Viruses.. from CM7 roms ? - Nook Color General

i was just downloading the newest CM7 release.. my anti-virus kept saying there were viruses in the zip... is that normal ?

false positive i got the samething too, only thing is my antivirus took all the files and kill the zip so i had to redownload in a safe enviroment

also sometimes when I'm just reading android forums , my anti virus kicks in too. do android files just get recognized as virus on a windows computer?
ilostchild said:
false positive i got the samething too, only thing is my antivirus took all the files and kill the zip so i had to redownload in a safe enviroment
Click to expand...
Click to collapse

They are not viruses. What anti virus are you using?
Sent from space

it "disinfected" the cm7 zip... virus name is trojan-sms.androidos.jifake.a and also deleted some files in the zip.
koopakid08 said:
They are not viruses. What anti virus are you using?
Sent from space
Click to expand...
Click to collapse

optimusv45 said:
i was just downloading the newest CM7 release.. my anti-virus kept saying there were viruses in the zip... is that normal ?
Click to expand...
Click to collapse
Where did you download it from? I would stick to well-known sources for anything. If you got the file from CyanogenMod directly, I wouldn't worry.

Here, in the android development.
bobstro said:
Where did you download it from? I would stick to well-known sources for anything. If you got the file from CyanogenMod directly, I wouldn't worry.
Click to expand...
Click to collapse

Kaspersky internet security.
koopakid08 said:
They are not viruses. What anti virus are you using?
Sent from space
Click to expand...
Click to collapse

optimusv45 said:
Kaspersky internet security.
Click to expand...
Click to collapse
In my opinion thats one of the best antivirus out there. I would have not figured. Still it is one known to give false positives.
Sent from my NookColor using XDA App

I am pretty intense about checking what i put on my device, and I haven't had any problems with the ROMS posted here. (Unfortunately, apps are more likely to be the work of a single individual and are therefore less reliable).
Can you be more specific about which ROM you downloaded? If it was an official release, then so may eyes have been through that code, you basicallybhavebto have had a false positive. I would like to see the offending file, is there a way to quarantine and save the "disinfected" file through kapersky?

i downloaded the ROM from this http://forum.xda-developers.com/showthread.php?t=1344873 My anti virus give me very little freedom as far as modifying identified virus. i can only give location of the "virus" in the zip. on the report it shows "encore cm72-mirage-01262012.zip//system/framework/android.policy.jar//classes.dex" second one" encore cm72-mirage-01262012.zip//system/app/phone.apk//classes.dex"
mateorod said:
I am pretty intense about checking what i put on my device, and I haven't had any problems with the ROMS posted here. (Unfortunately, apps are more likely to be the work of a single individual and are therefore less reliable).
Can you be more specific about which ROM you downloaded? If it was an official release, then so may eyes have been through that code, you basicallybhavebto have had a false positive. I would like to see the offending file, is there a way to quarantine and save the "disinfected" file through kapersky?
Click to expand...
Click to collapse

Okay, i pulled the two classes files out of the zip. I ran them through a couple custom scans on some standard antivirus software and they came back clean. I expect that they are.
I have found problems hidden in classes.dex files before, but those were with user apps. It was easy to see the traffic they were sending (in those specific cases it was packets to ad sites and bogus http sites for keystroke capturing). Any traffic that could be sent through the associated .jar and .apk files would show up in my firewall/packet monitors as coming from the kernel or root (i believe, if anyone knows better on any of this, please chime in) which has traffic, especially in the kernel's case, coming from multiple sources. It would just be hard to pinpoint what, if anything, these specific packages are associated with.
/deep breath
However, I personally am insane and totally paranoid. A week or two ago i posted screenshots showing my kernel was communicating with an IP associated with Amazon, basically going straight down the rabbit hole. The person who responded just pointed out that it was Amazon Web Services and that the traffic could be anything and was nothing to worry about. I accept that to be almost certainly true, but it doesn't solve my curiosity. So i intend to take it out on your presumptive false positives.
To be clear: You are almost certainly fine. I do these things driven by mental illness!
I am going to attempt to run both classes.dex files through a dexdump Java script on Terminal IDE and repost the output. I then hope to have the data interpreted by some indulging soul familiar with the Jasmine syntax the program will hopefully output.
This is something that is far far beyond the skills I bring to the table, and has every chance of failing. If anyone out there knows an easier and/or softer way, feel free to stop me before i hurt myself. I only have access to the nook itself, hence all the hoop jumping, but i believe it is possible. Feel free to disabuse me of that in public or private.
At the very least, i hope i can learn something.

lol i have no idea what you are talking about but thanks !!
mateorod said:
Okay, i pulled the two classes files out of the zip. I ran them through a couple custom scans on some standard antivirus software and they came back clean. I expect that they are.
I have found problems hidden in classes.dex files before, but those were with user apps. It was easy to see the traffic they were sending (in those specific cases it was packets to ad sites and bogus http sites for keystroke capturing). Any traffic that could be sent through the associated .jar and .apk files would show up in my firewall/packet monitors as coming from the kernel or root (i believe, if anyone knows better on any of this, please chime in) which has traffic, especially in the kernel's case, coming from multiple sources. It would just be hard to pinpoint what, if anything, these specific packages are associated with.
/deep breath
However, I personally am insane and totally paranoid. A week or two ago i posted screenshots showing my kernel was communicating with an IP associated with Amazon, basically going straight down the rabbit hole. The person who responded just pointed out that it was Amazon Web Services and that the traffic could be anything and was nothing to worry about. I accept that to be almost certainly true, but it doesn't solve my curiosity. So i intend to take it out on your presumptive false positives.
To be clear: You are almost certainly fine. I do these things driven by mental illness!
I am going to attempt to run both classes.dex files through a dexdump Java script on Terminal IDE and repost the output. I then hope to have the data interpreted by some indulging soul familiar with the Jasmine syntax the program will hopefully output.
This is something that is far far beyond the skills I bring to the table, and has every chance of failing. If anyone out there knows an easier and/or softer way, feel free to stop me before i hurt myself. I only have access to the nook itself, hence all the hoop jumping, but i believe it is possible. Feel free to disabuse me of that in public or private.
At the very least, i hope i can learn something.
Click to expand...
Click to collapse

mateorod: another thing you might try is to upload those files to virustotal . com - that way you'd see what 40 or so A/V programs think of them.
Prob unrelated, but I've have gotten popups on the Cyanogen forums for supposed Javascript malware, alway seemed like a false positive. Running OS/X, Sophos for Mac, Firefox 10...
Ralf

I might try that. Currently, I am trying to use the smali editor to decompile the jar files through Terminal IDE, which has the Java toolset. When I try and run the command line, I get an I/o exception error, which is beyond my powers to diagnose/repair. I have sent the error to a couple people who may be able to help me figure out what my issue is. In the past, I have gotten that error set with apps that need internet access and cannot get it for some reason or another. I don't know why or how that would apply with this situation, but I am still looking at it. For something I consider to be a simple intellectual exercise, it has taken quite a bit of effort, but I haven't quit on it yet.

Related

Louder Volume Hack v1.0 by Meltus in the market now!!!

yup, it's finally in the market!
if you want to elliminate the tedious adb/terminal commands, then this is the app for you!!
updates coming soon, along with an EQ app!!
cheers for everyone who helped me with this!
everyone who did help messege me!!
cool!
Quick?, safe to use with the dudes 1.3rc2?
Yeah sorry about the force closes, I'm gonna try fixing it tonight.
Spent ages trying getting rid of the force closes, thought id sorted it but evidently not ><
Its odd because it works fine for me off the market.
I should have it sorted by tonight
Sorry again guys
Will you include V5 mod?
Yeah, will be updating it a fair bit soon, just need to get the 'basics' working first
Just read the comments in the market and this made me chuckle a bit
"How does an app that does nothing but force close get a 3 star average?"
DOHCtor said:
Just read the comments in the market and this made me chuckle a bit
"How does an app that does nothing but force close get a 3 star average?"
Click to expand...
Click to collapse
A famous quote... "The two most common elements in the universe are hydrogen and stupidity."
i've had a few people e-mail me saying that this is 'bull*hit' and 'this will never work' and someone calling me a 'scammer, trying to steal peoples money' (seriously, how could i steal people's money when there's a refund policy lol ><)
gotta love the market.
also, just bought a new sd card (because mine conveniently corrupted itself out of spite) so i'm gonna do some serious testing now.
keep up the good fight!
Looking forward to trying it out once you get it updated.
Hey dan, it force closes for me too. Try looking at the code again and see if you have any invalid pointers(?) or what not.... i dont mean pointers, but you know what I mean. Let me know when you update it again so I can run it and debug it through DDMS and so I can also run a trace on it.
Im super excited about this one! There are 2 things that bother me about my g1. Volume and Battery life. I cannot wait to try this out tonight when you get it fixed!
Whats up with the comment from the user that says you have to have Lucid's Mod? Where did he read that at?
Anyhow, Thanks Meltus! Looking forward to it.
Love the idea for the audio mod app, I've used the terminal commands in the past to get it to work (since it no longer seems to work in TheDude's releases anymore). I'd imagine it still runs through the Terminal shell?
will the eq be included in this app or in a seperate app? I will buy both when they are working for sure- i like to support developers.... eg. bought rockon etc...
People see a lot of junk out in the market, so sometimes even good devs get hit with accusations- especially if accusers do not review XDA to know what is real.
How are you getting past the SDK limits in regards to raw audio? It seems that an EQ would beat the CPU to death trying to work correctly unless more resources were made available in the recent OS update.
This is one of several big reasons Coreplayer team hit a wall with Android. Not to mention video codecs would also kill the CPU and still be a battery hoggin' stuttery mess.
the EQ is not an actual program that modifies the sound, it's a set of files that alter the 'built-in' EQ that HTC never bothered to enable.
i'm just going to make an app that can change it on-the-fly.
but atm i'm stuck at trying to push files from the app to the phone. it seems quite simple but i've been trying for about 6 hours now and got fkin nowhere
any ideas anyone?
Is it something to do with the files you are trying to access the built in EQ? The CPU on the G1 does have the function, but I would have thought a driver would be needed from Qualcomm?
i havn't even started on the EQ app yet, this is just for my audiohack app.
The 'EQ', if you can call it that, is a just file with hex values which control the various different gain settings for the different frequencies.
check my signiture for more info and a how-to.
also, my Volume Hack is now fully working, but, only if you've used my files in the past. which is quite bizzarre. it just refuses to do it with the stock files from any build, but if i replace the stock files with EXACTLY the same files but through adb, it then works fine.
i have no idea whats going on. my app sets the system in r/w mode fine so that can't be it.
i hate java
Meltus said:
i havn't even started on the EQ app yet, this is just for my audiohack app.
The 'EQ', if you can call it that, is a just file with hex values which control the various different gain settings for the different frequencies.
check my signiture for more info and a how-to.
also, my Volume Hack is now fully working, but, only if you've used my files in the past. which is quite bizzarre. it just refuses to do it with the stock files from any build, but if i replace the stock files with EXACTLY the same files but through adb, it then works fine.
i have no idea whats going on. my app sets the system in r/w mode fine so that can't be it.
i hate java
Click to expand...
Click to collapse
Just keep plugging away at it. Surely, someone around here wil be able to help you over this speed bump.
Meltus, what it sounds like is just the need for the files to be accessed in the first place. I haven't tried the app yet, but I wonder if it would work since I only used terminal for your audio mods in the past? In which case, you could probably use the same terminal code if that's possible.
I did the mod through the terminal already but I couldn't find it in the market earlier. I figure you pulled it for now due to the problems people are running into but what would I search when it is there. I want to support the community if I can, be it just a simple review.

Su File Manager removed from phone? WTF?

I just looked at my phone, and saw 'Su File Manager has been removed from your phone. You will receive an email with details.' No email yet, and I'm wondering WTF is up. I bought this app several days ago, checked my bank account and the payment for it has cleared, so it's not an issue of payment bouncing or something. Anyone else have this happen, or know what's up?
heldc said:
I just looked at my phone, and saw 'Su File Manager has been removed from your phone. You will receive an email with details.' No email yet, and I'm wondering WTF is up. I bought this app several days ago, checked my bank account and the payment for it has cleared, so it's not an issue of payment bouncing or something. Anyone else have this happen, or know what's up?
Click to expand...
Click to collapse
And this is why it is a good idea to keep a backup.
Seriously... huh?
Can you reinstall from the market?
lbcoder said:
And this is why it is a good idea to keep a backup.
Seriously... huh?
Can you reinstall from the market?
Click to expand...
Click to collapse
Went to the market, reinstalled with no problem, which makes it seem even more weird, cos presumably if the app was malicious they'd pull it from the market as well as deleting it from phones. None of my backup programs seem to have the capability to backup paid apps (MyBackup, Backup for Root, or Astro).
heldc said:
Went to the market, reinstalled with no problem, which makes it seem even more weird, cos presumably if the app was malicious they'd pull it from the market as well as deleting it from phones. None of my backup programs seem to have the capability to backup paid apps (MyBackup, Backup for Root, or Astro).
Click to expand...
Click to collapse
If you're rooted you can just use ADB pull to back it up over usb, and then use ADB install to re-install it over usb if anything happens.
bahnburner said:
If you're rooted you can just use ADB pull to back it up over usb, and then use ADB install to re-install it over usb if anything happens.
Click to expand...
Click to collapse
My cats have chewed through every mini-usb cable I own. Was planning to go to microcenter this weekend to buy more, but in the meantime, no ADB for me. Anyway to backup app-private from in phone, using the terminal? I have root of course.
heldc said:
My cats have chewed through every mini-usb cable I own. Was planning to go to microcenter this weekend to buy more, but in the meantime, no ADB for me. Anyway to backup app-private from in phone, using the terminal? I have root of course.
Click to expand...
Click to collapse
EDITED to protect the Devs.
to restore just install via astro.
bahnburner said:
mount -oremount,rw /dev/block/mtdblock3 /system
mkdir /sdcard/backup
busybox cp /system/sd/app-private/NAMEOFAPP /sdcard/backup
to restore just install via astro.
Click to expand...
Click to collapse
Ah, of course. Thanks!
do not abuse that command please. support the devs.
hiroots said:
do not abuse that command please. support the devs.
Click to expand...
Click to collapse
There was no mention of warez anywhere in the above posts that i noticed. She purchased the applications.
hiroots said:
do not abuse that command please. support the devs.
Click to expand...
Click to collapse
Warez-hunt and Witch-hunt start the same way. This is actual help, not theft.
sha.goyjo said:
Warez-hunt and Witch-hunt start the same way. This is actual help, not theft.
Click to expand...
Click to collapse
Exactly. I had every intention of helping someone retain something they have already purchased. I do no steal applications, and refuse to help someone else do the same. I wouldn't want people doing it to me, so I don't want to see it happening to them.
bahnburner said:
mount -oremount,rw /dev/block/mtdblock3 /system
mkdir /sdcard/backup
busybox cp /system/sd/app-private/NAMEOFAPP /sdcard/backup
to restore just install via astro.
Click to expand...
Click to collapse
You do NOT need to remount the /system partition.
1) You are copying files OFF, not on,
2) Those files are NOT EVEN on the /system partition. They're on the SDCARD (in your example) which is mounted within the /system path (but is not actually part of it), but are more likely in the /data partition (for those not using apps2sd).
*** IN THE EVENT that the apps are installed to SDCARD, you can simply turn off the phone and move the card into your computer to copy them directly to your hard disk for permanent backup.
heldc said:
Went to the market, reinstalled with no problem, which makes it seem even more weird, cos presumably if the app was malicious they'd pull it from the market as well as deleting it from phones. None of my backup programs seem to have the capability to backup paid apps (MyBackup, Backup for Root, or Astro).
Click to expand...
Click to collapse
The irony in this situation is that SU file browser will back up (copy protected apps) itself just fine.
Moving anything onto a fat partition that is protected is a grey area. If a mod comes across this post it will be edited. I know its only help, but xda has to cover their ass. This topic should be helped through PM's instead of being public broadcasted. The poster that helped with the commands and the person who quoted them should edit their posts now that the OP fixed their issue, the mods already got their hands full, we should help when we can.
if the devil was on earth he would wear all white and work for unicef!
Too many people allow the information of copying protected apps, so therefore people abuse this info anyone with a simple curiosity could find the info on there phone without people having to teach them like myself, but once I found the information I shared it with nobody and assume they could figure it out themselves!!! So please do not PLEASE DO NOT! Inform people how to backup paid apps! I don't know how many people read the comments in the marketplace but its full of people who steal and trade these apps blatently without regard for repercutions, leaving there email addresses and everything! So believe me intelligent people will figure this out themselves this is not information that should be googled I am personly trying to pass this information around to all moderators to ban this information so please help me in stopping this, root is a gift for people who understand not thos who follow the bandwagon to just steal apps (most of which don't cost more then 5$), strangley the people who need the help only have one thing in mind.
So please treust me if we don't stop this the idiots will win and the marketplace will crumble only the honest people keep it afloat only the intelligent should be able to obtain this precious info and they won't have to ask for the process they are smarter then that! They will find they file and already know the commands to do what they see fit for the application. This should not be easy! It should be protected by devs and moderators for the sake of the community knowledge is power unless you give a simple walkthrough to a thief or idiot or power hungry moron with no respect for others or creative artists and they use it for there personal benefit not the furthering of progress infact just the opposite!
It's only fair (as described in fair use) that users have the ability to backup their own purchases and downloads. As far as what they do with them, that's up to their own conscience. It's not ours to judge.
If they decide to illegally share it, then report them and be done with it.
The discussion on piracy is taking this thread off topic; please cease immediately.
I'd like to know more about the circumstances in which this app was removed, specifically whether it was "kill-switched" by Android Market or something else entirely.
jashsu said:
The discussion on piracy is taking this thread off topic; please cease immediately.
I'd like to know more about the circumstances in which this app was removed, specifically whether it was "kill-switched" by Android Market or something else entirely.
Click to expand...
Click to collapse
I doubt that it was kill-switched. If it was, then it would have coincided with the app being pulled from the market and it is unlikely that it would allow such simple reinstall. This is, of course, assuming that they even *can* kill-switch an app like that. I have heard discussion about it, but nobody has offered even a shred of proof, so I really doubt it.
jashsu said:
I'd like to know more about the circumstances in which this app was removed, specifically whether it was "kill-switched" by Android Market or something else entirely.
Click to expand...
Click to collapse
It seems pretty clear it wasn't kill-switched, since I was able to re-download it right away, and it's still available. I wish I'd thought to screenshot the alert that it had been removed, but I was so surprised to see such a thing I just didn't think about a screenshot until after I'd tapped ok.
The only explanation I can imagine, and this is purely hypothetical I've got no evidence for it, I'm just guessing, is that there was a server hiccup someplace when google went to actually collect the payment for the app. (The pre-auth for buying apps always hits my account immediately, but the money doesn't actually get taken from my account for 2-5 days.) So, google got told 'no moniez for you', and told my phone 'no app for you!', but then the server hiccup resolved itself, google got the payment for the app and I was able to re-download the app.
Since there wasn't a rash of people posting saying this happened to them, it seems clear this issue was somehow specific to me and my phone, and since I had bought the app a few days prior (well over 24 hours before the incident tho), the only explanation I can think of is the above. I wish I had some way to know what it was, but since I never did get an email about it, I'm stuck guessing.
anybody else???
has anybody heard of an instance of this happening since this original post?? anybody? or does it seem she is the only person to experience this? just for my curiosity and interests...
"fair use" huh, i wonder if that has a 24hr return policy on it?

[Q] Harmful .apk file

Say I download an *.apk file from some site or I get one from a friend, could it potentially harm my phone, cost me money etc.? Basically what I'm wondering is, when I install an app it generally says what the app has/wants access to, is this "warning" coded by the programmer to tell the user what it's accessing or is it determined automatically by built in functions? I don't want to install and app that has access to stuff that I'm not aware of.
Regards,
B
Edit: On a second note. Say I do download some harmful application, would uninstalling it solve the problem or could there be remaining harmful files still at work? The whole Android OS is sorta worrying me...bad experiences with Windows is making me cautious.
if you can think of it
there can always be a chance of happening
yes, a malicious hacker could do something like that
yes, a pissed programmer might including something like that into their apps to stop people from sharing their apps without buying it
yes, the apk might be legit but might have been corrupted some how
yes, you might be able to uninstall if lucky
but worse case scenario if i were a malicious hacker i wouldn't code a way to uninstall the app, instead i'll probably code a way to lock the user out of all access forcing you to Flash the phone from scratch
You didn't really answer my one major question, or maybe you did but I didn't understand. Are the services that the app is able to access programmed or are they determined by a function?
Well when installing I've resorted to checking a few things:
1) Make sure the app that I've downloaded is the same size as the one in the market (for equivalent versions...obviously)
2) Compare the system permissions when installing with those found at www.androlib.com
This way seems pretty safe to me. If the size is the same and the permissions are the same...you can be quite (not 100%) certain that they are legit/the same.
Ok heres the deal. Apps have 2 types of access.
1. Standard permissions
So if u don't do adb-install (where u dont see an app's permissions), then market / copy to sdcard and install from there u'll see the permission screen. An app cannot do something w/o permissions. If an uninstaller is askin for email permissions u know somethings wrong.
2. Root
Most dangerous. An app will ask u for 0 standard android api permissions. But when u run it, u will be asked for a superuser allow/deny request. From their its up to you. An app could do anything behind the scenes from tht point.
So read reviews/ user comments before trying root apps. Standard apps, just look over the permissions thts all.
FYI : The permissions are read by android, they're not user defined. Any permissions will always show up when installing it using the native package manager.
To be honest I wouldn't advise downloading an .apk from a non-trusted source. If its on the market, you're near certainly ok, and if its from a trusted developer (say from these boards, or some other similar dev portal) then again, you are likely to be ok. In the second case, you are unlikely to be getting a finished app if you get a straight apk from boards, because when they are finished or at least solid, they go to the app store anyway, so harm in that case is more likely to be of the force close variety rather than bricked variety.
Outside of that, I can't see why you would get an apk from a friend rather than downloading it yourself, simply because that way it makes certain you get a clean, non-corrupted version. If apps don't show up in the market for you, its mostly because your device can't run them, in which case, again, force close.
Uninstalling it is possibly too late. All smartphones suffer this issue though.
As mentioned, if you get the files from market though, you are likely to be safe..
Also, not all melicious programs are obvious..
Daneshm90 said:
Ok heres the deal. Apps have 2 types of access.
1. Standard permissions
So if u don't do adb-install (where u dont see an app's permissions), then market / copy to sdcard and install from there u'll see the permission screen. An app cannot do something w/o permissions. If an uninstaller is askin for email permissions u know somethings wrong.
2. Root
Most dangerous. An app will ask u for 0 standard android api permissions. But when u run it, u will be asked for a superuser allow/deny request. From their its up to you. An app could do anything behind the scenes from tht point.
So read reviews/ user comments before trying root apps. Standard apps, just look over the permissions thts all.
FYI : The permissions are read by android, they're not user defined. Any permissions will always show up when installing it using the native package manager.
Click to expand...
Click to collapse
EXACTLY what I was looking for. Thank you.
Btw, just because security on App store says an app can do stuff like make phone calls etc, doesn't mean it's malicious.
A few people were misled by an article that stated that apps with such extreme permissions were malicious, but it's untrue. It isn't always the case, but if an app uses functionality you don't believe it should, it's possible it is dodgy
andrewluecke said:
Btw, just because security on App store says an app can do stuff like make phone calls etc, doesn't mean it's malicious.
A few people were misled by an article that stated that apps with such extreme permissions were malicious, but it's untrue. It isn't always the case, but if an app uses functionality you don't believe it should, it's possible it is dodgy
Click to expand...
Click to collapse
Aye, I know. Thanks for the advice. I've actually been comparing any app I download off the internet to the actual ones on the market (size and permissions).
Hi everyone im a noob member to the site but have read some interesting threads before membership but as usual joining when i have a problem that needs some of your help
I have had a .apk file download to my htc desire running 2.2.2. I was browsing pics of the fake kind when it started downloading. i did see some letters and numbers before the file ext. It is not an official .apk that im sure off. I have searched for it on my phone but cannot find it to delete .
can anyone help please
After hooking up htc to my pc by usb lead, I have managed to locate the file by searching. It was in the download folder, I deleted it via the pc and then did a factory reset on htc.
Would this get rid of it safely

how would you look for viruses?

I don't use an antivirus on my windows desktop, I always keep an eye in msconfig and task manager (I know most of the processes), services.msc, unusual behavior, etc, once a year I run an antivirus scan never found anything, I have been clean for more than 3 years.
I have previously installed lookout on my Note but found it to slowdown the system a little bit, so I removed it, and now I don't have any antivirus but I keep an eye at the running proccesses, but I'm unsure if that's the way to spot a running background virus in a linux system
what do you guys do or advise doing to look out for viruses on android?
Are you rooted? If not then don't worry about Viruses.
If you are rooted don't install any shady apps outside from the Android market or make sure any non market apps are from trusted sources.
Also read this:
https://plus.google.com/u/0/1147650...dDLPv#114765095157367281222/posts/ZqPvFwdDLPv
Actually, even the apps on the Android market, approved by Google, are not safe. There have been couple incidents of rogue apps show up in market last year. Good thing is Google are proactively plugging those OS exploits that these rogue apps use (they will auto-root your phone). So, if you're on latest Gingerbread OS (2.3.4 or later), most of those exploits no longer work. But there is now a new exploit now been used here on XDA to root the phone (search ZergRush). Not sure if this will be used in next wave of rogue apps. Remember, just because you installed an app from market, doesn't mean it is safe. Google made zero effort to review those apps.
thanks a lot for the article, it is a lot like I suspected, specially about companies bullshitting us to get to buy their antivirus software
about web based virus, from that I'm 90% safe because I only access the same websites every day, unless one of them gets attacked I'm sure I won't get a virus from them
and yes, I'm rooted... two things I wonder are:
1 - shouldn't an infected app show the permission pop up asking for root access? I'm not exactly sure but I think there are ways to circunvent that and force root access without permission
2 - if I'm infected and perform a full wipe (cache, dalvik, factory reset) and change roms, can I still be infected? I ask this because I noticed that some folders aren't affected when performing a full wipe, the rom goes into /system, and the factory reset only cleans /data. So there is no way to completely clean a system I guess.
As someone who works in internet security, I have to tell you that you really should be running anti-virus on your desktop.
Yes, there's a lot of marketing and fear-mongering from some companies to buy their products. But it doesn't matter if you think you're tech-savvy and that you check task manager and only visit "safe websites". Any website can deliver drive-by downloads that infect your computer without you knowing. Rootkits are completely undetectable from simply checking your listed processes and services.
And your websites might be safe and legit, but all sorts of malware and exploits are delivered through ads. Even visiting Google search recently infected users.
Anti-virus is a crappy technology (there's better alternatives), but stop being so idealogical and just install the damn thing.
---------- Post added at 03:32 PM ---------- Previous post was at 03:24 PM ----------
inurb said:
Also read this:
https://plus.google.com/u/0/1147650...dDLPv#114765095157367281222/posts/ZqPvFwdDLPv
Click to expand...
Click to collapse
Thanks for the link. That's a terrible, terrible article though that completely misses the point.
It's a typical viewpoint from a large company like Google. Their interest is in what % of their users are affected by X and Y.
There is certainly no "widespread problem" with viruses on Android or indeed Linux. But the vulnerabilities are HUGE. The only reason they're not exploited more is because of the size of the userbase. Android (and to a lesser extent Ubuntu) is growing to such an extent that it is going to become a very serious problem, very soon.
As to the now: there is very little chance of being infected out of millions of normal users. But if you're doing sensitive work, then it does make sense to seek extra protection, as the Linux and Android vulnerabilities are so big that if someone actively targets you, it will be easy.
If you're not using sensitive data on your Note, then sure, don't worry about it.
edanfalls said:
As someone who works in internet security, I have to tell you that you really should be running anti-virus on your desktop.
....
Anti-virus is a crappy technology (there's better alternatives), but stop being so idealogical and just install the damn thing.
Click to expand...
Click to collapse
Your advise is sound but just one tiny flaw:
As you posted, AV softwares are crappy technologies. They rarely ever catch anything, especially worthless towards the browser plugin based malwares. And yet, they DO make every PC installed with them 10x slower. So, in the end, installing AV software doing more damage to your PC on daily basises.
Use 'LBE Safety Master' (root required) and you will be fully protected.
lbe doesn't protect with reboot. Wonder if apps can make use of that flaw, logg and send when API or connection becomes available.
Better alternative, if you can get a patch would be forum.xda-developers.com/showthread.php?t=1357056
I guess one must take into mind the shift of definition from virus/malware to user approved info gathering through permissions lmao.
You can install droidwall and check it's logs for connections. Setting it up can be tedious due to dependent stuff.
Sent from my GT-N7000 using Tapatalk

[Q] [HELP]TiBu can't write backups to SD card

Okay, I'm running a newly rooted SGH-I537—Firmware: 4.4.2—Baseband: NE3
I rooted it this morning no problem with @geohot's towelroot; worked wonderfully.
My next steps were to backup everything and start removing bloat. Unfortunately, I wasn't even able to get to the back s**t up step, naturally.
When trying to backup the files to the exSDcard, I am told that it is unwritable! Funny thing about that though? When I say f**k it and try the backup anyway, it works for a fraction of a second, stops, and says insufficient storage....but each time I've done this a file leaks through and backs up to the destination, wtf?
I have been scouring these and other android forums looking for a solution to the problem, to no avail.
There was one potential solution, linked here: http://forum.xda-developers.com/showthread.php?p=44370296
But, naturally, it didn't work. I mean, I copied to the platform.xml file to my computer, did the necessary edits, and when I tried to paste it back into etc/permissions it wouldn't. So I thought, "maybe I have to edit it from it's location", NOPE! That doesn't work either; won't let me save with modifications. Granted, this method was for a different phone, but then again, so was the root method I used.
Which brings up another point: if I'm rooted, and ES File Explorer has superuser access, why can't I edit a simple .xml file?!
I apologize if this post comes off a little irritated, but I f**king am!
Anyone who can help with this will have my sincere gratitude and advanced thanks.......or I'm taking my phone to the shooting range.
*Warning: Irate rant contained below!*
It's like the folks at Android were sitting around the conference room—brainstorming—when someone spoke up and said, "GUYS! I've got a great idea! For this next update, let's not actually improve things, but rather(!), let's make our platform LESS functional! The consumers will love it! And I've got just the thing! You know how you used to be able to write things to the SD card?! Uh uh uh, NOT ANYMORE! Now what we'll do is pick things out of this hat I have here, whatever comes out is the functionality the end user loses!" And everyone just nodded in agreement! *rage*Oh.My.F**king.God! Who are these people and why is their incompetence so unfathomably pervasive?!
It's not just Android, but EVERY major tech company! Windows 8: Great example! Live Messenger/Skype merger: Great example! Apple(I mean, that's why we're all here, right?): Great example!
I could go on, but that's not why I am here, that's why I am in college.
Thanks (in advance) again guys.

Categories

Resources