Related
Instacom blends the world of Instant Messaging with online file management and file sharing into a single, secure ecosystem that is delivered from the end users "Private Cloud" system hosted in their office or with their trusted service provider.
All communications are secured using industry standard SSL as well as private key-based AES256 end to end encryption. Instacom's enhanced security encryption, role based security polices, and end users ownership of the server endpoint creates a secure communication platform that is completely private.
Instacom's industry leading multi-platform capabilities allow users to have secure access to all their conversations and files from any of their devices, while always in sync. Users can access Instacom from their desktops, mobile phones, tablets, and even the web anywhere at anytime.
With strong features such as Intelligent Notifications, Mid-Conversation Transitions, and Simultaneous Devices, users will never miss a message or be overloaded by excess notifications, while working from numerous devices at the same time.
Instacom is cutting edge technology that is paving the way of mobile computing and secure communication for today's business. It is the solution that every organization has been waiting for.
Take Look
Play Store : https://play.google.com/store/apps/details?id=com.instacom
Website : http://www.instacomsoftware.com
How many of you think in such a way. I mean the freedom we get in Windows RT is actually what an average user want with security. Heard WP Blue will share winRT APIs and other codes. So does that mean we will see freedom and app like file explorer limited to personal files, ability to have 3rd party audio and video players with full media api access ?? In short the sandbox model if Windows RT in WP...
Sent from my Nexus 4 using Tapatalk 4 Beta
Vishwal said:
How many of you think in such a way. I mean the freedom we get in Windows RT is actually what an average user want with security. Heard WP Blue will share winRT APIs and other codes. So does that mean we will see freedom and app like file explorer limited to personal files, ability to have 3rd party audio and video players with full media api access ?? In short the sandbox model if Windows RT in WP...
Sent from my Nexus 4 using Tapatalk 4 Beta
Click to expand...
Click to collapse
It might be possible.
The plan is to get it there, I am not sure if Blue will bridge the platforms completely or just some APIs.
mcosmin222 said:
It might be possible.
The plan is to get it there, I am not sure if Blue will bridge the platforms completely or just some APIs.
Click to expand...
Click to collapse
I hope it's former part of your last sentence. I want to operate my smart phone, not vise versa...
Sent from my Nexus 4 using Tapatalk 4 Beta
It would be nice. I don't wholly agree with Microsoft's approach to RT, either, mind you. I think that restricting things like Testsigning mode and kernel debugging and third-party drivers is harmful to the platform from a developer standpoint without providing any benefit to either Microsoft or the users. I think the restriction around desktop apps is silly and should be optional, even if the option is well hidden and/or contains dire warnings. I'll put up with those restrictions in return for Microsoft's current laissez-faire attitude about the "jailbreak", but even then I find the "secure boot" lockdown insulting; we bought the hardware and the software it comes with, and should be able to run whatever other software we want to on it.
With all that said, the RT world is miles ahead of the WP world. I'm not suggesting they should bring the desktop to WP - it's actually possible, and while it would be hard to click things the specs and resolution on the higher-end phones are more than sufficient - but some kind of file manager (or even the ability to write our own), some kind of scripting environment (closer to powershell than TouchDevelop), and some of the core utilities and features of Windows (ability to back up any and all files automatically, or to set per-app and per-sound device volume controls, or to create symbolic links in the filesystem) would be really nice, and full access to the registry would be fantastic.
The issue of security does become relevant here - I don't want any arbitrary app to have such registry access, for example - but I wish they would put in some way to do such things, even if only through a built-in special-privileges settings app. Besides, eventually we will find a way into the OS, and there's a decent chance that the exploit used will be something that *any* app could use. At that point, we might very well find malware exploiting those holes. Historically, the biggest breaks in device lockdown have come neither from malicious attackers nor from those who wish to pirate apps/games/whatever, but from those who simply want to use their own devices without BS restrictions getting in the way. The most famous example in recent histroy is probably the PS3, which was broken wide open after Sony seriously (and foolishly) pissed off some people by retroactively removing device features such as the ability to boot Linux. However, the same act plays out regularly on iOS (where the goal is control, but once the hacks are demonstrated they get used for both malware and piracy) and has also already been seen on RT.
If you want to make something secure, don't give the most talented people (who only rarely work for the blackhats or the pirates) an excellent reason to break its security wide open. This means the security has to stay out of those users' way, instead of constantly impeding them.
I actually would like to have the desktop available on WP as well but not necessarily if you are using it as a phone. But imagine connecting it via HDMI and having RT Applications + Desktop available. The hardware power is there, given that current WP8 devices run the same Qualcomm SoC that Dell uses in the XPS10.
API-wise I expect them to bring a lot more of WinRT over to WinPRT (especially on the managed side). I'm not sure if they will extend it to system-level concepts like a shared file-system - my feeling is that they won't do that but we'll have to wait and see how the APIs to access the SD card are progressing.
While I agree, the downside of doing that is that it greatly increases the install footprint. Windows RT has a much larger install footprint than other "mobile" OSes, and it has hurt platform adoption somewhat as well as increasing the manufacturing price of the tablets it runs on (because they need more storage; 16GB wouldn't really cut it). WP8 is even more space-sensitive; there are already WP8 devices with very little internal storage, and many phone lack any kind of expansion port. Adding the desktop and all of the desktop utilities (management console and all its snap-ins, all the little utilities like paint and wordpad and so on, plus all the libraries needed to support them) would add up to probably at least another few hundred megs; trivial on a PC, acceptable on a tablet, problematic on a phone.
1.9 Are there things I can’t do on the Services? You must not use the Services to harm others or the Services. For example, you must not:
•Use unauthorized software or hardware to access the Services or modify an Authorized Device in any unauthorized way (e.g., through unauthorized repairs, unauthorized upgrades, or unauthorized downloads). You agree that we have the right to send data, applications or other content to any software or hardware that you are using to access the Services for the purpose of detecting an unauthorized modification and/or disabling the modified device; or
•Attempt to disassemble, decompile, create derivative works of, reverse engineer, modify, further sublicense, distribute, or use for other purposes the Services, any game, application, or other content available or accessible through the Services, or any hardware associated with the Services or with an Authorized Device. If you do, we may cancel your account and your ability to access the Services, and pursue other legal remedies. We may take any legal action we deem appropriate against users who violate our systems or network security, this Agreement or any additional terms incorporated or referenced in it. Such users may also incur criminal or civil liability.
Click to expand...
Click to collapse
Source : Xbox Live Terms of Usage
I'm getting a popup that I should accept the new end users agreement when trying to install a new app or check my Xbox Achievements, I have however a few questions about this paragraph above (I have honestly never seen this before) :
- Is it safe to accept if I have interop-unlocked my Samsung Ativ S, installed the BootStrapper.xap and EnableAllSideLoading.xap, WP8Tools and WP Tweaks from -W_O_L_F- and GoodDayToDie and jessenic.
- I'd used proxies provided by reker and others on XDA-Developers to access some manufacturing exclusive apps (like Nokia apps)
- Should I be worried if I accept that they can block and/or delete my Xbox account, I have saved a fair amount of temporally free store apps and I don't want to lose them.
If so, should I be better off to switch back to Android because they "allow" (turning a blind eye to) rooting your phone or tablet?
Please help me guys, I'm starting to freak out (I haven't accepted the new version of the EULA yet).
Terms like that have traditionally been part of the XBL EULA, but in the past they've always related to cheating or piracy on the console itself. People certainly have gotten their accounts banned for that, which is part of why I have nothing to do with such things. As for whether it's "safe" to accept... eh. If they want to, they can easily argue that you broke the EULA (and forfeited your account) when you interop-unlocked your phone, but they haven't - so far as I know - ever tried to attack individuals or their devices. I'm pretty sure they wouldn't do anything so foolish, either. Both Google and Apple have disabled peoples' accounts in the past for EULA/TOS violations - Apple for iOS hacks, Google for incredibly stupid <REDACTED> like breaking the Real Name Policy on G+ - and so for that matter has Microsoft, for something almost as idiotic (if you want to take risqué photos with your phone, make damn sure auto-upload is off even if your SkyDrive profile is set to private; they've called it a TOS violation and suspended, though not quite completely disabled, peoples' accounts for that). Every single one I've heard of resulted in a flood of bad PR, and not in the "all PR is good PR" sort of way... more like calls for lawsuits, and accusing anybody who uses that platform of being an idiot.
If there's one thing Microsoft cannot afford to do with regard to Windows Phone right now, it's give people another reason *not* to buy it. We are probably safe.
Yes, but WP8 is gaining popularity so maybe they won't do it now but in the future they probably will. Was this clause also present at the time of the interop-unlocking of WP7? If so, you are probably right. But as a precaution is it possible to lock out Microsoft from checking if modifications are made to the system (like you did with the relock solution redirect the data to a different proxy)?
GoodDayToDie said:
if you want to take risqué photos with your phone, make damn sure auto-upload is off even if your SkyDrive profile is set to private; they've called it a TOS violation and suspended, though not quite completely disabled, peoples' accounts for that
Click to expand...
Click to collapse
Are you sure of that? It means they watch the photos we take? I don't think so... maybe they used it as an image hosting and shared the link everywhere in the internet...
It's supposedly automated scanning that recognizes anything that looks like it needs to be flagged for human review...
http://wmpoweruser.com/microsoft-monitoring-censoring-skydrive-uploads/
http://wmpoweruser.com/watch-what-you-store-on-skydriveyou-may-lose-your-microsoft-life/
http://www.neowin.net/news/microsofts-ban-of-nudity-on-skydrive-questioned
etc...
Hi,
So, Android has a permission system which albeit somewhat flawed (malware can gain permissions not intended for it) and not very suitable for laymen (non rooted phones have to either accept all permissions or be denied from the app. In many programs people don't have the luxury of not using them) theoretically has merit. IOS has...well actually I'm not sure how it works security wise but I pressume it creates sandboxes for each app, layman wise it is reasonable since you (theoretically) can deny access for all programs to certain components (no need to jailbreak).
How does WP works?
Thank you.
Security is different, apps can't do as much as on android. But iOS is better in this, because capabilities are like in Android: you can see what the apps want prior to installing them, but blocking some of them isn't possible.
I am very saddened to hear this.
Is there an ability in place similar to Androids rooting?
Also, what do you mean by "apps can't do as much as on android"?
Thank you!
@th0mas96's post is technically *mostly* accurate but very confusing and doesn't actually answer your question at all.
The short version is that WP apps use a capability-and-sandbox system much like iOS and Android, with each app getting a sandbox that gives it read-only access to the app-specific install directory and the global system directory, read/write access to the app-specific data directory, and access to whatever other stuff is specified in the capabilities. Capabilities are currently all-or-nothing; you can't reject or disable any capability except by just not installing the app.
I could go into the technical implementation of the system a bit, but the short version is that WP8 apps use fairly standard NT (as in the NT kernel that is at the core of PC Windows versions) security features: each app has a unique token (rather than inheriting the token of the process that crated it, the way it normally works on PC but very much like how Windows Store apps work on Win8) which contains the app-specific Security IDentifier (SID) that gives access to the app directories, plus the SIDs of the various capabilities that the app has.
What @th0mas96 was talking about is that WP capabilities usable by third-party developers are much more restrictive than they are on Android. For example, Android allows an app have full read-write access to your contacts or to send SMS directly. WP8 doesn't allow that unless you use capabilities that are normally neither allowed on the store nor allowed in sideloaded apps (Microsoft's code can have them, of course - that's how the built-in SMS app works - but not Joe Random Dev). The downside of this is obvious; some app behaviors (like a full replacement for the SMS app or phone dialer) are not possible. The upside is that apps are *way* more limited in how malicious they can be; the most common way that Android malware makes money (remember, the vast majority of malware is for profit) is by sending SMS to "premium" numbers. On WP8, an app could *compose* such a message, but it couldn't *send* it for you (unless it had a capability that third-party apps normally can't have) so you'd have a chance to see what the app was doing and decide not to send that message after all.
This means that the ability to disable capabilities is much less important on WP8 than on Android.
Oh, then those restrictions are actually good news.
Aside from from your typical run-of-the-mill malware my main concern was actually privacy. I have a huge displeasure from apps like Whatsapp which on android takes a whole plethora of liberties and was hoping that perhaps some other system may contain their user data voracity and their ability to control the divice their on.
Is there any link in which I could see the full list of those restrictions?
I'm still downhearted from not having a more fine grained control of the system but maybe it still has it uses in some scenarios...
Also, thank you very much for your comprehensive explanation!
i found a tiny file stored inside some of the unbranded htc accord RUUs. its call disablewriteprotect.test. the only thing the file contains is a sentence stating write protection will be disabled until this file is removed. followed by a music note and some other symbol. so there you go thats how you make your entire htc 8x read and write. one file less than 1kb in size. ROOT!
but how can we flash this file. im still working on it. this file is located within the efi partition which also houses the ffuloader.efi, and severl other efi executables. check this post http://forum.xda-developers.com/showthread.php?p=53687985#post53687985
you wont find that on google search.
Sent from my Galaxy Nexus using XDA Free mobile app
Window phone Security Issues
Your Windows Phone is secure by design. Many security features are turned on by default. For example, apps you download from the Windows Phone Store are tested by Microsoft and encrypted to make sure you don't accidentally install malicious software on your Windows phone.
Set a password
Setting up Kid's Corner
If you've ever handed your smartphone to a child, you know that they can quickly get into all sorts of apps and settings they shouldn't. No such worries with Kid's Corner, a place on your phone where your child can play with the games, apps, music and videos
Use the free Find My Phone service
Say yes to updates . check out more at Master Software Solutions - Windows Phone Update
grilledcheesesandwich said:
i found a tiny file stored inside some of the unbranded htc accord RUUs. its call disablewriteprotect.test. the only thing the file contains is a sentence stating write protection will be disabled until this file is removed. followed by a music note and some other symbol. so there you go thats how you make your entire htc 8x read and write. one file less than 1kb in size. ROOT!
but how can we flash this file. im still working on it. this file is located within the efi partition which also houses the ffuloader.efi, and severl other efi executables. check this post http://forum.xda-developers.com/showthread.php?p=53687985#post53687985
you wont find that on google search.
Sent from my Galaxy Nexus using XDA Free mobile app
Click to expand...
Click to collapse
Sounds interesting.
Not something I'd try )) but interesting.
Aman Raien said:
Your Windows Phone is secure by design. Many security features are turned on by default. For example, apps you download from the Windows Phone Store are tested by Microsoft and encrypted to make sure you don't accidentally install malicious software on your Windows phone.
Set a password
Setting up Kid's Corner
If you've ever handed your smartphone to a child, you know that they can quickly get into all sorts of apps and settings they shouldn't. No such worries with Kid's Corner, a place on your phone where your child can play with the games, apps, music and videos
Use the free Find My Phone service
Say yes to updates . check out more at Master Software Solutions - Windows Phone Update
Click to expand...
Click to collapse
I pressume this is an advert for Master Software Solutions, but nevertheless I did google the term you suggested and got nil results. I also browsed the main site of the company itself but haven't found anything related, nor did I find anything on their facebook page.
Regardless, I checked out this Kids corner thing, it's cute but not really security related...
Thx anyway.
[MODs, I know I have answered this before, but I felt it should be pushed into the main forum so everyone can see the answer. As this is a revised answer, please delete the OLD thread first! (please...)
Ok, so I've been asked a couple of times what knox really is. I've also read this question around the forum many, many times.
I hope this is the final answer that everyone can accept.
So let's start at the beginning... literally, the beginning. Right when you power on, Knox begins it's initial processes. You see, QualComm launched it's own SDK, and with this SDK, you can create your own, Hardware Level binaries, that do not actually run inside of Android. Instead, you can Have them run at initial boot with the other QualComm softwares/firmwares simultaneously. Think of the old "Binary Counter" prior to the Knox Generation.
This poses the question, "What is Samsung Knox?" There are several parts to this answer.
First, Knox describes itself as a type of container. Android, applications, almost every peice of software (to include partitions!) runs inside of the Knox container. Each and every application, process, task, etc, can be licensed to be run inside of this container. There are actually two containers, the secure boot, and the User/Industry/Commercial/Government container.
The secure boot, SELinux for Android, and TIMA (TrustZone-based Kernel Integrity Measurement Architecture) all work together to prevent unauthorized OS/Startup Software from loading, unauthorized changes to the kernel, and unauthorized changes to the operating system itself.
I have nicknamed this the "Tier 1 container." As it precedes, OS start up, but launches after the QualComm proprietary blend.
Second, it behaves as an Application-Specific container as well! (I call this the Tier 2 container). That's right, Knox is a service, a Software Development Kit! Did I just blow your mind? Cool...
You see, Samsung thought it would be cool to reach out to the widest Demographic possible. John Doe, Jane Smith, Fortune 500, the DoD, Government entities, and all kinds of Businesses.
How it works is, a random developer, or company will sign up- and pay, for access to the SDK. Like any other closed software, they receive a license/key to use and operate the kit. Once the app or software is developed, they submit it to Samsung, and receive a license to allow it to run inside of Knox.
So why do this?
Knox allows companies to create apps that the end-user has no real authority over. The user might be able to update/edit documents, media, or maybe fill out a DA or DD form, but he or she will not have control of the app itself. Knox allows each app to have it's own configuration. An example would be that your an IT/IS professional, and you work for multiple companies as an adviser. Each company gives you it's own Knox licensed app so you can pull network stats for each network. Each app will have it's own VPN settings, security settings, password, user availabilty, and more.
Any type of intrusion or intercession to Knox, Knox's policies, or Apps (within the Knox Container) will set off a warning system. This we know as "Knox Notifications." As I've told other users, I don't think that Samsung reports us to AT&T or whomever just because we root our phones, or constantly troll on 4chan, but I do think that it is possible for a given company, or business to create an app that can log just such events.
Knox is its own kind of "asec" container. For more info on this, see the "Works Cited" below.
As for the supported devices, again I will point you to the "Works Cited" below.
If you still have questions after reading this, please visit the SamsungKnox.com page. As this was meant as a brief, quick glance article.
Works Cited:
https://www.samsungknox.com/en
What is Samsung Knox?
What is a Knox Container?
What's the Difference Between Knox and Virtualization?
What's the difference between the Knox license, and the Knox SDK license?
Which Devices are Currently Supported?
Two things to take away from this:
(1) We've obtained root, which means Knox securities can be defeated.
(2) Commands, scripts, and/or binaries can be passed to, ran within, or be exploited by, Knox.
Let's see how far we can smash it into the ground.