aka RAM but to prevent high CPU usage.
Anti-Viruses are always reviewed by the professionals, see the links I posted above.
Nothing on the Internet is trustable. Haven't you heard of NSA's PRISM program and other related stuffs exposed by Whistle-blower; Edward Snowden?
Sent from my D5833 using XDA Free mobile app
I have this on my phone, tho has never found anything apart from a settings warning 'apps from unknown sources'
which I ignore tbh
asab1 said:
I have this on my phone, tho has never found anything apart from a settings warning 'apps from unknown sources'
which I ignore tbh
Click to expand...
Click to collapse
That's because Android malware are still rare and it's a warning because most users are novice users.
Sent from my D5833 using XDA Free mobile app
So based on the replies here... when im watching porn on my android, and i receive a pop up window stating "WARNING A VIRUS HAS BEEN DETECTED ON YOUR ANDROID DEVICE" .... there is no actual virus or malware/spyware? This isnt a troll question... i swear lol. And we all do it, quit judging me haha.
DaryllSwer said:
Anti-Viruses are always reviewed by the professionals, see the links I posted above.
Click to expand...
Click to collapse
Define "PROFESSIONAL"
Any normal person knows by now, that many internet professionals are helpless when facing real problems.
And BTW, I am a *real* professional, the smartest of the smartest because my mother told me so.
---------- Post added at 09:39 AM ---------- Previous post was at 09:35 AM ----------
M04RT3 said:
So based on the replies here... when im watching porn on my android, and i receive a pop up window stating "WARNING A VIRUS HAS BEEN DETECTED ON YOUR ANDROID DEVICE" .... there is no actual virus or malware/spyware? This isnt a troll question... i swear lol. And we all do it, quit judging me haha.
Click to expand...
Click to collapse
When you click OK, things may start happening. Google "stagefright".
However, if you have all the security patches, the risk is low.
And then again, the real viruses are something that anti-virus programs do nothing about. If you are important enough, your camera, your mic will be monitored despite of all the anti-viruses you would like to install.
You do not need to use anti-virus software, if you use Google Browser with warnings enabled, if you have disabled MMS and if you do not install programs outside of Google Play.
bookworth said:
Define "PROFESSIONAL"
Any normal person knows by now, that many internet professionals are helpless when facing real problems.
And BTW, I am a *real* professional, the smartest of the smartest because my mother told me so.
Click to expand...
Click to collapse
Av-Test is a reputable organisation. Whether you consider them 'professional' or not is none of my concern. Have fun running an 'antivirus' app on Android. I'm done here.
http://www.av-test.org/en/about-the-institute
DaryllSwer said:
Av-Test is a reputable organisation. Whether you consider them 'professional' or not is none of my concern. Have fun running an 'antivirus' app on Android. I'm done here.
http://www.av-test.org/en/about-the-institute
Click to expand...
Click to collapse
Yes, they are reputable. And the results can be bought like with many German based reputable organizations. Like VW, Auto-Build (tyre-reviews) or (Bundesliga match making scandal).
The problem is not whether android phones need antivirus programs. Mostly they dont't. The problem however is if you can blindly believe organizations because they are "professionals".
And please, be done, don't reply, fly away, "captain".
can anyone pointe to the thread to root a nexus 6 with marshmallow on it please? i search but i see a lot of old, conflicting and outdated reports
I just want solid instructions that somebody here already used
cpugeeker said:
can anyone pointe to the thread to root a nexus 6 with marshmallow on it please? i search but i see a lot of old, conflicting and outdated reports
I just want solid instructions that somebody here already used
Click to expand...
Click to collapse
Here are the steps I used:
- flash/upgrade to Marshmallow
- flash modified boot.img
- flash/boot TWRP and sideload latest v2.50+
No. Not that unless you want unknown evil invading your phone and stealing your private information.
Use this instead;
http://forum.xda-developers.com/nexus-6/general/root-t3231211
doitright said:
No. Not that unless you want unknown evil invading your phone and stealing your private information.
Use this instead;
http://forum.xda-developers.com/nexus-6/general/root-t3231211
Click to expand...
Click to collapse
WOW what happen with them? I found some readings but now all. What exactly went down? Any good reads on this?
doitright said:
No. Not that unless you want unknown evil invading your phone and stealing your private information.
Use this instead;
http://forum.xda-developers.com/nexus-6/general/root-t3231211
Click to expand...
Click to collapse
lol. I appreciate your work on providing other root access methods, but you really shouldnt go around claiming made up info as fact and trying to spread fear everywhere you can. You have no proof whatsoever of the things you claim.
EniGmA1987 said:
lol. I appreciate your work on providing other root access methods, but you really shouldnt go around claiming made up info as fact and trying to spread fear everywhere you can. You have no proof whatsoever of the things you claim.
Click to expand...
Click to collapse
You obviously don't know the first thing about security, or the gravity of offering root control to an unknown entity.
To make it simple, unless you can *prove* that something is safe, the only rational assumption is that it isn't.
In other words, it is not my place to prove them unsafe. It is your responsibility to prove that they are safe, and frankly, that is an impossible task.
Feel free to use whatever you like. But don't go recommending to somebody that they take dangerous risks that are unnecessary.
---------- Post added at 01:33 AM ---------- Previous post was at 01:27 AM ----------
cpugeeker said:
WOW what happen with them? I found some readings but now all. What exactly went down? Any good reads on this?
Click to expand...
Click to collapse
It was almost acceptable when it was maintained by a single individual, but at some point fairly recently, the code was transferred/sold to an outfit that has been buying up all the root control software that can be found on play store.
Although the original author continues to make the software available under his pseudonym, there is no indication of the contract in place between him and the software's new owners, and no indication of their motives.
That makes the situation incredible frightening and dangerous.
doitright said:
You obviously don't know the first thing about security, or the gravity of offering root control to an unknown entity.
To make it simple, unless you can *prove* that something is safe, the only rational assumption is that it isn't.
In other words, it is not my place to prove them unsafe. It is your responsibility to prove that they are safe, and frankly, that is an impossible task.
Feel free to use whatever you like. But don't go recommending to somebody that they take dangerous risks that are unnecessary.
Click to expand...
Click to collapse
So something that has always been a bit closed, yet still trusted and used, gets transfered to a newly made company started through XDA leaders and still maintained currently by Chainfire for a while, and suddenly this means secret organizations with corrupt ties have suddenly taken control of the Android root world?
EniGmA1987 said:
So something that has always been a bit closed, yet still trusted and used, gets transfered to a newly made company started through XDA leaders and still maintained currently by Chainfire for a while, and suddenly this means secret organizations with corrupt ties have suddenly taken control of the Android root world?
Click to expand...
Click to collapse
It doesn't guarantee that it's bad. But for it to not be controlled by the creator (a first ballot Hall of Famer in this community) and ownership switched to an unproven entity, it turns it from solid and secure to who knows what. The new owners could be just as good. But we should skeptically wait and see
EniGmA1987 said:
So something that has always been a bit closed, yet still trusted and used, gets transfered to a newly made company started through XDA leaders and still maintained currently by Chainfire for a while, and suddenly this means secret organizations with corrupt ties have suddenly taken control of the Android root world?
Click to expand...
Click to collapse
It is not really a newly made company and no where are the XDA leaders involved.
Now make no mistake. Chains SU will be around for a very long time. Will there be other options? Sure, there are many already. If not as mainstream. Apps like this will come and go. It is the nature of the beast.
Now before people start bashing others they better have something to prove it. Other wise they have nothing to say worth listening to.
zelendel said:
It is not really a newly made company and no where are the XDA leaders involved.
Click to expand...
Click to collapse
Could you provide some info on the company to the people here then? Because business filings say that you are wrong on that. The filings for the company were done on August 11th of this year and they rent a virtual office space at the Trump Building on Wall Street. Chainfire himself also said that the XDA leadership was involved in getting his project moved over to this company. Now maybe he wasnt supposed to let that slip, IDK, but he did say it.
EniGmA1987 said:
Could you provide some info on the company to the people here then? Because business filings say that you are wrong on that.
Click to expand...
Click to collapse
Just look deeper and you will see. Just because they have a different name, or make an off shoot doesnt really make them a different company. If you read you will see that they already have their fingers into a few SU apps already. Dont you think that is odd for a new company?
XDA admins only made introductions. I personally dont really care. Nor should anyone really. If you are using SU then you know the risks you run and how to spot them.
zelendel said:
Just look deeper and you will see. Just because they have a different name, or make an off shoot doesnt really make them a different company. If you read you will see that they already have their fingers into a few SU apps already. Dont you think that is odd for a new company?
Click to expand...
Click to collapse
What would be incredibly useful and go a long way in putting people's minds at ease, would be a realistic explanation of the MOTIVATIONS of this company, WHICH IS NEW, regardless of your perception of it being a simple name change, for acquiring and controlling ALL of the different mechanisms for controlling root on Android.
Frankly, I can imagine only a few motivations, none of which ANYONE should be ok with;
1) Charging for it,
2) Forcing ads that the user cannot control,
3) Backdoor/botnet/etc.
You need to remember that while their software will prompt you when some OTHER software tries to access root, it has the ability to hide its own use of root, as well as to wipe evidence from the logs.
Root access should ONLY EVER be open source.
doitright said:
What would be incredibly useful and go a long way in putting people's minds at ease, would be a realistic explanation of the MOTIVATIONS of this company, WHICH IS NEW, regardless of your perception of it being a simple name change, for acquiring and controlling ALL of the different mechanisms for controlling root on Android.
Frankly, I can imagine only a few motivations, none of which ANYONE should be ok with;
1) Charging for it,
2) Forcing ads that the user cannot control,
3) Backdoor/botnet/etc.
You need to remember that while their software will prompt you when some OTHER software tries to access root, it has the ability to hide its own use of root, as well as to wipe evidence from the logs.
Root access should ONLY EVER be open source.
Click to expand...
Click to collapse
The open source was done once. It didnt last very long and due to the nature of SU will never stay open source and mainstream at the same time. If someone wants to charge for the SU app then ok let them. Heck most already paid for the SU pro anyway. No point in going on a witch hunt before there is something to hunt. All we can do is sit back and wait. If chain trusts them then I am willing to give them a chance. Root itself is a security risk and anyone that does root should know just what they are doing. If not then they get whats coming to them.
This is not this companies first root app. As stated they own/profit from just about all the root apps that are around.
zelendel said:
The open source was done once. It didnt last very long and due to the nature of SU will never stay open source and mainstream at the same time.
Click to expand...
Click to collapse
I have no idea how to respond to that besides saying to you that this statement is *ABSURD*.
The open source root was the *FIRST* root, and has persisted. In fact, the root that *I* am working on, is the extension of that very same *ORIGINAL* root done by Koush. It has remained *the* primary mechanism for controlling root access from 2009 to present, except for a brief loss of maintenance during the reign of Android 5.x.
Further, the nature of root REQUIRES it to be open source.
And will be THE ONLY mainstream method of providing root access control for anyone who has ANY consideration for security.
If someone wants to charge for the SU app then ok let them. Heck most already paid for the SU pro anyway.
Click to expand...
Click to collapse
Only because they are being denied simple and mandatory features. This isn't a voluntary charge, this is coercion and even RANSOM.
No point in going on a witch hunt before there is something to hunt.
Click to expand...
Click to collapse
But there IS a witch to hunt: SECURITY. Or lack thereof.
All we can do is sit back and wait. If chain trusts them then I am willing to give them a chance.
Click to expand...
Click to collapse
You are a fool. Not only did the author of that binary root NEVER actually do anything to EARN your trust, the fact that you put your trust into a business arrangement that doesn't even involve you is tremendously scary... for you.
Root itself is a security risk and anyone that does root should know just what they are doing. If not then they get whats coming to them.
Click to expand...
Click to collapse
No. This is entirely invalid. Root is not a security risk when done correctly, in open source, and treated with *respect*.
Binary root control *IS* a security risk, and unfortunately you are wrong again on this, since knowing what you are doing DOES NOT protect you from it. There is NOTHING you can do to protect yourself from binary software that you VOLUNTARILY put into a sensitive position of high trust.
This is not this companies first root app. As stated they own/profit from just about all the root apps that are around.
Click to expand...
Click to collapse
That is a TERRIFYING prospect for reasons I've already discussed.
doitright said:
I have no idea how to respond to that besides saying to you that this statement is *ABSURD*.
The open source root was the *FIRST* root, and has persisted. In fact, the root that *I* am working on, is the extension of that very same *ORIGINAL* root done by Koush. It has remained *the* primary mechanism for controlling root access from 2009 to present, except for a brief loss of maintenance during the reign of Android 5.x.
Further, the nature of root REQUIRES it to be open source.
And will be THE ONLY mainstream method of providing root access control for anyone who has ANY consideration for security.
Only because they are being denied simple and mandatory features. This isn't a voluntary charge, this is coercion and even RANSOM.
But there IS a witch to hunt: SECURITY. Or lack thereof.
You are a fool. Not only did the author of that binary root NEVER actually do anything to EARN your trust, the fact that you put your trust into a business arrangement that doesn't even involve you is tremendously scary... for you.
No. This is entirely invalid. Root is not a security risk when done correctly, in open source, and treated with *respect*.
Binary root control *IS* a security risk, and unfortunately you are wrong again on this, since knowing what you are doing DOES NOT protect you from it. There is NOTHING you can do to protect yourself from binary software that you VOLUNTARILY put into a sensitive position of high trust.
That is a TERRIFYING prospect for reasons I've already discussed.
Click to expand...
Click to collapse
He has done alot to earn my trust. You would know that had to been around as long as I have been.
I am fully aware of the first root. And the reasons behind him stopping its development. The only ones that I am aware of that was even using it was CM and they are almost as much of a joke as MIUI.
I am fully aware of what you are working on and to be honest not something I or many others would use would even use as you are unknown and to be honest not really trusted. Maybe after you have been around a while more people will put faith in you and your projects. Not to mention your attitude is enough to make many not bother with it.
Root is a security risk. Just as any real developer. Even Google is making things like root harder to obtain because they see the risk. But to be honest as I have already said "Mobile security is and illusion" If I was truly worried about security I would not unlock my bootloader or bother with rooting.
Now we can argue this back and forth and never get anywhere. So We can end this here.
doitright said:
You obviously don't know the first thing about security, or the gravity of offering root control to an unknown entity.
To make it simple, unless you can *prove* that something is safe, the only rational assumption is that it isn't.
In other words, it is not my place to prove them unsafe. It is your responsibility to prove that they are safe, and frankly, that is an impossible task.
Feel free to use whatever you like. But don't go recommending to somebody that they take dangerous risks that are unnecessary.
---------- Post added at 01:33 AM ---------- Previous post was at 01:27 AM ----------
It was almost acceptable when it was maintained by a single individual, but at some point fairly recently, the code was transferred/sold to an outfit that has been buying up all the root control software that can be found on play store.
Although the original author continues to make the software available under his pseudonym, there is no indication of the contract in place between him and the software's new owners, and no indication of their motives.
That makes the situation incredible frightening and dangerous.
Click to expand...
Click to collapse
This is almost the most amazing post on xda. :good:
Could you kindly prove that the Google Factory Image is safe? Otherwise I would advise you destroy your handset immediately as its probably not safe.
zelendel said:
He has done alot to earn my trust. You would know that had to been around as long as I have been.
Click to expand...
Click to collapse
I've been around longer than you. Try again.
I am fully aware of the first root. And the reasons behind him stopping its development. The only ones that I am aware of that was even using it was CM and they are almost as much of a joke as MIUI.
Click to expand...
Click to collapse
I won't argue with CM being a joke, but MOST people used Koush's superuser up until they were stopped by selinux.
I am fully aware of what you are working on and to be honest not something I or many others would use would even use as you are unknown and to be honest not really trusted. Maybe after you have been around a while more people will put faith in you and your projects. Not to mention your attitude is enough to make many not bother with it.
Click to expand...
Click to collapse
Speak for yourself, but don't you DARE to speak for others.
As far as the trustworthiness of my work goes... go ahead and AUDIT IT. The code speaks for itself.
Root is a security risk. Just as any real developer.
Click to expand...
Click to collapse
I ask myself. Answer is that you have no idea what you are talking about.
Even Google is making things like root harder to obtain because they see the risk. But to be honest as I have already said "Mobile security is and illusion" If I was truly worried about security I would not unlock my bootloader or bother with rooting.
Click to expand...
Click to collapse
Google is correctly worried about the dangers of binary root. As YOU should also be.
Now we can argue this back and forth and never get anywhere. So We can end this here.
Click to expand...
Click to collapse
Only because you have degenerated into personal attacks rather than rational argument.
---------- Post added at 06:07 PM ---------- Previous post was at 06:05 PM ----------
Amos91 said:
This is almost the most amazing post on xda. :good:
Could you kindly prove that the Google Factory Image is safe? Otherwise I would advise you destroy your handset immediately as its probably not safe.
Click to expand...
Click to collapse
I can't prove that google factory image is safe. I can make a strong argument to suggest that it most likely is, and I can prove that AOSP is safe.
FYI: I use a Nexus, so I'm not limited to factory images, as implied by your last sentence.
Well, I'm no techie, I'm just an end-user of other people's talented work, but I'm with doitright on this one. I have trusted Chainfire for years - I have a number of his apps on my device, all of them paid for even though most work perfectly as free apps, simply because I do trust his work. Even if it's closed source black box stuff, he has always appeared to be a straight-up guy.
Still, once the black box passes into company ownership, at that point my trust ends. Companies are not charities hoping for donations. They want some return on whatever investment they've put into taking over SuperSU. Bottom line, I don't trust companies - and yes, that does include Google or Alphabet or whatever piece owns Android these days. I live with the knowledge that I am the product - my choice.
It's also my choice to opt for an open-source solution over a black box one. If doitright's superuser can be audited by people who know what they're looking at (I don't) then that'll do it for me.
And as an afterthought, yes, doitright is a spiky character. So is Torvalds. So what? As long as he comes up with the goods I have no problem with it. He comes across as passionate, doesn't suffer fools gladly (and that is just a saying, I'm not referring to any posters), and since I'm pretty much the same, if a bit more politic in the way I write, I can't criticise that...
doitright said:
Feel free to use whatever you like. But don't go recommending to somebody that they take dangerous risks that are unnecessary
Click to expand...
Click to collapse
Risk = Chance * Effect.
doitright said:
I've been around longer than you. Try again.
I won't argue with CM being a joke, but MOST people used Koush's superuser up until they were stopped by selinux.
Speak for yourself, but don't you DARE to speak for others.
As far as the trustworthiness of my work goes... go ahead and AUDIT IT. The code speaks for itself.
I ask myself. Answer is that you have no idea what you are talking about.
Google is correctly worried about the dangers of binary root. As YOU should also be.
Only because you have degenerated into personal attacks rather than rational argument.
---------- Post added at 06:07 PM ---------- Previous post was at 06:05 PM ----------
I can't prove that google factory image is safe. I can make a strong argument to suggest that it most likely is, and I can prove that AOSP is safe.
FYI: I use a Nexus, so I'm not limited to factory images, as implied by your last sentence.
Click to expand...
Click to collapse
I only speak for the developers I have talked to about using your root set up instead of chains. Got the same answer from all of them.
As for being around longer then me in the modding area. I would put a bet on that. I have been modding phones before a smart phone was even a thought.
You were the first to throw insults. As seems to be your way. Anyone that doesn't agree with you is called a fool or other wise.
Nope you are right. I have no idea what I'm talking about. Now excuse me I have some bugs to fix thanks to Google messing things up.
Hello i'm gonna make a question and it's "SP Flash Tool is a virus"
I scanned the file "flash_tool.exe" with VirusTotal and it says "2 security vendors and no sandboxes flagged this file as malicious"
And the security vendors are "ClamAV" and Google, is a false positive or a small virus?
YoshiTheGamerYT said:
VirusTotal and it says "2 security vendors and no sandboxes flagged this file as malicious"
Click to expand...
Click to collapse
Personally, I wont really bother much (that starts for me at 3 or even 5 warnings) but doesn't hurt to check back with the dev/forum where you got it.
Thank you
Examine the details and relationships.
Error on the side of caution, and if installed do not let it download anything, firewall block it.
The amount of damage a malicious script alone can do can be significant.
blackhawk said:
Examine the details and relationships
Click to expand...
Click to collapse
Good idea, I try that usually but do you have any guidance what to look for?
Just dropped in something from my virus chest
https://www.virustotal.com/gui/file...edfb20e4192039c4bb4391a244f693569a7/relations
I cannot draw more info from that, aside from VT saying it's bad.
SigmundDroid said:
Good idea, I try that usually but do you have any guidance what to look for?
Just dropped in something from my virus chest
https://www.virustotal.com/gui/file...edfb20e4192039c4bb4391a244f693569a7/relations
I cannot draw more info from that, aside from VT saying it's bad.
Click to expand...
Click to collapse
Lol, Creation of an Executable by an Executable, blacklisted IP's, etc
That thing's a whole damn party mix...
I consider this one high risk. I run it firewall blocked. It's not near as evil as the one you posted Risk vs reward; in this case running my N10+ without be much more labor intensive and harder to secure. Otherwise it never be loaded...