Samsung and keyloggers - Galaxy Tab Q&A, Help & Troubleshooting

I read on the Tech blogs that Samsung put keyloggers on their notebook computers.
I am wondering, do they do that on their tablets too?

Read more. Samsung has already explained how it's false.

mbazdell said:
Read more. Samsung has already explained how it's false.
Click to expand...
Click to collapse
The admitted doing it...... Check slashdot...
-Sno

Snocrash7 said:
The admitted doing it...... Check slashdot...
-Sno
Click to expand...
Click to collapse
No, the guy who made the allegations *claims* that they admitted it.
It has since been shown to be false!
Regards,
Dave

So some "independent" security consultant runs his software to see about spyware or whatever, gets a false positive, news runs rampant and then Samsung gets an independent body to buy product from a retailer and test. The independent body confirms it is a false positive but I don't see any "breaking news" with apologies.
That pisses me off.

fragdagain said:
So some "independent" security consultant
Click to expand...
Click to collapse
This "so called" consultant ran an off the shelf virus checker, known to produce a false positive, and published his "results" without even a modicum of research into the cause.
He looks incredibly retarded and incompetant now, and I can't see why anyone would ever again utilize his services.
Regards,
Dave

well samsung might not be putting keyloggers. But they sure install rootkits for drm purposes (i have known that since i first got my samsung mp3 and installed media studio as a syncing program).
Dont believe me? Open your kies folder or program files folder on your hard drive. You will find it. Its called content safer.
As our great spacemoose dev said why does samsung have to do everything in backwards ass possible.

DarkPal said:
Dont believe me? Open your kies folder or program files folder on your hard drive. You will find it. Its called content safer.
Click to expand...
Click to collapse
I don't have such a folder, but the existence of a folder doesn't imply the existence of a rootkit. I've tried googling "samsung kies rootkit" and found nothing.
Regards,
Dave

Its there. Contentsafer folder search it and google. A nosy intrusive piece of software. Search program x86 folder. Came with kies.
www.bleepingcomputer.com/forums/topic77076.html

DarkPal said:
Its there. Contentsafer folder search it and google. A nosy intrusive piece of software. Search program x86 folder. Came with kies.
www.bleepingcomputer.com/forums/topic77076.html
Click to expand...
Click to collapse
OK, I have it under "C:\Program Files (x86)\MarkAny\ContentSafer".
However, I wouldn't exactly call it a rootkit - it's just installed as part of the Kies installation, doesn't try to hide itself and when you remove Kies it is uninstalled.
To me, that doesn't meet the definition of a rootkit.
Regards,
Dave

I hate this malware bundled in Samsung softwares
foxmeister said:
OK, I have it under "C:\Program Files (x86)\MarkAny\ContentSafer".
However, I wouldn't exactly call it a rootkit - it's just installed as part of the Kies installation, doesn't try to hide itself and when you remove Kies it is uninstalled.
To me, that doesn't meet the definition of a rootkit.
Regards,
Dave
Click to expand...
Click to collapse
I can now confirm that this is effectively acting as a rootkit. I noted that this malware was actually monitoring ALL your media files that are in some known formats (MPEG, OGG... and even JPEG images), in order to MODIFY them on the fly, storing a personnally identifiable tracking ID in them, within some obscure extension subtags permitted in these formats.
MarkAny describes this process as "watermarking". This behaves like a rootkit because once the malware is running, it then attempts to HIDE this watermark to the normal OS I/O operations, in order for these files to appears as if they were still clean of any alternation.
BUT....
This watermarking process not only has a very intrusive effect (no this is not a keylogger process, but a process that will report to some internet server in Korea all media files that contain any other watermark inserted by "MarkAny ContentSAFER" from another PC/user. The watermark is personnally identifiable because MarkAny ContentSafer is installed SILENTLY as a REQUIRED bundle with other softwares requiring an online registration (for example when installing Samsung Kies, you need to register an account at Samsung, and this registration includes this personal data which is sent SILENTLY to MarkAny to associate your generated UUID which will be stored in YOUR media files, with YOUR identity).
Later, if ever you use a media shared LEGALLY on your local network (suppose you have several PCs including for backups, or several virtual OS installations) and you play the shared media file, as it will not match your current personal UUID in the currently running instance of "MarkAny Content SAFER", the two UUIDs will be sent and compared online (as soon as you get an internet connection), to track how you use that media file. In addition, the existing remote watermark will be replaced by the new one (or added) in your media file.
And here comes the effect of the ROOTKIT ! This silent modification of your mediafiles is completely stupid. It effectively alter these files even if they are in fact NOT true media files.
One bad effect: you legally download a new ISO for installing Windows, and want to copy the content of tyhe mounted ISO to an USB key in order to install a PC. The installer will FAIL (missing or corrupted files), just because it runs WITHOUT the MarkAny rootkit being active to restore the expected content that the OS should see.
I had a lot of troubles just trying to figure out why all my attempts to create a bootable USB key for installing Windows on another PC constantly failed (the USB key refused to boot), until I cleaned my PC from this spyware BEFORE attempting to create the USB key (no my ISO download was NOT corrupted, but all files copied from the ISO to the USB key were immediately corrupted on the fly by this malware during the copy, if I was not connected to the Internet when creating the USB key as the watermarks supposed to be there temporarily were not in fact removed before they were checked online with the spying Korean server).
Such silent modification of media files is stupid, it breaks applications and it adds supplementary trafic to the internet each time a media file is checked (and reported to companies trying to track illegal copies, even if YOUR copies are perfectly legit).
Blame Samsung from installing this component silently (now it is no longer installed in a separate program, but directly within the installation of Kies, and it is extremely difficult to remove from there, and if it's not running, Kies will not even recognize correctly your Samsung Smartphone (and you won't be able to perform a legal firmware update to the current version for your Samsung smartphone or tablet).
I cannot understand why antimalwares do not classify this "MarkAny ContenSAFER" software as a real rootkit, it is really one because it silently modify your files, corrupts them, and logs to Korea any new media files you would have even created yourself, sending some extracts of them on request from the Korean server, so that they can check what it is. MarkAny is effectively monitoring ALL your media files (and this is also a severe privacy breach).
We should campaign immediately against Samsung for delivering MarkAny contentSafer and installing it WITHOUT your permission and for spying on every media files you use (MarkAny contentSAFER is effectively running as a DLL linked to ALL applications that start, and it will activate itself if it detects this is a known media player, including the basic Media player built in Windows with the Sound applet when you logon and a sound is played, or when your PC just wants to play a "beep" sound with the associated sound file (visibly, MarkANY ContentSAFER is silently modifying a LOT of media formats, including MP3, WMA, WMV, RA, Flash video, MPEG4, and even the most basic WAV files, if ever its file size or play diuration is above some threshold; it also alters your own JPEG photos or videoa taken with your OWN cameran, and ALL photos and videos taken with YOUR Smasung smartphone or tablet, as soon as you synchronize them to your PC, and sometimes this causes the modified media file to be corrupted and unplayable or showing some extra "garbage" pixels along the image borders) !
You can easily detect that the media files are corrupted if you start Windows in safe mode, and attempt to compute their checksum with a strong secure hash algorithm (at least MD5 or SHA1) : they no longer match the data signatures you find when running Windows in normal mode, even if their filesize is apparently unchanged.
We cannot tolerate silent watermarking of media files (notably when their security is asserted, for example for default sound files that are part of the standard Windows distribution and which are digitally signed by Microsoft, but that Markany sometimes will alter as well, when it should NEVER modify any media file which is already digitically signed : it's not the job of Samsung to verify the authentificty of Windows components, only Microsoft has a right to do that to check "genuine" Windows installations).
Let's ban MarkAny, it is a malware, causing system corruptions, and a spyware, and a software which also has its own bugs (causing other programs to hang, and even some system drivers to fail and Windows stopping with BSOD, for example when performing system backups, because it also corrupts some SCSI commands needed to control I/O access to your drives within filesystem drivers like NTFS).
I hate those illegal spiers.

Thanks!
verdy_p said:
I can now confirm that this is effectively acting as a rootkit. I noted that this malware was actually monitoring ALL your media files that are in some known formats (MPEG, OGG... and even JPEG images), in order to MODIFY them on the fly, storing a personnally identifiable tracking ID in them, within some obscure extension subtags permitted in these formats.........
Click to expand...
Click to collapse
Thanks for the full explanation, verdy_p. Much appreciated:good:
---------- Post added at 07:19 PM ---------- Previous post was at 07:13 PM ----------
Found a suggestion on how to remove this. I'm going to try this method - but if anyone can suggest a better way, please describe?
Boot into Safe Mode, Make sure if the program has icon in the System Tray by the clock that is disabled. Use the CCleaner/Tools/Uninstall option to uninstall the program. Once it is completed, boot into Safe Mode again and in CCleaner Search for ContentSafer. Delete any instances of the file. Then do another search for MarkAny. Delete any instances of the file
Click to expand...
Click to collapse

acuxda said:
Thanks for the full explanation, verdy_p. Much appreciated:good:
---------- Post added at 07:19 PM ---------- Previous post was at 07:13 PM ----------
Found a suggestion on how to remove this. I'm going to try this method - but if anyone can suggest a better way, please describe?
Click to expand...
Click to collapse
wow thank you for that explanation. that is pure evil time to boot into safe mode and eradicate this plague.

JeremySeven said:
How to remove mobile spy without losing the data?
Click to expand...
Click to collapse
I have since redone my system and flat out refused to install Kies. you can install the usb drivers separately and not get this spyware installed on your systems. as to removing it once you installed it it's just a matter of booting your desktop/laptop into safemode finding it renaming it and running a reg cleaner like ccleaner. you will however lose the ability to use Kies to install signed firmware updates etc but it's a small price to pay for peace of mind. after all your could always use Odin for flashing. the data is not actually encrypted etc just watermarked so you will not lose access to any files it touched but if you did a bit for bit comparison on them you might see the changes the watermarking did to them in a hex editor. what worry's me most about this spywear is it digitally watermarks every single media file on your computer and talls some random server in god knows what country the checksum in short nasty nasty nasty form a privacy perspective.

so, is it true that they place keylogger in KIES?

fauzanfirefox said:
so, is it true that they place keylogger in KIES?
Click to expand...
Click to collapse
Keylogger no root kit yes.
Sent from my SAMSUNG-SGH-I547 using xda app-developers app

verdy_p said:
I can now confirm that this is effectively acting as a rootkit. I noted that this malware was actually monitoring ALL your media files that are in some known formats (MPEG, OGG... and even JPEG images), in order to MODIFY them on the fly, storing a personnally identifiable tracking ID in them, within some obscure extension subtags permitted in these formats.
MarkAny describes this process as "watermarking". This behaves like a rootkit because once the malware is running, it then attempts to HIDE this watermark to the normal OS I/O operations, in order for these files to appears as if they were still clean of any alternation.
BUT....
This watermarking process not only has a very intrusive effect (no this is not a keylogger process, but a process that will report to some internet server in Korea all media files that contain any other watermark inserted by "MarkAny ContentSAFER" from another PC/user. The watermark is personnally identifiable because MarkAny ContentSafer is installed SILENTLY as a REQUIRED bundle with other softwares requiring an online registration (for example when installing Samsung Kies, you need to register an account at Samsung, and this registration includes this personal data which is sent SILENTLY to MarkAny to associate your generated UUID which will be stored in YOUR media files, with YOUR identity).
Later, if ever you use a media shared LEGALLY on your local network (suppose you have several PCs including for backups, or several virtual OS installations) and you play the shared media file, as it will not match your current personal UUID in the currently running instance of "MarkAny Content SAFER", the two UUIDs will be sent and compared online (as soon as you get an internet connection), to track how you use that media file. In addition, the existing remote watermark will be replaced by the new one (or added) in your media file.
And here comes the effect of the ROOTKIT ! This silent modification of your mediafiles is completely stupid. It effectively alter these files even if they are in fact NOT true media files.
One bad effect: you legally download a new ISO for installing Windows, and want to copy the content of tyhe mounted ISO to an USB key in order to install a PC. The installer will FAIL (missing or corrupted files), just because it runs WITHOUT the MarkAny rootkit being active to restore the expected content that the OS should see.
I had a lot of troubles just trying to figure out why all my attempts to create a bootable USB key for installing Windows on another PC constantly failed (the USB key refused to boot), until I cleaned my PC from this spyware BEFORE attempting to create the USB key (no my ISO download was NOT corrupted, but all files copied from the ISO to the USB key were immediately corrupted on the fly by this malware during the copy, if I was not connected to the Internet when creating the USB key as the watermarks supposed to be there temporarily were not in fact removed before they were checked online with the spying Korean server).
.......
Click to expand...
Click to collapse
Thanks for the information, but can you provide some proof, please? I'm interested in seeing the connection to the server in particular. Do you by chance have a wireshark capture of this?

Related

PC Virus Source Reported

The Associated Press reports that new virus and trojan sources
are coming out of China via all the new electronic gadgets we
becoming addicted to.
They say that the source is at the manufacturing level coming
from either malicious intent or infected test computers on
manufacturing lines.
When you hook infected device to your host PC that's when
the virus/trojan enters into play,they name TomTom gps
as one of the sources of the problem devices along with
plethora of mini music devices.
actually treat my reply as a very serious notification.
there are a hell lot of viruses and trojans coming from china these days.
my pc is infected with something which actually seems to be an adware but has:
1. hijacked my browser
2. always downloads a trojan (no matter what i try to download, i always end up downloading a file setup.exe 139 kb)'
3. no antivirus has detected anything in my system.
4. lan connection is lost (ping becomes >300ms)
when i not knowingly clicked the exe file it did the following:-
1. disabled kaspersky av(infact avp.exe was running with 100% cpu)
2. infected all the exe files on my pc.
3. infected all sytem processes (kept running under 'system')
4. disabled boot in safe mode
5. infected all .htm files
it all starts as the followin: (notice the 2 small chinese windows in webpage which popup with any site including xda-dev)
Guys, before you start a scare and alienate and entire nation how about some facts?
bigstr: do you have a link to any specific articles / news reports / security warnings concerning specific products?
To my knowledge there has been one occurrence so far where a virus accidentally included in a ROM of a nav device and if I recall correctly the manufacturer provided a fix.
mariner_hart: with all due respect, if you click on an exe without knowing where it came from or scanning it with an AV software you have only your self to blame.
I suggest you download a software called HijcakThis (using another PC), run it and post the resulting log on an appropriate forum (not here).
I am sure someone will point out what you need to remove to solve your problem.
Finally, it is a good idea to disable the autoplay function in windows to prevent any CD / DVD / removable disk from running any software before it is scanned for viruses.
I don't have a link as I read it in the Hamilton Spectator and as
I said it was an Associated Press source article and named
TomTom as one of the sources.
I believe it may be possible to research either the Spectator
or AP via net to find source.

[Q] New at WP8, questions not stored in FAQ

Hello,
I'm just starting my dev journey with WP8 with my new T-Mobile Lumia 520.
First what I need to do is to debrand my lumia - for faster updates. T-Mobile is not offering yet the next release of fw which allows to disable images in IE, and as dev I need to be up-to-date as fast as possible. I need to download the FW, but I don't know which one - localized for sure, but what GDR is? What Amber means? I can't decide which one do I need to download and flash. (http://forum.xda-developers.com/showthread.php?t=2515453 This instruction doesn't show the moment of decision).
Next question is about unlocking. I'm downloading music from Soundcloud via Cloudoh and I want to access them from my PC, same as files located inside of other apps - do I need to unlock the device to do that? For example - how to upload a pdf from PC to winpho pdf reader?
Windows Store allows me to download installable files at PC and install them via SD Card. Some apps aren't supposed to work with my device. Is there any solution how to install them at my risk?
And the last question, but not least - I have my dev account but its time limited and app-count-limited. Is there any way how to check if my Lumia is dev-unlocked, how long this unlock lasts and what is my current app-limit? Just for my information - I like to have the ways to check everything.
Please, help me
GDR = General Distribution Release (a brief web search would have told you this). Microsoft-ese for a post-initial-release update (think of service packs for other MS software). The current version is GDR3, also called Update 3. "Amber" is Nokia's codename for the firmware version that they ship along with GDR2. "Black" is Nokia's firmware name for GDR3. Note that OEM firmware (such as Amber or Black) are different from Microsoft OS updates (such as GDR2 or Update 3), although they are typically delivered together. If you're already on at least GDR2, you can get Update 3 directly from Microsoft without waiting for T-Mobile or Nokia; search the Store for "Preview for Developers".
You cannot access files stored inside an app from anywhere else, either a PC or another app, unless the app explicitly makes them available by including a method to export them. Most apps don't implement this. The only exceptions to this rule are for images (which can be stored in the Pictures Library of the phone, much like the built-in camera app or screenshot functions) and OEM apps, which can have extra permissions (Capabilities, such as ID_CAP_PUBLIC_FOLDER_FULL) that aren't allowed for third-party developers. However, for development apps (that is, ones which were sideloaded to your phone from an unsigned XAP file), you can access their Isolated Storage from your PC using the aptly-named Isolated Storage Explorer Tool (or any other program that implements the required APIs, such as Windows Phone Power Tools).
To upload a PDF to the phone, you can do any number of things. Over USB, copy it to the Documents folder on the phone using any MTP software (Windows Explorer works). Over Bluetooth, just send the file directly. Over email, just attach the PDF. Over the Internet, you can use SkyDrive, or any other "cloud" app, or if it's on a web server you can get it from the phone's browser...
I'm not aware of any work-around for the minimum-memory restriction on some apps. I believe it mostly only applies to large games? In any case, you have one of the lowest-end WP8 devices on the market; there are limits which come with that.
The official way to tell if your phone is dev-unlocked is to use the Windows Phone Developer Registration tool, the same one you use to do the dev-unlock in the first place. A paid developer account always gives a limit of 10 apps (the free one is 2 apps). There's no official way to tell how many apps you have remaining, but it's simple enough to tell if you have any space left; just try sideloading any app that isn't already installed!
GoodDayToDie said:
GDR = General Distribution Release (a brief web search would have told you this).
Click to expand...
Click to collapse
Yeah, I did some sort of search on forums and Google and I haven't found anything.
GoodDayToDie said:
You cannot access files stored inside an app from anywhere else, either a PC or another app
Click to expand...
Click to collapse
After unlock it is still unaccessible? I had to jailbreak my iPad because without jb it is not easy to operate. I thought about something like this for Lumia. I think it is only the need of time for others to omit this problem
Disney offered lastly a promotion for its games. I was interested with some of them, but only one was accessible for my device. xap file needed only 70 mb of space. I think there was a problem with performance, but if I want see a laggy game I should have the ability to install it despite everything.
There's no jailbreak available for Lumia phones yet. Something like that should, indeed, allow accessing the storage of the apps (and everything else) but we don't have one...
The size of the XAP has very little to do with the runtime requirements of the app (RAM and CPU). I have written apps of only a few kilobytes that required over 10 gigs of RAM to run (not a phone app, obviously). To avoid people with low-end phones getting annoying with the platform and thinking it's the fault of either Microsoft or the app developer when an app crashes from running out of RAM, they've prohibited installing high-RAM apps on low-RAM devices.
You mean T-Mobile's Lumia 521 right? There's no other ROM you can flash to it that might have the update.

Windows phone security- is there one and if so, how does it work?

Hi,
So, Android has a permission system which albeit somewhat flawed (malware can gain permissions not intended for it) and not very suitable for laymen (non rooted phones have to either accept all permissions or be denied from the app. In many programs people don't have the luxury of not using them) theoretically has merit. IOS has...well actually I'm not sure how it works security wise but I pressume it creates sandboxes for each app, layman wise it is reasonable since you (theoretically) can deny access for all programs to certain components (no need to jailbreak).
How does WP works?
Thank you.
Security is different, apps can't do as much as on android. But iOS is better in this, because capabilities are like in Android: you can see what the apps want prior to installing them, but blocking some of them isn't possible.
I am very saddened to hear this.
Is there an ability in place similar to Androids rooting?
Also, what do you mean by "apps can't do as much as on android"?
Thank you!
@th0mas96's post is technically *mostly* accurate but very confusing and doesn't actually answer your question at all.
The short version is that WP apps use a capability-and-sandbox system much like iOS and Android, with each app getting a sandbox that gives it read-only access to the app-specific install directory and the global system directory, read/write access to the app-specific data directory, and access to whatever other stuff is specified in the capabilities. Capabilities are currently all-or-nothing; you can't reject or disable any capability except by just not installing the app.
I could go into the technical implementation of the system a bit, but the short version is that WP8 apps use fairly standard NT (as in the NT kernel that is at the core of PC Windows versions) security features: each app has a unique token (rather than inheriting the token of the process that crated it, the way it normally works on PC but very much like how Windows Store apps work on Win8) which contains the app-specific Security IDentifier (SID) that gives access to the app directories, plus the SIDs of the various capabilities that the app has.
What @th0mas96 was talking about is that WP capabilities usable by third-party developers are much more restrictive than they are on Android. For example, Android allows an app have full read-write access to your contacts or to send SMS directly. WP8 doesn't allow that unless you use capabilities that are normally neither allowed on the store nor allowed in sideloaded apps (Microsoft's code can have them, of course - that's how the built-in SMS app works - but not Joe Random Dev). The downside of this is obvious; some app behaviors (like a full replacement for the SMS app or phone dialer) are not possible. The upside is that apps are *way* more limited in how malicious they can be; the most common way that Android malware makes money (remember, the vast majority of malware is for profit) is by sending SMS to "premium" numbers. On WP8, an app could *compose* such a message, but it couldn't *send* it for you (unless it had a capability that third-party apps normally can't have) so you'd have a chance to see what the app was doing and decide not to send that message after all.
This means that the ability to disable capabilities is much less important on WP8 than on Android.
Oh, then those restrictions are actually good news.
Aside from from your typical run-of-the-mill malware my main concern was actually privacy. I have a huge displeasure from apps like Whatsapp which on android takes a whole plethora of liberties and was hoping that perhaps some other system may contain their user data voracity and their ability to control the divice their on.
Is there any link in which I could see the full list of those restrictions?
I'm still downhearted from not having a more fine grained control of the system but maybe it still has it uses in some scenarios...
Also, thank you very much for your comprehensive explanation!
i found a tiny file stored inside some of the unbranded htc accord RUUs. its call disablewriteprotect.test. the only thing the file contains is a sentence stating write protection will be disabled until this file is removed. followed by a music note and some other symbol. so there you go thats how you make your entire htc 8x read and write. one file less than 1kb in size. ROOT!
but how can we flash this file. im still working on it. this file is located within the efi partition which also houses the ffuloader.efi, and severl other efi executables. check this post http://forum.xda-developers.com/showthread.php?p=53687985#post53687985
you wont find that on google search.
Sent from my Galaxy Nexus using XDA Free mobile app
Window phone Security Issues
Your Windows Phone is secure by design. Many security features are turned on by default. For example, apps you download from the Windows Phone Store are tested by Microsoft and encrypted to make sure you don't accidentally install malicious software on your Windows phone.
Set a password
Setting up Kid's Corner
If you've ever handed your smartphone to a child, you know that they can quickly get into all sorts of apps and settings they shouldn't. No such worries with Kid's Corner, a place on your phone where your child can play with the games, apps, music and videos
Use the free Find My Phone service
Say yes to updates . check out more at Master Software Solutions - Windows Phone Update
grilledcheesesandwich said:
i found a tiny file stored inside some of the unbranded htc accord RUUs. its call disablewriteprotect.test. the only thing the file contains is a sentence stating write protection will be disabled until this file is removed. followed by a music note and some other symbol. so there you go thats how you make your entire htc 8x read and write. one file less than 1kb in size. ROOT!
but how can we flash this file. im still working on it. this file is located within the efi partition which also houses the ffuloader.efi, and severl other efi executables. check this post http://forum.xda-developers.com/showthread.php?p=53687985#post53687985
you wont find that on google search.
Sent from my Galaxy Nexus using XDA Free mobile app
Click to expand...
Click to collapse
Sounds interesting.
Not something I'd try )) but interesting.
Aman Raien said:
Your Windows Phone is secure by design. Many security features are turned on by default. For example, apps you download from the Windows Phone Store are tested by Microsoft and encrypted to make sure you don't accidentally install malicious software on your Windows phone.
Set a password
Setting up Kid's Corner
If you've ever handed your smartphone to a child, you know that they can quickly get into all sorts of apps and settings they shouldn't. No such worries with Kid's Corner, a place on your phone where your child can play with the games, apps, music and videos
Use the free Find My Phone service
Say yes to updates . check out more at Master Software Solutions - Windows Phone Update
Click to expand...
Click to collapse
I pressume this is an advert for Master Software Solutions, but nevertheless I did google the term you suggested and got nil results. I also browsed the main site of the company itself but haven't found anything related, nor did I find anything on their facebook page.
Regardless, I checked out this Kids corner thing, it's cute but not really security related...
Thx anyway.

Extracting App Files - Help Desperately needed

Hi Folks - My Dad has a seriously ill and has been given conflicting and potentially negligent advice regarding his cancer treatment which my mum had recorded on her phone. All of these meetings we saved on her Windows 8.1 phone (Nokia Lumia 635) running Lumia Denim. Today the app corrupted and I am unable to access any of those files are they are stored locally in the app itself rather than being saved anywhere useful on the phone. Is there any way of access the windows OS and App files contained within that SD card in the hope I can extract and save the files to a USB thumb drive or more reliable medium.
I really appreciate any help any one can give.
Many thanks,
Nova
Bump
Bump - Anything anyone can do to help?
@Novastrike, first, you have chosen an incorrect forum for your request - it's definitely not an "Apps and games" (probably, better to ask in "Development and hacking").
Second, you've provided close to zero information: what app, what data?
It's possible to get access to the app's isolated storage on "interop-unlocked" handset with "full FS access" enabled but the data availability depends from many factors (like what if data encoded somehow etc.).
sensboston said:
@Novastrike, first, you have chosen an incorrect forum for your request - it's definitely not an "Apps and games" (probably, better to ask in "Development and hacking").
Second, you've provided close to zero information: what app, what data?
It's possible to get access to the app's isolated storage on "interop-unlocked" handset with "full FS access" enabled but the data availability depends from many factors (like what if data encoded somehow etc.).
Click to expand...
Click to collapse
@sensboston, Thank you for responding and apologies for posting in the wrong forum, I am not the most tech savvy person. In the world nor am I familiar with windows phone all that much.
The app is called voice recorder pro and is made by a Polish developer whose name escapes me. Is it easier to try and figure out whether the data is encoded or research how to interloper-unlock the handset. I have rooted android phones before so hope it requires a similar or lesser skill level.
Again thanks for responding!
@Novastrike, check this forum, hope, you'll find all you need for interop unlock and full fs access (you may also use my WPTweaker app from signature).
BTW, don't forget about pre-requisites: installed SDK/tools.
After successful unlocking and enabling full FS access, just plug your phone to PC and navigate to the apps isolated storages (I forgot exact location for WP8; on W10M it's located at c:/data/Users/DefApps/APPDATA/[APP_GUID], find your app (by browsing all subfolders named like "{1E51D223-2D05-4C25-907F-35E40DB416A5}" and copy recorded calls to PC.

[APP][NST/G] Mantano Reader [MOD]

Edit 1-8-23: I've updated the Mantano apk file. Seems there were still some issues with the aspect ratio of the default.png (book cover) image. Fixed now at 1.5!
I keep my NSTG on FW 1.2.1 because there are issues with Tasker and plugins on FW 1.2.2. The resulting apps are OK, but development is a problem unless I do it on FW 1.2.1. So that one device has B&N apps removed. AlReader has been my go-to reader app. Until now.
While working on some thorny issues with a Tasker app update I came across a book I wanted to read. Unfortunately it was only available in PDF format and AlReader can't handle that. I soon found that something like EBookDroid really couldn't deal well with a PDF file that begged for text reflow (problematic as that is). I wanted something that was at least as good as the stock reader. I could have just picked up one of my other NSTs and read the book that way, but when you abandon the B&N system you should at least break even, not lose. So I went searching through the forum for some ideas.
Mantano Reader caught my interest. Not only can it reflow PDF text (pretty much like the stock reader-don't get too excited), it can also display PDFs as a continuous scroll, with zoom. It can handle Adobe DRM books! And the TTS works (not a big deal). So I looked around and started with version 2.2.12 from Apkpure. This is the last version for Android 2.1. I found that full-screen reading was broken in this version and I couldn't see why, so I worked my way back until it wasn't broken. That was version 2.2.3.
Not for everyone
Those are some of Mantano's virtues, but it's not for everyone. I think it's chief drawback is the absence of full font support. There is only the default (admittedly not bad) and although there is provision for user fonts, there are issues. More on that later. Then there is the really tiny user interface. The colors render somewhat muddy on the NST also. Those are really tough issues to address, certainly beyond my pay grade. Also, none of the syncing, cloud, downloading of dictionaries, OPDS books, fulfilling of .acsm files, additional fonts, user manuals, etc., works. Can't be fixed. I looked. Finally, the reader options are pretty simple, about what is available for the stock reader (except for fonts). So if you like the hundreds of setting combinations in something like AlReader or FB Reader, this app is not for you. If you want something straightforward so you can just read a book without all the B&N hoopla, Mantano may be worth a look.
Mods
When I started getting serious about this I decided to try to learn by doing. My goal was to remove (or at least hide/disable) stuff that did not work. Almost all of my modifications were in the resources folder of the apk file. There was also one annoying issue with the aspect ratio of book covers that required a minor change in two smali files (thanks to @Renate). Here's a short list:
1. Removed Bookstore (OPDS) tab on home screen (formerly "My Catalogs" as described in User Guide)
2. Removed menu icons for sync and cloud
3. Disabled sections in Settings that don't work (Login, Sync, Dictionary download, Fonts, User Manual download)
4. Corrected font colors in some local dialogs so text is visible
5. Made the page number black, smaller, and with a transparent background for less visual distraction
Also, there were a few dialogs with invisible text that used the system framework to generate the window. The only way to fix this was to make a few very minor changes in framework-res.apk. This worked well and even helped with a few other apps that formerly had invisible text. A win-win. You can update your framework-res.apk using the CWM zip provided below. Despite its filename, it is not an "update" zip. You'll just be installing a zip file with CWM.
Making do
Overdrive Library epubs: No app will be able to fulfill .acsm files on the NST/G. The SSL is just not up to it. So there's no point in registering the device with Adobe. That just wastes one of your allowed devices and so I disabled that first Settings selection. However, the app can read Adobe DRM books, understands due-dates, etc. You just need to introduce your device to ADE running on your PC (ver. 3.0 works well for me on Windows) and transfer fulfilled books from there, just as you would with the stock reader.
Fonts: You can, in theory, supply your own TrueType fonts and place them in /sdcard/Mantano/fonts. When a book is opened, the lower menu options include "Themes". This odd term is for adjusting the appearance of the book (fonts, margins, justification, line spacing, colors). You can make a new theme or edit the default one. Either way, you will get to select a font. You will see the font you added in the folder (you can copy any font you like from /system/fonts or from anywhere else). The problem is that Mantano has no way to deal with font families. For example, I prefer Malabar. Of course, there is the base font, the bold instance, italic, bold italic. Mantano makes you choose one of these. Clearly you choose the base font (no need to copy over the others). If there are italics or bold type in a book, the reader uses the default font. This would not be such an issue for small sections of emphasized text, but the font scales are not the same. Malabar is larger than the default font. So any italics is obviously smaller. I tried a software package for scaling the font but it just turned it into rubbish. I am learning to like the default font. This issue was fixed in version 2.4.6, based on what I've read. But that won't run on the NST, of course.
Dictionaries: The reader has the ability to go out to find definitions on the WWW. Big pain. Although you can't download any dictionaries from within the app, Mantano does play nicely with ColorDict and there are plenty of dictionary options for that. Easy fix.
User Guide: I poked around and found a guide labeled "Version 2.1". That was the best I could do. It seems pretty close, although what was the "Bookstore" tab in this version (which I have removed) is referred to as "My Catalogs" in the manual. Either way, it's non-functional and gone. The same goes for references to cloud, accounts and sync. None of it works and all of it has either been removed from view or disabled in this mod.
Extras
Unlike AlReader and FB Reader, Mantano's main activity is the library view. That means there is no simple way to use the "reading now" status bar button to go directly to your current book.
I also like to be able to use the current book cover as a screensaver. AlReader and CoolReader both have this capability. Mantano does not, but it does create thumbnails for each book (if you let it) and one of those is screensaver size (default.png). For some unknown reason, all the thumbnails of various sizes for display in the library have the correct aspect ratio except for default.png. I fixed this in the app with a view to using it as a screensaver image.
To address these issues, I have used Tasker to create two small apps. Mantano_Extras1 enables a listener for when the reader is closed (either by two presses of the back button or simply by pressing the "n" button). When that happens, the Mantano database is queried for the last reading point/book. This is stored in a variable. Accessing Mantano_Extras1 after setup sends a command to open that file. If Mantano is your default app for epubs and/or pdfs, the book will open automatically to the right place without passing through the library. Thus assigning Mantano_Extras1 to the "reading now" button with NookTouch ModManager restores the function of that button.
Mantano_Extras2 does everything described above. During setup it also creates the folder /media/screensavers/CurrentBookCover. When the reader is exited and the database information stored in a variable, it copies the default.png for the current book to that folder. If you select that folder in your NST Settings app for the screensaver, the current cover will be displayed during sleep.
I should add that both apps check to see if the current book has changed before they do anything. If there is no change, they simply stop.
As these are Tasker-generated apps (but don't require Tasker to run), they have a dependency on two small library files. If you don't have one of my other Tasker apps already, you need to copy the two files in the zip as below:
/system/etc/permissions/com.google.android.maps.xml
/system/framework/com.google.android.maps.jar
Set permissions for both files to rw-r--r-- and reboot. Without these files resident, the app will not install.
The apps also use sqlite3 and busybox. If you rooted with NookManager you already have busybox. A few other special packages probably include it. If you have it, you will find it in /system/xbin. If it's not there, copy the file from the zip to that location and set permissions to rwx-rwx-rwx.
If you don't already have sqlite3, move the file from the zip to /system/bin and set the permissions to rwx r-x r-x.
When you have prepared the way, reboot and then install whichever of the two "Extras" apps you want. When you first tap on the app icon there will be a pause while things are set up and then a request for root access. Once that's done they are good to go. Use NTMM to assign the app to the "reading now" status bar button and set your screensaver directory to "CurrentBookCover" (if you installed Mantano_Extras2).
This is nice work. I have heard good thing about Mantano reader before. I believe it still exists although under new name I think. Its sad that you had to remove app options to make it work on NST. Still I am glad that you make some improvement that could if exploited properly make this device better than before. I believe that solving invisible text message is best of what you did and if understood properly can make number of apps that had this problem before usable again for this device. I would not dismiss even TTS working as I remember that someone tried to implement that on NST before yet I do not remember it was solved. So if it work out of box with Mantano reader it might be prudent to see what makes it work if it is fine TTS not some hardly intelligible sound generator. This options you removed how did you confirmed that they are not working? For cloud I believe it was NST lockout and now enforced TLS1.2 it can not reach that gives you hard time. Yet for syncing it is little harder to understand. For the rest like OPDS and such I guess my knowledge is not sufficient to guess how that even work so if you know more than me I am more than ready to listen.
SJT75 said:
I believe it still exists although under new name I think.
Click to expand...
Click to collapse
Now Bookari.
SJT75 said:
Its sad that you had to remove app options to make it work on NST.
Click to expand...
Click to collapse
I didn't so much remove options to make it work. It worked as-is, but not the login/download components, and they are not necessary for the reading functions.
SJT75 said:
I believe that solving invisible text message is best of what you did and if understood properly can make number of apps that had this problem before usable again for this device
Click to expand...
Click to collapse
It's possible. I noticed improvement in dialog boxes for ES File Explorer. But there are other types of dialog boxes and I only dealt with what was needed for this app. Spillover is a gift.
SJT75 said:
I would not dismiss even TTS working as I remember that someone tried to implement that on NST before yet I do not remember it was solved. So if it work out of box with Mantano reader it might be prudent to see what makes it work if it is fine TTS not some hardly intelligible sound generator.
Click to expand...
Click to collapse
Well, that could have been me. Pico TTS (if not removed) always worked on the NST if you downloaded some voices. I have a post about this somewhere with links. But the quality is really wretched. I looked at this further awhile back and found that Google TTS began with Android 2.2 (of course). There is a "bridge" system involving a custom settings app but each application must include this custom code to work. I did a MOD for AlReader to enable this, but it's not easy and would be (nearly) impossible for Mantano as very few of the smali files have descriptive names. Most are just "a.smali, b.smali", etc. So it's really difficult to track down what you want.
SJT75 said:
This options you removed how did you confirmed that they are not working? For cloud I believe it was NST lockout and now enforced TLS1.2 it can not reach that gives you hard time. Yet for syncing it is little harder to understand. For the rest like OPDS and such I guess my knowledge is not sufficient to guess how that even work so if you know more than me I am more than ready to listen.
Click to expand...
Click to collapse
It's not all SSL. Or it may be that also. The URLs in the apk file don't go anywhere, even on my PC browser. So far I've gotten up to version 4.5 and still no working URLs. Perhaps when Bookari emerged as the name the old URLs were abandoned and the old Mantano apps became crippled in this way.
Thanks nmyshkin you clarified some things. I agree that change to new platform and abandoning the URL domain for cloud use could be cause for that option not functioning anymore. Yet unless the syncing have not be performed through a same route (login account on the same domain) sync should function fine from one device to another for example. About the rest you are correct I have come to a same conclusion that even slight upgrade of Android on this device would make vast improvement in options available to exploit. Sadly B&N did not go that way. I will look upon PicoTTS to see if something about the way it actually work can be understood to evaluate if it is worth the effort or it maybe can be discarded as irrelevant for this device.
Just crossed my mind... nmyshkin did you tried to hunt down inside apk file exact spot where that URL is written/coded and change it to something else like IP address of your computer/drive/*/*/sync folder ?
SJT75 said:
Just crossed my mind... nmyshkin did you tried to hunt down inside apk file exact spot where that URL is written/coded and change it to something else like IP address of your computer/drive/*/*/sync folder ?
Click to expand...
Click to collapse
No, it didn't occur to me. I only read on one device so that's not the kind of thing that interests me. Also, I just transfer books over from my PC to the Nook when I get them, usually via FTP.
I did see cloud, sync, etc., URLs but I suspect that just changing them would not produce the capability you seem to be hinting at. It's likely a lot more complicated than that. It seems to me that syncing implies active communications from both ends. Teaching your PC to respond to the overtures of the Nook would be a whole other rats nest.
You are correct. Using URLs to connect to PC is not safe. Therefore some home workgroup network or SFTP access are more reasonable way. Maybe if you change cloud sink URL to Dropbox folder you get something?
SJT75 said:
You are correct. Using URLs to connect to PC is not safe. Therefore some home workgroup network or SFTP access are more reasonable way. Maybe if you change cloud sink URL to Dropbox folder you get something?
Click to expand...
Click to collapse
I don't think so. The app innards were designed for negotiating with certain remote servers and expect a certain dialog. Just changing the URL doesn't address these issues. Using Dropbox as an example, there are login credentials to be supplied and other issues to be addressed before files can be freely moved in either direction.
Well yes unless dropbox folder is public shared one what I wrote will not work. What if you link sync/cloud to internal folders on device inside Dropbox application that also initiate script written to execute Dropbox synchronization? Then login credentials would come from Dropbox app I think.
SJT75 said:
Well yes unless dropbox folder is public shared one what I wrote will not work. What if you link sync/cloud to internal folders on device inside Dropbox application that also initiate script written to execute Dropbox synchronization? Then login credentials would come from Dropbox app I think.
Click to expand...
Click to collapse
1. I am not a Java programmer. What you are suggesting is going to require significant changes in the app. It's not in the same league as the modifications I made.
2. I have no interest in the feature. People who must have synchronization with myriad other devices would be better served by selecting an app that currently has this feature working (like FB Reader).
3. If someone who is a Java programmer and is interested in this feature wants to take a crack at it, more power to them. I personally think it's a dead end. Just about the time you get it figured out, Dropbox will no longer work on the NST. Any modification that relies on exchange with an external commercial server has a built-in self-destruct timer, just waiting for tightening external server access rules. It's over for Android 2.1.
nmyshkin said:
Just about the time you get it figured out, Dropbox will no longer work on the NST. Any modification that relies on exchange with an external commercial server has a built-in self-destruct timer, just waiting for tightening external server access rules. It's over for Android 2.1.
Click to expand...
Click to collapse
Amen to that. Making NST more cooperative with Calibre is much better option anyway. Commercial server could be also a trap. There was an outcry when Remarkable for example started charging access to their services out of blue and without warning.

Categories

Resources