Database Users

Security Issues...?

Just read this piece of information...
http://www.thisandroidlife.com/2010...om-infected-iphones-and-android-handsets.html
I've always thought about this ever since a buddy of mine coded a little bot to do about the same thing to an online game.
Anyway,the real question I guess is, What can be done to prevent these types of thing from happening? What do you think?

Doesnt Android tell you everything a program is going to access before it's installed? I ALWAYS read that.

The only thing that this article is trying to point out is that non tech savvy users, which are probably a lot of Smartphone users won't really understand or care to know the "details" of the apps and what its all going to do, as such; they're more prone to installing these malicious apps. On top of that, they were showcasing that right now, they've only taken the GPS coordinates from the phone, but if they wanted to - passwords, messages, etc could be taken from the phone without anyone ever knowing.
I think this is good, it makes people more aware and allows us to be more cautious. Not mention, it's becoming obvious that Mobile data/traffic is easy to target and probably even easier to trick users (than on computers) because of lack of security and the notion that ones' phone cannot be "hacked" or what not.

hm
i had to go threw SlideMe.org to get a app because my bank blocked Android Market lol anyway. They sent out a server wide warning that app was bad last night.

BTW is there an app which logs where and what your phone sends? Like "littlesnitch"?
http://tinyurl.com/o9568k

There's not much that can be done about this, and it's a perfectly legitimate threat.
Yes, the app DOES tell you what it will be doing, but nearly any app that has Network access and Fine Location, especially if it does grab your GPS coordinates for something in the app itself, could send stuff behind the scenes and you'd be completely unaware.
I definitely don't think this will be the last time we'll hear about this sort of malicious app.

Negrito said:
Doesnt Android tell you everything a program is going to access before it's installed? I ALWAYS read that.
Click to expand...
Click to collapse
Of course but you don't know EXACTLY what the app is doing with the info(unless you tear it apart).Like in the example a weather widget,of course its going to use gps.So what if another app that can access your phones info that would typically need to, but is broadcasting that info to a remote server.If you get what I'm, trying to get at.
Edit: What kmart said...lol

The only truly saving grace of these phones about the sensitivity of location awareness with respect to paranoia of the same, is that we can pull the battery and remove any doubt that the phone cannot disclose its function or location.
There was an article I read a while ago that the Fed's had issued over 3 million location requests last year to Sprint on users - warrant-less! How's that for Paranoia!!!
But all these apps in the market has the Buyer Beware tag so, of course at some point or another it will be exploited! For the most part, the idea of location awareness and marketing/advertisement and or service oriented provisioning is a great concept. The openness of the Android system to provide the same - will undoubtedly have it's shortfalls. A Good Firewall app that notifies and asks for approval prior to transmitting info or accepting connections from an app would go a long way to controlling potential problems. Just like a PC, which basically these phones have become.

well, considering I don't go on any financial sites from my phone, there's not much they can get off it...do they want my school email password? Have at it...they can read those worthless emails if they want (heck, even send a nice threatening email to my profressors for all I care lol).
Not to mention that my phone gets wiped a few times a week, just like so many other people here, there's not much they can get unless they can manage to hack into my google account and steal my credit card info...in which case, they won't be able to spend much on that account, since there's nothing in it lol.
This is as bad as "big brother" listening to my phone calls. What do I care? lol. If someone wants to know where I am, then by all means, let them know where I am. I'm not doing anything of interest to them.
On a side note, we apparently have caught the attention of the mods in this sub-forum, and have become a "family forum" according to a different thread lol.

tatonka_hero said:
On a side note, we apparently have caught the attention of the mods in this sub-forum, and have become a "family forum" according to a different thread lol.
Click to expand...
Click to collapse
Hey Tatonka! Lol, wassup? hahaha, but if you could, please elaborate? I know it's off topic, but I'm happy to be apart of the Android Family hehe...
And oh... is there any PGP type Android app that anyone might be familiar with? Lol, just thinking about it with this topic, lol...

I was thinking about that 'Firewall App' idea.Maybe that could be done,it would definitely be something worth looking into.
In response to totonka's post,i hear you.I'm the same way,BUT there are plenty of people who do have sensitive info/files/pictures(you know what I'm talking about) that surely wouldn't want ANYone to have access to.That's just how it is.I'm just thinking of the tons of people who don't even know that this is even possible.

casperlt1 said:
I was thinking about that 'Firewall App' idea.Maybe that could be done,it would definitely be something worth looking into.
Click to expand...
Click to collapse
My thoughts also, but I don't know if it is a true Firewall or just handles calls...

A security issue is still a security issue even if it doesn't affect you, and an invasion of privacy is still an invasion of privacy even if you don't care about it. Not trying to start any sort of flame here, please don't take it that way. Just mean to say that if you wait to take a stance on a known problem until it becomes YOUR problem, haven't you maybe waited too long?

Email to MOTO

Okay guys so we know all attempts at hacking the bootloader to circumvent the efuse hasn't worked. I feel that the only way to crack this thing open is with the keys from MOTO. Its a slim chance it will actually work but if enough people complain and flood their inboxes somethings bound to happen. maybe. hopefully. Well I sent in an email to tech support and got a cookie cutter response that you can see below. I then was playing around with possible email addresses for the Co-CEO Greg brown I finally landed on his email with the help of someone else and his email is [email protected] I sent him an email to which he forwarded to a PR person I'm guessing and got a cookie cutter response. This pisses me off. Let's do something about it. Everyone send your emails to to that guy requesting the keys. Make the subjects not all locked bootloader or he won't even look at them I'm guessing. This is ridiculous and we need to take a stand. If you don't like the idea then that's fine but to everyone else send an email.
Sent: Wednesday, November 17, 2010 2:30 PM
To: Brown Greg Pres CEO-CGB025
Subject: locked bootloader
Greg,
Please provide me with the keys to my phone. I purchased this phone and I should be able to do what I want with it. How would you like it if you purchased a car and the dealership put a lock on the hood not allowing you to access the engine. You would then have to go to that dealership each time you wanted anything done even though you are a mechanic yourself. This is exactly what is happening here. I'm tired of you guys locking down devices that a consumer has purchased. If I should so choose to do stuff that would violate warranties then that's all on me. You can reply with the keys.
Thanks.
Click to expand...
Click to collapse
Their reply
Thank you for contacting Motorola. Your e-mail below was forwarded to me to address for Mr. Brown.
Motorola's primary focus is the security of our end users and protection of their data, while also meeting carrier, partner and legal requirements. The Droid X and a majority of Android consumer devices on the market today have a secured bootloader. In reference specifically to eFuse, the technology is not loaded with the purpose of preventing a consumer device from functioning, but rather ensuring for the user that the device only runs on updated and tested versions of software. If a device attempts to boot with unapproved software, it will go into recovery mode, and can re-boot once approved software is re-installed. Checking for a valid software configuration is a common practice within the industry to protect the user against potential malicious software threats. Motorola has been a long time advocate of open platforms and provides a number of resources to developers to foster the ecosystem including tools and access to devices via MOTODEV at http://developer.motorola.com.
Thank you,
Anne Arroyo
Motorola Consumer Advocacy Office
Click to expand...
Click to collapse
COME ON GUYS.

What's the email address? It's worth a shot.
Sent from my DROIDX

bkjolly said:
What's the email address? It's worth a shot.
Sent from my DROIDX
Click to expand...
Click to collapse
It's in the OP.

Email sent I will post it when I get the response.
Sent from my DROIDX

motorola don't care
You will get the same response... they feel they are protecting the end user which is us.... but also those who don't care to mod their droid x. They are operating under the excuse that someone may take the information and create a virus that would be able to take customer information... atleast that is the bull they are feeding the public. Not using the common since in their heads say... "we left the drod 1 unlocked and nothing significately bad happened." and they also like to say it will void the warranty.. bla bla bla... so no matter what you do all you will get is bullsh*t bullsh*t BULLSH*T.... until someone comes up with a valid excuse and manages to get through to an actual person... cause I would be willing to bet that... that is an automated response based on subject slash specific words in the body. no one with any power reads them and if they see anything envolving bootloader it is replied to in that fashion no matter what.

better off
You would be better off complaining if they don't want to unlock the bootloader, then they need to come up with a better more inventive and visualy apealing UI, cause BLUR is crap.

Motorola is starting to piss me off

Ubermicro13 said:
Motorola is starting to piss me off
Click to expand...
Click to collapse
Same. They say they support the open policy but that's BS. I love the phone but will probably not buy another one. That being said I knew what I was getting into prior to buying the phone with the locked bootloader/eFuse. However, this being my first android phone I didn't realize how addicting customizing could be. ie. roms/kernals. well, I can imagine how addicting it would be.

emailed
just emailed greg..

Guy, think about this for a second.
What CAN'T we do to this phone that we're already doing, besides maybe an optimized kernel? WITH efuse in place, the devs have managed to implement overclocking, voltage mods, easy rooting, system ROMing, etc. Its my understanding that with the D1, OCing and voltage mods were done by customizing the kernel. Well, here we are with the DX and doing it easily with the bootloader still locked down.
Now, I'd like to see that bootloader unlocked for the sake of doing it, but still...um, we've already gotten around much of what we were prevented from doing in the first place and all under efuse's nose.

Aggie12 said:
Same. They say they support the open policy but that's BS. I love the phone but will probably not buy another one. That being said I knew what I was getting into prior to buying the phone with the locked bootloader/eFuse. However, this being my first android phone I didn't realize how addicting customizing could be. ie. roms/kernals. well, I can imagine how addicting it would be.
Click to expand...
Click to collapse
Haha I'm on the same boat as you, It is indeed addicting.

The whole point of motorola locking down the bootloader was to prevent people from gaining the type of access we want. I know that the BL situation is annoying, but I was also aware of it when I bought the device. Personally, root and tethering are all that I want; otherwise, I would have bought a DI or Fascinate.
Not trying to hate, but i have seen multiple failed "outraged email drives" directed at motorola over the months
Sent from my DROIDX using XDA App

davisbs999 said:
The whole point of motorola locking down the bootloader was to prevent people from gaining the type of access we want. I know that the BL situation is annoying, but I was also aware of it when I bought the device. Personally, root and tethering are all that I want; otherwise, I would have bought a DI or Fascinate.
Not trying to hate, but i have seen multiple failed "outraged email drives" directed at motorola over the months
Sent from my DROIDX using XDA App
Click to expand...
Click to collapse
That's fine. I'm not looking for the approval of your nor anyone else. It was merely a chance for me to vent my frustration towards the man. And I know we have come far but it's more of the principle that they still have so much say with the device even though we own it.

Why don't just send them your custom ROMs so they can approve they are within their "QA"? huh?

Dany0 said:
Why don't just send them your custom ROMs so they can approve they are within their "QA"? huh?
Click to expand...
Click to collapse
I agree with that. Elect a team to build the ULTIMATE ROM and send to Moto. Show them what the devs can accomplish along with our user support.
We have to provide resistance and keep the pressure on them to stop this kind of lockdown for the future of modding/hacking devices.

Why ultimate, first we have to see what kind of roms they accept and which not. Then everyone will send it's own ROM.
And then we will sue them.
And then chuck norris... oh nothing

jasonm4046 said:
You will get the same response... they feel they are protecting the end user which is us.... but also those who don't care to mod their droid x. They are operating under the excuse that someone may take the information and create a virus that would be able to take customer information... atleast that is the bull they are feeding the public. Not using the common since in their heads say... "we left the drod 1 unlocked and nothing significately bad happened." and they also like to say it will void the warranty.. bla bla bla... so no matter what you do all you will get is bullsh*t bullsh*t BULLSH*T.... until someone comes up with a valid excuse and manages to get through to an actual person... cause I would be willing to bet that... that is an automated response based on subject slash specific words in the body. no one with any power reads them and if they see anything envolving bootloader it is replied to in that fashion no matter what.
Click to expand...
Click to collapse
I actually put it in my email not to give me that bull because everyone with half a brain knew it was a lie and that everyone that read it was laughing at Moto for thinking people were that stupid.
Sent from my DROIDX

SirBrass said:
Guy, think about this for a second.
What CAN'T we do to this phone that we're already doing, besides maybe an optimized kernel? WITH efuse in place, the devs have managed to implement overclocking, voltage mods, easy rooting, system ROMing, etc. Its my understanding that with the D1, OCing and voltage mods were done by customizing the kernel. Well, here we are with the DX and doing it easily with the bootloader still locked down.
Now, I'd like to see that bootloader unlocked for the sake of doing it, but still...um, we've already gotten around much of what we were prevented from doing in the first place and all under efuse's nose.
Click to expand...
Click to collapse
The reason this is important is Moto's security gets tighter with every update. If we let them get away with it without at least trying to do something about it then they will continue to make security tighter and harder to work around. When other Manufacturers see that Moto got away with it they'll follow and eventually all phones will be locked down to the point that everyone is running the same Vanilla OS. The bootloader have a work around now but if we don't speak up it may not one day. They had no legitimate reason to lock the bootloader down it was just a show of force. Efuse is step one. So if you don't want Android ruined by the Manufacturers and Carriers speak up now. The Droid X is okay with a locked bootloader but they still put a leash on it and they're going to keep tightening it as long as we let them. Others will follow just watch HTC has already stared.
Sent from my DROIDX

Anyone want to start a web page for an online petition for Manufacturers not to lock down their phones? I would do it but I don't have the know how. But if we email this guy and start a web petition we have more of a voice. Call in to RadioAndroid and let the public know it's out there. This isn't just Moto we're fighting. We can stop other Manufacturs before they start or at least try.
Sent from my DROIDX

bkjolly said:
Anyone want to start a web page for an online petition for Manufacturers not to lock down their phones? I would do it but I don't have the know how. But if we email this guy and start a web petition we have more of a voice. Call in to RadioAndroid and let the public know it's out there. This isn't just Moto we're fighting. We can stop other Manufacturs before they start or at least try.
Sent from my DROIDX
Click to expand...
Click to collapse
There have already been two online petitions done.

Microsoft knows where you are.....

So, wp7 also tracks location, just like android and iphone, and it uploads said tracking data to ms servers,....... anyone scared??
theregister. co.uk/2011/04/27/windows_phone_location_tracking/

Let me think about that for a minute... No...

samsamuel said:
So, wp7 also tracks location, just like android and iphone, and it uploads said tracking data to ms servers,....... anyone scared??
theregister. co.uk/2011/04/27/windows_phone_location_tracking/
Click to expand...
Click to collapse
It looks like Google, Apply, and Microsoft are all making money off of us just carring our devices around. I want my roralty check please.

ah, so they are....so do the credit card companies....and the network carriers oh and you should know the kind of information those wee loyalty cards for supermarkets gather is staggering
I couldnt care less to be honest, the whole point of this is that yes infomation about you is taken and stored on a gigantic scale, but that info on my credit cards, my store cards my carrier usage and my WP7 isnt available to anyone but the servers they reside on.
That is the fundermental difference between MS and Apple.
you steal my phone ill be pissed off, you steal an iphone and potentially someone could find a lot about my movments.

argentocruz said:
Let me think about that for a minute... No...
Click to expand...
Click to collapse
Hehe, no me either, just a conv starter.
On a related note, police have been using the iPhone location list (held on the phone itself, unlike wp7) to tie user to location when investigating crimes, tomtom have sold harvested driving data to Dutch police who have used it to set up speed trap stings, and two women have filed a $50mil suit against Google for harvesting their data.(not gonna fly, of course, but interesting none the less) a few days after a similar suit against apple.
As per above post tho, store cards are the big one, hugely intrusive, many hundreds of terrabytes of info every year.

WOW this is crazy information! How are they making money off us carrying their phone around?
Makes me think of that book in 1994 big brother! Only now big brother uses a larger camera with a better zoom! Crazy!

[email protected] said:
WOW this is crazy information! How are they making money off us carrying their phone around?
Makes me think of that book in 1984 big brother! Only now big brother uses a larger camera with a better zoom! Crazy!
Click to expand...
Click to collapse
fixed.
And they make money by sending adds to your phone. In the future if they know where you are they can send adds from nearby shops to your device. Yup you are paying them to send you spam.

Spam but maybe not
Well if they actually get it right then maybe the ads will be helpful.
If I am in the mall to buy a pair of Jean and I get a link sent to my phone telling me that I can get 15% off at this store and 2 for 1 at that store, well good for me and them.
Also I live a vanilla life so who cares; the only people that are worried are the pervs, cheaters, and such that are afraid of getting caught.

Now I wouldn't mind that much as long as it was pertinent to my needs and consistent with my location and timing. How are you getting those ads? Texts?
I've been getting a bunch of spam calls and texts here lately and I do not list my cell number anywhere! So it must be from WP7. Am I right? I mean my number is listed in the donotcall.gov

Wow I didn't know they track android to.

Well now everyone knows that Windows Phone tracks your location and it will be saved.
Now the question is: Does anyone know how to turn it off? ^^

samsamuel said:
So, wp7 also tracks location, just like android and iphone, and it uploads said tracking data to ms servers,....... anyone scared??
theregister. co.uk/2011/04/27/windows_phone_location_tracking/
Click to expand...
Click to collapse
If you read that article and most importand others like that in the web you will be notice that:
1. Apple - Tracks you and keep the data for a year or more. And the most importand is that
anyone who can get the hands on your phone can see all the places you where
for a year !!!!!!!!!!!!
2. Android - Keeps your data for a week
3. WP7 --Keeps ONLY one record and it replace it with the next one
THATS THE BIG DIFFERENTS

colossus_r said:
3. WP7 --Keeps ONLY one record and it replace it with the next one.
Click to expand...
Click to collapse
Got a source for that, please? ( not that I doubt you, just only seen "unspecified time" and "short period of time" and nothing saying one overwrites the previous one)?
Cheers

samsamuel said:
Got a source for that, please? ( not that I doubt you, just only seen "unspecified time" and "short period of time" and nothing saying one overwrites the previous one)?
Cheers
Click to expand...
Click to collapse
Yes m8 ...i have the source ..its a source that i trust for some 20 years now...
Its Zdnet PC Magazine
from the article "
Microsoft told PCMag unequivocally that phones running Windows Phone 7 do not store location history
Microsoft says its "Find My Phone" service keeps only the phone's most recent location."
The big picture here is that Apple has lie on this matter ...
Six months ago when they say (i think) in a congress hearing that "We are not tracking location at all"
And still they say the same lie in a recent article in the "Apple's Media Center" aka Engadget blog..
This is a big big problem for me....
If anyone who can have my phone for 1 min can see where i was for the last 6 moths or a year with every detail in map....oh man ...this is bad .
This Orwel Big Brother mutliply x 1000. We have to fight against this.
The big blogs arrount the net have made a kind of omerta on this ...just an article and no more.
Probably the adds (money) from Apple are to big to start a fight ...
But this is not journalism... OK Apple is cool ..but where is your integridy as writer or as big internet blog ????
Where are all those guys that tear apart MS or any other company for minors problem ????
Thats the problem for me...Apple did this without anyone knows about it and is still deny it.
This a big big trust issue
colossus

[email protected] said:
WOW this is crazy information! How are they making money off us carrying their phone around?
Makes me think of that book in 1994 big brother! Only now big brother uses a larger camera with a better zoom! Crazy!
Click to expand...
Click to collapse
Seriously you didn't realize this? Have you not read any of the articles blaring security issues regarding credit card and smartphone data tracking and mining? Where have you been? You use a smartphone and you never thought about this?
Not only are you ignorant on the George Orwell's 1984, but you're oblivious to the impact of all this tech on privacy! Geez! It's DOH! and DUH! I guess the credit card and tech companies love you!!!! The typical blind sheep being led by multi-national corporations and governments.

officialbambam said:
Wow I didn't know they track android to.
Click to expand...
Click to collapse
Again...seriously? Geez Louise...the drones of society using tech without a care in the world.

colossus_r said:
Yes m8 ...i have the source ..its a source that i trust for some 20 years now...
Its Zdnet PC Magazine
from the article "
Microsoft told PCMag unequivocally that phones running Windows Phone 7 do not store location history
Microsoft says its "Find My Phone" service keeps only the phone's most recent location."
The big picture here is that Apple has lie on this matter ...
Six months ago when they say (i think) in a congress hearing that "We are not tracking location at all"
And still they say the same lie in a recent article in the "Apple's Media Center" aka Engadget blog..
This is a big big problem for me....
If anyone who can have my phone for 1 min can see where i was for the last 6 moths or a year with every detail in map....oh man ...this is bad .
This Orwel Big Brother mutliply x 1000. We have to fight against this.
The big blogs arrount the net have made a kind of omerta on this ...just an article and no more.
Probably the adds (money) from Apple are to big to start a fight ...
But this is not journalism... OK Apple is cool ..but where is your integridy as writer or as big internet blog ????
Where are all those guys that tear apart MS or any other company for minors problem ????
Thats the problem for me...Apple did this without anyone knows about it and is still deny it.
This a big big trust issue
colossus
Click to expand...
Click to collapse
Good choice of reading,,,, there's a good editorial on theregister about the legality of even collection, let alone using data harvested from a phone, since it is covered by different laws than, say, a computer, since it falls under the telecommunications act
http://www.theregister.co.uk/2011/05/02/device_data_collection

T-Macgnolia said:
It looks like Google, Apply, and Microsoft are all making money off of us just carring our devices around. I want my roralty check please.
Click to expand...
Click to collapse
u'd be surprised , but its not voluntarily done , its the law in the usa they have to track you by telecommunication act 1996 , in effect from 2001 , a phone cant be sold in usa if it doesnt comply

souljaboy said:
u'd be surprised , but its not voluntarily done , its the law in the usa they have to track you by telecommunication act 1996 , in effect from 2001 , a phone cant be sold in usa if it doesnt comply
Click to expand...
Click to collapse
I will have to try to do some reading on that act, thanks for the info.
But even though it is something mandated doesn't mean that the OS makers Apply, Google, and Microsoft are just doing it because of that. Trust me there are hidden agendas here with this whole location tracking thing be it from the government or the private sector.
George OrWell must of been able to see into the future. LOL

samsamuel said:
Good choice of reading,,,, there's a good editorial on theregister about the legality of even collection, let alone using data harvested from a phone, since it is covered by different laws than, say, a computer, since it falls under the telecommunications act
http://www.theregister.co.uk/2011/05/02/device_data_collection
Click to expand...
Click to collapse
Nice find m8..full of info in the matter...thanks...
Just an update on apples reaction ...Its a big problem for them sinse the are ready (so soon)
to release a new version of iOs to fix the location problem...
If am not mistaken its the first time that apple has reacted so fast on problem...
colossus

"Mobile Device Privacy Act" would prevent secret smartphone monitoring

Ars said:
Recent controversy sparked by the installation of monitoring software [k0: CIQ] on millions of smartphones has led US Rep. Edward Markey (D-MA) to propose a requirement that carriers and phone makers inform consumers about the presence of monitoring software and gain their "express consent" before collecting and transmitting information from phones.
The controversy started a couple months back [k0: almost a year ago] when a developer [k0: hi TrevE] publicized the widespread use of Carrier IQ software, which phone manufacturers and carriers use to monitor what happens on a smartphone. While Apple, Samsung, HTC, AT&T and others all said the software is used only as a diagnostics tool to improve network and service performance, congressmen started denouncing the use of Carrier IQ, and class-action lawsuits were filed.
Click to expand...
Click to collapse
http://arstechnica.com/tech-policy/...ould-prevent-secret-smartphone-monitoring.ars
Discuss.

To me the whole CIQ debacle smelled of FUD and never really concerned me. It seemed obvious to that my carrier already has access to any data I transmit across their network, with or without any additional software installed on my device. Sure CIQ enabled the carrier to potentially (key word) access more sensitive data that I was not necessarily transmitting across their network. However I'm more concerned that I'll lose my phone and some random stranger will get access to all the naked pics of me on it... Not really because I don't store sensitive data like that on an insecure device like my phone. This feels a lot like the "Warning: Hot coffee is hot!" labels.

machx0r said:
This feels a lot like the "Warning: Hot coffee is hot!" labels.
Click to expand...
Click to collapse
Not commenting on the rest, the whole "hot coffee" lawsuit has an untold story that most people have never seen. I suggest you - and everyone reading - watch the documentary (from HBO, find it whereever you stream/download things from) Hot Coffee. I can guarantee it'll change you view on that case and the idea of "frivolous lawsuits" forever.

machx0r said:
However I'm more concerned that I'll lose my phone and some random stranger will get access to all the naked pics of me on it... .
Click to expand...
Click to collapse
That's awesome. Lol. I've said the same thing. They can monitor any message or call sent across the network anyways. I never understood what the big deal with a software, that was set to be inactive anyways, was. Malintent is the only thing to be scared of, and this never reeked of anything malicious, IMHO.
Sent from my SPH-D700 using Tapatalk

azyouthinkeyeiz said:
that was set to be inactive anyways
Click to expand...
Click to collapse
http://phandroid.com/2011/12/16/carrier-iq-by-the-numbers-26-million-sprint-handsets-900000-for-att/
Inactive... except for those 26 million.
And 1.3 million at any one time actively reporting.

k0nane said:
Not commenting on the rest, the whole "hot coffee" lawsuit has an untold story that most people have never seen. I suggest you - and everyone reading - watch the documentary (from HBO, find it whereever you stream/download things from) Hot Coffee. I can guarantee it'll change you view on that case and the idea of "frivolous lawsuits" forever.
Click to expand...
Click to collapse
I respect you immensely k0, but frivolous lawsuits should not be in quotations nor a matter to take lightly. Of course there is a reality of using certain cases to further the tort reform movement, but this is just as shameless as any publicity stunt or "shock" image.
To dismiss all claims of frivolity because of mainstream examples, however, is naive. Such cases have almost single handedly driven the cost up and quality down of healthcare to where it stands today. And this is but one arena affected by the greed of humans. Hot coffee aside, it is a reality that should not be dismissed.
Neither here nor there, though. Way off topic. I support this bill.
Sent from my SPH-D710 using xda premium

squshy 7 said:
To dismiss all claims of frivolity because of mainstream examples, however, is naive. Such cases have almost single handedly driven the cost up and quality down of healthcare to where it stands today. And this is but one arena affected by the greed of humans. Hot coffee aside, it is a reality that should not be dismissed.
Click to expand...
Click to collapse
I generally agree. Yes, it's off-topic, but I'll clarify a little bit before letting it go - I think that claims of frivolity are often overblown. It is an absolute fact that there are greedy ambulance-chasing lawyers, rent-seeking plantiffs, and idiots who would award them large sums of money for nothing. I agree that this often contributes to the rising costs of health care. My point was that not all of what's deemed 'frivolous' by the mainstream media and the anti-consumer lobby actually is frivolous, and that some of the more-known cases like the hot coffee suit are vastly misreported and misunderstood. That's why I recommend(ed) further research - do your own homework, and watch the doc. Then do more homework. I didn't expect to come out with a different perspective... but I did.

I could be wrong, but I think that this is a non-issue.
Why?? Well I am glad you asked.
You know that two year contract we committed to when we purchased the phone? I am 99.999999999% sure that in there it says that they may monitor our usage for QC already in there. So if this passed, the providers would just say it is part of the contract that no one ever reads, but you accepted when you got the phone (which I believe it already is to date).
Unfortunately I don't ever foresee them making this an option that can be shut off. Basically it will say we do it, and if you don't like it go to another provider. Problem is all of the other providers will say the same exact thing.
Just my .02

Milkman00 said:
I am 99.999999999% sure that in there it says that they may monitor our usage for QC already in there.
Click to expand...
Click to collapse
Absolutely nothing related to CIQ is mentioned anywhere in the Sprint terms of service nor any device-specific terms of service.
I checked. Thoroughly.

Tinfoil hats, anyone? Ill pass them out for free!
Sent from my SPH-D700 using XDA App

austin420 said:
Tinfoil hats, anyone? Ill pass them out for free!
Click to expand...
Click to collapse
I want three!

austin420 said:
Tinfoil hats, anyone? Ill pass them out for free!
Sent from my SPH-D700 using XDA App
Click to expand...
Click to collapse
This is the rights activist thread, I think you misclicked. You must have thought this was the paranoia thread, common misconception.
Sent from my SPH-D700 using xda premium

I see we've got some intelligent, I-can-think-for-myself types in here. Let's agree to just figuratively hide in here and discuss XDA-related matters: I've about had it with wading through all the bull**** in the other threads!
On topic: while I did get the impression that CIQ-gate got wildly blown out of proportion, I also like the general idea of this piece of legislation. Thanks for the link, k0nane.

k0nane said:
Absolutely nothing related to CIQ is mentioned anywhere in the Sprint terms of service nor any device-specific terms of service.
I checked. Thoroughly.
Click to expand...
Click to collapse
Nothing related to CIQ specifically??? That I wouldn't doubt. Are you saying though that there is nothing in the contract that says (something to the effect) that they may use tools to check tower strength and QC??
If it isn't in there, to comply with this new law they will just add it in there (as will all the carriers), and we will probably be right back to square one anyway.

Milkman00 said:
Nothing related to CIQ specifically??? That I wouldn't doubt. Are you saying though that there is nothing in the contract that says (something to the effect) that they may use tools to check tower strength and QC?
Click to expand...
Click to collapse
Nothing related to CIQ's functions (claimed and real). Nothing even remotely close.

k0nane said:
Nothing related to CIQ's functions (claimed and real). Nothing even remotely close.
Click to expand...
Click to collapse
you must notve read the privacy policy mentioned several times in the terms and conditions...
http://www.sprint.com/legal/privacy.html
We collect personal information about you in various ways. We may also get information from other sources and may combine it with information we collect about you.
Information that we automatically collect.
We automatically receive certain types of information whenever you use our Services. We may collect information about your device, your computer, and online activities. For example, we collect your device's and computer's IP address, the date and time of your access and the type of browser you use. We also collect information about your device's and computer's operating system, your location, and the Web site from which you came and then went and Web sites you visit on your device. We may link information we automatically collect with personal information, such as information you give us at registration or check out.
Information we collect when we provide you with Services includes when your wireless device is turned on, how your device is functioning, device signal strength, where it is located, what device you are using, what you have purchased with your device, how you are using it, and what sites you visit
Click to expand...
Click to collapse
this goes on for pages.

austin420 said:
this goes on for pages.
Click to expand...
Click to collapse
I did read it.
"We will aggressively log and transmit dialer keys pressed and detailed records of apps installed and used" (see here) is never mentioned. "What you have purchased with your device" does not cover that in any way, and "how you use your device" is so vague that any competent lawyer could knock it down instantly. Everything specifically listed can be collected by existing network services without CIQ.
This debate has been hashed out many, many times already. I created this thread just to link to current news.

i dont know about aggresivly, (your word i guess?) but why does it hurt for them to log keystrokes (in the dialer only) when they already have access to that info?
ciq is just a network metrics tool. it helps them improve the network (witch until lately was badly in need of improvments).

austin420 said:
i dont know about aggresivly, (your word i guess?) but why does it hurt for them to log keystrokes (in the dialer only) when they already have access to that info?
ciq is just a network metrics tool. if it helps them improve the network (witch until lately was badly in need of improvments).
Click to expand...
Click to collapse
They don't have access to keystrokes pressed. They have access to calls made - big difference. Dialer codes are used for more than just phone numbers, as you know.
CIQ had its legitimate uses. It was designed as a network metrics tool, and it may have helped improve the network. I don't debate that. Its functions, though, go beyond - tracking the apps I install and use is NOT legitimate. It implementation and use was done very poorly. If all had been done differently from the beginning, I would have had less of a problem with it. But it wasn't. And hey, look, now it's gone.

k0nane said:
They don't have access to keystrokes pressed. They have access to calls made - big difference. Dialer codes are used for more than just phone numbers, as you know.
CIQ had its legitimate uses. It was designed as a network metrics tool, and it may have helped improve the network. I don't debate that. Its functions, though, go beyond - tracking the apps I install and use is NOT legitimate. It implementation and use was done very poorly. If all had been done differently from the beginning, I would have had less of a problem with it. But it wasn't. And hey, look, now it's gone.
Click to expand...
Click to collapse
all good points, i still think it all fell well within the t&cs and privacy policy, but hey, now its gone! thanks ko!

Kingroot

Root app that claims to root all android devices. I'll save you the trouble of trying, cause it does not work on the Fire TV. There are videos of devices being rooted that were unrootable before, but for some reason it does not work on the Fire TV, but it does work on Fire phone and Amazon tablets. Hopefully in the future it will work on the Fire TV.

I read the apk is not safe. Rumors about the root app which connects to chinese server and sends private data (but it could be just not true). Can anyone confirm?
Regards

I think the app is safe. Everyone always thinks devs are tryin to hack peoples devices and it never happens, so I doubt this app is any different. Also if people are worried then they probably shouldn't keep persnal info on their devices. If anyone hacked aany device I own they would get nothing. I never use my SS number, i never leave active cards on my Amazon account, so if my device gets hacked ther hacker is wasting his time. Maaybe they can hack my email or Facebook, but all they'll get from them is spam. I only use Facebook to connect wwith apps, and my email accounts are atleast ten years old and not one person I know has my email adresses, cause I only use them to be ble to signup for other website accounts. All of my imprtant info is stored in the cloud that I call my brain, and no hacker can get to it.

Didn't try it, but reddit is reporting it doesn't work.
Edit: Looks like someone got it to work after a factory reset.
Also, it is naive to trust running something where they don't release the source. Your device, do what you want though.

They didn't release the source for the same reason other devs sometimes don't, cause they do not want google to know how they are rooting devices. Whatever exploit(s) they are using would become useless if they releassed the source. I already posted that it does not work on the Fire TV, but it does work on a lot of other devices. I simply made this thread because people were gonna hear about Kingroot and try it so I figured I would save them some time. Also, it may work on the Fire TV in the future.

porkenhimer said:
They didn't release the source for the same reason other devs sometimes don't, cause they do not want google to know how they are rooting devices. Whatever exploit(s) they are using would become useless if they releassed the source. I already posted that it does not work on the Fire TV, but it does work on a lot of other devices. I simply made this thread because people were gonna hear about Kingroot and try it so I figured I would save them some time. Also, it may work on the Fire TV in the future.
Click to expand...
Click to collapse
I don't want to argue that credible devs release their source. But whatever, it is a leap of faith. There is rarely harm done. But best to be cautious.
And sorry for the optimism. The successful root was on the Fire PHONE. You are correct, still no luck on the stick or TV. It will come eventually for those waiting.

Let's suppose it does do something naughty. Root, install Clockwork, then overwrite the whole firmware with a pre-rooted one. Problem solved.

can anyone confirm if this works after a factory reset.. we should act on this soon before the hole is closed.

"I think the app is safe."
thanks! super-lol. I don't even know how to.
"do not want google to know how"
triple-lol. as if google is not extremely aware of open defects internally and/or on CVE / MITRE. huh I guess I kinda-sorta did know how to.
google fixes its **** near-immediately. the reason $RANDOM_DEVICE is rootable is because the actual-downstream-vendor is too lazy/cheap to push updated binaries.
too lazy to type more of the obvious. more on this here: http://forum.xda-developers.com/showpost.php?p=60697482&postcount=28
part XVII: efuse. efuse. m. f. ing. efuse. do people seriously not know about this by now?!

Does efuse factor in at all regarding future root methods? Or is it pretty much void now that we can unlock bootloader? That was a huge deal months ago, and now I hear lots of talk about new root exploits without anyone commenting on efuse.

psycon said:
can anyone confirm if this works after a factory reset.. we should act on this soon before the hole is closed.
Click to expand...
Click to collapse
The person actually said it worked on the Fire Phone after resetting, not the Fire TV, but if you are willing to reset your Fire TV, try it and let us know if it works.

I am trying out the app now. I used the air mouse app in the app store to navigate. The app was designed for a touch screen. I am trying on my fire stick first. Will report back.
Brad

tarvoke said:
"I think the app is safe."
thanks! super-lol. I don't even know how to.
"do not want google to know how"
triple-lol. as if google is not extremely aware of open defects internally and/or on CVE / MITRE. huh I guess I kinda-sorta did know how to.
google fixes its **** near-immediately. the reason $RANDOM_DEVICE is rootable is because the actual-downstream-vendor is too lazy/cheap to push updated binaries.
too lazy to type more of the obvious. more on this here: http://forum.xda-developers.com/showpost.php?p=60697482&postcount=28
part XVII: efuse. efuse. m. f. ing. efuse. do people seriously not know about this by now?!
Click to expand...
Click to collapse
Yes Google is aware just like Apple is aware of exploits, but have you ever read the devs working on IOS jailbreaks? They openly state that they have jailbreaks for new firmware and even post videos of them jailbreaking it, but refuse to release jailbreaks until after dev builds are over and the actual firmware is out because they do not want Apple to fix the exploit they have used. Its basically the same wiith Android, but the only difference is there are no dev builds from google. The app is safe. Tell me the last time you installed something that ruined your credit, stole your identity or personal info. I am guessing it has never happened to you, just like it wouldn't if you installed Kingroot. If not releasing the source means they are not legit then that must mean 99% of developers are not legit. I do not have the source for Angry Birds, but that would not stop me from installing it if I chose to. People are too paranoid about being hacked. Really think about it, what is someone even gonna get if they hack your device?? And wouldn't it be your fault if they got any of your personal info in the first place? They have been telling people for around 20 years not to put personal info on their computers so if people are dumb enough to do it then its kind of their own fault. People know better than to smoke too, but they still do it. Long story short, even if someone was gonna go to the trouble of hacking someones phone, they would go for someone that actually has something they want, like someone famous. Its like when people say they have haters, when nobody really hates them. Who is gonna waste time hting someone that flips burgers, when there are better people to hate on? Nobody wants to hack our phones, trust me.

I tried it just now with KingRoot versions 3.4.1.157 and 4.0.0.233 on my german FTVS with blocked updates. Both times there is the sad looking Android head (and the number 13804 in the second version).

I had the same result. no go.

bnick007 said:
I am trying out the app now. I used the air mouse app in the app store to navigate. The app was designed for a touch screen. I am trying on my fire stick first. Will report back.
Brad
Click to expand...
Click to collapse
Did you do a reset first? It apparently works for some devices only if they are reset. Some people said it worked on the Fire Phone without resetting, but others are saying they had to reset before it would work. I would do it, but I do not feel like resetting my device. Maybe someone will do reset and try it on The Fire TV and the stick and report back so we will know if it works. I predict it won't work, but if someone is willing to try on the box and the stick after resetting, that would be great.

porkenhimer said:
Yes Google is aware just like Apple is aware of exploits, but have you ever read the devs working on IOS jailbreaks? They openly state that they have jailbreaks for new firmware and even post videos of them jailbreaking it, but refuse to release jailbreaks until after dev builds are over and the actual firmware is out because they do not want Apple to fix the exploit they have used. Its basically the same wiith Android, but the only difference is there are no dev builds from google. The app is safe. Tell me the last time you installed something that ruined your credit, stole your identity or personal info. I am guessing it has never happened to you, just like it wouldn't if you installed Kingroot. If not releasing the source means they are not legit then that must mean 99% of developers are not legit. I do not have the source for Angry Birds, but that would not stop me from installing it if I chose to. People are too paranoid about being hacked. Really think about it, what is someone even gonna get if they hack your device?? And wouldn't it be your fault if they got any of your personal info in the first place? They have been telling people for around 20 years not to put personal info on their computers so if people are dumb enough to do it then its kind of their own fault. People know better than to smoke too, but they still do it. Long story short, even if someone was gonna go to the trouble of hacking someones phone, they would go for someone that actually has something they want, like someone famous. Its like when people say they have haters, when nobody really hates them. Who is gonna waste time hting someone that flips burgers, when there are better people to hate on? Nobody wants to hack our phones, trust me.
Click to expand...
Click to collapse
This is by far the most misinformed thing I have ever read.
Please just stop.

jpeg42 said:
This is by far the most misinformed thing I have ever read.
Please just stop.
Click to expand...
Click to collapse
Not misinformed at all. Talk to any financial expert or online securities expert and they would laugh in your face if you told them you stored personal information on an electronic device. The best place to store information is in your brain. You know your ss number so why put it in your device? You have a credit card or debit card so why put it on you device when its in your pocket? People get viruses on their computers, but most of the time those are meant to cause havoc, not to steal your info. When hackers want to take stuff they try taking it from systems like department stores and banking systems, not people with $100 in the bank. Maybe you should get informed about who online hackers are stealing from, cause in most cases they are not trying to steal directly from everyday people. If the common persons info gets stolen its usually stolen from somewhere else, like a bank or department stores online system, and not from your devices.

jpeg42 said:
This is by far the most misinformed thing I have ever read.
Please just stop.
Click to expand...
Click to collapse
I agree. Can we keep this post on topic. Namely Kingroot. I'm not really interested in your long winded post either. I don't want to discourage devs from looking into a potential root because the thread turns into a pissing contest. That appears to be what happened with the thread about CM12 on the fire tv.
Thanks

porkenhimer said:
Not misinformed at all. Talk to any financial expert or online securities expert and they would laugh in your face if you told them you stored personal information on an electronic device. The best place to store information is in your brain. You know your ss number so why put it in your device? You have a credit card or debit card so why put it on you device when its in your pocket? People get viruses on their computers, but most of the time those are meant to cause havoc, not to steal your info. When hackers want to take stuff they try taking it from systems like department stores and banking systems, not people with $100 in the bank. Maybe you should get informed about who online hackers are stealing from, cause in most cases they are not trying to steal directly from everyday people. If the common persons info gets stolen its usually stolen from somewhere else, like a bank or department stores online system, and not from your devices.
Click to expand...
Click to collapse
you realize that when you make a post that long, only that one person read it right?