[Q] Z4root backdoor (telnetd access)? - Milestone 2 General

Hi there,
I was playing arround with my android phone when I tried to check which are the servers running (the ones that I should be aware of).
Then I run nmap from my desktop and I realized that there is a telnetd server which is not attached to any description (or binary description). I tried to unroot my phone and test it again then the server was gone. I root it once more time and there it was (telnetd) running again.
I'm doing a full scan in all available ports now but so far is clear that z4root is open a telnet server for no reason (in the best case, but obviously it is not there for doing nothing.)
I was wondering whether you guys have noticed it too. I google a lot for it and I have found nothing about a stealth server/telnet/backdoor started by z4root over the web.
No one have said that it was related to get root access either.
for safety reasons I just unrooted my phone again.
I'd like to hear your thoughts about it.
Daniel

I don't think I'm getting the behaviour you describe:
All 65535 scanned ports on 192.168.11.34 are closed (65500) or filtered (35)

Considering Dynmonaz remarks, I think you should worry about where you got your z4root apk from.
It's possible that someone adds a backdoor in the installer before redistributing it...

Related

Open ports and general vulnerability of rooted SGS

Ok, so here I am running around now with the JG5 firmware and rooted because why not.
Then my paranoid self asks what the root password is. I don't know. Perhaps not a big deal if the phone doesn't have any open ports. So I run a port scan. I find both ports 400 and 45415 are detected by the scanner, and it stalls on 65535 (making my paranoid self think there could be something fishy there too).
Whilst on private/home WiFi the open ports don't particularly bother me, although I've yet to do any packet sniffing. The router will block any incoming requests. Out on the carrier network though, who knows?
Anyway, does anybody know what the legitimate use of these ports is? What is the root password by default (per SamDroid) - maybe I should change it to be safe.
Nobody panic, but I think these thing require a little awareness if nothing else.
From what I could find on http://www.iana.org/assignments/port-numbers port 400 is used by Oracle Secure Backup. Port 1-1024 are so called well known ports, and should not be used by other applications.
osb-sd 400/tcp Oracle Secure Backup
osb-sd 400/udp Oracle Secure Backup
Port 65535 is the last possible port, and depending on how your portscanner works, it might be done checking all ports, but stalls on 65535 because the programmer hasn't taken into account that there are no ports above that number.
Also, very excellent and legitimate security concern, I hope some more experienced devs might be able to help you further, or correct me.
use Nmap to portscan
You guys should change the root password, but don't know how it's done. In jailbbrok iphones, that's one of the first things people do or are advised to do after jailbreak.en
as an ex iJoke user I am also concerned about the userser & passwords of my rooted android.
When I open the terminal and enter "passwd" it says not found.
Portscan from 1 to 1024 shows no vulnerability, no time to check all up to 65k
passwd binary is not included in most rooted kernels/root methods
im pretty sure the root password is blank...
but superuser.apk will prevent anything from a remote or local port (assuming its working correctly) from running with root permissions
unless you allow it.

[Q] Android / Glacier Noob Questions

So, I've been a long time WinMo user and I just switched to Android (the Glacier) Great phone. A lot is foreign to me, though.
I'm a software developer and a Linux user so I'm pretty comfortable finding my way around the Android dev tools and the terminal (although I found it odd that the phone comes with neither a file manager nor a terminal)
Anyhow, I have a few questions:
-I've seen a lot of threads declaring how awesome Android's process management is and how it's bad to kill processes manually. I don't understand this. I've been playing with my phone non-stop for the past few days and on a number of occasions, have met with slow performance and even not-enough-memory prompts. This is usually after installing a dozen (or dozens) of apps back to back and playing with them all. So long as you are aware of the ramifications of killing a particular process, what's wrong with doing so?
-I've rooted my phone. If I ever get an OTA update, would it be a good idea to unroot prior to applying the update?
-When I select "Allow automatic updating" in the Market for my purchased apps, how exactly does that work? Are updates looked for my Android? Are they looked for when the Market is launched? Are those individual apps first loaded and then look for updates?
-I imported my contacts from WinMo Outlook into Google via ActiveSync in order to get them on my phone. Consequently, I have GTalk contacts and stuff on my phone that I don't want. If I delete them from Contacts, will they be deleted from my Google account? That is to say, if I delete [email protected] from my Contacts, will he suddenly disappear from my IM client?
Thanks for your help! I appreciate it!
LOL you see like you I been also using *nix for ages far as I can count 10+ years and I am Unix Admin. When I got MT4G as it was my first AOSP device I was like yourself shocked it didn't have file manager, basic console, or anything.
It seem that if you wanted to do anything it was required you waste your life installing some backward software though Market that claimed it to be freeware but IRL is actually adware. Also if you want anything done it is required you have root lol and if you do want root you void warranty its like whole catch 22 statement to me. So here I am doing what I do best and owned AOSP along with google market.
UPDATE:
So here ill actually answer some of your questions as I didn't want to due to it being very long but hey it might help you out.
1) Far as the process goes as you know in *nix world we have saying "unused memory is wasted memory" same apply as mostly its cached and does not treat it same as in WM. When you "exit" task if you call it exit that is in first place its put on dormant status so if resource is required then its reallocated. This is why you don't exit them forcefully as data may not be synced and saved. In this case my best advice for you is disable service from booting up in first place and also auto close it if it restarts.
2) Don't worry about OTA as you will more likely get update via dev of XDA long before you officially get it though carrier. You have S off so don't worry about it as its no factor.
3) It is tracked via google account and though your carrier I think, I don't know as I didn't ever officially buy single package however I did cURL 8.1gb of paid app archive of market before getting banned. From what I know once app is installed if you have auto update the current version is checked though market to see if any new version is available. Now when you buy app its under your acc so you can use it in diff device or install it many time as you want even if its updated.
4) I can't say about GTalk as I never used but far as AutoSync goes mostly your TMo data and email is synced though Google accounts like gmail.
I see. I can see how task management is rather pointless then, heh. I wonder where my "out of memory" issue came from. Leaky app, perhaps.
Is there a way to rename applications in the "All Programs" list?

[Q] Anyone know what ADCP does?

I notice there's always a system process called ADCP running, I think it stood for Amazon Device Control Program. Anyone investigated what it does and what happens if you disable it? I'm wondering if it's involved in any way with the OTA updates, and also what ramification disabling it has, like will the various Amazon programs not work right? I've not been adventurous enough to experiment with, in fact I've got my wifi off for now until it's clear whether the OTA update can be blocked by the methods discussed here.
jb0ne said:
I notice there's always a system process called ADCP running, I think it stood for Amazon Device Control Program. Anyone investigated what it does and what happens if you disable it? I'm wondering if it's involved in any way with the OTA updates, and also what ramification disabling it has, like will the various Amazon programs not work right? I've not been adventurous enough to experiment with, in fact I've got my wifi off for now until it's clear whether the OTA update can be blocked by the methods discussed here.
Click to expand...
Click to collapse
check this out
http://forum.xda-developers.com/showpost.php?p=20166149&postcount=1
essentially it connects the amazon apps to the kindle registration
I'm suspicious, I suspect it does more, and is the thing responsible for the OTA updates everyone is getting no matter what they do....
I really want to try and freeze it, but too afraid that it might actually be necessary...
Well I installed Droidwall and didn't give permissions to ADCP and so far my device is still registered and I can watch videos and use my books, can use the Amazon App Store (I gave it permissions, I don't think it's the program responsible). I've effectively disabled ADCP by not allowing it to connect to the internet, but it's still running in case it does, say, DRM services or something. All good and still on 6.2 (and I did do the other suggestions previously).
jb0ne said:
Well I installed Droidwall and didn't give permissions to ADCP and so far my device is still registered and I can watch videos and use my books, can use the Amazon App Store (I gave it permissions, I don't think it's the program responsible). I've effectively disabled ADCP by not allowing it to connect to the internet, but it's still running in case it does, say, DRM services or something. All good and still on 6.2 (and I did do the other suggestions previously).
Click to expand...
Click to collapse
Glad it worked for someone else too. I am not sure which process is actually responsible for downloading and installing the update though.
EDIT: Oh, I didn't post about DroidWall in this forum. I figured out DroidWall last night and we posted on Gizmodo about it.
An important element I overlooked, even after adding apps to the whitelist, you have to go back to Menu and enable firewall. It's NOT enabled by default even if you change whitelist apps. Even though I had it not running firewall until 10 minutes ago, I hadn't received update. Maybe moving otacerts.zip stopped it....
jb0ne said:
I'm suspicious, I suspect it does more, and is the thing responsible for the OTA updates everyone is getting no matter what they do....
Click to expand...
Click to collapse
I installed ADCP on CM7 when I was trying to find a way to get amazon video working. It brings up the page to register your kindle, but it never seemed to work right on CM7. There's a different apk for the OTA update, if I remember correctly.
You could put /system/etc/security/otacerts.zip back in and see if ADCP then lets your register your kindle.

Anyone else's Nook Simple Touch Kindle app just stop syncing?

I'm running a rooted Nook Simple Touch and the most recent compatible Kindle app (3.2.0.35), as I have been for about three years. Since last week, for no discernible reason, syncing my Kindle library no longer works, i.e. I get the 'Sync failed, please try again later' message, and it therefore no longer receives samples or new purchased ebooks. Also, when searching the Kindle store, the layout of the pages has changed to something that looks distinctly broken, as if CSS has been disabled.
Has anyone else encountered this? Perhaps Amazon have updated their API and broken compatibility with v3.2.0.35 in the process? Or am I the only one who's having this problem – in which case what should I do? I've already tried reinstalling the app, deregistering the device and re-registering, etc...
djpeanut said:
I'm running a rooted Nook Simple Touch and the most recent compatible Kindle app (3.2.0.35), as I have been for about three years. Since last week, for no discernible reason, syncing my Kindle library no longer works, i.e. I get the 'Sync failed, please try again later' message, and it therefore no longer receives samples or new purchased ebooks. Also, when searching the Kindle store, the layout of the pages has changed to something that looks distinctly broken, as if CSS has been disabled.
Has anyone else encountered this? Perhaps Amazon have updated their API and broken compatibility with v3.2.0.35 in the process? Or am I the only one who's having this problem – in which case what should I do? I've already tried reinstalling the app, deregistering the device and re-registering, etc...
Click to expand...
Click to collapse
I've never used the Kindle app for more than locally stored books but I tried looking at the Store today and got the same results you describe. This is the danger of old apps--they get left in the dust by changes made on the "other" side. I've seen that with the last working version of the CNN app as well as Zinio and others. They may continue to work locally but communication with a remote server might be broken. That will probably be the eventual fate of the NST with B&N.
Working fine for me this morning - not used it for months, and I'm able to sync a newly purchased book, and progress in another. The store view is broken, but I don't think that is a new problem.
tshoulihane said:
Working fine for me this morning - not used it for months, and I'm able to sync a newly purchased book, and progress in another. The store view is broken, but I don't think that is a new problem.
Click to expand...
Click to collapse
Can you confirm if this is still working for you? There have been a number of people reporting no sync function now. I don't have Amazon content to test, but if I do a clean reinstall of the app my "recommended" section is blank. Restoring a backup image brings back the cover images in that section from when I first installed the app long ago.
Not looking too good - I can see purchased books, but when I attempt to download anything, the progress bar doesn't move, and after a few seconds, 'pause' changes to 'resume'.
All I can see in logcat is
Code:
D/OpenSSLSessionImpl( 4183): Freeing OpenSSL session
D/OpenSSLSessionImpl( 4183): Freeing OpenSSL session
D/OpenSSLSessionImpl( 4183): Freeing OpenSSL session
D/OpenSSLSessionImpl( 4183): Freeing OpenSSL session
D/OpenSSLSessionImpl( 4183): Freeing OpenSSL session
D/OpenSSLSessionImpl( 4183): Freeing OpenSSL session
D/OpenSSLSessionImpl( 4183): Freeing OpenSSL session
D/OpenSSLSessionImpl( 4183): Freeing OpenSSL session
Doesn't look too hopeful, but if you have any suggestions, I can experiment.
tshoulihane said:
Not looking too good - I can see purchased books, but when I attempt to download anything, the progress bar doesn't move, and after a few seconds, 'pause' changes to 'resume'.
All I can see in logcat is
Code:
D/OpenSSLSessionImpl( 4183): Freeing OpenSSL session
D/OpenSSLSessionImpl( 4183): Freeing OpenSSL session
D/OpenSSLSessionImpl( 4183): Freeing OpenSSL session
D/OpenSSLSessionImpl( 4183): Freeing OpenSSL session
D/OpenSSLSessionImpl( 4183): Freeing OpenSSL session
D/OpenSSLSessionImpl( 4183): Freeing OpenSSL session
D/OpenSSLSessionImpl( 4183): Freeing OpenSSL session
D/OpenSSLSessionImpl( 4183): Freeing OpenSSL session
Doesn't look too hopeful, but if you have any suggestions, I can experiment.
Click to expand...
Click to collapse
If you visit Amazon's secure website in Browser, it complains about not trusting the certificate authority. I wonder if that's the reason the app isn't working. Anyway to add certificate authorities to the NST?
mr.rcollins said:
If you visit Amazon's secure website in Browser, it complains about not trusting the certificate authority. I wonder if that's the reason the app isn't working. Anyway to add certificate authorities to the NST?
Click to expand...
Click to collapse
That would make some sense. More likely than the SSL library being so old that modern protocols don't work, which was my line of thought.
I'd be fairly confident it is practical to update the certificate list - just need to find someone who knows how.... If you go looking, start with finding how to _revoke_ a certificate - that's more likely to have better search hits, I guess.
tshoulihane said:
That would make some sense. More likely than the SSL library being so old that modern protocols don't work, which was my line of thought.
I'd be fairly confident it is practical to update the certificate list - just need to find someone who knows how.... If you go looking, start with finding how to _revoke_ a certificate - that's more likely to have better search hits, I guess.
Click to expand...
Click to collapse
Looks like it's not that simple.
(As a new user I can't post a direct link to the stack overflow post)
From Stackoverflow: How to install trusted CA certificate on Android device?
"in all releases though 2.3, an OTA is required to update the cacerts.bks on a non-rooted phone."
Click to expand...
Click to collapse
I don't know what that means for rooted NST.
So there are a number of interesting-looking sites regarding adding to/updating the certificates file (cacerts.bks). It's troubling and ironic, though, that the official Cacerts website gives a security error in Firefox and won't load :silly:
Anyway, here's a Wiki which doesn't make it look too bad. I wonder if this could be done whether it would also fix the Amazon App Store issues.
Edit: Look at "way 3" on the page linked. Seems really easy--almost too easy!
Success. its not too complicated, just needs the right steps listing out.
I originally used jdk1.7.0_79, and bcprov-jdk15on154.jar since that was the java version I have working with android studio now, but ended up with a bootloop (but ADB working, so I was able to restore the old cacerts.bcs.
I managed to list the current certificates, one did expire Dec'15, although that doesn't seem to be in the path for amazon. When I started, an SSL checker app reported most sites failing. With the one update below, its about 50%
Download http://www.bouncycastle.org/download/bcprov-jdk15on-146.jar - this is used locally on your PC to manipulate the certificates and needs to be version 146 or 147 to work with android (or old android at least)
Navigate to https://www.amazon.co.uk, (must be https) click the padlock in the browser (chrome) and 'connection'. In certificate path, find verisign at the top. 'view certificate' and details, then 'copy to file'. I used 'Base-64 encoded X.509' format, and saved as verisign.cer
get the old key store, and keep a copy
Code:
adb pull /system/etc/security/cacerts.bks cacerts.bks
copy cacerts.bks cacerts.bks.old
In your java install, find keytool.exe. You need to provide the password changeit, and the path to the bcprov.jar which you downloaded earlier. Ass the certificate (and say yes when prompted to trust it)
Code:
'C:\Program Files\Java\jdk1.7.0_79\bin\keytool.exe' -storetype BKS -keystore d:\Documents\nook\cacerts.bks -provide
r org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath "C:\Program Files\Java\jdk1.7.0_79\lib\ext\bcprov-jdk15on-146.jar" -storepass c
hangeit -importcert -alias verisign -file D:\Documents\nook\verisign.cer
Now re-mount /system as read-write (using ES root explorer, or remount) and
Code:
adb.exe push .\cacerts.bks /system/etc/security/cacerts.bks
Finally, remount read-only and reboot.
If you're feeling brave, my updated file is here https://drive.google.com/open?id=0BxZHbImYcMGJcjFMZmJ1Szg0VHc (I don't think you should trust your nook much anyway, so its not too bad even if i did something wrong!)
Here for one with a few more certificates found using ssl checker (droidski), working on my Pixel-C, and also trusted by chrome on windows. https://drive.google.com/open?id=0BxZHbImYcMGJRDRXS2NZVmZTSVE
Mirror copies:
https://www.androidfilehost.com/?w=files&flid=50094 - Basic version (amazon working)
https://www.androidfilehost.com/?w=files&flid=50095 - More complete
tshoulihane said:
Success. its not too complicated, just needs the right steps listing out.
I originally used jdk1.7.0_79, and bcprov-jdk15on154.jar since that was the java version I have working with android studio now, but ended up with a bootloop (but ADB working, so I was able to restore the old cacerts.bcs.
I managed to list the current certificates, one did expire Dec'15, although that doesn't seem to be in the path for amazon. When I started, an SSL checker app reported most sites failing. With the one update below, its about 50%
Click to expand...
Click to collapse
Mmm.....that's looking just this side of fearsome to me. My keystore report showed 7 certs. out of 54 expired with a few more going in 2017 and many in 2019 and then much later.
So my first question is, did this resolve the Kindle issue or are we barking up the wrong tree!
Second, I assume you are in the UK, hence the amazon.co.uk?
nmyshkin said:
Mmm.....that's looking just this side of fearsome to me. My keystore report showed 7 certs. out of 54 expired with a few more going in 2017 and many in 2019 and then much later.
So my first question is, did this resolve the Kindle issue or are we barking up the wrong tree!
Second, I assume you are in the UK, hence the amazon.co.uk?
Click to expand...
Click to collapse
Yes, kindle app working fine now - even the kindle store pages load OK, and they have been broken for ages for me. Just synced about 6 books.
I used amazon.co.uk since its local for me, but they probably use the same root (verisign) so copying my file ought to work for you (but no guarantees, I was assuming my nook was junk if I couldn't fix this)
tshoulihane said:
Yes, kindle app working fine now - even the kindle store pages load OK, and they have been broken for ages for me. Just synced about 6 books.
I used amazon.co.uk since its local for me, but they probably use the same root (verisign) so copying my file ought to work for you (but no guarantees, I was assuming my nook was junk if I couldn't fix this)
Click to expand...
Click to collapse
Wow, this is great! Thank you for pursuing it. It makes me wonder now about other odd behaviors like older versions of Google Books that can't sync, and the Market app itself that can't seem to do a search properly. Some people have recently begun to complain that even SearchMarket is returning just a couple of apps on a search. Maybe it's why the old CNN app stopped loading up content. And, of course, the old Amazon App Store.
I need to read about all this carefully and "gird my loins", so to speak, to make an attempt!
The only really messy bit is the long keytool command. It has a few other options, so you can '-list' your key store to check the update worked before pushing it back onto the phone. Of course, you don't need to use adb, but it might save you in case there is a problem.
Once I updated the certs, I did see more syncing activity on logcat - suggesting more things were working, but as far as I can tell, the market is still just as brokn, needing searchmarket.
tshoulihane said:
If you're feeling brave, my updated file is here **REMOVED** (I don't think you should trust your nook much anyway, so its not too bad even if i did something wrong!)
Here for one with a few more certificates found using ssl checker (droidski), working on my Pixel-C, and also trusted by chrome on windows. **REMOVED**
Click to expand...
Click to collapse
Both Google Drive links aren't open to the public...
mr.rcollins said:
Both Google Drive links aren't open to the public...
Click to expand...
Click to collapse
Try again - works for me in incognito now.
Feeling a bit too brave here, so I tried this method found on Stack Exchange:
What I did to be able to use startssl certificates was quite easy. (on my rooted phone)
I copied /system/etc/security/cacerts.bks to my sdcard
Downloaded http://www.startssl.com/certs/ca.crt and http://www.startssl.com/certs/sub.class1.server.ca.crt
Went to portecle.sourceforge.net and ran portecle directly from the webpage.
Opened my cacerts.bks file from my sdcard (entered nothing when asked for a password)
Choose import in portacle and opened sub.class1.server.ca.crt, in my case it already had the ca.crt but maybe you need to install that too.
Saved the keystore and copied it baxck to /system/etc/security/cacerts.bks (I made a backup of that file first just in case)
Rebooted my phone and now I can visit my site that's using a startssl certificate without errors.
Click to expand...
Click to collapse
In my case I just tried the certificate from amazon.com and everything seemed to work as described--until I rebooted, or tried to. Bootloop. Thank goodness for Nook Manager and backups!
Real progress!
Many thanks @tshoulihane! I've successfully copied over your more extensive update of cacerts.bks
The Kindle app seems to function like it should, including the store. The Amazon App store "functions" in that, while I could not seem to log in with my Amazon credentials I could see and browse apps. I didn't try downloading any, though, as I've never cared for the behavior of the App Store on the NST, but it looks like the app might be salvageable, perhaps requiring additional certs.
The old CNN news app still will not load up content, although you can enter your location and get a weather forecast
The old version of Google Books (1.0.1.6) works great! I was able to look at my online content, both from Google and also an e-book (not from Google) I had uploaded. My memory tells me that this was a BIG issue with a lot of people who wanted to use the Books app in the past. (see edit below)
I think this is headed in the right direction for apps that seem to fail because they can't negotiate a secure server connection (those which need to sync data). What a neat discovery!
Edit: in fact Google Books 1.0.1.6 works fine locally as a reader but cannot upsync your reading position. BUT, a working version of Google Books has been discovered. Read here.
nmyshkin said:
The old CNN news app still will not load up content, although you can enter your location and get a weather forecast
Click to expand...
Click to collapse
If you can find a URL I can extract a suitable cert from, I can update again easily enough.
tshoulihane said:
If you can find a URL I can extract a suitable cert from, I can update again easily enough.
Click to expand...
Click to collapse
Thanks for the offer. I've been snooping through the logcat for both the Amazon App Store and the CNN
News app. I can say definitively that the App Store is broken. This line appears in the logcat during the whole log-in cycle that does not work:
Code:
E/AmazonAppstore.AbstractJsonWebResponse( 5845): failed to construct JSON response: {"message":"The registerDevice API has been retired. Please upgrade your appstore client."}
As for the CNN News app, there are many, many JSON errors related to fetching headlines and images that are "not found". Those would likely be the little pictures that act as access "buttons" for each story. While there's nothing as explicit as the message for the App Store, it seems pretty clear to me that whatever the app is looking for is no longer where it expects to find it.
Still, I think the certificate update has been very helpful in rescuing Google Books and Kindle--maybe others in the near future, who knows? And I learned something

My rooted unregistered Nook Simple Touch chews battery like crazy

I got a Like New NST, reset it, unregistered it, and rooted it. I haven't replaced the kernel yet. But I have noticed that (even before I rooted it) the battery consumption is unacceptable. I've seen some old threads about this (for example https://forum.xda-developers.com/showthread.php?t=1475070) , and some suggested removing some APKs like Phone.apk and TelephonyProvider.apk, while others suggested removing or disabling some B&N-related APKs.
The thing is that some other threads seem to imply these solutions are bogus and that they don't really help. There is a lot of conflicting information spread around on this topic.
Does anybody know if there is a solution to this issue? I'm really loving the NST, it's an amazing reader in all ways except for this glaring issue.
Thanks!
Winston S. said:
I got a Like New NST, reset it, unregistered it, and rooted it. I haven't replaced the kernel yet. But I have noticed that (even before I rooted it) the battery consumption is unacceptable. I've seen some old threads about this (for example https://forum.xda-developers.com/showthread.php?t=1475070) , and some suggested removing some APKs like Phone.apk and TelephonyProvider.apk, while others suggested removing or disabling some B&N-related APKs.
The thing is that some other threads seem to imply these solutions are bogus and that they don't really help. There is a lot of conflicting information spread around on this topic.
Does anybody know if there is a solution to this issue? I'm really loving the NST, it's an amazing reader in all ways except for this glaring issue.
Thanks!
Click to expand...
Click to collapse
I sympathize and don't want to add to the conflicting information. Read what I wrote here: https://forum.xda-developers.com/showpost.php?p=78287581&postcount=2 under "Decrapify system/app". I can tell you definitively that Phone.apk has little or nothing to do with your battery drain. I did a major study on that issue a long time ago: https://forum.xda-developers.com/nook-touch/general/battery-usage-phone-apk-t3341370
nmyshkin said:
I sympathize and don't want to add to the conflicting information. Read what I wrote here: https://forum.xda-developers.com/showpost.php?p=78287581&postcount=2 under "Decrapify system/app". I can tell you definitively that Phone.apk has little or nothing to do with your battery drain. I did a major study on that issue a long time ago: https://forum.xda-developers.com/nook-touch/general/battery-usage-phone-apk-t3341370
Click to expand...
Click to collapse
Thank you for all your work, you are very methodic and logical, and I appreciate your generosity sharing all your knowledge about the NST (I have been reading up on different things here before I decided to buy one.) :good:
So, to condense all this, it looks as if neither deleting Phone.apk nor disabling B&N apps helps with battery consumption. Also, am I correct in concluding that having an unregistered Nook (or a Nook which is offline, even if registered) will invariably result in poor battery life? That's quite unfortunate, as I was planning to use my NST as a fully offline device.
Winston S. said:
So, to condense all this, it looks as if neither deleting Phone.apk nor disabling B&N apps helps with battery consumption. Also, am I correct in concluding that having an unregistered Nook (or a Nook which is offline, even if registered) will invariably result in poor battery life? That's quite unfortunate, as I was planning to use my NST as a fully offline device.
Click to expand...
Click to collapse
Almost, but fortunately not quite right. Although B&N did some questionable stuff when they cobbled together the NST/G system, I don't think they expected the devices to spend a lot of time online. If the system detects that there is no WiFi, it just slaps a post-it on its internal "refrigerator" to remind it to try a check-in later. All of that happens pretty quickly and in the grand scheme of things Android where stuff is not always killed outright even when you've finished with it, it's not a Big Deal.
So register and forget. It's the easiest path to device stability and the intended power consumption pattern.
nmyshkin said:
Almost, but fortunately not quite right. Although B&N did some questionable stuff when they cobbled together the NST/G system, I don't think they expected the devices to spend a lot of time online. If the system detects that there is no WiFi, it just slaps a post-it on its internal "refrigerator" to remind it to try a check-in later. All of that happens pretty quickly and in the grand scheme of things Android where stuff is not always killed outright even when you've finished with it, it's not a Big Deal.
So register and forget. It's the easiest path to device stability and the intended power consumption pattern.
Click to expand...
Click to collapse
Thank you again, I suppose if that's the case then I will register my NST. A couple questions: So if I register the device and never again connect to Wireless that "refrigerator post-it" won't expire?
And, most importantly, if I register with B&N will they push the 1.2.2 update on my device, or can I prevent that without any ill effect? I'd really like to stick to 1.2.1.
EDIT: I read your previous OP about the 1.2.2 OTA update, and your link for how to block it here: https://forum.xda-developers.com/showpost.php?p=34433959&postcount=3
Renate NST also suggested deleting /system/app/DeviceManager.apk, but I don't know if this would be problematic with the B&N registration issue I'm trying to fix to begin with.
Is there a preferred way to do this and still keep the device registered and battery life unscathed?
I appreciate your help!
Winston S. said:
Thank you again, I suppose if that's the case then I will register my NST. A couple questions: So if I register the device and never again connect to Wireless that "refrigerator post-it" won't expire?
And, most importantly, if I register with B&N will they push the 1.2.2 update on my device, or can I prevent that without any ill effect? I'd really like to stick to 1.2.1.
EDIT: I read your previous OP about the 1.2.2 OTA update, and your link for how to block it here: https://forum.xda-developers.com/showpost.php?p=34433959&postcount=3
Renate NST also suggested deleting /system/app/DeviceManager.apk, but I don't know if this would be problematic with the B&N registration issue I'm trying to fix to begin with.
Is there a preferred way to do this and still keep the device registered and battery life unscathed?
I appreciate your help!
Click to expand...
Click to collapse
I think since you are just starting out working with the device and don't have work to lose by updating and re-rooting, registering and then updating (you can do it manually by downloading the file yourself) is your best bet. The device keeps a "last date contacted" and "next date to try contact" in settings.db. If there is no WiFi, it will just keep changing the dates. That's all.
OTOH, if you do not update but NEVER connect to WiFi, there will probably be no issue. The method to block updates "works", as I found, but it did not prevent the occasional reboot when I was connected to WiFi, so I finally just threw in the towel and updated my devices, starting over from scratch. I'm happy with the many changes I've made since, so it worked out for me. Not sure why you want to stay with 1.2.1. It is virtually identical to 1.2.2 and I don't believe there is anything on-site here that worked with 1.2.1 which doesn't also work with 1.2.2. All B&N did was patch contacts with their servers for TLS 1.2 compliance.
Deleting/disabling DeviceManager will give your NST Alzheimers as far as your registration is concerned and it will just begin wondering why it can't remember who it is and how/when to phone home--wherever that is. One of the problems with disabling B&N apps is that there are also jar files which don't get disabled and the system still tries to fool with those. You can delete/disable those as well but the more you niggle at the system architecture the more unstable the device becomes and the more things fail to work properly (like the Reader and Library).
Like I said before, it's better AND easier to just treat the device the way it was designed as far as updating or registering. You don't have to use a credit card, you don't even have to use a real e-mail address, I suppose. Then when all that is out of the way you can just install your own launcher and set the "n" button to Home. Voila! You'll never see or hear from the B&N stuff again and your battery will last a good long time.
nmyshkin said:
I think since you are just starting out working with the device and don't have work to lose by updating and re-rooting, registering and then updating (you can do it manually by downloading the file yourself) is your best bet. The device keeps a "last date contacted" and "next date to try contact" in settings.db. If there is no WiFi, it will just keep changing the dates. That's all.
OTOH, if you do not update but NEVER connect to WiFi, there will probably be no issue. The method to block updates "works", as I found, but it did not prevent the occasional reboot when I was connected to WiFi, so I finally just threw in the towel and updated my devices, starting over from scratch. I'm happy with the many changes I've made since, so it worked out for me. Not sure why you want to stay with 1.2.1. It is virtually identical to 1.2.2 and I don't believe there is anything on-site here that worked with 1.2.1 which doesn't also work with 1.2.2. All B&N did was patch contacts with their servers for TLS 1.2 compliance.
Deleting/disabling DeviceManager will give your NST Alzheimers as far as your registration is concerned and it will just begin wondering why it can't remember who it is and how/when to phone home--wherever that is. One of the problems with disabling B&N apps is that there are also jar files which don't get disabled and the system still tries to fool with those. You can delete/disable those as well but the more you niggle at the system architecture the more unstable the device becomes and the more things fail to work properly (like the Reader and Library).
Like I said before, it's better AND easier to just treat the device the way it was designed as far as updating or registering. You don't have to use a credit card, you don't even have to use a real e-mail address, I suppose. Then when all that is out of the way you can just install your own launcher and set the "n" button to Home. Voila! You'll never see or hear from the B&N stuff again and your battery will last a good long time.
Click to expand...
Click to collapse
The main reason I want to avoid 1.2.2 is because I tend to value stability overall, and since most of the stuff here was created by the era of 1.2.1 or before, I am leery of doing something that will make things less compatible. Plus I am distrustful of B&N changes on a device this old. I also thought I had read you explaining some changes that needed to be done after a 1.2.2 update to make something work (NM, maybe? I forget.)
So my question was more along the lines of whether, when I register the device, it will be flagged immediately for update and cause some trouble if I don't, or even if the update will be downloaded in the background without me being able to do anything about it. I suppose I could always patch the sqlite file to disable OTA updates and then register. That would be the safest way to go. And you need to use ADB for this to work, right? There is no way to edit the file onboard the NST itself?
I can't wait for the battery consumption to be normal, because I am really enjoying my NST with its great ergonomy and the ability to install different readers. Mine is going to be a dedicated offline ebook reader, but a great one. And much of the reason it is so amazing is thanks to folks like you and Renate who have contributed so much. :good:
Winston S. said:
The main reason I want to avoid 1.2.2 is because I tend to value stability overall, and since most of the stuff here was created by the era of 1.2.1 or before, I am leery of doing something that will make things less compatible. Plus I am distrustful of B&N changes on a device this old. I also thought I had read you explaining some changes that needed to be done after a 1.2.2 update to make something work (NM, maybe? I forget.)
So my question was more along the lines of whether, when I register the device, it will be flagged immediately for update and cause some trouble if I don't, or even if the update will be downloaded in the background without me being able to do anything about it. I suppose I could always patch the sqlite file to disable OTA updates and then register. That would be the safest way to go. And you need to use ADB for this to work, right? There is no way to edit the file onboard the NST itself?
Click to expand...
Click to collapse
There's really no reason to be concerned about the 1.2.2 update. It's all fine. B&N would not go to the trouble on an old device like this only to somehow wreck it. It's just a TLS security update and involves connection to their servers. Since you do not intend to use the device online, the only minor issue (resigning Opera Mobile browser-- which I've already provided elsewhere) is moot for you.
As for changing the OTA flag, you can do it via ADB if you install sqlite3. This is probably best since moving settings.db back onto the device after editing can be tricky. But you could eliminate the entire tango by just updating to 1.2.2 and going on with your life
nmyshkin said:
There's really no reason to be concerned about the 1.2.2 update. It's all fine. B&N would not go to the trouble on an old device like this only to somehow wreck it. It's just a TLS security update and involves connection to their servers. Since you do not intend to use the device online, the only minor issue (resigning Opera Mobile browser-- which I've already provided elsewhere) is moot for you.
As for changing the OTA flag, you can do it via ADB if you install sqlite3. This is probably best since moving settings.db back onto the device after editing can be tricky. But you could eliminate the entire tango by just updating to 1.2.2 and going on with your life
Click to expand...
Click to collapse
Thank you for clarifying that, I think I have had an overdose of information from reading too many threads in a short span of time and somehow I got the idea NookManager had some sort of issue after the 1.2.2 update that required some tinkering. The fact that the update is limited to the TLS update means it doesn't affect me, so things would be OK. On the other hand, not installing the update also seems like wouldn't be an issue and I really wanted to get ADB going anyway to install things wirelessly, so the most logical path seems to go through the minimal effort required to change that setting anyway. It turns out I already have sqlite3 installed (I am running an Ubuntu system,) so even more reason to do this!
I'll be reading up on the way to get ADB working.
BTW, I know you have proposed probably changing NookManager to address different issues you have encountered. Let me know if I can be of any help. I have no experience building Android components and limited experience compiling, but I would be happy to learn a new skill.
Thanks! :good:
@nmyshkin I easily managed to change the OTA setting through USB ADB. (I'm keeping track of all this process so when I have everything set up I will create a thread for posterity to help anyone else with the same questions.)
Now, the problem I wasn't anticipating is that I didn't foresee the battery problems, so I used that procedure to avoid the Register prompt on startup (Bypass OOBE procedure.) But of course now I don't know how to register the Nook. Do I need to reset to Factory using NookManager, root, disable OTA, and then register? It would be nice if there is a way to avoid this?
EDIT: Searching through another thread I saw your suggestions (almost 3 years old) to use the DeviceRegistrator, so after creating a B&N account I did and it said that the registration was successful, but in Settings the Account is showing up as unavailable, so I restarted the NST, and still I am getting Account Unavailable under Settings. Does the Device Registrator not work anymore? Or have B&N stop registering NST devices?
So I checked by logging into the B&N account and as expected there are no NSTs linked to my account. The DeviceRegistrator app has a few options (Register Device, Authenticate Device, Register User, and Authenticate User.) I didn't touch the User options so I guess that is to create a new account. I just used the "Register Device" option. Do I need to Authenticate Device too, or is this just not working anymore?
I read somewhere that there is also another app called OOBE Reg or something like that that basically runs the default registration procedure, but I haven't found that app in my NST.
I actually went down a similar rabbit hole myself at one point when I was investigating selective disabling of B&N apps, etc. Yes, you need to authenticate. That may or may not have the desired effect. Right now DeviceRegistrator is your only option. It may or may not be possible to authenticate a rooted device by this method.
Having said that, maybe it's time to take a step back and ask yourself whether all this angst is worth the end result when the path of least resistance will yield an equally functional result. The answer to that depends, in part, on how much other stuff you have already done. But before you do more things don't forget that the basic device needs to be in optimum working condition (like not eating battery) first.
nmyshkin said:
I actually went down a similar rabbit hole myself at one point when I was investigating selective disabling of B&N apps, etc. Yes, you need to authenticate. That may or may not have the desired effect. Right now DeviceRegistrator is your only option. It may or may not be possible to authenticate a rooted device by this method.
Having said that, maybe it's time to take a step back and ask yourself whether all this angst is worth the end result when the path of least resistance will yield an equally functional result. The answer to that depends, in part, on how much other stuff you have already done. But before you do more things don't forget that the basic device needs to be in optimum working condition (like not eating battery) first.
Click to expand...
Click to collapse
I will Authenticate using DeviceRegistrator and see if it works. The Catch 22 is that if I revert to Factory and then register the device I might have a problem with the 1.2.2 update I want to avoid (but yes, I realize at this point my aversion to 1.2.2 is basically irrational.) So I will try this approach first and report back. I will double check to see if the Nook Device shows up in my B&N account too, and I'll report again.
I agree 100% about putting the device in a sound baseline state before installing a lot into it. I'm documenting all that I do, and when I reach that state I'll create a thread about it. Hopefully it can be of use to someone down the road, because I do see new NST units being bought still every week in eBay.
I was relieved that ADB over USB was already enabled by installing NookManager and that I only needed to create a couple of files in my Ubuntu machine for it to work.
Winston S. said:
I was relieved that ADB over USB was already enabled by installing NookManager and that I only needed to create a couple of files in my Ubuntu machine for it to work.
Click to expand...
Click to collapse
That's actually news to me. I had thought the flag for WiFi ADB was set. I've never tried USB.
nmyshkin said:
That's actually news to me. I had thought the flag for WiFi ADB was set. I've never tried USB.
Click to expand...
Click to collapse
Yes, apparently ADB Konnect is set up so that if you start ADB Wireless it sets the flag, and then unsets it. I just tried ADB through Wireless and it also works.
To update on the DeviceRegistrator, I tried to Authenticate the Device and it didn't work (I got a banner saying that the operation is no longer supported.) So it looks like I will need to restore to Factory, register, and then root (which defeats the purpose of disabling OTA updates, as I can't do that until I root.)
@nmyshkin, is resetting the Nook to factory by using "Erase & Deregister Device" option in the stock Nook Settings the same as resetting to factory.zip from NookManager or holding the two Page Back hardware buttons on startup?
I reset mine using the "Erase & Deregister Device" menu option, and then registered and rooted it again, but still I am having problems with CoolReader (I am using the cr3_0_49_13.apk posted in the relevant thread.) Basically, there are no options to set the refresh interval where they should be, and the Options interface is black. Somebody mentioned this as well but they fixed it by restoring to factory, so I'm wondering what the deal is. Is this the only version of CoolReader people use with the NST?
Winston S. said:
@nmyshkin, is resetting the Nook to factory by using "Erase & Deregister Device" option in the stock Nook Settings the same as resetting to factory.zip from NookManager or holding the two Page Back hardware buttons on startup?
I reset mine using the "Erase & Deregister Device" menu option, and then registered and rooted it again, but still I am having problems with CoolReader (I am using the cr3_0_49_13.apk posted in the relevant thread.) Basically, there are no options to set the refresh interval where they should be, and the Options interface is black. Somebody mentioned this as well but they fixed it by restoring to factory, so I'm wondering what the deal is. Is this the only version of CoolReader people use with the NST?
Click to expand...
Click to collapse
No, erase and deregister does just that. It removes your account info and settings. The factory reset is an actual reimaging of the device from the protected onboard image. This can be done with the two button technique, NookManager or eight failed boot attempts.
I'm afraid I can't help much with CoolReader. I once had a version installed but found it had way too many settings for me. I ended up using only the screensaver/book cover option but that was pretty silly and I eventually got rid of and wrote my own app for that.
I located the version for the other fellow, but that's the extent of my knowledge. I'll try it in a bit and see what you're talking about.
nmyshkin said:
No, erase and deregister does just that. It removes your account info and settings. The factory reset is an actual reimaging of the device from the protected onboard image. This can be done with the two button technique, NookManager or eight failed boot attempts.
I'm afraid I can't help much with CoolReader. I once had a version installed but found it had way too many settings for me. I ended up using only the screensaver/book cover option but that was pretty silly and I eventually got rid of and wrote my own app for that.
I located the version for the other fellow, but that's the extent of my knowledge. I'll try it in a bit and see what you're talking about.
Click to expand...
Click to collapse
Please, don't waste any time with CoolReader. As usual, you saved the day. I'll reimage the device using the correct procedure, as I mistakenly believed this is what the Erase and Deregister option did. I think this will take care of the CoolReader weirdness, and if not I have found that NoRefresh works remarkably well with it anyway. Thank you!
Winston S. said:
Please, don't waste any time with CoolReader. As usual, you saved the day. I'll reimage the device using the correct procedure, as I mistakenly believed this is what the Erase and Deregister option did. I think this will take care of the CoolReader weirdness, and if not I have found that NoRefresh works remarkably well with it anyway. Thank you!
Click to expand...
Click to collapse
Mmm.....I see nothing in that version of CoolReader thats looks anything like it was adapted for the NST. I got that version from a e-book blog post link so shame on me for passing along bogus stuff. It's definitely NOT the version I once had installed (whatever that was...). The current market version is incompatible and the "new" CoolReader GL installs but does not run. I took a look at the CR home at SourceForge and there are many versions available there but it would be trial-and-error with them--and maybe there is no magic bullet. If you search for "CoolReader" on the forum you will find a variety of references. In some lists of "working" apps there are version numbers. Tracking down one of those might be a start.
nmyshkin said:
Mmm.....I see nothing in that version of CoolReader thats looks anything like it was adapted for the NST. I got that version from a e-book blog post link so shame on me for passing along bogus stuff. It's definitely NOT the version I once had installed (whatever that was...). The current market version is incompatible and the "new" CoolReader GL installs but does not run. I took a look at the CR home at SourceForge and there are many versions available there but it would be trial-and-error with them--and maybe there is no magic bullet. If you search for "CoolReader" on the forum you will find a variety of references. In some lists of "working" apps there are version numbers. Tracking down one of those might be a start.
Click to expand...
Click to collapse
Thank you for looking at this. I am a little confused, because you helped @ALinkToTao who was having problems with it, and he seems to imply that the version linked here which you referred him to ended up working for him..
So I'm just going to write that off to him being confused about the version he ended up installing. I will see if I find something that works, thanks again.
Winston S. said:
Thank you for looking at this. I am a little confused, because you helped @ALinkToTao who was having problems with it, and he seems to imply that the version linked here which you referred him to ended up working for him..
So I'm just going to write that off to him being confused about the version he ended up installing. I will see if I find something that works, thanks again.
Click to expand...
Click to collapse
Yeah, so I need to redeem myself there. In my lame defense, I was just going with what was posted here: https://blog.the-ebook-reader.com/2...artial-refresh-and-page-button-support-video/
Clearly that is bogus. So I checked out @wozhere's listed working version, or something close.
I think the place to start is with the 3.1.2 series from the SourceForge home of CoolReader. The attached version looks a lot more like what I remember and has screen refresh options (only visible as settings while viewing a book).
There were many more options on the version I once had, so this one is a starting point only.

Categories

Resources