Database Users

Found an open wireless network - how can i browse the HDD?

I have found a couple of open wireless networks. I was wondering how i can access the HDD's of PC's on the network?

i doubt anyone will reply to you mate..

Errrm, you'll need a network browser (like resco file explorer which can do it) and access to the PC's hard drive to be allowed by the computer in question.
Thankfully, access is not granted by default.
Good luck with your 1337 haX0ring.... {/sarcasm}

:x
Not a good idea to be asking this here. Unless those PC's are yours, I'd advise you to ask you question somewhere else.
Moderator???

Re: Found an open wireless network - how can i browse the HD
dangerous_dom said:
I have found a couple of open wireless networks. I was wondering how i can access the HDD's of PC's on the network?
Click to expand...
Click to collapse
Just because you can does not mean you should.
Didn't your parents teach you right from wrong? Not that I'm an angel, but there are some things you just should not do, especially when your behavior creates victims.
If you do, be sure to tell us how the smell is up there, while your sniffing your way around their backsides..... :evil: :roll:
Don't bother trying to debate this. You'd be wrong to do it and that's a fact.

dangerous_dom: getting access to a network doesn't necessarily give you access to anything else other then the network.
You might want to run a port scanner to find open ports, target vulnerable ports and reverse map open network shares.
However, any sensible PC user should shut down unnecessary open ports, disable public shares and use a good firewall. Find out how to get around these issues and you'll be getting somewhere.
An open wifi network is much like a wired LAN. Just find out how to penetrate a LAN and access shares in the normal manner and then apply your techniques over wifi.
Beware though, it's likely to be highly illegal, easily monitored, and morally reprehensible. But then, we wouldn't be hackers if we hadn't found a way to deal with these questions, eh?
V

Can I browse your hard drive>

:::shhhh::: i heard a buzz about an upcomming release of metasploit for pocket pc. enjoy :wink:

Re: Found an open wireless network - how can i browse the HD
Tref said:
Just because you can does not mean you should.
Didn't your parents teach you right from wrong? Not that I'm an angel, but there are some things you just should not do, especially when your behavior creates victims.
If you do, be sure to tell us how the smell is up there, while your sniffing your way around their backsides..... :evil: :roll:
Don't bother trying to debate this. You'd be wrong to do it and that's a fact.
Click to expand...
Click to collapse
Before you get all high and mighty, jump down from that horse a minute. Who said i was planning anything nasty? Far from it, actually i planned to leave a 'note' (.txt) on thier desktop telling them that there network is unsecure and that they need to protect it. There are kids around here that would do damage.
They are my neighbours, but i dont know which ones and there are too many doors to go knocking on. I would hardly **** on my neighbours.
Did your parents never teach you that people were innocent until proven guilty? (oh yeah, your american - the US threw that rule out of the window a few years back now )
But yes, it a fair point that this should not be discust on public forums. If anyone has a way i cant leave some kind of not for them, please PM me.

The Windows Messenging Service might be open - if they've got open Wifi connections, it's likely they've got open services, so you can probably just demi-spam them with a warning message.
http://www.grc.com/stm/shootthemessenger.htm
V

Re: Found an open wireless network - how can i browse the HD
dangerous_dom said:
Tref said:
Just because you can does not mean you should.
Didn't your parents teach you right from wrong? Not that I'm an angel, but there are some things you just should not do, especially when your behavior creates victims.
If you do, be sure to tell us how the smell is up there, while your sniffing your way around their backsides..... :evil: :roll:
Don't bother trying to debate this. You'd be wrong to do it and that's a fact.
Click to expand...
Click to collapse
Before you get all high and mighty, jump down from that horse a minute. Who said i was planning anything nasty? Far from it, actually i planned to leave a 'note' (.txt) on thier desktop telling them that there network is unsecure and that they need to protect it. There are kids around here that would do damage.
Click to expand...
Click to collapse
That's really not any of your business is it? If they are smart enough to have a computer, they should be smart enough to lock it down. Bottom line is that if you hack their computer, it's unethical and perhaps illegal no matter what kind of message you leave, and you leave yourself open to suspicion as well. I'm American and I take offense to your other comment because not all of us think alike, and some if not most of us are a bit smarter and less judgmental than you'd like to acknowledge.

I really agree with the above comment. that was really offensive. people need to realize that all americans aren't alike. we're all from different parts of the world. so please don't say stuff like that because I consider it racism. and about browsing your neighbor's hdd, I think its best if you just leave it alone. it isn't any of your business. they can learn from their own mistakes.

I should advise you that there has already been a succesful court action against someone that used a neigbours wi-fi connection without authorization. It is not up to the person with the wi-fi to keep others out. It is simply illegal to connect to someone elses broadband connection. The fine was very heavy and has now set a precedent in law.
Don't believe it ? see here
http://www.privsecblog.com/archives/personal-privacy-wifi-hijacking-conviction.html

Re: Found an open wireless network - how can i browse the HD
dangerous_dom said:
(oh yeah, your american - the US threw that rule out of the window a few years back now )
Click to expand...
Click to collapse
Dom, if you're going to dump on us Americans get it right. You need to capitolize the "A" and since you were trying to say "You Are" it is spelled "You're" as "Your" would refer to his ownership of what ever you would be calling "american".
Damn, takes a Yank to teach a Bloke proper English!!! :lol:
PUN AND HUMOR INTENDED

I did not mean to seriously offend anyone, sorry if i have. It was just a bit of teasing really. I was really responding to the arrogance of the poster i quoted.
I have some good American mates who live here now and i know that many Americans are not scary Bush-following freaks as the media often portrays.
Thanks for the English tips too, i just get a bit lazy of the forums. But to be honest, you yanks have murdered the English language anyway!

I wasn't judging you to be guilty of anything you did, you hadn't done anything. I was judging your own stated intent. And I stand by it. You'd be wrong to do so. Arrogance? If that's arrogant so be it though I don't see where my belief in thinking that you'd be wrong to go traipsing through your neighbor's garden for the sake of telling them their carrots are ready to be picked even approaches arrogance. Though I think your supposed good intentions smack of arrogance.
Think about how you might feel if you came home and found a note on your kitchen table telling you that you had left your back door unlocked, left there by a stranger. Would you feel violated? Creepy? Or thankful? Common sense Bloke.
I'm proud to be an American, so you'd be wasting your time to even go there. Besides it has nothing to do with what I'm trying to impart.
And I did say I was not an angel, nor do I ride horses.

Tref said:
Think about how you might feel if you came home and found a note on your kitchen table telling you that you had left your back door unlocked, left there by a stranger. Would you feel violated? Creepy? Or thankful? Common sense Bloke.
Click to expand...
Click to collapse
Actually when you put it that way you do have a point. While i had no ill intent, it's not a great idea now i think about it.
Well said, I stand corrected.
Tref said:
nor do I ride horses
Click to expand...
Click to collapse
But i though all Americans wear cowboy hats and ride horses shouting yeeha!
/Quickly exits.....

dangerous_dom said:
Tref said:
Think about how you might feel if you came home and found a note on your kitchen table telling you that you had left your back door unlocked, left there by a stranger. Would you feel violated? Creepy? Or thankful? Common sense Bloke.
Click to expand...
Click to collapse
Actually when you put it that way you do have a point. While i had no ill intent, it's not a great idea now i think about it.
Well said, I stand corrected.
Tref said:
nor do I ride horses
Click to expand...
Click to collapse
But i though all Americans wear cowboy hats and ride horses shouting yeeha!
/Quickly exits.....
Click to expand...
Click to collapse
Actually we do all ride horses, but some of us only do so on two occasions. One of those is when we're heading out to rescue the fair princess from the bad guy, The other is when we're riding off into the sunset, as the cowboy always seems to do.
Now picture me tipping my hat to you....and riding my horse off into the sunset. Heeeeya

Well, see what ya miss when ya dont come on this forum for a day.....
Yeah, its illegal to use a WiFI network that isnt yours, whether that be to use its associated ADSL connection or any other resource it links to (PCs and printers included).....but its also a case of one of them things that you wanna do to others, but dont wanna have done to yaself
Anyway, chances are although you may get access to their network shares, the user directory that stores the desktop directory is normally protected by a password anyway - unless they really are dumb and created usernames without passwords...and installed a broadband connection without a firewall and setup a wireless network right out of the box........in which case, you leaving them a note on their desktop will be the last of the things they will be able to see behind all the popups, viruses, etc :lol: Maybe you should turn to offering your services to set their PC up correctly
PS: Isnt it the English that rode off to rescue fair princesses The Yanks dont have fair princesses

You are correct Dom, there are some good (great) Americans...like the ones that saved your entire continent from speaking German about 65 years ago. You're welcome.

Even more memory!

So I was browsing the registry the other day, to see if any improvements could be enabled, no, actually I was looking for some hidden storage. Sometimes HTC phones have an additional storage, but it's hidden. But I found some additional 20mb. Don't know where it is used for.
To enable it, go to:
[HKLM]\System\StorageManager\Profiles\EXT_Pinet and set MountHidden value to 0 (zero) A soft reset may be required, in order to let it show up in your file explorer.
Anyway, I actually was searching for some 8gb om hidden internal storage to tripple confirm that the HD2 was WM7 compatible, as based on some leaked hardware req. for WM7. but... i could not found it.

WM7 does not need 8GB, it needs only 512MB. Don't believe the bull**** you read somewhere, all the bloggers have no clue.

TRUTH, Im so sick of hearin these bs specs spread around the forum

window mobile 7 only need 512mb not 8gb (even window xp on a computer does not need that mach of memory)

Dude... that reg change screwed my phone badly.
DONT change it.
I have to hard reset!
I can't trust xda anymore ..... you have no idea how much work is ahead of me... restoring everything back.
You just cost me 2 days of work!!!!

lorin.bute said:
Dude... that reg change screwed my phone badly.
DONT change it.
I have to hard reset!
I can't trust xda anymore ..... you have no idea how much work is ahead of me... restoring everything back.
You just cost me 2 days of work!!!!
Click to expand...
Click to collapse
srry, i can't surpress a smile... it was not my intention, i hope you realize that, but, the reg edit works for me. hard reset my device often.

lorin.bute said:
Dude... that reg change screwed my phone badly.
DONT change it.
I have to hard reset!
I can't trust xda anymore ..... you have no idea how much work is ahead of me... restoring everything back.
You just cost me 2 days of work!!!!
Click to expand...
Click to collapse
Its only your fault, how can u trust him when he wrote: "...Don't know where it is used for..."
Good luck with restoring your settings.

i can confirm that on mine this works. i put stuff in it, reset, and the data remains. phone seems unaffected.

Man, bigger the game bigger the risk!
On my previous two HTC devices I was keen to explore each patch/new rom/new app. Hence weekly hard resets
Now with my Leo, I'm much calmer as I don't have anymore the time you spent reinstalling everything.
Good luck exploring further

This is the last time i do these kind of changes and the last time i trust an unverified reg change.

lorin.bute said:
This is the last time i do these kind of changes and the last time i trust an unverified reg change.
Click to expand...
Click to collapse
Man, if you hang around xda-developers and apply tweaks and suff, it's kinda naive to belive you're not gonna have to hard reset from time to time.
And who is crying if you are not going to apply any tweaks anymore?

arxx said:
Man, if you hang around xda-developers and apply tweaks and suff, it's kinda naive to belive you're not gonna have to hard reset from time to time.
Click to expand...
Click to collapse
This rather reminds me of the attitude that if someone is mugged and has their phone stolen then it is entirely the fault of the victim for using the phone in a public place. (My own, contrasting, view is that it is more appropriate to assign blame to the mugger).
Perhaps it is naive to assume that people will not recommend a tweak without first verifying that it doesn't break anything serious; but, if so, that's a pretty sad reflection on the mentality of the average XDA poster, IMO. Would it not be preferable to encourage people to verify the effects of a change before recommending it - to the extent that such verification becomes expected rather than exceptional? Should we not encourage people to take some responsibility for their recommendations rather than blaming all damage that results on the victim?

Shasarak said:
Do you also regard it as "naive" to believe that one can use a mobile phone outside a train station without being mugged and having it stolen? And when such a mugging occurs, do you feel that the person to blame for what happened is the victim rather than the mugger?
Perhaps it is naive to assume that people will not recommend a tweak without first verifying that it doesn't break anything serious; but, if so, that's a pretty sad reflection on the mentality of the average XDA poster, IMO. Would it not be preferable to encourage people to verify the effects of a change before recommending it - to the extent that such verification becomes expected rather than exceptional? Should we not encourage people to take some responsibility for their recommendations rather than blaming all damage that results on the victim?
Click to expand...
Click to collapse
This was a poor comparison. If you lay the phone at a bench, and going to the toilet, yes, it's a naive thing to do.
(I regret on my participation in this thread)

Shasarak said:
This rather reminds me of the attitude that if someone is mugged and has their phone stolen then it is entirely the fault of the victim for using the phone in a public place. (My own, contrasting, view is that it is more appropriate to assign blame to the mugger).
Click to expand...
Click to collapse
lol - that is a bit different isn't it! It's not as if the mugger thought they were giving good advice, but unfortunately ended up attacking someone and stealing from them. Intention makes that a very different scenario.
In this instance, there's immediately 2 people saying that the advice worked for them, so nothing could have been done either by the recommender, or the listener. If lorin.brute had left it a few posts before applying the change then he would have seen people say it worked for them and gone ahead and done it. If hyellow had asked a couple of people to test it for him then the exact same thing could have happened.
I think this is just unfortunate.
Personally, I'm on the side that if you do something then you're responsible. If your passenger told you to drive really fast and turn the steering wheel really quickly because it's funny, would you just do it, or show caution.
(There you go - I've used an excessive analogy now too )

We don't need to argue here. I blame myself. Anybody can come here and post any kind of reg change.
Its just a lesson that needs to be learned.
Although, in the spirit of XDA, i would expect some rigorous testing of the reg before posting.

Shasarak said:
Would it not be preferable to encourage people to verify the effects of a change before recommending it - to the extent that such verification becomes expected rather than exceptional?
Click to expand...
Click to collapse
True but I think that at the same time people should also use common sense and do a full system back up (with Sprite or whatever their preferred programme is) "just in case". Then it's just hard reset and 5 minutes to restore to how it was.

arxx said:
Man, if you hang around xda-developers and apply tweaks and suff, it's kinda naive to belive you're not gonna have to hard reset from time to time.
Click to expand...
Click to collapse
Really? Haven't had to hard reset my HD2 yet, in 7 months didn't have to hard reset my X1 either. If you're judicious I think you can generally avoid hard resets.

johncmolyneux said:
Personally, I'm on the side that if you do something then you're responsible. If your passenger told you to drive really fast and turn the steering wheel really quickly because it's funny, would you just do it, or show caution.
Click to expand...
Click to collapse
The problem with that analogy is that, if I'm driving a car, that implies that I have a fair idea of what the consequences of driving too fast will be. In this case we are talking about someone offering advice to people who are not qualified to understand the nature of the risk they are taking by following it.
A better analogy would be that it's like offering someone some cake when you know there is signfificant risk that it will contain razor blades. You yourself may deal with razor-blade-containing cake on a daily basis, and so you know to carefully sift through it with a spoon before biting; but people who are accustomed to cake that doesn't contain razor blades simply aren't aware that you need to do this. If you assume that the person you give the cake to is aware that it may contain razor blades without bothering to verify that he is, and he ends up getting lacerated, then you are far more to blame for the injury than he is. What you should do in that situation, of course, is actually check whether the cake contains razor blades or not before offering it to anybody; that way it's guaranteed that no one will get hurt, regardless of whether they are familiar with razor blade cake procedures or not. And it is not appropriate to point at the man with the lacerated mouth and accuse him of being "naive" because, when you offered him cake, he assumed that meant it was safe to eat.

I'm not getting in an analogy war with someone, especially someone on the forum that I respect, so I'll drop it. We obviously just see this from different perspectives, and I believe we should agree to disagree
Anyway, lorin.brute himself said it best...
lorin.brute said:
We don't need to argue here. I blame myself. Anybody can come here and post any kind of reg change.
Its just a lesson that needs to be learned.
Although, in the spirit of XDA, i would expect some rigorous testing of the reg before posting.
Click to expand...
Click to collapse
See - we're both right lol

Shasarak said:
A better analogy would be that it's like offering someone some cake when you know there is signfificant risk that it will contain razor blades.
Click to expand...
Click to collapse
Not quite, The OP didn't have any problem after applying the tweak, and nor did the following two people, so why would they 'know' it was dangerous? After three posts 100% of people had found no problem, so why would anyone assume it was going to go bad?

Security Issues...?

Just read this piece of information...
http://www.thisandroidlife.com/2010...om-infected-iphones-and-android-handsets.html
I've always thought about this ever since a buddy of mine coded a little bot to do about the same thing to an online game.
Anyway,the real question I guess is, What can be done to prevent these types of thing from happening? What do you think?

Doesnt Android tell you everything a program is going to access before it's installed? I ALWAYS read that.

The only thing that this article is trying to point out is that non tech savvy users, which are probably a lot of Smartphone users won't really understand or care to know the "details" of the apps and what its all going to do, as such; they're more prone to installing these malicious apps. On top of that, they were showcasing that right now, they've only taken the GPS coordinates from the phone, but if they wanted to - passwords, messages, etc could be taken from the phone without anyone ever knowing.
I think this is good, it makes people more aware and allows us to be more cautious. Not mention, it's becoming obvious that Mobile data/traffic is easy to target and probably even easier to trick users (than on computers) because of lack of security and the notion that ones' phone cannot be "hacked" or what not.

hm
i had to go threw SlideMe.org to get a app because my bank blocked Android Market lol anyway. They sent out a server wide warning that app was bad last night.

BTW is there an app which logs where and what your phone sends? Like "littlesnitch"?
http://tinyurl.com/o9568k

There's not much that can be done about this, and it's a perfectly legitimate threat.
Yes, the app DOES tell you what it will be doing, but nearly any app that has Network access and Fine Location, especially if it does grab your GPS coordinates for something in the app itself, could send stuff behind the scenes and you'd be completely unaware.
I definitely don't think this will be the last time we'll hear about this sort of malicious app.

Negrito said:
Doesnt Android tell you everything a program is going to access before it's installed? I ALWAYS read that.
Click to expand...
Click to collapse
Of course but you don't know EXACTLY what the app is doing with the info(unless you tear it apart).Like in the example a weather widget,of course its going to use gps.So what if another app that can access your phones info that would typically need to, but is broadcasting that info to a remote server.If you get what I'm, trying to get at.
Edit: What kmart said...lol

The only truly saving grace of these phones about the sensitivity of location awareness with respect to paranoia of the same, is that we can pull the battery and remove any doubt that the phone cannot disclose its function or location.
There was an article I read a while ago that the Fed's had issued over 3 million location requests last year to Sprint on users - warrant-less! How's that for Paranoia!!!
But all these apps in the market has the Buyer Beware tag so, of course at some point or another it will be exploited! For the most part, the idea of location awareness and marketing/advertisement and or service oriented provisioning is a great concept. The openness of the Android system to provide the same - will undoubtedly have it's shortfalls. A Good Firewall app that notifies and asks for approval prior to transmitting info or accepting connections from an app would go a long way to controlling potential problems. Just like a PC, which basically these phones have become.

well, considering I don't go on any financial sites from my phone, there's not much they can get off it...do they want my school email password? Have at it...they can read those worthless emails if they want (heck, even send a nice threatening email to my profressors for all I care lol).
Not to mention that my phone gets wiped a few times a week, just like so many other people here, there's not much they can get unless they can manage to hack into my google account and steal my credit card info...in which case, they won't be able to spend much on that account, since there's nothing in it lol.
This is as bad as "big brother" listening to my phone calls. What do I care? lol. If someone wants to know where I am, then by all means, let them know where I am. I'm not doing anything of interest to them.
On a side note, we apparently have caught the attention of the mods in this sub-forum, and have become a "family forum" according to a different thread lol.

tatonka_hero said:
On a side note, we apparently have caught the attention of the mods in this sub-forum, and have become a "family forum" according to a different thread lol.
Click to expand...
Click to collapse
Hey Tatonka! Lol, wassup? hahaha, but if you could, please elaborate? I know it's off topic, but I'm happy to be apart of the Android Family hehe...
And oh... is there any PGP type Android app that anyone might be familiar with? Lol, just thinking about it with this topic, lol...

I was thinking about that 'Firewall App' idea.Maybe that could be done,it would definitely be something worth looking into.
In response to totonka's post,i hear you.I'm the same way,BUT there are plenty of people who do have sensitive info/files/pictures(you know what I'm talking about) that surely wouldn't want ANYone to have access to.That's just how it is.I'm just thinking of the tons of people who don't even know that this is even possible.

casperlt1 said:
I was thinking about that 'Firewall App' idea.Maybe that could be done,it would definitely be something worth looking into.
Click to expand...
Click to collapse
My thoughts also, but I don't know if it is a true Firewall or just handles calls...

A security issue is still a security issue even if it doesn't affect you, and an invasion of privacy is still an invasion of privacy even if you don't care about it. Not trying to start any sort of flame here, please don't take it that way. Just mean to say that if you wait to take a stance on a known problem until it becomes YOUR problem, haven't you maybe waited too long?

"Mobile Device Privacy Act" would prevent secret smartphone monitoring

Ars said:
Recent controversy sparked by the installation of monitoring software [k0: CIQ] on millions of smartphones has led US Rep. Edward Markey (D-MA) to propose a requirement that carriers and phone makers inform consumers about the presence of monitoring software and gain their "express consent" before collecting and transmitting information from phones.
The controversy started a couple months back [k0: almost a year ago] when a developer [k0: hi TrevE] publicized the widespread use of Carrier IQ software, which phone manufacturers and carriers use to monitor what happens on a smartphone. While Apple, Samsung, HTC, AT&T and others all said the software is used only as a diagnostics tool to improve network and service performance, congressmen started denouncing the use of Carrier IQ, and class-action lawsuits were filed.
Click to expand...
Click to collapse
http://arstechnica.com/tech-policy/...ould-prevent-secret-smartphone-monitoring.ars
Discuss.

To me the whole CIQ debacle smelled of FUD and never really concerned me. It seemed obvious to that my carrier already has access to any data I transmit across their network, with or without any additional software installed on my device. Sure CIQ enabled the carrier to potentially (key word) access more sensitive data that I was not necessarily transmitting across their network. However I'm more concerned that I'll lose my phone and some random stranger will get access to all the naked pics of me on it... Not really because I don't store sensitive data like that on an insecure device like my phone. This feels a lot like the "Warning: Hot coffee is hot!" labels.

machx0r said:
This feels a lot like the "Warning: Hot coffee is hot!" labels.
Click to expand...
Click to collapse
Not commenting on the rest, the whole "hot coffee" lawsuit has an untold story that most people have never seen. I suggest you - and everyone reading - watch the documentary (from HBO, find it whereever you stream/download things from) Hot Coffee. I can guarantee it'll change you view on that case and the idea of "frivolous lawsuits" forever.

machx0r said:
However I'm more concerned that I'll lose my phone and some random stranger will get access to all the naked pics of me on it... .
Click to expand...
Click to collapse
That's awesome. Lol. I've said the same thing. They can monitor any message or call sent across the network anyways. I never understood what the big deal with a software, that was set to be inactive anyways, was. Malintent is the only thing to be scared of, and this never reeked of anything malicious, IMHO.
Sent from my SPH-D700 using Tapatalk

azyouthinkeyeiz said:
that was set to be inactive anyways
Click to expand...
Click to collapse
http://phandroid.com/2011/12/16/carrier-iq-by-the-numbers-26-million-sprint-handsets-900000-for-att/
Inactive... except for those 26 million.
And 1.3 million at any one time actively reporting.

k0nane said:
Not commenting on the rest, the whole "hot coffee" lawsuit has an untold story that most people have never seen. I suggest you - and everyone reading - watch the documentary (from HBO, find it whereever you stream/download things from) Hot Coffee. I can guarantee it'll change you view on that case and the idea of "frivolous lawsuits" forever.
Click to expand...
Click to collapse
I respect you immensely k0, but frivolous lawsuits should not be in quotations nor a matter to take lightly. Of course there is a reality of using certain cases to further the tort reform movement, but this is just as shameless as any publicity stunt or "shock" image.
To dismiss all claims of frivolity because of mainstream examples, however, is naive. Such cases have almost single handedly driven the cost up and quality down of healthcare to where it stands today. And this is but one arena affected by the greed of humans. Hot coffee aside, it is a reality that should not be dismissed.
Neither here nor there, though. Way off topic. I support this bill.
Sent from my SPH-D710 using xda premium

squshy 7 said:
To dismiss all claims of frivolity because of mainstream examples, however, is naive. Such cases have almost single handedly driven the cost up and quality down of healthcare to where it stands today. And this is but one arena affected by the greed of humans. Hot coffee aside, it is a reality that should not be dismissed.
Click to expand...
Click to collapse
I generally agree. Yes, it's off-topic, but I'll clarify a little bit before letting it go - I think that claims of frivolity are often overblown. It is an absolute fact that there are greedy ambulance-chasing lawyers, rent-seeking plantiffs, and idiots who would award them large sums of money for nothing. I agree that this often contributes to the rising costs of health care. My point was that not all of what's deemed 'frivolous' by the mainstream media and the anti-consumer lobby actually is frivolous, and that some of the more-known cases like the hot coffee suit are vastly misreported and misunderstood. That's why I recommend(ed) further research - do your own homework, and watch the doc. Then do more homework. I didn't expect to come out with a different perspective... but I did.

I could be wrong, but I think that this is a non-issue.
Why?? Well I am glad you asked.
You know that two year contract we committed to when we purchased the phone? I am 99.999999999% sure that in there it says that they may monitor our usage for QC already in there. So if this passed, the providers would just say it is part of the contract that no one ever reads, but you accepted when you got the phone (which I believe it already is to date).
Unfortunately I don't ever foresee them making this an option that can be shut off. Basically it will say we do it, and if you don't like it go to another provider. Problem is all of the other providers will say the same exact thing.
Just my .02

Milkman00 said:
I am 99.999999999% sure that in there it says that they may monitor our usage for QC already in there.
Click to expand...
Click to collapse
Absolutely nothing related to CIQ is mentioned anywhere in the Sprint terms of service nor any device-specific terms of service.
I checked. Thoroughly.

Tinfoil hats, anyone? Ill pass them out for free!
Sent from my SPH-D700 using XDA App

austin420 said:
Tinfoil hats, anyone? Ill pass them out for free!
Click to expand...
Click to collapse
I want three!

austin420 said:
Tinfoil hats, anyone? Ill pass them out for free!
Sent from my SPH-D700 using XDA App
Click to expand...
Click to collapse
This is the rights activist thread, I think you misclicked. You must have thought this was the paranoia thread, common misconception.
Sent from my SPH-D700 using xda premium

I see we've got some intelligent, I-can-think-for-myself types in here. Let's agree to just figuratively hide in here and discuss XDA-related matters: I've about had it with wading through all the bull**** in the other threads!
On topic: while I did get the impression that CIQ-gate got wildly blown out of proportion, I also like the general idea of this piece of legislation. Thanks for the link, k0nane.

k0nane said:
Absolutely nothing related to CIQ is mentioned anywhere in the Sprint terms of service nor any device-specific terms of service.
I checked. Thoroughly.
Click to expand...
Click to collapse
Nothing related to CIQ specifically??? That I wouldn't doubt. Are you saying though that there is nothing in the contract that says (something to the effect) that they may use tools to check tower strength and QC??
If it isn't in there, to comply with this new law they will just add it in there (as will all the carriers), and we will probably be right back to square one anyway.

Milkman00 said:
Nothing related to CIQ specifically??? That I wouldn't doubt. Are you saying though that there is nothing in the contract that says (something to the effect) that they may use tools to check tower strength and QC?
Click to expand...
Click to collapse
Nothing related to CIQ's functions (claimed and real). Nothing even remotely close.

k0nane said:
Nothing related to CIQ's functions (claimed and real). Nothing even remotely close.
Click to expand...
Click to collapse
you must notve read the privacy policy mentioned several times in the terms and conditions...
http://www.sprint.com/legal/privacy.html
We collect personal information about you in various ways. We may also get information from other sources and may combine it with information we collect about you.
Information that we automatically collect.
We automatically receive certain types of information whenever you use our Services. We may collect information about your device, your computer, and online activities. For example, we collect your device's and computer's IP address, the date and time of your access and the type of browser you use. We also collect information about your device's and computer's operating system, your location, and the Web site from which you came and then went and Web sites you visit on your device. We may link information we automatically collect with personal information, such as information you give us at registration or check out.
Information we collect when we provide you with Services includes when your wireless device is turned on, how your device is functioning, device signal strength, where it is located, what device you are using, what you have purchased with your device, how you are using it, and what sites you visit
Click to expand...
Click to collapse
this goes on for pages.

austin420 said:
this goes on for pages.
Click to expand...
Click to collapse
I did read it.
"We will aggressively log and transmit dialer keys pressed and detailed records of apps installed and used" (see here) is never mentioned. "What you have purchased with your device" does not cover that in any way, and "how you use your device" is so vague that any competent lawyer could knock it down instantly. Everything specifically listed can be collected by existing network services without CIQ.
This debate has been hashed out many, many times already. I created this thread just to link to current news.

i dont know about aggresivly, (your word i guess?) but why does it hurt for them to log keystrokes (in the dialer only) when they already have access to that info?
ciq is just a network metrics tool. it helps them improve the network (witch until lately was badly in need of improvments).

austin420 said:
i dont know about aggresivly, (your word i guess?) but why does it hurt for them to log keystrokes (in the dialer only) when they already have access to that info?
ciq is just a network metrics tool. if it helps them improve the network (witch until lately was badly in need of improvments).
Click to expand...
Click to collapse
They don't have access to keystrokes pressed. They have access to calls made - big difference. Dialer codes are used for more than just phone numbers, as you know.
CIQ had its legitimate uses. It was designed as a network metrics tool, and it may have helped improve the network. I don't debate that. Its functions, though, go beyond - tracking the apps I install and use is NOT legitimate. It implementation and use was done very poorly. If all had been done differently from the beginning, I would have had less of a problem with it. But it wasn't. And hey, look, now it's gone.

k0nane said:
They don't have access to keystrokes pressed. They have access to calls made - big difference. Dialer codes are used for more than just phone numbers, as you know.
CIQ had its legitimate uses. It was designed as a network metrics tool, and it may have helped improve the network. I don't debate that. Its functions, though, go beyond - tracking the apps I install and use is NOT legitimate. It implementation and use was done very poorly. If all had been done differently from the beginning, I would have had less of a problem with it. But it wasn't. And hey, look, now it's gone.
Click to expand...
Click to collapse
all good points, i still think it all fell well within the t&cs and privacy policy, but hey, now its gone! thanks ko!

3rd Party Trojan horse on my S5

DISCLAIMER: This isn't about resetting a stolen device, since this discussion doesn't apply to what to do AFTER it was blocked
I'm very happy with the combination find my mobile + reactivation lock. I've noticed that all our s5 are running a c&c client named Compuserve Agent (com.absolute.android.agent).
Now comes the disturbing part: I can't remove it. If I delete it it just pops out again.
I don't want a third party trojan horse, anyone who as access to my EMEI can in theory control my device, the traffic to the C&C can be seen and possibly it is not that secure.
Did anybody attempt to remove this?

venereo said:
DISCLAIMER: This isn't about resetting a stolen device, since this discussion doesn't apply to what to do AFTER it was blocked
I'm very happy with the combination find my mobile + reactivation lock. I've noticed that all our s5 are running a c&c client named Compuserve Agent (com.absolute.android.agent).
Now comes the disturbing part: I can't remove it. If I delete it it just pops out again.
I don't want a third party trojan horse, anyone who as access to my EMEI can in theory control my device, the traffic to the C&C can be seen and possibly it is not that secure.
Did anybody attempt to remove this?
Click to expand...
Click to collapse
That doesn't sound particularly disturbing. If you want to take the red pill I'll give it to you.
Samsung, like all major developers/OEMs, is known for including backdoors in their software. Not 3rd party trojans but actual backdoors in apps such as Task Manager, Camera etc. The usual excuse they give is that they've included those backdoors for law enforcement to be able to protect us easier. And now we aren't even talking about low level backdoors and trojans that are hardcoded in to the chips..

lingowistico said:
That doesn't sound particularly disturbing. If you want to take the red pill I'll give it to you.
Samsung, like all major developers/OEMs, is known for including backdoors in their software. Not 3rd party trojans but actual backdoors in apps such as Task Manager, Camera etc. The usual excuse they give is that they've included those backdoors for law enforcement to be able to protect us easier. And now we aren't even talking about low level backdoors and trojans that are hardcoded in to the chips..
Click to expand...
Click to collapse
http://lojack.absolute.com/en/products/absolute-lojack
It's a partner's application, for me it's still 3rd party PAID service, remote controls from sammy and absolut C&C client are 2 different applications in the mobile.
Do we really need both? Disturbing in terms that somebody can abuse from it.

Don't think the OP knows what a trojan is.

Thanks but I've reversed many c&c clients/servers much more elaborated and first thing is to try to hide client code. I'm concerned that anybody can see how it works. I don't need it and I want it removed, that's all.

.
.

fffft said:
As any half reasonable search would have revealed, the cited process is a legitimate stock app. Computrace authored by Absolute Software. It's an anti-theft measure that is embedded in the firmware and NV memory.
You may not like it, but it is in no way a rogue app or trojan horse as you claim. Do a search and you will find a number of existing threads on the subject as well as press releases from both companies about the theft-recovery rationale for Samsung including it on your phone.
.
Click to expand...
Click to collapse
His behavior is no different than other malware in the market, it's just sitting there waiting for me to pay for a service that I'm not going to pay, Samsung still have their own "backdoor" maybe you have a good excuse for then to make them separate services. Like I told anybody that can see your emei in the path that the device takes to reach your hands can activate it, operators are doing soo. Not everybody lives in a free country, and from my perspective I've the right to disable it

..

Of course the only way to push this kind of sw it's by finding legitimate excuses. The same persistence technics applied to this are for sure applied to Samsung software, I still find that weird. Security through obscurity has never been a solution. Knocking Knox is as ilegal as knocking this. And if it has flaws then they should be public in order to get a better one on next update. Samsung have their own anti-thief measures in a separate service

if ur so worried about the dystopian nature of samsung, root and flash cyanogen. sure ull invalidate warranty but who wan'ts any favors from those NSA-like evil overlords

-PiLoT- said:
if ur so worried about the dystopian nature of samsung, root and flash cyanogen. sure ull invalidate warranty but who wan'ts any favors from those NSA-like evil overlords
Click to expand...
Click to collapse
I'm sure you missed the point I made above about the fact that simply flashing another rom is not enough if you're looking for real security. AFAIK it is completely possible to hardcode a backdoor into the device's chips or have a dedicated chip just for this purpose. If you are really concerned about your safety you should either get it done yourself (build a device from scratch) or you should hire someone to do it for you. Buying a device from the public market and talking about real security is ridiculous imo. :good:

lingowistico said:
I'm sure you missed the point I made above about the fact that simply flashing another rom is not enough if you're looking for real security. AFAIK it is completely possible to hardcode a backdoor into the device's chips or have a dedicated chip just for this purpose. If you are really concerned about your safety you should either get it done yourself (build a device from scratch) or you should hire someone to do it for you. Buying a device from the public market and talking about real security is ridiculous imo. :good:
Click to expand...
Click to collapse
actually it was more an agreement with the idea that people would buy a phone made by a large company by using a service from another large company and expecting neither company to do something to protect their investment is silly. also theyd do anything to strip out this "spyware" then complain if samsung refuted a warranty claim cause it was mucked with

-PiLoT- said:
if ur so worried about the dystopian nature of samsung, root and flash cyanogen. sure ull invalidate warranty but who wan'ts any favors from those NSA-like evil overlords
Click to expand...
Click to collapse
after all said you still think is that easy? this is persistence trough firmware, not kernel/OS related. same as having something writen on your disk when bios loads

..

lingowistico said:
I'm sure you missed the point I made above about the fact that simply flashing another rom is not enough if you're looking for real security. AFAIK it is completely possible to hardcode a backdoor into the device's chips or have a dedicated chip just for this purpose. If you are really concerned about your safety you should either get it done yourself (build a device from scratch) or you should hire someone to do it for you. Buying a device from the public market and talking about real security is ridiculous imo. :good:
Click to expand...
Click to collapse
guess so, but since somebody GOT us root.....
without root yes, but with root.............
real security does not exist. but it's much more difficult to enforce real-security when the user have root privileges
before that point they still have to make it work with the phone powered down, after that we can talk about chips
lazyness works like this

If you are so concerned, install a firewall app - droidwall and restrict network connection. Also there is an app to revoke certain permission of your installed apps.
these 2 should increase your security somehow

venereo said:
guess so, but since somebody GOT us root.....
without root yes, but with root.............
real security does not exist. but it's much more difficult to enforce real-security when the user have root privileges
before that point they still have to make it work with the phone powered down, after that we can talk about chips
lazyness works like this
Click to expand...
Click to collapse
Buy a Blackphone.

sam20e said:
If you are so concerned, install a firewall app - droidwall and restrict network connection. Also there is an app to revoke certain permission of your installed apps.
these 2 should increase your security somehow
Click to expand...
Click to collapse
Agent sends your number as soon as it calls home and it can send you SmS with the commands.
I can stop it, I just wanted to know if somebody actually managed to remove it

FYI:
Devs angrily dismiss Absolute Computrace rootkit accusation
Absolute Computrace Revisited
And believe me, Computrace just started now on android, AFIK they have absolute no experience in android. They don't even can afford a dexguard license! out-of-the-box proguard? DISTURBING

..