Apparently the ONLY version of Android that is vulnerable to Heartbleed is 4.1.1. I ran a check on my phone, and sure enough I'm running that version, and heartbeats are definitely enabled. I used the Lookout security app to verify this. Is there a way I can patch my system myself and somehow disable the heartbeats feature without having to wait another 3 years for Motorola to come out with a fix? My phone is rooted, but something tells me that OpenSSL probably needs to be essentially recompiled with a flag set to disable heartbeats?
I was hoping there would be a quick config file for OpenSSL that can be modified, but I'm not usually lucky. Based on everything I've seen thus far, a recompile with a flag set is the only way to fix this. Figured i'd give it a shot and ask on here.
I've been thinking about the same thing.
If memory was encrypted that could solve all or part of the problem.
If the Chrome https browser cache were turned off, which I think requires an APK edit there would not be any clear text data in the browser cache.
What do you think?
dosmac said:
Apparently the ONLY version of Android that is vulnerable to Heartbleed is 4.1.1. I ran a check on my phone, and sure enough I'm running that version, and heartbeats are definitely enabled. I used the Lookout security app to verify this. Is there a way I can patch my system myself and somehow disable the heartbeats feature without having to wait another 3 years for Motorola to come out with a fix? My phone is rooted, but something tells me that OpenSSL probably needs to be essentially recompiled with a flag set to disable heartbeats?
I was hoping there would be a quick config file for OpenSSL that can be modified, but I'm not usually lucky. Based on everything I've seen thus far, a recompile with a flag set is the only way to fix this. Figured i'd give it a shot and ask on here.
Click to expand...
Click to collapse
Yep, 4.1.1 is vulnerable to this. 4.1.2 has the no heartbeat fix added in and 4.1.1 took the update that was bugged. That said, we DO have TWO 4.1.2 Stock roms, Mexican Retail and Bell are both 4.1.2 and should have that fix -- needs confirmation. Our Stock ICS roms are all from before this bug was added in and are safe. In reality, only stock, locked AT&T Atrix HD's are vulnerable to this since all the other roms* have this fix.
Normally I'd say something around the lines of give me a few days and I'll look into this more, but I've been busy lately, and when I'm not busy I'm either tired or sore; did some heavy lifting a few weeks ago and my back is still sore from that day.
*Our 4.1.2 roms are untested, but 4.1.2 AOSP has the fix so our 4.1.2 stocks should too
I was just thinking that ther eis no such thing as security. Security is achieved by being harder to exploit than the other computers. Even 3-DES can be cracked with enough computing power.
So encrypting memory and stopping https caching would close two big holes. I'm now wondering what holes would remain to be exploited by the heartbeat exploit on a 4.1.1 device if this were done?
stevep2007 said:
I was just thinking that ther eis no such thing as security. Security is achieved by being harder to exploit than the other computers. Even 3-DES can be cracked with enough computing power.
So encrypting memory and stopping https caching would close two big holes. I'm now wondering what holes would remain to be exploited by the heartbeat exploit on a 4.1.1 device if this were done?
Click to expand...
Click to collapse
If I was on a stock phone running 4.1.1 and I was that worried about heartbleed, I'd unlock the bootloader and install Bell or Mex Retail because both are 4.1.2. I might even be possible to just swap the exploited binaries with the ones in our 4.1.2 roms, that's something someone else worried about this can do. Hell, it might even be possible to run the 4.1.2 roms with safestrap and the AT&T kernel...again, that's a someone else thing...I have no intention of dicking with SSR.
Think about Wifi being hacked....when it first came out a crappy password like 12345678 was good enough because computing power wasn't that good for consumers yet; nowadays, a basic gaming laptop can check 500,000 wpa2 passwords a second, a decent desktop with multiple GPU's can do over a million a second. All wpa2 hacking is sniffing out the verification md5*, then the tools generate passwords and their md5 and compare it against the sniffed out one, eventually you'll find one that matches, especially so if the password sucks. If you know how certain telecoms set up their wifi passwords, you can shorten the amount of time taken by limiting to the characters they use -- for example, AT&T U-Verse** uses 10 digit numeric passwords, so all you'd have to do is limit the tools to use numbers and start with 10 digits....hint: there are only 1 million codes if you use 10 numbers only....10 to the power of 10 and all....
That isn't a wifi hacking tutorial, just an example of how overtime good security unchanged becomes very bad security and how eventually an exploit will be found and security compromised, like how wpa2 for a split second sends out a the verification md5 unencrypted.
*not sure if WPA2 uses md5, but most of us know what md5's are
**last time I read about that service that's what I saw...and I read that a few months ago
Related
Greetings,
I tried to ask this in the NexusRoot Toolkit thread, but I need 10 posts.
My question has to do with Nexus 7 Security and Rooting. Can I turn the developer options back off after rooting, and still have the 'rooted' experience? I'm concerned with any malware infections, and also exploiting the device using a Cellebrite UFED:
w w w .cellebrite.com/mobile-forensics-products/forensics-products.html
I will be encrypting the entire device using Android encryption. Anything to watch out for when enabling encryption, in relation to rooting? Is the max unlock/encryption length still 16 characters on Jelly bean?
Thanks,
RF
Well, you are defending against two different things there.
ufed goes through the usb client mode while you would be defending installed software from the network for whatever malware concerns you might have.
I don't know if anything in user space can defend against a ufed if they want your data bad enough. I have seen it suggested that if you put something like Ubuntu on the device the ufed wouldn't know what to do with it. But I am sure they have plenty of tech specialists who they could then turn the device over to.
A check at a traffic stop might be something you could defend against. But if they have a subpoena and time...well the laws protect them not us.
You could use PDroid to stop apps from having permissions. That seems like the best defense to me for regular everyday data mining. We have not brought it to Jelly Bean yet, but it shouldn't be long.
mateorod said:
Your post
Click to expand...
Click to collapse
Thanks Sir. This is my first Tablet, and my first 'DIY' Unlock & Root. I do currently run Whispercore on a Nexus S though, but that was one click rooting from the installer and I don't touch it. As long as I can power down at a stop, UFED is spinning in the wind with WhisperCore. I want the same functionality from Jelly bean, but am unfamiliar with exactly how it works compared to Moxie's solution. I know that USB Debugging Enabled is an exploitable hole that devices like UFED use, that's why I wanted to know if I can disable all the developer options again, after rooting, with no ill effect.
I also block Android GPS Daemon from communicating, with Whisper Monitor, so hopefully Jelly Bean will have some firewalls able to do this soon.
Thanks for your reply,
RF
You should be alright with malware as long as you're careful what applications and ROMS you're downloading and from where.
Ronaldo Forenucci said:
Thanks Sir. This is my first Tablet, and my first 'DIY' Unlock & Root. I do currently run Whispercore on a Nexus S though, but that was one click rooting from the installer and I don't touch it. As long as I can power down at a stop, UFED is spinning in the wind with WhisperCore. I want the same functionality from Jelly bean, but am unfamiliar with exactly how it works compared to Moxie's solution. I know that USB Debugging Enabled is an exploitable hole that devices like UFED use, that's why I wanted to know if I can disable all the developer options again, after rooting, with no ill effect.
I also block Android GPS Daemon from communicating, with Whisper Monitor, so hopefully Jelly Bean will have some firewalls able to do this soon.
Thanks for your reply,
RF
Click to expand...
Click to collapse
Yes after rooting you can turn it off. (In fact you can turn off developer options completely, and install apps from unknown sources is labeled under security). Only thing you won't be able to do is side load apps or use like titanium backup to restore apps.
Sent from my LG-P999 using xda app-developers app
Ronaldo Forenucci said:
Thanks Sir. This is my first Tablet, and my first 'DIY' Unlock & Root. I do currently run Whispercore on a Nexus S though, but that was one click rooting from the installer and I don't touch it. As long as I can power down at a stop, UFED is spinning in the wind with WhisperCore. I want the same functionality from Jelly bean, but am unfamiliar with exactly how it works compared to Moxie's solution. I know that USB Debugging Enabled is an exploitable hole that devices like UFED use, that's why I wanted to know if I can disable all the developer options again, after rooting, with no ill effect.
I also block Android GPS Daemon from communicating, with Whisper Monitor, so hopefully Jelly Bean will have some firewalls able to do this soon.
Thanks for your reply,
RF
Click to expand...
Click to collapse
I thought whispercore got purchased (by twitter, I think? Maybe?) and is only available for the nexus s. Maybe you plan to sideload it? I haven't personally found a way to try it yet.
But yeah, you can shut off adb mounting. I have actually spent a good chunk of my day looking into how to require a passcode for USB mounting in the kernel, for an unrelated project.
I haven't determined whether the multiuser claims are sufficient. I have muktiuser through botbrew, but that is a little more complicated than what I need there.
You are correct, I have a Nexus S also, running WhisperCore. The N7 will have to run Google's built in implementation of encryption. Thanks for all the replies. I'll Unlock & Root, and then disable Developer Options again. In the 'off state' Google's encryption should protect from UFED type attacks. I'll probably install Avast! (if it runs on the N7) for malware protection.
RF
Yeah from my understanding of UFED your pretty well protected as long as you don't have USB debugging on; so while not ideal, only turning it on when you need it would be the easiest way to secure the device. (along with all the normal stuff like having an actual password etc)
Considering how much apple fanboys tout the iphone's security, its fairly ironic that UFED can still pull some of their info regardless of settings whereas on android if USB debugging is off and a password is used UFED is useless.
I know, right :good: Is max password length still 16 characters? It is on Gingerbread. I wish this thing had a USB slot...I'd love to be able to use my Yubikey with it. I wonder if the NFC Yubikey version would work on the Lock Screen?
RF
I've been doing research and experimenting for the past few days, with only 6 hours of sleep in the last 48 hours. Long story short, I had a Droid TURBO on Verizon, loved it, the best phone I've ever had hands down. A month or so into having my Turbo, my family switched to Sprint, rendering my Turbo completely useless as a phone Skip a few more months ahead to 11/15 when I broke my Samsung S6. I was looking for an excuse to figure out how to do this, I'd done a few hours of research, but never really had a reason to attempt what I have been. My goal is to allow my droid turbo to call/text with my sprint number and plan. My first idea was to simply open up some bands, maybe change some APN settings, BOY was I in for a trip. I'm currently running the 5.1 OTA of Lollipop on my Turbo, which means I have a locked bootloader, however I've gotten as far as getting temporary root access on 5.1 OTA (SU3TL-39). I wasn't sure how temporary root worked at first so of course, I was trying to get "XPOSED" working with this temporary root, then I could modify the phones information and trick Sprint into thinking that my Droid Turbo, is actually my old phone. I attempted to change the IMEI swap the two different IMEI's however it was soon after that, that I found out that my temporary root doesn't actually save after a boot, or even in-between roots. Kingroot seems to have to keep re-rooting itself in order to keep it's temporary root alive. Anyways, I've been up all night, and I've got to get to Uni. I'd like to see what other ideas you all might have. At this point I've gotten invested in attempting to find my own method to rooting, or flashing a modified firmware of some type. I'd really like some guidance in these fields even if my Turbo will never work with Sprint. I appreciate those of you who read the post entirely.
EDIT: I've gotten many different theories, but the only way I see myself doing this is by somehow downgrading and starting from complete scratch, maybe even rebuilding the OS just to miss the security update? (All of these things are probably impossible, but I'd really like to think that we can figure something out together instead of letting the TURBO die.)
EDIT 2: ****, I really need to leave, but I had one last idea as I walked out the door, I'm sure it's out of the question, but maybe there's some way to physically modify the TURBO, or even modify the IMEI that the SIM card is looking for in the first place, but all just theories, will come back later with more ideas!
Tabrune said:
I've been doing research and experimenting for the past few days, with only 6 hours of sleep in the last 48 hours. Long story short, I had a Droid TURBO on Verizon, loved it, the best phone I've ever had hands down. A month or so into having my Turbo, my family switched to Sprint, rendering my Turbo completely useless as a phone Skip a few more months ahead to 11/15 when I broke my Samsung S6. I was looking for an excuse to figure out how to do this, I'd done a few hours of research, but never really had a reason to attempt what I have been. My goal is to allow my droid turbo to call/text with my sprint number and plan. My first idea was to simply open up some bands, maybe change some APN settings, BOY was I in for a trip. I'm currently running the 5.1 OTA of Lollipop on my Turbo, which means I have a locked bootloader, however I've gotten as far as getting temporary root access on 5.1 OTA (SU3TL-39). I wasn't sure how temporary root worked at first so of course, I was trying to get "XPOSED" working with this temporary root, then I could modify the phones information and trick Sprint into thinking that my Droid Turbo, is actually my old phone. I attempted to change the IMEI swap the two different IMEI's however it was soon after that, that I found out that my temporary root doesn't actually save after a boot, or even in-between roots. Kingroot seems to have to keep re-rooting itself in order to keep it's temporary root alive. Anyways, I've been up all night, and I've got to get to Uni. I'd like to see what other ideas you all might have. At this point I've gotten invested in attempting to find my own method to rooting, or flashing a modified firmware of some type. I'd really like some guidance in these fields even if my Turbo will never work with Sprint. I appreciate those of you who read the post entirely.
EDIT: I've gotten many different theories, but the only way I see myself doing this is by somehow downgrading and starting from complete scratch, maybe even rebuilding the OS just to miss the security update? (All of these things are probably impossible, but I'd really like to think that we can figure something out together instead of letting the TURBO die.)
EDIT 2: ****, I really need to leave, but I had one last idea as I walked out the door, I'm sure it's out of the question, but maybe there's some way to physically modify the TURBO, or even modify the IMEI that the SIM card is looking for in the first place, but all just theories, will come back later with more ideas!
Click to expand...
Click to collapse
There are two problems that you're up against:
1. The /system partition is write protected. Even with temp root (or permanent root, for that matter), /system cannot be modified. To use anything via the xposed framework, the framework must be installed, which requires writing to /system, which is impossible. The only way around this is the moforoot exploit, which allows flashing of pre-modified /system images, eliminating the need to modify /system while the phone is running. However, this does not work on the 5.1 bootloader, which you have.
2. As you correctly state, the bootloader is locked. That means no downgrading and no flashing of modified firmwares using official flashing methods (fastboot, mfastboot) or non-mofo unofficial methods (TWRP, FlashFire).
This thread discusses hardware modifications. It's way above my head, so I'm not sure how useful it is: http://forum.xda-developers.com/droid-turbo/development/rd-turbo-jtag-emmc-direct-hardware-t3162558.
Hope this is at least moderately helpful.
I suppose there's no way to disguise an exploit within some of the core system files? Since all of these files are signature checked, but how exactly does signature checking work with the Lollipop, I doubt that it would be easy to trick, but maybe some reverse engineering of it? Trick it into thinking that everything is okay even though an exploit is riding alongside a system file.
Tabrune said:
I suppose there's no way to disguise an exploit within some of the core system files? Since all of these files are signature checked, but how exactly does signature checking work with the Lollipop, I doubt that it would be easy to trick, but maybe some reverse engineering of it? Trick it into thinking that everything is okay even though an exploit is riding alongside a system file.
Click to expand...
Click to collapse
Even if that were possible, it would not help you, since that would require being able to write a file to where the core system files are stored (/system). As for how signature checking works, I think it is enforced by whatever is stored on the /boot partition, but I'm not sure about that. A locked bootloader will not allow flashing modified images to /boot, and there are no known ways to bypass this.
When I get home, I'm going to do some experimenting on attempting to strip down and down grade to KK. I know that it most likely won't work, but I will gain some knowledge about it at least.
TheSt33v said:
Even if that were possible, it would not help you, since that would require being able to write a file to where the core system files are stored (/system). As for how signature checking works, I think it is enforced by whatever is stored on the /boot partition, but I'm not sure about that. A locked bootloader will not allow flashing modified images to /boot, and there are no known ways to bypass this.
Click to expand...
Click to collapse
Yep, the boot partition is what would have to be bypassed or unlocked in order to be able to write to system. That is where all the sig checks are locked in, right in the boot partition.
Well, we had a BL Unlock coming to us in a few days, maybe a week or two. With that, you can flash what you need to attempt to use with sprint possibly, depending on the bands the Turbo has
I've gotten the phone to work to an extent, I'm hoping if the BL unlock happens that it will open up lots of opportunity.
First, I'm just in shock t here's a phone that can't be rooted. It just blows my mind and really, I'm saddened by it. It totally defeats the original idea behind Android - a device that people can root, voiding their warranty, develop - A lot of Amateur dev'd features have been incorporated into Android as it's grown over the years, and modify. Even the Judicial system said end users have the right to do what they want to their device and void the warranty at their own discretion.
However, even if it does ever actually come out and even if VZW DOES carry it and even if I could afford it, which I doubt, I really like th Z force, from what I've seen and read.
So how are you guys who have always used rooted, mod'd devices living without root??
I guess I can learn to give up most of my root required apps, begrudgingly, but TB?? How could I ever transfer my apps and data (MUST have data transferred too) without root??
What about bloatware? It's like giving up sex for me to give up root. Aaaauuuggghhhhh
HipKat said:
First, I'm just in shock t here's a phone that can't be rooted. It just blows my mind and really, I'm saddened by it. It totally defeats the original idea behind Android - a device that people can root, voiding their warranty, develop - A lot of Amateur dev'd features have been incorporated into Android as it's grown over the years, and modify. Even the Judicial system said end users have the right to do what they want to their device and void the warranty at their own discretion.
However, even if it does ever actually come out and even if VZW DOES carry it and even if I could afford it, which I doubt, I really like th Z force, from what I've seen and read.
So how are you guys who have always used rooted, mod'd devices living without root??
I guess I can learn to give up most of my root required apps, begrudgingly, but TB?? How could I ever transfer my apps and data (MUST have data transferred too) without root??
What about bloatware? It's like giving up sex for me to give up root. Aaaauuuggghhhhh
Click to expand...
Click to collapse
There's several Android devices that cannot be rooted, certainly ones designed for Verizon (Droids)
Sent from my Moto Razr M using Tapatalk
sd_shadow said:
There's several Android devices that cannot be rooted, certainly ones designed for Verizon (Droids)
Sent from my Moto Razr M using Tapatalk
Click to expand...
Click to collapse
True that, but I'm not interested in those lol
HipKat said:
True that, but I'm not interested in those lol
Click to expand...
Click to collapse
Well for me the biggest difference is I used to use Playstation controllers, so I had to switch to a gamesir g3s which is the same size and shape but does not require root. Nothing else I do requires root so Im perfectly fine not having it. I miss mhl far more than root since I used it a lot with a bluetooth keyboard and mouse with chrome remote desktop, but I bought a laptop to eliminate that.
I'm really missing the following apps:
Titanium Backup
Ad Blockers that actually work well (AdAway, MinMinGuard, UnbelovedHosts)
Viper4Android
File Browsers that can access the entire filesystem (allowing me to debloat stock apps, among other things).
I can partially work around the ad blockers thing by spending a few extra bucks to purchase some apps that I don't use often enough to have already warranted a purchase, and using DNS66 for non-secure uses (a less than optimal solution, since I can't trust some random server on the internet which could theoretically hit me with a MITM attack...I turn it off whenever security is a concern).
There really is no good workaround for TiBu, V4A, or root file explorers.
But the benefits are that I can now use Android Pay, and don't need to fight with SnapChat every time I need to log back in.
The negatives far outweigh the benefits, and I don't want to ever buy a non-rootable phone again. GFY Verizon.
sn00gan said:
I'm really missing the following apps:
Titanium Backup
Ad Blockers that actually work well (AdAway, MinMinGuard, UnbelovedHosts)
Viper4Android
File Browsers that can access the entire filesystem (allowing me to debloat stock apps, among other things).
I can partially work around the ad blockers thing by spending a few extra bucks to purchase some apps that I don't use often enough to have already warranted a purchase, and using DNS66 for non-secure uses (a less than optimal solution, since I can't trust some random server on the internet which could theoretically hit me with a MITM attack...I turn it off whenever security is a concern).
There really is no good workaround for TiBu, V4A, or root file explorers.
But the benefits are that I can now use Android Pay, and don't need to fight with SnapChat every time I need to log back in.
The negatives far outweigh the benefits, and I don't want to ever buy a non-rootable phone again. GFY Verizon.
Click to expand...
Click to collapse
That's what I wanted to hear. Guess I'll have to pass on this one. No Backup, or V4A is not acceptable for me
The only complaint that I have is that some of the pre-installed apps are not able to be uninstalled. theres 4? or so that I can't get rid of
This is my first non-rootable phone and I have mixed feelings about that. As a stock platform, the Z Force is a great phone and does almost all that I could ask for from a pocket computer. I love having stock Android and like having WiFi calling, though it's a pain to switch back and forth: go into airplane mode, then switch WiFi on to make WiFi calls. Of course, you have to remember to turn airplane mode off when you get back into service.
I also miss Titanium Backup and the ability to completely remove apps I have no interest in having on my phone. All things being equal, I find that I can live without root on this phone. Battery life is great, it's fast, and it gets frequent and regular updates.
Really, no root?
So I just as well stay with my old rooted Droid Turbo. I came here thinking its time I look for a newer Motorola phone, that I can root.
What if I buy an unlocked Z Force? Can it be rooted then?
It seems that the regular Moto Z can be rooted according to this thread:
https://forum.xda-developers.com/moto-z/how-to/guide-how-to-root-moto-z-supersu-t3551113
So why can the Force not also be rooted?
Stuck with VZW Malware
I'd like to add to my original list of complaints about not having root.
The topic: AppFlash
Verizon now pushes the AppFlash malware onto every Android device. Without root, it can not be removed properly. I tried to disable the app via Settings, and it "uninstalled" an "update" so now AppFlash doesn't appear in the Apps list, but I still get messages that "AppFlash has crashed" multiple times per day. I work in an area with minimal cell service and no GPS service, and I strongly supect that it's AppFlash that's trying to spy on me, which is causing my phone to be constantly seeking location via GPS and draining my battery. It's only the last month or two that I've noticed it being this bad, and that does seem to correspond with the time that people started reporting the latest wave of AppFlash installations.
Make no bones about it, this is spyware, pushed by Verizon, that tracks your location, calls home to report everything ELSE they've spied on you as well, drains battery rapidly, and can not be removed!
This was the final straw, Verizon. I'm going to move back to iPhone (at least VZW can't crap up iOS too badly, like they can with Android) and then convince my wife to finally fire those VZW bums and switch to T-Mobile or Google Fi.
sn00gan said:
I'd like to add to my original list of complaints about not having root.
The topic: AppFlash
Verizon now pushes the AppFlash malware onto every Android device. Without root, it can not be removed properly. I tried to disable the app via Settings, and it "uninstalled" an "update" so now AppFlash doesn't appear in the Apps list, but I still get messages that "AppFlash has crashed" multiple times per day. I work in an area with minimal cell service and no GPS service, and I strongly supect that it's AppFlash that's trying to spy on me, which is causing my phone to be constantly seeking location via GPS and draining my battery. It's only the last month or two that I've noticed it being this bad, and that does seem to correspond with the time that people started reporting the latest wave of AppFlash installations.
Make no bones about it, this is spyware, pushed by Verizon, that tracks your location, calls home to report everything ELSE they've spied on you as well, drains battery rapidly, and can not be removed!
This was the final straw, Verizon. I'm going to move back to iPhone (at least VZW can't crap up iOS too badly, like they can with Android) and then convince my wife to finally fire those VZW bums and switch to T-Mobile or Google Fi.
Click to expand...
Click to collapse
How is the iPhone working out on Fi?
htcSlide said:
How is the iPhone working out on Fi?
Click to expand...
Click to collapse
Haha, I know, right? Reading comprehension can be hard.
As I said, my plan was to FIRST move back to an iPhone, THEN switch to T-Mobile OR Google Fi (the implication being, that when changing networks, one must obviously either have or obtain compatible hardware). Unfortunately, in my area only VZW has reliable 4G coverage without dead zones in the places where we need service the most. The wife has put her foot down about switching networks for the time being.
At least my iPhone, while older, still has the most recent version of iOS and is unencumbered by Verizon's malware. It's a reasonable compromise at the moment.
Since Z Force seems to be non-rootable, does it mean that camera2 api support level on the phone cannot be improved?
Or is there any way to enable Camera2 API Without Root on this phone?
also, can someone PLEASE help me on this QUERY...
What is Camera2 API support level on Moto Z FORCE
https://forum.xda-developers.com/z-force/themes/camera2-api-support-level-moto-z-force-t3863829
Its so sad not to have root on a very capable device like the Z force
I was running a U1 XAA build of Android 10 2.0 with the
June 1 Security patch that I'd downloaded and flashed
from Sammobile.
Awhile ago I downloaded and flashed the U1 XAA 2.1 update from the same place and noticed that there
are a number of apps I can no longer deny Wifi Control
access to under the Apps Special access area:
DeviceTest
DeviceKeystring
FACM
Gear VR Service
Voice wake-up
being 5 out of the 12 I cant deny access to.
Also I am no longer able to disable Google Play Services
whereas before in 2.0 I could. I'm not even allowed to forcestop Play Services now! Its not just these two changes, there are other things I used to be able to disable but now can't. And I have *two* 'SmartThings'
apps, one is version 10.0.37.0 and the other is version
1.7.50-21 (the-21 is just how its listed.)
I know this all sounds somewhat tame and trivial but I would like to know if this is all normal and can be confirmed by anyone else.
Anyone
-----------------
**Update**
Okay, just wanted to post some info on some sort of resolution to the above, mostly for those who make honest and earnest pleas for help and ask really pertinent questions but are ignored by the knowledgable (or criminal)
peruser.
In short, I was hacked. It doesn't come as a surprise (has happened *many* times with my N9. It *does* make me wonder about that supposed military-grade Knox security)
How do you know if you're hacked?? I just used the Running Services lister under Development Tools. Look
for services that shouldn't be running as often as they do
(Last hack they had Samsung Push which is for delivering notifications related to Samsung apps?? running something as a Service (not sure what it was but as soon as I stopped it, it popped right back up) or things you never use or have deactivated showing up in the cache (ESPECIALLY Aircommand!! Disable this as a Trusted Agent immediately! And keep an eye on it, and always keep the Air Remote feature OFF).
Also, the Google Play Store app. When I flashed the July 2020 Security update I noticed the Play Store was still at the May 2020 version update. I didn't think much of it at the time, but after having to Factory Reset I noticed it now read July 1 2020. So I guess the 'worms' have the May version hacked. Sucks that villany loves working for free breaking stuff, but in order to build something up and protect it, it takes toil and coercion.
Finally (Not sure if this is actually a sign of malware or hacking, but the only reference I could find relating to it
was from a guy who was truly beleaguered by hackers)
theres a User Certificate under Biometrics & Security / Other
Security settings / User Certificates that reads as
'FindMyMobile' and purports to being necessary for VPN security and other applications. Well, I had Find My Mobile
deactivated and uninstalled via ADB and it still showed back up after being deleted numerous times and my VPN seems to work without it. It might be for the Note 9's
built-in Knox android VPN strengthening parameters, but I couldn't find nfo online about it anywhere except in the case I mentioned which seems very odd. Qualifying proof of its malicious intent for me?: After factory resetting it hasn't shown back up.
I dont think my N9 is cleaned or I should say I'll never trust a smart phone fully again, not until the outdated and hacked 40 year old SS7 protocol that runs all cellular communications is updated, not until something more reliably secure than 'somewhat' obsfucatingly complex baseband processors are present in phones and maybe something akin to a hardware firewall in the soc that can interpret and filter non-carrier invalid commands (prob only need to update that damn SS7 protocol!) I'd also love it if Google/Alphabet would dump Android and start over with a new updated mobile OS with security at the forefront (Think, updates delivered via 'Middleware', roms bought initially directly from the manufacturer that can be crytographically flashed up to three times with signed updates with each update burned and locked into the rom via fuses. Each factory reset brings you back to your last update. The roms are only updatable if a hardware dip switch is tripped which moves actual physical leads in the soc which powers the ability to flash this chip. And maybe screw AOSP, I wonder if all this open sourceness has actually given the malware creators more knowledge to
finess the software and the hardware. The so-called white-hat 'Ethical Hackers' (LOL! HOW can breaking into someone's personal space without permission outside of national defense be considered ethical?!? All hackers are criminals. If you want to be considered a 'good' hacker (*snort*) bring to light the measly exploits and software, the slime who make and distribute the same and tell how to protect against them and detect them and disable them. Criminals giving webinars and seminars about how to circumvent protections for devices that billions of people rely on for living should be outlawed FULL-STOP-PERIOD I'd rather have one slime who knows how to get into a system than having that slime be allowed to freely distribute the software and knowledge so that millions of other definately less conscionable scum can make use of his knowledge.)
hackers only care about making their fame and fortune by
beinging to light obscure and unknown exploits that no one has ever used or are likely to use than going after to exoloits that *are* in use and *do* affect those in the here and now. It must give some sense of ease not to be in contention with real criminality and the fear of any reprisals from the 'less-ethically saturated' in the tech community.
Just wanted to get that out somewhere. I know its pointless and no-one will listen. Look at what Edward Snowden sacrificed for people who were/are unworthy of *any* sacrifice by betraying everything bit by bit, battle by battle until it must one day be reclaimed (if it can be) via costly confrontation, disruption and perhaps irrevocable critical loss.
Okay, END RANT. Yeah, a slow day, corona cloud and all.
But seriuosly the Feds need to check all this electronic criminality, its gotten waaay out of hand. TO FEDS: Less hunting terrorists, MORE hunting electronic predators and anarchists!
Hi, @tamdwin,
Even though you believe your phone may have been hacked, DeviceKeystring, DeviceTest, EmergencyManagerService, FACM, IMS Service, IOTHiddenMenu, Samsung MirrorLink 1.1, Settings, Setup Wizard, Wi-Fi Direct & WlanTest are enabled on my Note9 with One UI 2.1, Security patch: 1 July 2020 (w/out Google Play Services/Google Play Store, Bixby, GearVR, DeX...only have Google Services Framework installed).
After downloading the 1 July 2020 Security update, I noticed that these services could no longer be turned off for wi-fi control.
Wish I never downloaded the update for the fancy camera features, lol.
Snowden? Have you read any of his articles on smartphone security? (you may want to throw your phone in a blender after reading...)
Some of the settings, such as disabling "Find My Mobile" from running in the background, reset/enable after you restart the phone.
Snowden? Have you read any of his articles on smartphone security? (you may want to throw your phone in a blender after reading...)
But will it blend!
https://www.youtube.com/watch?v=FN9mktgYZJ8
I am worried about these things, so I am looking at developing my own custom ROM.
Sorry for my English I Am brazillian
@P00r ROFL! The Samsung S4 Active shake looks delicious! Thank you for sharing the vid!
silvaBR said:
I am worried about these things, so I am looking at developing my own custom ROM.
Click to expand...
Click to collapse
That sounds like an excellent plan!
Wondering if there's a public exploit available for the mali gpu bug?
what I want to do with it is temporarily root my device so I can modify the dialer db that controls ability to record conversations and the like, without need to unlock my phone. my logic is that if an exploit existed, I'd be able to to run it, get root, perform the neccessary sqlite commands / modifications to the db, reboot phone and it should just work and OTA updates should also just continue to work without an issue.
see exploit code from github security team for similiar issue on pixel 6 from a year or so ago, but wondering if anything exists for this new issue?
also, one can correct me if I'm wrong about what I want to do and that it wont work, even if there was an exploit.
Mali MMU exploits are extremely powerful, and kept under the wraps for now. Most vendors started patching these things only very recently.
Some one-click-root will be dropped like it's 2015 after all this is said and done (or some malware using it shows up first). But doing it sooner would wreak too much havoc.
If your device is Mali, you might want to defer security updates if you wish to use soft root in the following months - provided you're ok with leaving your device vulnerable till then.
Its not actively being used at the moment, so that's fine. Being patient (with that said, pixel devices are easy to downgrade) the