Related
Disclaimer: everything discussed here is for educational purpose only etc...
OK, so from June 12 this Hell act will take effect in UK, and downloading Torrents etc will become difficult, as ISPs to disclose details of customers who repeatedly infringe copyright, with a possible fine of £250,000 for non-compliance and requirement that ISPs block access to sites that allow "substantial" infringement as well as disconnecting users from Internet etc...
more info @ http://en.wikipedia.org/wiki/Digital_Economy_Act_2010
so, we all know we download Music and TV series etc...
how are we gonna protect our self from this ACT ?
Encryption is one idea, but encryption have to be done on both sides of the connection so this could be tricky....
any thought on the issue ?
Such ideas are preposterous, as they simply bypass Global Internet Neutrality.
IP-Spoofs and Proxies will always HELP protect the user, but the easiest way to prevent "being caught" if you're doing something you legally should not be, is to create a Private Domain amongst either a Router itself, or a Protected Virtual Machine.
Preferably a Virtual Machine due to the odd ports they access for Internet Access, plus, if "Big Brother" were to kick down your door... Most Protected Virtual Machines (Example:: Virtual Machine Encrypted with Bit-locker Technology) can take several months or years to "break into" for data... unless of course, you have the Key RIGHT THERE in hands reach.
Agent Zach said:
Virtual Machine Encrypted with Bit-locker Technology) can take several months or years to "break into" for data...
Click to expand...
Click to collapse
I'm not sure but aren't law enforcements have some sort of agreement with MS to have backdoor in to windows and BitLocker or something ? (maybe just a roomer i heard somewhere)
with IP-spoofing and Proxies, would that still not be traceable ? and also sow down connection badly ?
i mean when i in Russia i don't use any sort of proxies or anything just download things if Rapidshare and Pirate Bay as it is and i get good 1 or 2MB/s most of the time,
but in UK even now the Uni giving me the headache with their firewalls and WebSence...
i have to RDP all my downloads back in Russia and then send them as files to myself on like Microsoft Skydrive and other online hostings that Uni dosent block (Rapidshare and Depositfiles, iFolder are all blocked)
next year mm no longer living on campus and will have my own network contract with ISP and this D.E.2010ACT
worry me... I'm mean i on average download 30 - 40GB a week, that just on torrents...
one idea is to there a way to encrypt and tunnel all the Traffic form UK PC to Russia and back so ISP see nothing at all just flow of Encrypted data ? and how this can be achieved ?
and also what are the Chances of PirateBay and Utorrent incorporating some sort of Privacy features to it ? like utorrent have encryption but initial connection is still open
Well, honestly, due to Privacy Laws, unless a Windows User is a KNOWN convict, thief, or pedofile, allowing Law Enforcement backdoor access to ALL Windows Users is, again, violating Net Neutrality AND ones Privacy. Anyone and EVERYONE can be "violated" via malware.. and have their PC/Laptop turned into a Server for hosting & sharing illegal content, so there are SEVERAL conflicting issues with this.. atleast in the US. [As the user is not at fault. Their security software would be.] The same reason that most Professionals against the Digital Economy Act worry about Open Access Points.
And for Encrypting & Tunneling traffic, torrent sites, as well as other file sharing sites, would have to incorporate Server-Side Security. Massive 128 bit or even 256 bit encryption. Also, the user, us, would have to mirror the security methods these sites are using. So it would cause a "Worm Hole" through Internet Traffic Space.. thus making it look like the downloaded files came from no-where, and went no-where.
Such security and encryption methods could require several man-hours to "Up-Hold" as well as Maintain. So such an act could cause either Global Domain Dominance or the death of sites we all enjoy today.
AgentZach, I think you might want to brush up on your english skills. In no way is "Server" meant to be capitalized, among other clear mistakes that make you impossible to understand. But I digress. Most of the law isn't all that bad, however, I'm troubled by this, "the requirement that ISPs block access to sites that allow "substantial" infringement[4]." That could be a real issue. As for backdoor access, I'm pretty damn sure that violates multiple laws, plus how the hell would microsoft know what only you know?
Well, honestly, due to Privacy Laws, unless a Windows User is a KNOWN convict, thief, or pedofile, allowing Law Enforcement backdoor access to ALL Windows Users is, again, violating Net Neutrality AND ones Privacy
Click to expand...
Click to collapse
How exactly does accessing someones files violate net neutrality law? It doesn't even currently exist, thanks to our beloved Bush administration, net neutrality is treating all traffic equally. Plus, even being a known criminal does not give law enforcement the right to search your personal things without a warrant of some fashion.
TLDR:
Don't use torrents without a vpn. ..Or the internet.
DanielLyme said:
AgentZach, I think you might want to brush up on your english skills. In no way is "Server" meant to be capitalized, among other clear mistakes that make you impossible to understand. But I digress. Most of the law isn't all that bad, however, I'm troubled by this, "the requirement that ISPs block access to sites that allow "substantial" infringement[4]." That could be a real issue. As for backdoor access, I'm pretty damn sure that violates multiple laws, plus how the hell would microsoft know what only you know?
How exactly does accessing someones files violate net neutrality law? It doesn't even currently exist, thanks to our beloved Bush administration, net neutrality is treating all traffic equally. Plus, even being a known criminal does not give law enforcement the right to search your personal things without a warrant of some fashion.
TLDR:
Don't use torrents without a vpn. ..Or the internet.
Click to expand...
Click to collapse
GTFO. Who signs up just to be a smartass?
Plus, your TLDR didn't do anything except sum up what he was saying. With a tad bit of extra stupidity.
Oh, English IS ment to be capitalized. How are you going to insult someone's English and miss the most important word in the sentence. Rofflecakes.
In no way is "Server" meant to be capitalized, among other clear mistakes that make you impossible to understand.
Click to expand...
Click to collapse
In no way is "server" (don't reinvent the mistake, that's just sloppy) meant to be capitalized, and among with other clear mistakes, you are impossible to understand. (You didn't accidentally the whole thing, did you?)
I could go on, but you get the picture. Don't insult until you have the grounds to do so.
@ r3s-rt: Thanks for putting your boot up his/her ass.
I admit, I was half asleep when I typed that up... as it was 3AM my time, and I had a long Mothers Day with my family. I expected flaws, but as long as my main points were said correctly, "spelling & capitalization correct or not - sorry Adolf" I think I've shard my opinion.
The important thing is: Users, who intend to break the law on the internet, must lose their solo dependency for Security Suite software, and start learning how encryption and Virtual Private Networks work, as a whole. It's not only their ass they'll be saving. They'll be saving all of the rest of a torrents "seeders" who haven't stepped-up their games yet...
Agent Zach said:
@ r3s-rt: Thanks for putting your boot up his/her ass.
I admit, I was half asleep when I typed that up... as it was 3AM my time, and I had a long Mothers Day with my family. I expected flaws, but as long as my main points were said correctly, "spelling & capitalization correct or not - sorry Adolf" I think I've shard my opinion.
The important thing is: Users, who intend to break the law on the internet, must lose their solo dependency for Security Suite software, and start learning how encryption and Virtual Private Networks work, as a whole. It's not only their ass they'll be saving. They'll be saving all of the rest of a torrents "seeders" who haven't stepped-up their games yet...
Click to expand...
Click to collapse
No problem, I can't stand people who attack other people and then make the same mistake their attacking. Plus, who cares if your English is exactly perfect? As long as it's READABLE. That's the only time English becomes a problem.
u r wanna hlo me donload dis new gme but frum whr i unno?
lolwat?
I've always wondered one thing. I don't know much exactly how they work - I just know I need protection.
People who download and don't seed.... do they even have a chance at getting caught? I honestly wouldn't figure they would. Maybe for like.... 20 min they have a chance then what? Do they just disappear? I use a site where you actually have to keep an upload/download ratio just for the reason I hate leeches.
Also, stay away from public torrent sites is probably a good idea. THOSE are the ones they get all your info from.
r3s-rt said:
I've always wondered one thing. I don't know much exactly how they work - I just know I need protection.
Click to expand...
Click to collapse
For "Basic" security and encryption, without much manual handling, I'd recommend using either Kaspersky Internet Security 2010 or Norton Internet Security 2010 (or 360 v4).
r3s-rt said:
People who download and don't seed.... do they even have a chance at getting caught? I honestly wouldn't figure they would. Maybe for like.... 20 min they have a chance then what? Do they just disappear? I use a site where you actually have to keep an upload/download ratio just for the reason I hate leeches.
Click to expand...
Click to collapse
Well, getting caught, without seeding, varies upon the host/torrent site. Private Sites like Demonoid save logs for User Ratio data... and that Ratio data includes your IP Address you use when downloading & uploading torrents. Now if you were to use a Proxy, you may get a tad bit slower connection speed, but your TRUE IP Address would be "spoofed" to the Proxy IP. In other words, the host of the Proxy would be investigated, not you.
r3s-rt said:
Also, stay away from public torrent sites is probably a good idea. THOSE are the ones they get all your info from.
Click to expand...
Click to collapse
Good idea, and true. Most public trackers display all seeding & leeching data to anyone interested.. but the same goes as I've said above. Proxies may cut your speeds, but does speed really have more importance than your personal safety & privacy?
I'll leave that for you all to decide.
To be a smartass ain't why I signed up, and sorry if it seemed that way. Since you want to be a douche I'll speak your language - at least my TLDR made some sense, unlike his entire post.
But while we're on the topic of stupidity;
"Global Internet Neutrality
IP-Spoofs
Private Domain amongst either a Router itself, or a Protected Virtual Machine.
Preferably a Virtual Machine due to the odd ports they access for Internet Access
Virtual Machine Encrypted with Bit-locker Technology"
Just what is this "Global internet neutrality"? We're having a hard enough time trying to hold on to such in our OWN country, and other countries have none, so- doesn't exist.
"IP spoofs"- ANY idea how the internet actually works? Not possible to just arbitrarily IP spoof, you need special conditions.
"Private Domain"? Hurf durf, what? How's it work, what IS it?
"a virtual machine due to the odd ports they use for internet access"? WHAT are you takling about, have you ever actually USED a VM? Going by that comment I doubt it. I give up.
I can tell I'm talking to an avid 4chan lover. Good luck finding anyone who can understand what he's saying, I personally left my decoder ring at home.
Stop trying so hard, get enough sleep and have some caffeine, it'll do you good and you just may come across as halfway coherent next time. And maybe try to stop using large words on the net, because you're doing it totally out of context (which makes you look stupider than i'd like to believe you are)
The English syntax really wasn't the issue here, just that it was way off base and incomprehensible. Don't talk about something unless you have at least a BASIC idea of how it works. The RIAA and MPAA go after people who seed mainly. Private torrent sites are overrated and just not worth it- keeping a ratio mostly requires a seedbox so you don't get banned.
And the culmination of my wall of text, anyone who puts "Number of bricks to date:0" in their sig really shouldn't go attacking others. True men actually try to brick their **** and don't brag when they haven't.
DanielLyme said:
To be a smartass ain't why I signed up, and sorry if it seemed that way. Since you want to be a douche I'll speak your language - at least my TLDR made some sense, unlike his entire post.
But while we're on the topic of stupidity;
"Global Internet Neutrality
IP-Spoofs
Private Domain amongst either a Router itself, or a Protected Virtual Machine.
Preferably a Virtual Machine due to the odd ports they access for Internet Access
Virtual Machine Encrypted with Bit-locker Technology"
Just what is this "Global internet neutrality"? We're having a hard enough time trying to hold on to such in our OWN country, and other countries have none, so- doesn't exist.
"IP spoofs"- ANY idea how the internet actually works? Not possible to just arbitrarily IP spoof, you need special conditions.
"Private Domain"? Hurf durf, what? How's it work, what IS it?
"a virtual machine due to the odd ports they use for internet access"? WHAT are you takling about, have you ever actually USED a VM? Going by that comment I doubt it. I give up.
I can tell I'm talking to an avid 4chan lover. Good luck finding anyone who can understand what he's saying, I personally left my decoder ring at home.
Stop trying so hard, get enough sleep and have some caffeine, it'll do you good and you just may come across as halfway coherent next time. And maybe try to stop using large words on the net, because you're doing it totally out of context (which makes you look stupider than i'd like to believe you are)
The English syntax really wasn't the issue here, just that it was way off base and incomprehensible. Don't talk about something unless you have at least a BASIC idea of how it works. The RIAA and MPAA go after people who seed mainly. Private torrent sites are overrated and just not worth it- keeping a ratio mostly requires a seedbox so you don't get banned.
And the culmination of my wall of text, anyone who puts "Number of bricks to date:0" in their sig really shouldn't go attacking others. True men actually try to brick their **** and don't brag when they haven't.
Click to expand...
Click to collapse
http://en.wikipedia.org/wiki/Network_neutrality - lol. Wow, kid. Get on Google if you don't know what something is. =]
Proxies - Safer than using your regular IP, genius. If they weren't, we wouldn't use them.
http://en.wikipedia.org/wiki/Domain_privacy - Again, you NEED to Google.
About the seeding - we have a leech! Private sites ARE worth it. If you were even worthy to get an invite, you'd know. Let me guess, the most private site you know is Demonoid. *chuckle*
Avid 4chaner? Only a real /b/rother would be able to tell that.
And the culmination of my wall of text, anyone who puts "Number of bricks to date:0" in their sig really shouldn't go attacking others. True men actually try to brick their **** and don't brag when they haven't.
Click to expand...
Click to collapse
You are COMPLETELY retarded. If I wanted to brick my phone, I'd flash a nasty spl or a nasty radio or Danger SPL before a compatible radio with an imcompatible recovery. IF you knew ANYTHING about rooting as you say you do, you would understand that. You'd also know you are considered an idiot if you brick your phone. I think you just earned a spot in my signature as "worlds dumbest quote."
Little kids need to get off the internet and go to bed, mommy would be very mad if she discovered the bad words you were using.
Now, how about you stop trying to start a flame war and just shut up? You already look VERY stupid along with a tad bit pathetic.
The RIAA and MPAA go after people who seed mainly.
Click to expand...
Click to collapse
Didn't they do a bust down on a lot of college students? Yea, THOSE are our "main seeders." ROFL. Moron. They go after anyone they can get a hand on if they consider it worthy of an actual lawsuit. You'd know this if you ever read news.
Point blank, please stop throwing up in threads like you even know something. EVERYTHING you've said so far is either WRONG or STUPID. The last thing we need at xda are more idiots. :/ Please, gtfo.
Ohhhh, your TLDR said EXACTLY what he said in layman's terms. He at least has the brains to explain what he's saying. You just copy what he said and tried to make it look like your own. Sorry, bro, just don't respond. You've already dug too deep.
I have no idea what he just said. He just typed up about 200 words of pointless garbage... and wasted a post in this thread.
Officially, just from reading the first 10 words, I got dumber.
And once again, thanx r3s-rt for translating my words into "retard-speak" for him. It seems even the "dumbed down" version of my posts are too complex for him to understand.
LOL @ your links. Maybe he'll learn something new today.
Guys please - we're getting to the stage of - stop the agro or it's close it time - and I've got enough guys on my watch list without adding more!
Mike
My apologies.
Ditto.
10 char. :X
Perhaps the MPAA and RIAA should give up their tirades--after all, the United States has the lowest piracy rate of any country in the world, at just 20 percent.
Click to expand...
Click to collapse
So it seems not so bad. Either the US really does have the lowest Piracy percentage in the world... or the US Pirates are just a tad more secure.
Read HERE.
r3s-rt said:
I just know I need protection.
Click to expand...
Click to collapse
Use a condom???
flyboyovyick said:
Use a condom???
Click to expand...
Click to collapse
Lame but funny
Agent Zach said:
So it seems not so bad. Either the US really does have the lowest Piracy percentage in the world... or the US Pirates are just a tad more secure.
Read HERE.
Click to expand...
Click to collapse
Wow. I would have figured it would have been the HIGHEST. If not, at least towards the top of the list. o.o
flyboyovyick said:
Use a condom???
Click to expand...
Click to collapse
I'm not a tory supporter (Voted Lib Dem for what it is worth) but we can hope this is true
Damn it, I'm not allowed to post any links but Techradar is reporting that the conservatives may well ditch the entire thing which we can hope is true
I'm just getting started with CM7 and the Nook Color, but I have some general security concerns that perhaps you could help me with?
1. Viruses. I understand that these are real in Android. I've temporarily disabled non-Market apps, but I believe viruses and/or spyware have shown up in Market Apps too. Are there decent AntiVirus apps and what do you recommend?
2. Firewall. What services are open by default? Are there good software firewalls available?
3. Adware. Is it always clear which Market apps are ad-supported? Have apps crossed the line into malicious or near-malicious spyware? (Taking over browsers, redirecting home pages or searches, infecting other apps, etc.)
4. Apparently Google does not require password-confirmation for Market purchases, and no real solution exists, since available apps complicate things and don't address the root issue. Do they have any plans to change that?
5. Where are application and web site passwords, WiFi keys, and the like stored, and are they encrypted?
6. Is there a multi-user / multi-profile facility to allow different users to log in to different desktops and/or applications? (Or is that best accomplished with dual booting.)
7. What major applications are known to "phone home" or otherwise divulge more information than might be expected? I was quite surprised that CM7 itself phones home to CyanogenMod by default, and even with that turned off the ROM Manager still reports usage statistics to Google?
8. Is anyone independently reviewing CyanogenMod itself for privacy and security implications? Right now many of us are relying on a hodgepodge of hacker contributions and the good will of those creating them. I'm sure that anything malicious would eventually come to light, but is anyone proactively checking out the release CM7 distribution, the GApps distribution, and the various installers and packagers? Right now the only verifiable "web of trust" that seems to exist is the good intentions of every contributor, and the general availability of the source code (which should make the review possible, if not particularly easy!).
9. Are there any "best practices" as a user? For example, I've set up a new GMail ID for use with the NC, and haven't yet linked any credit card or payment data. Meanwhile, for the B&N side I've had to submit a credit card number to get access to their market (even to get their "Free" offerings).
10. Any implications for configuring e-mail and/or contacts, etc.? Mass remailing trojans certainly exist on the Windows side.
11. Do the application specific permission settings compare favorably to those of the BlackBerry, and are they easily adjustable after you've already granted permissions to an app?
12. Is there any concept of sandboxing a new app to prevent it from possibly adversely affecting other applications or files?
13. Is there a best practice for how to manage files on both the eMMC and SD card storage, particularly when booting between the two? Can one be locked out from the other?
Okay, that's a baker's dozen. I'll stop now.
Thanks much for any input.
Really? Nobody has an opinion to share on this?
rooting /cm7 / and the purpose behind it may just not be for you. I don't think your going to get an answer your looking for. Also not trying to be rude, but you pretty much wrote a book in your first post. Just ask a question dude.
Thanks for the response, but I asked roughly 13 questions -- would you prefer I "just asked a question" by starting 13 different threads? I certainly wouldn't.
And your first sentence makes it sound as if there's no one here who gives a damn about their own data and that everyone views the Nook Color as a toy -- and I seriously doubt that.
xdabr said:
I'm just getting started with CM7 and the Nook Color, but I have some general security concerns that perhaps you could help me with?
1. Viruses. I understand that these are real in Android. I've temporarily disabled non-Market apps, but I believe viruses and/or spyware have shown up in Market Apps too. Are there decent AntiVirus apps and what do you recommend?
2. Firewall. What services are open by default? Are there good software firewalls available?
3. Adware. Is it always clear which Market apps are ad-supported? Have apps crossed the line into malicious or near-malicious spyware? (Taking over browsers, redirecting home pages or searches, infecting other apps, etc.)
4. Apparently Google does not require password-confirmation for Market purchases, and no real solution exists, since available apps complicate things and don't address the root issue. Do they have any plans to change that?
5. Where are application and web site passwords, WiFi keys, and the like stored, and are they encrypted?
6. Is there a multi-user / multi-profile facility to allow different users to log in to different desktops and/or applications? (Or is that best accomplished with dual booting.)
7. What major applications are known to "phone home" or otherwise divulge more information than might be expected? I was quite surprised that CM7 itself phones home to CyanogenMod by default, and even with that turned off the ROM Manager still reports usage statistics to Google?
8. Is anyone independently reviewing CyanogenMod itself for privacy and security implications? Right now many of us are relying on a hodgepodge of hacker contributions and the good will of those creating them. I'm sure that anything malicious would eventually come to light, but is anyone proactively checking out the release CM7 distribution, the GApps distribution, and the various installers and packagers? Right now the only verifiable "web of trust" that seems to exist is the good intentions of every contributor, and the general availability of the source code (which should make the review possible, if not particularly easy!).
9. Are there any "best practices" as a user? For example, I've set up a new GMail ID for use with the NC, and haven't yet linked any credit card or payment data. Meanwhile, for the B&N side I've had to submit a credit card number to get access to their market (even to get their "Free" offerings).
10. Any implications for configuring e-mail and/or contacts, etc.? Mass remailing trojans certainly exist on the Windows side.
11. Do the application specific permission settings compare favorably to those of the BlackBerry, and are they easily adjustable after you've already granted permissions to an app?
12. Is there any concept of sandboxing a new app to prevent it from possibly adversely affecting other applications or files?
13. Is there a best practice for how to manage files on both the eMMC and SD card storage, particularly when booting between the two? Can one be locked out from the other?
Okay, that's a baker's dozen. I'll stop now.
Thanks much for any input.
Click to expand...
Click to collapse
I have to admit, you come off as rather paranoid, and i am not sure why you are so.
Yes, there have been a couple of problem apps recently, but Google took care of them, and i would not worry. The best security you can have, is looking at what you are installing. The application cannot hide what permissions it needs, so if you have something asking for way more than you think it should need, take that as your first red flag.
Currently, Virus Scans on Android are a joke, and simply unneeded. Don't even waste you time. Firewalls are just about the same, and again, not worth the effort. One thing to keep in mind, that this is a linux system, and is not as prone to the Windows based attacks that you are used to. Things like email spam bots and such are not a problem.
As for Cyannogen - no code is added to the repository without being peer reviewed; and every code submission is available in public records. Frankly, they did not make it to CM7 by stealing people's data, nor is it simply a hodge podge of devs.
Frankly, I think right now more research is in order for ya. Most of what you ask is already discussed in many places, or is never discussed, because it simply isn't a worry...
Thank you, Divine_Madcat, for the advice and explanation. By hodgepodge I was more referring to the multiple installer methods and packages that newbies like me are relying upon to get everything installed easily. There are a lot of them, from a lot of nice people, from preconfigured SD card images to installation methods with modified boot loaders to interface and performance hacks. Even if Cyanogen itself is well maintained it would be pretty easy for someone to include a little trojan in one of those third-party "distributions".
It's not exactly paranoia, I've just seen this happen so often. Trojan horses are certainly not limited to Windows. Worms and other compromises have affected thousands of Unix and Linux machines in the past. Web sites and PHP and Perl scripts and databases and web frameworks regularly see vulnerabilities discovered and/or exploited. So since this device will be used in part by children with access to my credit card, I wanted to know what we're dealing with.
No, I was not familiar with Cyanogen's review practice (which is one reason I asked), so thanks for that reassurance! I will try to learn more as I go.
I do apologize for the length of the OP though -- I was trying to brainstorm and get everything down in one place that related to possible security concerns. It's not as if I'm worried sick about every little point.
One of the apps I install on all my installs is 'Lookout'. This app scans all my programs I install and update and I have heard very good reviews of it.
I did see that Eric Lundcrest did an article today:
http://web.eweek.com/t?r=2&c=38783&l=64&ctl=11B38843F5D4C728CF30E9F23F9E91BB51617&
You can check them out. I haven't tried them all myself and I noticed that he didn't include the app that I recommended above (and I use it on both my Nook and my HTC EVO)
You Should Also be Aware..
that one of the joys of Android (and of course Unix/Linux) is that everything is "sandboxed" unlike Windoze - there are not many apps that interfere with others - that's why it's so easy to install and uninstall from Android. Compare the uninstalling of even a large Android app with that of uninstalling from Windows.
I would not worry about interfering apps
Thanks, doc. I'm moderately familiar with the Unix security model, but not so much with Android. Is sandboxing really accurate? In Linux processes run with particular user rights, much as in Windows but more flexible -- that is, it's just much more common to have different daemons running as different users. Still, I don't think they're really isolated from one another as they might be with a "chroot jails" kind of function...
I don't think electronics are for you, I suggest books and a cabin in the woods.
No virus really exist yet, a few flaws in the code have been found but they are patched quick.
No real firewall, doesn't work quit that way with android.
Yes, it will say in the permissions of the app in the market.
You sign into the market when you first use it, making sure your devise has a lockscreen PW is how you keep it safe.
/data
no
Some apps phone home, check permissions before you install.
All CM code can be seen in the github, you can compile it yourself if you wish.
Use smart internet credit card practices such as only attaching a low limit card to accounts etc.
If the google email server was hacked maybe but all that stuff is stored encrypted on googles end.
Permissions need to be approved of by you if they change.
Android sandboxes all apps.
Dono, I have CM7 on internal and books etc stored on the SD card.
Nanan00, your actual answers were great, but "I don't think electronics are for you, I suggest books and a cabin in the woods." and the similar dismissive post above are exactly the kind of BS condescension that gives some open source communities a bad name. Stop it. Little by little it devalues the entire community and its projects.
Thanks for the substance of your response.
Truthfully... My parents practice pretty much all of the stuff you have said, they're very careful with credit cards and anything that could be used as personal information.
And yet... Someone got ahold of their credit card numbers and bought something for almost 3k last year...
I have no virus software or even firewall software on this computer, it has not received a virus in over 5 years (I know... it needs an upgrade) and I'm running Windows XP SP2.
If you're prone to viruses then go ahead and install some antivirus software. If you're scared about your kids + your credit card + the nook, then have them make all transactions on the computer.
The reason no one is taking this seriously is because Android is to new for there really to be anything worthwhile on the market. People are just now learning how to develop and code for it. So there aren't a bajillion(give or take one or two) viruses or trojans running around the google market.
On top of that, so long as your legally buying your apps from the google market, you have even less to worry about. As google has shown in the past that they'll go ahead and delete it the second they find it.
As far as permissions go, don't get to hung up on it. Everybody trust Pandora and yet it requires more permissions then some of googles own apps. =\
Thank you, Gin1212. I don't use an AntiVirus on my own Windows machines either -- it's more trouble than it's worth when you know what you're doing. (On Android I don't know what I'm doing, yet.)
And yeah, I already made sure to use a disposable credit card number ("ShopSafe") with a limit when setting up the Nook for the young'un. Google Market, thankfully, doesn't require a credit card unless you buy something, so I'll be checking out the free apps for a while (so that's part of why I asked about adware/spyware).
I was approaching the thing as I would any new (to me) full fledged operating system and computer, fully aware it's not the "safe" and dictatorially controlled little world of iOS or, to some extent, BlackBerry OS.
So thanks for the real world advice!
xdabr said:
Nanan00, your actual answers were great, but "I don't think electronics are for you, I suggest books and a cabin in the woods." and the similar dismissive post above are exactly the kind of BS condescension that gives some open source communities a bad name. Stop it. Little by little it devalues the entire community and its projects.
Thanks for the substance of your response.
Click to expand...
Click to collapse
Suffice it to say that Android's and Microsoft's, and even Linux's app model is vastly different. Google does not just act as a repository, as in Linux. From my understanding, Google is rather guarded about it's app market and if anything heretofor is found, the app is yanked from the market immediately.
I agree that website security is more an issue that needs to be looked at, but the lion's share of websites that have virii and adware are aimed at infecting windows machines, but your concerns are noted.
As to the intent of the Devs here, I think you need to understand that these roms, mods and apps are their children, and their passion of the moment. No one goes through all the crap they do just to foment adware. This is their meat and drink and trust me, if there were a dev whose morality came into question, they would police themselves and it would be all here for us to read. There are no secrets here. These aren't script kiddies looking to wreak havoc.
I agree that security is a good thing, but the twin natures of Android are openness and isolation. Each app, at least from my understanding is an island unto itself with rare exception. So I think that while your concerns in themselves are noble, they are unwarranted, and at some points even seem absurd. No offense intended here.
We aren't just drinking the kool-aid here, everyone knows the risks of adopting an unknown and untested ROM, everyone takes the responsibility to themselves when they violate their warranty in search of a better tablet experience. The average person who roots their nook is not your average idiot windows user. We are here because we want more and better than our legacy alientation by microsoft and those who can't think outside of their security model.
Well, there is my Android manifesto. Sorry for rambling.
migrax
No, I appreciate the manifesto -- thanks. Again, I tried to brainstorm and throw the kitchen sink into the original post so as to get everything down in one place. I was hoping it could serve as a general security discussion thread. Not everything there is a huge concern of mine, and sorry if it made things seem absurd.
I appreciate your points about the intentions of the developers and the operation of Google's market (although of course a big selling point is we are NOT limited to that market... conversely, I suppose anything I chose off-market would be something I had by definition come to trust independently).
xdabr said:
Nanan00... "I don't think electronics are for you, I suggest books and a cabin in the woods." and the similar dismissive post above are exactly the kind of BS condescension that gives some open source communities a bad name. Stop it. Little by little it devalues the entire community and its projects.
.
Click to expand...
Click to collapse
I think your overreacting a wee bit too much. I can't speak for Nanan00 but the first sentence of his post feels like a joke. He took the time to write out the answers of OP's question...
Also since you were referring to my post at the top..... I was just being candid with OP.
I read his post, I could see that he was a bit paranoid (IMO) and told him my honest opinion. Which is: Hacking your nook, or any device for that matter, may not be for you. The reasons being that when you hack your device, you inevitably increase its chances of being exposed (even if the increase is small, its there.) I don't feel that I am being arrogant, and I didn't catch that drift from Nanan00. But I wanted to address this since you obviously feel strong that this type of behavior is "devaluing the entire community and its projects."
Anyways to the OP:
Sorry if my post came off rude. I should of taken the time to give you my explanation.
colbur87 said:
I think your overreacting a wee bit too much. I can't speak for Nanan00 but the first sentence of his post feels like a joke. He took the time to write out the answers of OP's question...
Also since you were referring to my post at the top..... I was just being candid with OP.
I read his post, I could see that he was a bit paranoid (IMO) and told him my honest opinion. Which is: Hacking your nook, or any device for that matter, may not be for you. The reasons being that when you hack your device, you inevitably increase its chances of being exposed (even if the increase is small, its there.) I don't feel that I am being arrogant, and I didn't catch that drift from Nanan00. But I wanted to address this since you obviously feel strong that this type of behavior is "devaluing the entire community and its projects."
Anyways to the OP:
Sorry if my post came off rude. I should of taken the time to give you my explanation.
Click to expand...
Click to collapse
Um, colbur87, "OP" and I are the same person.
Asking questions is one way we learn. As an Android newbie many of my questions would apply to any Android device, hacked/rooted or not. If they're not appropriate for this forum, or if no one here thinks they're valid or worth a response, that would be okay. But to say in effect "your concerns are stupid and you don't belong here" is not only insulting, but factually wrong. Just because some people are content to not consider security implications doesn't mean they're not real.
Blithe unquestioning acceptance and faith is more of an Apple iFanboy trait, I would have thought.
And much as with Linux as a whole, positioning "hacked" Android as something not amenable to ordinary consumers is counterproductive.
(By the way, I'm not an ordinary consumer.)
Anyway, I do appreciate the answers people have given.
Wasn't lookig at the names so my bad on the mix up.
Anyways if you still think im being rude even after my previous post then so be it.
im out
Sent from my Desire HD using XDA Premium App
Divine_Madcat said:
The application cannot hide what permissions it needs, so if you have something asking for way more than you think it should need, take that as your first red flag.
Click to expand...
Click to collapse
Actually, that isn't true. There are holes in Android Market, so if app makers really wanted to, they can hide certain permissions even if your app calls out that permission through androidmanifest, which is how the permission is given in the first place. It was shown that even big name developers had exploited this one time or another. Of course this has nothing to do with CM7. Even stock Android phones are vulnerable to this. However, in general, if you download a popular app, you should be able to trust the permissions listed. Unless your the first person to download an app, you'll usually hear back from initial users if there's something funky going on.
I have Oneplus 3T Oxygen OS 4.1.6
My friend told me yesterday that android can be easily hacked, But i dont believe him
I have encryped my device+lockscreen pin+fingureprint+No malwares+ security pin for recovery and os startup too
Usb debugging is disabled, as well as oem unlocking disabled too, My question is if someone steals my device will he be able to get my data?, Will he able to change IMEI?, Without changing any hardware
My friend is betting on that android can be hacked even if i its secured. Is there any chances that it can be hacked????
Does this friend even have any specific technical knowledge of smartphones, Android, etc.; or just repeating rumors and hearsay?
Speaking not as a security expert, but just as a longtime Android user: Hacking like you said (unmodified phone, stealing it and trying to access your personal data) is pretty much nonsense. In strict technical terms, any device can be hacked eventually. But it would be difficult to do so, given the phone is encrypted. And by the time they did that, most folks would have been savvy enough to cancel their credit cards, change their important passwords, etc.
You can also remote wipe the phone, although it needs to be powered on, and connected to the Internet to do so. And smart thieves will have shut off the phone and/or turned on airplane mode.
Predominating philosophy would be that criminals are going for the lowest hanging fruit. It's far more likely the thief will just wipe the phone, and try to sell it. On the data theft side, there are easier methods to steal personal info than trying to hack an encrypted phone.
https://xkcd.com/538/
Didgeridoohan said:
https://xkcd.com/538/
Click to expand...
Click to collapse
Yeah, pretty much!
redpoint73 said:
Does this friend even have any specific technical knowledge of smartphones, Android, etc.; or just repeating rumors and hearsay?
Speaking not as a security expert, but just as a longtime Android user: Hacking like you said (unmodified phone, stealing it and trying to access your personal data) is pretty much nonsense. In strict technical terms, any device can be hacked eventually. But it would be difficult to do so, given the phone is encrypted. And by the time they did that, most folks would have been savvy enough to cancel their credit cards, change their important passwords, etc.
You can also remote wipe the phone, although it needs to be powered on, and connected to the Internet to do so. And smart thieves will have shut off the phone and/or turned on airplane mode.
Predominating philosophy would be that criminals are going for the lowest hanging fruit. It's far more likely the thief will just wipe the phone, and try to sell it. On the data theft side, there are easier methods to steal personal info than trying to hack an encrypted phone.
Click to expand...
Click to collapse
I understand what you said, There was a debate between me and my friend which is better ios or android, He told me even with extreme security on android i can be easily hacked without even any harware change? This thing is annoying me, How could someone get access is I have encrypted+security pin+Recovery Pin. Is it still possible to get into device?
Your friend sounds like a crazy apple fanboy (no offense). I personally wouldn't even bother to engage in that argument, it's pointless. Don't worry, your device is perfectly safe.
Ritss778 said:
There was a debate between me and my friend which is better ios or android
Click to expand...
Click to collapse
I suspected as much. I don't think your friend has any clue about Android or smartphone security.
Ritss778 said:
He told me even with extreme security on android i can be easily hacked without even any harware change? This thing is annoying me, How could someone get access is I have encrypted+security pin+Recovery Pin. Is it still possible to get into device?
Click to expand...
Click to collapse
Your friend is just plain wrong if he is saying your phone can be "easily" hacked just because it's Android. This just sounds to me like an ill-informed Apple fanboy, who wrongly thinks a device is "inferior" just because it's not Apple; without actually knowing any technical details or information.
These smartphones all do the same things, fundamentally. iOS is not significantly any more or less secure than Android. Just look at the massive iCloud hack where hundreds of celebrity photos were stolen. And your friend want to say his phone is "more secure" just because Apple?
Malware is probably the biggest security threat for Android (more so than iOS). But as long as you only install only reputable apps, and halfway careful when allowing app permissions, you should be safe. And it doesn't sound like malware is what your friend is talking about, but rather physical theft and subsequent hacking.
In theory, hacking any device is "possible" (given enough time and effort) but that doesn't mean its probable. Nothing about Android makes it "easy" to hack outright. It would probably take a hacker days, weeks, if ever, to break the encryption. And it would require a technological wizard. It's not even worth the effort, for relatively little payoff (at most, gaining your access to your bank account?). Someone with that much skill is going after bigger fish, like the kind of security breaches that compromise thousands of credit card numbers.
In reality, criminals will go for lowest hanging fruit. Folks with phones that are not encrypted or secured. Or some phishing scheme or social engineering to obtain a password or other personal info. Why spend hundreds of hours trying to hack a single phone's encryption, when you can trick someone into giving you their credit card number in a few minutes?
In any case, iPhones are the most stolen phone, last I heard. Therefore, your friend is at more risk of just having his phone stolen, in the first place.
---------- Post added at 11:56 AM ---------- Previous post was at 11:53 AM ----------
-Ric- said:
Your friend sounds like a crazy apple fanboy (no offense). I personally wouldn't even bother to engage in that argument, it's pointless. Don't worry, your device is perfectly safe.
Click to expand...
Click to collapse
Pretty much the point I was trying to make, but without all my rambling! :laugh:
Ritss778 said:
I understand what you said, There was a debate between me and my friend which is better ios or android, He told me even with extreme security on android i can be easily hacked without even any harware change? This thing is annoying me, How could someone get access is I have encrypted+security pin+Recovery Pin. Is it still possible to get into device?
Click to expand...
Click to collapse
Think from a different prospective...
If your phone is stolen doesn't matter iOS or driod or xyz. There are ways to get access to data.
If you are using it then security and safety depends on one thing. Your brain.
In terms of data, most data we have resides in cloud including photos, facebook, whatsapp, we chat etc etc. It's all in cloud owned by someone to advertise on us.
WARNING:
If you want to use Xposed Framework in Android Pie, Q or higher version.
Do NOT use TaiChi anyway.
TaiChi (aka EXposed) is developed by a Chinese commercial software company, closed-source, networked and with code obfuscation.
And the terms of use are repeatedly emphasized(Translated from Chinese, excerpt):
3.1 The official shall not be liable for any of the following circumstances, and the TaiChi developer shall not be liable for damages:
3.2 Presence in the service may cause loss of data, information disclosure, data modification, etc.(Note: The above refers to any condition, even if you do not install or activate any Xposed module may occur), due to personal reasons or the use of third-party Xposed modules, lost data, information disclosure, data modification, capital loss, etc.
5. Disclaimer.
You acknowledge and agree that TaiChi Developer shall not be liable for any damages that may result from any of the following circumstances, including but not limited to property, income, data and other losses or other intangible births.
5.6 Presence in the service may cause loss of data, information disclosure, data modification, etc.(Note: The above refers to any condition, even if you do not install or activate any Xposed module may occur), due to personal reasons or the use of third-party Xposed modules, lost data, information disclosure, data modification, capital loss, etc.(Note: This paragraph repeatedly emphasizes)
Click to expand...
Click to collapse
And if you want to use it, you must unconditionally agree to the above terms.
Although there is no technical research at the moment that shows that it has done bad things, but who knows?
It may still lead to security issues, even your money.
And you NEVER know what it does behind the scenes unless it's an open-source software.
According to the official group administrator of Taichi, people don't need any privacy in the era of big data.
I'm very disappointed with this attitude.
It's like A's safety box was damaged, B and C and D stole something, and then E also stole something, and said to A: anyway, your things have been stolen, I can steal a little more.
Similarly, the above A can be regarded as users, B and C and D can be seen as software that has divulged some of your stuff before. E is TaiChi.
Finally, please keep in mind that you should NEVER use a closed-source software framework try to modify your system, for security.
Edxposed is open source AFAIK
https://github.com/ElderDrivers/EdXposed?files=1
Taichi is a virtual Xposed... Not the same thing
yes it is open-source
TaiChi Magisk modify system to enable Xposed, Similar in principle
mlgmxyysd said:
yes it is open-source
TaiChi Magisk modify system to enable Xposed, Similar in principle
Click to expand...
Click to collapse
Different things mate. Don't confuse people [emoji4]
sure, as article says
You NEVER know what it does behind the scenes unless it's an open-source software.
mlgmxyysd said:
sure, as article says
You NEVER know what it does behind the scenes unless it's an open-source software.
Click to expand...
Click to collapse
Are the apps you install from the Play Store open source?
ldeveraux said:
Are the apps you install from the Play Store open source?
Click to expand...
Click to collapse
Go back and see what we're talking about
Application framework and modify your system, not application in Play Store
Although there is no technical research at the moment that shows that it has done bad things, but who knows?
Click to expand...
Click to collapse
You looks like a thief, although i have no evidence, but who knows?
You looks like a rapist, although i have no evidence, but who knows?
You are ..., although i have no evidence, but who knows?
As for open-source:
Here is my github profile: https://github.com/tiann
I do a lot for open-source community, but i don't think everything should be open-sourced. This is my respond for Why taichi is closed-source: https://github.com/taichi-framework/TaiChi/issues/998#issuecomment-544934678
If you are a FOSS fans, I fully understand and support you. But i should sadly tell you that taichi may not be suitable for you
As for the terms of Taichi:
Taichi·Ying needs to uninstall the original app first, this of cause may lead to loss of data; The Fabric may collect your anonymous information and upload the crash informations; TaiChi·Yang need to unlock the bootloader, it may damage your device, this may happen rarely, but i cannot neglect it. All of these are normal terms, You just accuse of me by imagination?
weishu said:
As for the terms of Taichi:
Taichi·Ying needs to uninstall the original app first, this of cause may lead to loss of data; The Fabric may collect your anonymous information and upload the crash informations; TaiChi·Yang need to unlock the bootloader, it may damage your device, this may happen rarely, but i cannot neglect it. All of these are normal terms, You just accuse of me by imagination?
Click to expand...
Click to collapse
What you said belongs to the user's own operation, not the service in the software you provide
And as mentioned in your listed posts:
it is far to dangerous to use it unchecked as closed source on a rooted device.
Click to expand...
Click to collapse
Basically the very good warning/justification is in the second post of the original TaiChi thread by @M66B.
together with the post 45, it can be assumed:
it is a system level application
it does have closed, obfuscated code
it did not passed any external audit*
it does contain some controversial sentences in T&Cs
* - perhaps as the result of being written by a single person (in theory - we cannot know if there is someone behind)
Now it is each user individual choice: use it or not. If you do trust the developer, "do not have anything to hide" - feel free to use it.
Personally, if I'd be interested then yes: I would use it. After setting it up on a dummy old phone for a month and checking traffic very carefully. single encrypted packet would eliminate it from use.
But again, it is a personal choice of each individual user to give access to all and any private information stored and obtained by the phone (voice, video recording capabilities are obvious) to the developer who does not trust the users enough to deobfuscate/open the code.
It is just a mutual trust: you trust them as much as they trust you, isn't it?
Yeah, Xposed is close-source, and where is it now? Google wrote a permanent detection system for that, SafetyNet, and you cannot install Xposed and pass SafetyNet, half of apps will not work, except EdXposed, it could pass SafetyNet, but even that got recently detected by Google and now you must do various tricks / hacks with black list to pass SN with it. May be, TaiChi is close-source because the developer of it wants to protect that against Google?
P.S. About this spying / tracking / data stealing - some parts of Android are also close-source, and are maintained by Google. Actually, 60% of whole software is close-source. On your PC, the whole software is close-source. Windows is close source. So, you trust your data to such companies like Google, M$, but to a no-name guy that writes mods for Android - no? I just don't get your opinion ?
spamtrash said:
Basically the very good warning/justification is in the second post of the original TaiChi thread by @M66B.
together with the post 45, it can be assumed:
it is a system level application
it does have closed, obfuscated code
it did not passed any external audit*
it does contain some controversial sentences in T&Cs
* - perhaps as the result of being written by a single person (in theory - we cannot know if there is someone behind)
Now it is each user individual choice: use it or not. If you do trust the developer, "do not have anything to hide" - feel free to use it.
Personally, if I'd be interested then yes: I would use it. After setting it up on a dummy old phone for a month and checking traffic very carefully. single encrypted packet would eliminate it from use.
But again, it is a personal choice of each individual user to give access to all and any private information stored and obtained by the phone (voice, video recording capabilities are obvious) to the developer who does not trust the users enough to deobfuscate/open the code.
It is just a mutual trust: you trust them as much as they trust you, isn't it?
Click to expand...
Click to collapse
Yes, you are right.
Using these Xposed framework is the choice of users.
Just to remind, there are many similar virtual Xposed.
I personally prefer and recommend using open-source or unrestricted Xposed frameworks.
Senliast said:
May be, TaiChi is close-source because the developer of it wants to protect that against Google?
Click to expand...
Click to collapse
To be sure, no.
The author's reason is (Translated from Chinese):
Do you really think open source is a good thing? For individuals, open source may mean security, but many families have been destroyed by others doing all kinds of things (Translate notes: Pornography, gambling, drugs are mentioned in the context) with your open source code. You just need to say, I open source, it's none of my business.
Click to expand...
Click to collapse
But this is a totally wrong theory.
No, just a little bit. He's right. "I open source, It's none of my business."
It's true that open source software is easy to be used by bad people.
But what should be punished is only those who use it to do bad things, right?
For example, I sold you a knife. The name of the knife is open source software. Should I be punished if you kill people with this knife?
If, according to him, the one who finds that IOS system can't fix bugs (checkm8) and makes open-source jailbreak software should be jailed
According to him, anyone who discovers a CVE vulnerability and makes an open source POC should be jailed.
According to him, anyone who ... and makes an open source software should be jailed.
You may ask, why?
Answer: your open-sources software may be used by bad people, causing many families to be destroyed.
Senliast said:
P.S. About this spying / tracking / data stealing - some parts of Android are also close-source, and are maintained by Google. Actually, 60% of whole software is close-source. On your PC, the whole software is close-source. Windows is close source. So, you trust your data to such companies like Google, M$, but to a no-name guy that writes mods for Android - no? I just don't get your opinion
Click to expand...
Click to collapse
It's about software framework, not software or module or system.
Senliast said:
Yeah, Xposed is close-source
Click to expand...
Click to collapse
Note that Xposed is not commercial production.
But TaiChi is.
Shenzhen Dimen Space Network Technology Co., Ltd
http://taichi.dimenspace.com/
Website record(in China) No.44030502003828
Click to expand...
Click to collapse
Commercialization means that the main purpose is to make money, so it will bring more risks.
MOD EDIT:
Thread cleaned.
Guys, There is no need for harsh language. Please keep the exchange civil and respect each other.
Thanks for your cooperation.
So what's the conclusion? Is someone going to do intensive research on the behavior of this framework and hunt for exploitation of vulnerabilities?
d3vyarth said:
So what's the conclusion? Is someone going to do intensive research on the behavior of this framework and hunt for exploitation of vulnerabilities?
Click to expand...
Click to collapse
Probably not because there's too much obfuscation, and...closed-source
Please read it.
What guarantee you give for edxposed as well? It isnt officially from xposed team right?
And edxposed already posing issues with Safetynet and Taichi works simply great.
And as far as data leaks etc, once you step into the world of android you are already in the risk zone. By this time all your data is already sold across the globe. Its too late to bother now. So just be at peace.
Completely computer code illiterate. Have some rudimentary knowledge of computer use ......but, .....that's about it.
Bought an LG V40 ThinQ, SKU: LMV405QA7 .AUSABK, in 2019 directly from the manufacturer. I never activated it, never used it. It's been sitting, brand new in the box, ever since. I didn't want to go the same route I did prior -- allowing all the outside control of my device -- facilitating all the snooping upon me, i.e. data collection of my private personal information ......and life.
I have spent the duration of time, since purchase of this phone, attempting to educate myself; as to, how to free myself of the surveilance on me by corporate America.
Unfortunately, I have since learned: the LG V40 was much more complicated to take control of, than other phones. Atleast, more than the general skill set of the layman would allow.
I am here seeking the knowledge and power of XDA's developers, to free myself, like so many others -- and protect what remain of my civil liberties, from the surveillance state.
Respectfully,
Alex
Welcome to XDA.
If you're concerned about privacy I would unlock the bootloader and install a custom ROM without Google services. It won't be perfect but a little less data will be transferred. Maybe something like a PinePhone would be better for privacy, or better yet an old time "dumbphone"...
You should be able to find most of the info you need in the LG V40 section of the forums. Check it out...
And just a heads-up: keep the politics off the forum. To quote the forum rules:
2.4 Personal attacks, racial, political and / or religious discussions: XDA is a discussion forum about certain mobile phones. Mobile phones are not racial, political, religious or personally offensive and therefore, none of these types of discussions are permitted on XDA.
Click to expand...
Click to collapse
Again, welcome and I hope you have a good experience here on XDA.
Step 1 - abandon or delete FB, Twitter, Instagram, WhatsApp etc accounts.
Extreme - Get burner phone with prepaid minutes paid with cash. Power down when not using. Don't use at home or familiar/same locations. Toss as needed, repeat
They use voice recognition algorithms so they can likely ID you by voice probably in real time.
NASA surveillance has been online for a while now... and is far more capable than they like you to know. It effectively has unlimited storage capacity for all voice calls, text, internet activity and more.
Didgeridoohan said:
Welcome to XDA.
If you're concerned about privacy I would unlock the bootloader and install a custom ROM without Google services. It won't be perfect but a little less data will be transferred. Maybe something like a PinePhone would be better for privacy, or better yet an old time "dumbphone"...
You should be able to find most of the info you need in the LG V40 section of the forums. Check it out...
And just a heads-up: keep the politics off the forum. To quote the forum rules:
Again, welcome and I hope you have a good experience here on XDA.
Click to expand...
Click to collapse
Thank you much for your reply, guidance, and help, Didgeridoohan.
I was happy to see, layman or not, I was, atleast, on the right track with some things. I have been utilizing the "dumb phones". Mostly, flip phones from yester-year; mostly a decade old or more. The problem I am running into with those: the 2G and 3G bands they operate on are being discontinued by more and more cellular providers. By some time in 2022, most of my dumb phones will nolonger be operational.
Regarding the Pine phone, is was nice to see, I was on the right track there. I will indeed continue to investigate that phone, and see what is possible there.
I'd love to unlock the bootloader of my LG V40, and install that Googleless ROM, as suggested. It looks pretty complicated to accomplish though, on a LG V40 (unlocked, US version); and, I am a likely brick candidate, if there ever was one. Hoping to figure out what is possible for me by talking to you guys; then, move on from there, to what I can safely accomplish myself.
I'd love to get Microsoft and Google off my machines and devices; and, still have decent avenues to keep doing the stuff I have been doing. Speaking of which, any recommendations for the computer programming ignorant and novice still wanting near Microsoft OS capability and functionality, without all the snooping, in a replacement OS for their desktop and laptop??
Thanks Didgeridoohan,
ALEX
Take the PC offline. Use Android for interfacing with the internet. It's far less likely to be compromised or infected by malware.
Use Karma Firewall to see what's connecting and where to, block if needed. Fully functional on Pie and below, freeware that uses almost no battery.
&
Try this:
blackhawk said:
Step 1 - abandon or delete FB, Twitter, Instagram, WhatsApp etc accounts.
Extreme - Get burner phone with prepaid minutes paid with cash. Power down when not using. Don't use at home or familiar/same locations. Toss as needed, repeat
They use voice recognition algorithms so they can likely ID you by voice probably in real time.
NASA surveillance has been online for a while now... and is far more capable than they like you to know. It effectively has unlimited storage capacity for all voice calls, text, internet activity and more.
Click to expand...
Click to collapse
Thank you for the empowerment Black Hawk.
Definitely understand why you are calling my attention to the social media apps ......what aren't they collecting about your communications with others?!
I as well understand: why you are steering me towards prepaid phone accounts, funded in cash only. I additionally understand why you are suggesting keeping my phone powered off, and using it only in unfrequented places. Lastly, getting rid of the device, and starting over with a fresh device periodically, understand as well. All powerful recommendations, if higher levels of privacy are valued. Thank you much!
NASA surveillance, and their capabilities .......effectly, databasing any and all forms of communication between human beings .......is scary stuff. I only wonder: who has access, for what purposes; and, does this access include private corporations .......and what might those corporations be using this database for?
I am continuing to review and think about your latest suggestions, and will comment later. How may I private message you, if possible, and you allow it?
Your input has been greatly appreciated, my friend.
ALEX
ThankGod 4 XDA developers said:
Thank you for the empowerment Black Hawk.
Definitely understand why you are calling my attention to the social media apps ......what aren't they collecting about your communications with others?!
I as well understand: why you are steering me towards prepaid phone accounts, funded in cash only. I additionally understand why you are suggesting keeping my phone powered off, and using it only in unfrequented places. Lastly, getting rid of the device, and starting over with a fresh device periodically, understand as well. All powerful recommendations, if higher levels of privacy are valued. Thank you much!
NASA surveillance, and their capabilities .......effectly, databasing any and all forms of communication between human beings .......is scary stuff. I only wonder: who has access, for what purposes; and, does this access include private corporations .......and what might those corporations be using this database for?
I am continuing to review and think about your latest suggestions, and will comment later. How may I private message you, if possible, and you allow it?
Your input has been greatly appreciated, my friend.
ALEX
Click to expand...
Click to collapse
I'm being somewhat sarcastic about the paid phone apps. Really if you are under their suspicion and a high value target... they can be quit adaptable with a lot of resources at their disposal.
I wasn't being sarcastic about FB etc, pure poison. Don't dime yourself out... social malware.
blackhawk said:
Step 1 - abandon or delete FB, Twitter, Instagram, WhatsApp etc accounts.
Extreme - Get burner phone with prepaid minutes paid with cash. Power down when not using. Don't use at home or familiar/same locations. Toss as needed, repeat
They use voice recognition algorithms so they can likely ID you by voice probably in real time.
NASA surveillance has been online for a while now... and is far more capable than they like you to know. It effectively has unlimited storage capacity for all voice calls, text, internet activity and more.
Click to expand...
Click to collapse
The usage of voice recognition technology, by the telecommunication companies, and others, is a real scary thing; and, I believe: most of the public is not aware of this fact. This technology, and its wide spread usage, across our telecommunication networks, represents a direct assault on our freedom of speech, and right to privacy, as we attempt to communicate privately with our fellow citizens, in a supposedly, free society. The fact, the government, and corporations operating in the private sector, have access to, and are scrutinizing, communications between private citizens, who have not been convicted in a court of law as being involved in criminal or terroristic activity; or, even had been benefit of the judicial process, as they are unknowingly being spied upon......is.....
...diabolical ..........and certainly, ............anti-American.
Well again this is a technical forum.
blackhawk said:
Take the PC offline. Use Android for interfacing with the internet. It's far less likely to be compromised or infected by malware.
Use Karma Firewall to see what's connecting and where to, block if needed. Fully functional on Pie and below, freeware that uses almost no battery.
&
Try this:
Click to expand...
Click to collapse
blackhawk said:
I'm being somewhat sarcastic about the paid phone apps. Really if you are under their suspicion and a high value target... they can be quit adaptable with a lot of resources at their disposal.
I wasn't being sarcastic about FB etc, pure poison. Don't dime yourself out... social malware.
Click to expand...
Click to collapse
I understand, now, you were being a little "tongue and cheeck" with me; but, I think: your recommendations still apply, for anyone trying to understand: what it would take, not to be tracked easily. I as well understand: later, what you were alluding to, and your overall point -- about the magnitude of surveillance resources that could be brought to bare against you; if, you were quite important, to substantial figures.
blackhawk said:
Take the PC offline. Use Android for interfacing with the internet. It's far less likely to be compromised or infected by malware.
Use Karma Firewall to see what's connecting and where to, block if needed. Fully functional on Pie and below, freeware that uses almost no battery.
&
Try this:
Click to expand...
Click to collapse
Thanks for the gold nugget of info on this protection mechanism. I will certainly be checking this out!
Happy Halloween Black Hawk.
ALEX
ThankGod 4 XDA developers said:
I understand, now, you were being a little "tongue and cheeck" with me; but, I think: your recommendations still apply, for anyone trying to understand: what it would take, not to be tracked easily. I as well understand: later, what you were alluding to, and your overall point -- about the magnitude of surveillance resources that could be brought to bare against you; if, you were quite important, to substantial figures.
Click to expand...
Click to collapse
Not exactly. My PC is always offline, but that's simply because it's mission doesn't require internet connection so it's a needless liability.
All else applies in that statement.
It's blackhawk...
Didgeridoohan said:
Welcome to XDA.
If you're concerned about privacy I would unlock the bootloader and install a custom ROM without Google services. It won't be perfect but a little less data will be transferred. Maybe something like a PinePhone would be better for privacy, or better yet an old time "dumbphone"...
You should be able to find most of the info you need in the LG V40 section of the forums. Check it out...
And just a heads-up: keep the politics off the forum. To quote the forum rules:
Again, welcome and I hope you have a good experience here on XDA.
Click to expand...
Click to collapse
With all due respect, we live in a pervasive, corrupt corporate and political technocracy that has weaponized our phones, and all technology, to surveil and track our every move, views, opinions, activities, locations. The Borg is exempt from this illegal invasion of privacy and operates in secrecy with impunity for their tyrannical crimes against humanity. Ignoring this tragic reality is why our privacy, rights, and freedoms are all being stripped away. Those who bury their head in the sand and refuse to wake up to this travesty and resist on all relative platforms. Are useful idiot slaves who are playing right into their hands and are assimilated by the Borg! Just keeping it real because this harsh reality must be spread far and wide since capitulation is assimilation and assimilation is extermination. Comply and you Die!
Anti-Trans-Humanist said:
With all due respect, we live in a pervasive, corrupt corporate and political technocracy that has weaponized our phones, and all technology, to surveil and track our every move, views, opinions, activities, locations. The Borg is exempt from this illegal invasion of privacy and operates in secrecy with impunity for their tyrannical crimes against humanity. Ignoring this tragic reality is why our privacy, rights, and freedoms are all being stripped away. Those who bury their head in the sand and refuse to wake up to this travesty and resist on all relative platforms. Are useful idiot slaves who are playing right into their hands and are assimilated by the Borg! Just keeping it real because this harsh reality must be spread far and wide since capitulation is assimilation and assimilation is eradication!
Click to expand...
Click to collapse
Good thing that the Borg are fictitious then...
Still, my original statement stands: leave the politics out of any discussions/posts on XDA. It's perfectly possible to discuss privacy concerns without bringing up politics...
Didgeridoohan said:
Good thing that the Borg are fictitious then...
Still, my original statement stands: leave the politics out of any discussions/posts on XDA. It's perfectly possible to discuss privacy concerns without bringing up politics...
Click to expand...
Click to collapse
Obviously the Borg taken from Star Trek is fictitious but it's a single word representation of a conglomeration of secret societies. That includes the Freemasons, Jesuits, Illuminati and other psychopathic death cults with an anti human, genocidal agenda.
Your name implies you reside or are from Australia which is being overtaken and decimated by them. In part because the good people of Australia have fallen right into their trap. Which includes spinning and twisting words to subvert the truth and distort reality. Such as inferring the use of this fictitious title to describe a conglomeration of very real, nefarious, evil, elements. Ridiculously suggests I'm some psychotic conspiracy theorist that blurs the lines between truth and fiction.
The distinction's very clear to me because I'm awake to reality unlike the masses that are like lemmings running straight off a cliff to their death. I'll leave it at that.