Related
Ok so I have another noob question. Do I need some kind of firewall and antivirus program on my tab? I mean I spent a ton protecting my laptops and desktops, so is the tab already somehow pretty well protected or do I need something?
And if so what do you recomend
Sent from my SCH-I800 using XDA App
Get Lookout from market, it's free. Thats what I use as a antivirus program. It has some other extra features with it too.
By default Android does not accept connections from the outside unless you tell it to.
So for a firewall, to stop applications from accessing the internet (wifi or 3G) you can try Droidwall. It doesn't work with ClockWorkMod though because of the older version of busybox built in to it. So if you are not using ClockWork for your recovery, it should work.
There are very few (only heard of one so far) viruses that have hit smartphones as of yet. But it is good to be prepared.
you do NOT need an antivirus for an android device as it is present... All those reports you see of viruses on android are done by the company MAKING the antivirus software
drksilenc said:
you do NOT need an antivirus for an android device as it is present... All those reports you see of viruses on android are done by the company MAKING the antivirus software
Click to expand...
Click to collapse
What do you mean it is present? I didn't know android came with antivirus software. Yes, I have heard teh argument that antivirus software company are the ones making the viruses. But the fact is ( whatever the truth is) if you get hit with one, its still a pain. Since its free for now, go for it.
PS. Viruses has been on a decline though for computers and none made for smartphones yet. Lol maybe symanctec is had to cut cost and got rid of their programmers. I know Mcafee just got sold to Intel. Or maybe they are all waiting for the right time to release them when everyone's guard is down. Do I smell conspiracy Either eay, if the stuff on your phone is important, protect it.
You don't need one.
bpt888, drksilenc didn't mean the antivirus app makers were making viruses, he said that they were the only ones reporting on them.
What has been reported so far have not actually been viruses. It seems you have fallen into the trap those who make apps like lookout want people to fall into.
They report on things like, apps requesting device id's etc. You can see that an app will do this by looking at the permissions it asks for. eg, no need for an "antivirus" app.
If you actually read the "virus" reports from these companies, you'll see nothing is needed.
There are no viruses on Android.
None
Zero
Nil
Android anti-virus programs are a worthless waste. Actually less than worthless, as these useless programs just slow down your system for no benefit.
Android isn't Windows, it doesn't have holes the hackers can easily drive through.
If you concerned about your privacy install firewall (Droidwall for example) and tune its setting to block wallpaper or some other apps connecting to somebody you don't know.
Sometimes applications request internet access without good reason raising doubts in their purpose.
You will need to obtain root privileges to run firewall. Ironically this might lower your Tab protection against network intrusion. However, none of this is known threat unless you unknowingly install trojan and any other malware.
No virus software needed. Seriously it is a waste of time.
Sent from my SCH-I800 using XDA App
Geletis said:
Android isn't Windows, it doesn't have holes the hackers can easily drive through.
Click to expand...
Click to collapse
Sorry, but this is just FUD.
Windows is far more secure than most people give it credit for - it's just that it is the target for 99% of all attacks because it is so ubiquitous.
If and when Linux achieves some sort of relevance on the average consumer desktop, I'd expect to see a lot more attacks targeted its way and a corresponding increase in security issues.
Regards,
Dave
foxmeister said:
Sorry, but this is just FUD.
Windows is far more secure than most people give it credit for - it's just that it is the target for 99% of all attacks because it is so ubiquitous.
If and when Linux achieves some sort of relevance on the average consumer desktop, I'd expect to see a lot more attacks targeted its way and a corresponding increase in security issues.
Regards,
Dave
Click to expand...
Click to collapse
I agree, but surely the way that Linux (and Android) is made makes it inherently more secure? Without root access there's not much that can be done to truly compromise a Linux system, and Android sandboxes everything
TheGrammarFreak said:
I agree, but surely the way that Linux (and Android) is made makes it inherently more secure? Without root access there's not much that can be done to truly compromise a Linux system, and Android sandboxes everything
Click to expand...
Click to collapse
I agree there's a certain degree of additional security provided by sandboxing, but we've already seen APKs (e.g. Z4Root) that can gain root access, so it's not infallible. It is one of the reasons that I use Chrome on all platforms - if you check out Pwn2Own, Chrome has yet to fail, and that it mostly due to sandboxing - however, it is not a panacea!
There is definitely an element of "security through obscurity" around non-Windows OS's. Note the use of the word "element" - I'm not saying that Linux or any other OS are insecure, just that they are attacked less than Windows.
The point is that modern Windows is far more secure than most people realise - any OS given the same amount of attention by the "bad guys" in comparison to others. Vulnerabilities exist in all OS's and will continue to found and exploited.
I'm in full agreement that currently the real security threats on Android are down to users not paying enough attention to the permissions that an app requests when it is installed, but this will likely change as Android gains popularity.
I do pay attention to the apps I install, so I personally don't feel the need for any kind of security suite on Android at present.
Regards,
Dave
Cool, thanks for your thoughts.
Sent from my Galaxy Tab
I have been getting questions from people on whether they should use some kind of Antivirus software on there Android device. I thought I should just post it out here and let all the experts chime in with an opinion. Personally I haven't used anything since the first day I got my Glacier.
I think it would depend on the person. I flash a new ROM fairly often, wiping my phone before I do it, and don't have many apps. So personally I don't use one. Some people keep the same ROM for months or years, have tons of apps and download a lot of files - music, games, videos, etc. These people probably should use an antivirus. Those are the extremes.
If you don't do any banking, bill paying, or other things involving sensetive information I don't see a need either. My 2 cents.
Sent from my HTC Glacier using XDA App
Lars2009 said:
I have been getting questions from people on whether they should use some kind of Antivirus software on there Android device. I thought I should just post it out here and let all the experts chime in with an opinion. Personally I haven't used anything since the first day I got my Glacier.
Click to expand...
Click to collapse
*unix based systems, such as Linux Computers/Apple & iOS/Androids are very hard to write a true virus for. Since the information is stored in such a way a virus really cannot do anything harmful.
With that being said MalWare does run amuck on these devices. It might be worth looking into solely for that fact. Like LookOut or Avast. But if you never see a warning for viruses don't be surprised.
Same ROM no online banking
I've had the same ROM for a while and don't do any online banking on my Android devices.
I guess it would depend on how much you use the Unknown Sources feature and where you browse.
I don't think there is any browser attack in existence on Android. These programs are mostly used for preventing malware installation, and if you know what you're installing - you shouldn't ever need antivirus. There are no "viruses" per se known so far, AFAIK, only malware.
Thanks
Thanks for everyone's input. I finally installed Avast on mine just to get a feel for it, being that I am flashing new Rom's on it so often, it won't last long.....
Hello guys,
For those using the official 2.3 rom I would like to shar some apps I find very useful and I think some might also miss from custom roms:
- QuickPic
Very good Image and Video Gallery and almost identical to MIUI's.
The Gallery available in stock rom is just a big failure and almost nude of options.
This one is just absolutly complete and good!
- Quick Boot
Miss the 4 way reboot menu from custom roms? Well not anymore....
- Moboplayer
A powerful video player.
- Go Launcher EX
For me the best Laucher. Very custobizable, easy and fast.
Also, many many many free apps, widgets, themes, etc
- TunIn Radio
Very good online radio app.
Well, hope you enjoy.
If you wish to share your apps with others just post
Druida69 said:
- Go Launcher EX
For me the best Laucher. Very custobizable, easy and fast.
Also, many many many free apps, widgets, themes, etc
Click to expand...
Click to collapse
I was using the Launcher Pro, but them I tried the 360 Lancher (it's chinese but we have a english version on XDA) and I like it a lot. It's very light, smoth and give you nice effects and themes...
360 Launcher Beta 1.5.1
http://forum.xda-developers.com/showthread.php?t=1345601
360 Battery Guard (Battery monitor, saving mode, widget etc)
http://forum.xda-developers.com/showthread.php?p=19491411
personally, i will not suggest you to use any applications developed by 360safe company. if you know what that company is, you will say goodbye to 360safe - an evil company.
Sent from my U8800 using XDA App
why is 360 a bad company?
I'm using this alternative launcher:
http://market.android.com/details?id=com.ss.launcher&feature=search_result
it's fast, light and highly customisable.
Also I'd like more ligux tools, instead of quick boot for reboot menu:
lovetide said:
personally, i will not suggest you to use any applications developed by 360safe company. if you know what that company is, you will say goodbye to 360safe - an evil company.
Sent from my U8800 using XDA App
Click to expand...
Click to collapse
Can you please explain it to us?
I really like this launcher...
Nice launcher sslauncher
Thanks .
Sent from my u8800 using XDA App
Druida69 said:
why is 360 a bad company?
Click to expand...
Click to collapse
sr21 said:
Can you please explain it to us?
I really like this launcher...
Click to expand...
Click to collapse
My opinion will be subjective, so please read the following stories with your clear mind. If you still trust 360Safe/Qihoo company, you can still use their products.
Here's some true stories occured in China internet history:
An evil man - HongYi Zhou(周鸿祎)
Evil #1: At the early internet age in China, there was a IE browser helper object called 3721 Internet Assistant - the most notorious malware developed by 3721 company - HongYi Zhou's company. Evil behavior: force install, hard to uninstall, ad popup, etc...
Evil #2: Yahoo China acquired 3721 company at 2003, and 3721 Internet Assistant renamed to Yahoo Assistant. It should change to nice under a big company, right? NO! it still act as evil as it was, all the evil behaviors on 3721 still exist on Yahoo Assistant.
Evil & Ridiculous #3: Zhou left Yahoo later, and become CEO of an "unsafe" company - 360Safe, then 360 claim Yahoo Assistant is malware! What kind of man (especially a business man) will do that? You created a son and raise it with your full energy, then one day, you said your son is a freak, and you will kill it, an evil man did this! I think this touched the bottom line of moral as a human being, and Zhou did it.
An evil company - Qihoo/360Safe company
3QWar2010: Year 2010, the QQ-360 war (we called ThankYou/3Q war by transliteration) was initiated by Qihoo/360Safe company. Basically, 360PrivacyGuard monitored any process named QQ.exe even if you rename notepad.exe to QQ.exe, and give its users an alert said QQ.exe is scanning your files etc... and 360QQGuard act like a trojan, it inject QQ software to remove advertisment in QQ software and blocked autoupdate service of QQ and replace the default browser launcher in QQ to their own 360Browser. What kind of "safe" company did such an unsafe trojan software? 360 did! If you ask why, I will say because their boss is Zhou. Fortunately, Qihoo lost the lawsuit at last.
I won't say "once a criminal, always a criminal", but I would say "dog eat ****, it never changed, it never will"(狗改不了吃屎 in Chinese). If you're an Android fans before and today you suddenly becomes an iPhone fans, you should check your dream first to see if you are 《Inception》ed by Leonardo before you're sure you really becomes an iPhone fans. That's my personal opinion on this company. For me, I never trust this man and this company, and you?
That's why I don't suggest you to use any software products developed by 360, personally.
Apology for my bad English, wish you can understand it.
lovetide said:
My opinion will be subjective, so please read the following stories with your clear mind. If you still trust 360Safe/Qihoo company, you can still use their products.
Here's some true stories occured in China internet history:
An evil man - HongYi Zhou(周鸿祎)
Evil #1: At the early internet age in China, there was a IE browser helper object called 3721 Internet Assistant - the most notorious malware developed by 3721 company - HongYi Zhou's company, evil behavior: force install, hard to uninstall, ad popup, etc.
Evil #2: Yahoo China acquied 3721 company at 2003, and 3721 Internet Assistant renamed to Yahoo Assistant, it should change to be nice under a big company, right? NO! it still act like evil as it was, all the evil behavior on 3721 still exist on Yahoo Assistant.
Evil & Ridiculous #3: Zhou leaved Yahoo later, and become CEO of an "unsafe" company 360Safe, then 360 claim Yahoo Assistant is malware! What kind of man (especially a business man) will do that? You created a son and raise it with your full energy, then one day, you said your son is a freak, and you will kill it, an evil man did this! I think this touched the bottom line of moral as a human being, and Zhou did it.
An evil company - Qihoo/360Safe company
3QWar2010: Year 2010, the QQ-360 war (we called ThankYou/3Q war by transliteration) was initiated by Qihoo/360Safe company, basically, 360PrivacyGuard monitored any process named QQ.exe even if you rename notepad.exe to QQ.exe, and give its users an alert said QQ.exe is scanning your files etc... and 360QQGuard act like a trojan to inject QQ software to remove advertisment in QQ software and blocked QQ's autoupdate service and replace the default browser launcher in QQ to their own 360Browser. What kind of "safe" company did such a trojan-like unsafe software? 360 did! If you ask why, I will say because their boss is Zhou. Fortunately, Qihoo losed on the lawsuit at last.
I won't say "once a criminal, always a criminal", but I would say "dog eat ****, it never changed, it never will"(狗改不了吃屎 in Chinese). If you're an Anroid fans before and today you suddenly becomes an iPhone fans, you should check your dream first to see if you are 《Inception》ed by Leonardo before you're sure you becomes an iiPhone fans. That's my personal opinion on this company. For me, I never trust this man and this company, and you?
That's why I don't suggest you to use any software products developed by 360, personally.
Apology for my English, wish you can understand it.
Click to expand...
Click to collapse
Thank you for your explanation
Even though I don't know anything about HongYi Zhou(周鸿祎), I have to agree with him about the 360safe company. I've been working with computers since back in the 286(80286) days, both software and hardware wise. I'm also an American living in China, and I've used a lot of "chinese" computers while I've been here. This 360Safe software is really strange stuff. They use it in place of IE here (not that I like IE) and for other stuff. I don't know what it is about this software, it just acts strange and my years of computer experience tell me to stay away from it.
Let me give you an example, the one that sealed the deal for me. There is an android app by 360safe. I won't write the name because it's probably banned on XDA forums and I'd rather not get banned for writing it. It is a program for downloading android warez and will check for new update on those warez. It's essentially an illegal version of Android market, they even say so themselves:
translated description of this software:
Description
360 treasures, the most secure software download platform Android
360 treasures android version v1.2.2 update:
1 to optimize boot speed;
(2) interface to modify some of the details;
3 Recommended section to add the latest on-line;
4 to modify part of the bug.
360 treasures android version is 360 Android's new mobile phone software for launch platform.
Here's a variety of software 20,000 360 Security Center after all testing is the most secure software download platform. 360 treasures every moment will be to recommend a variety of applications and the most fiery of the most fun of the game, you play the machine up to a fashion person. Built-in management capabilities, allowing you to easily manage phone software, updated, uninstalled.
We provide you with the safest, most stable channel for download, and strive to make the user the most assured and best use of the Android software market. I hope you can find a treasure box in like, fun baby.
Related words: software download, android software downloads, e-marketing, application market
The same market: android market, Android market, official market, security market wisdom, machine front market, superior billion market, android black market
With huawei handset, if you are like me, bit tired that every custom rom has that one thing that does not work, or even if you are extremely like me and decided in the end to just keep the original .32 kernel Froyo, Root Explorer or ES filemanager on rooted system is a must.
All those huawei's default apps, crap, so much crap, and some even not usable for international users. Worse even, you cannot uninstall any of it. And some things are confusing, like having a huawei music, and android default music app. Personally I removed both replacing music with newest google music. I personally like rootexplorer for the job, you can explore inside APK files and find what ones have .huawei in their com line so you do not accidentally delete actually useful piece of software.
Thanks for the tip with quickpic. I really long after briefly trying MIUI wanted a seperate app for gallery (I would like option to choose manner the pictures are sorted by) - and now I probably found it.
Thanks all of you very much for these very usseful sharings and applications and programs...
QuickPic is fantastic app.
Thanks Druida69
quickpic,go launcher,player pro and moboplayer. Favourite Four
FriendCaster facebook is also a great app. If you check running apps you will se that official facebook app uses 24 or more MB of RAM and stays at running processes even when you dont use it while FriendCaster only uses 10MB and goes to cached processes if you dont use it. And it also has nicer UI than official app
thanks for quick boot i need this...
Tweetdeck
Pure News widget- choose your type of news you want to be updated form different websites
Gemini app manager its also a very good app t control autorun of applications
typci said:
Even though I don't know anything about HongYi Zhou(周鸿祎), I have to agree with him about the 360safe company. I've been working with computers since back in the 286(80286) days, both software and hardware wise. I'm also an American living in China, and I've used a lot of "chinese" computers while I've been here. This 360Safe software is really strange stuff. They use it in place of IE here (not that I like IE) and for other stuff. I don't know what it is about this software, it just acts strange and my years of computer experience tell me to stay away from it.
Let me give you an example, the one that sealed the deal for me. There is an android app by 360safe. I won't write the name because it's probably banned on XDA forums and I'd rather not get banned for writing it. It is a program for downloading android warez and will check for new update on those warez. It's essentially an illegal version of Android market, they even say so themselves:
translated description of this software:
Description
360 treasures, the most secure software download platform Android
360 treasures android version v1.2.2 update:
1 to optimize boot speed;
(2) interface to modify some of the details;
3 Recommended section to add the latest on-line;
4 to modify part of the bug.
360 treasures android version is 360 Android's new mobile phone software for launch platform.
Here's a variety of software 20,000 360 Security Center after all testing is the most secure software download platform. 360 treasures every moment will be to recommend a variety of applications and the most fiery of the most fun of the game, you play the machine up to a fashion person. Built-in management capabilities, allowing you to easily manage phone software, updated, uninstalled.
We provide you with the safest, most stable channel for download, and strive to make the user the most assured and best use of the Android software market. I hope you can find a treasure box in like, fun baby.
Related words: software download, android software downloads, e-marketing, application market
The same market: android market, Android market, official market, security market wisdom, machine front market, superior billion market, android black market
Click to expand...
Click to collapse
You may already heard that Apple banned Qihoo/360 from their App Store recently.
Apple Bans Qihoo Apps From iTunes App Store (penn-olson)
China’s Qihoo 360 Says Its Mobile Apps Removed From Apple Store (Bloomberg)
Qihoo 360: Apps Should Be Back On Apple App Store Shortly (The Wall Street Journal)
Ha! Yep I found a virus and both Avast and Norton did not detect it.
The outragious part of it, is that it is a children's game. I am not a gamer, but had been transfering apps from one device to another. Found the game in question had privlages to contacts, email and system info. I blocked it thinking well it may be for developer needs. Since I was getting tired of big name anti virus apps that are too robust for being called an anti virus app. I looked at small and efficient single duty or very close in operation that can properly do the job, google fails miserably at.
Believe it or not I was able to install the app on two other devices that were not rooted and had google app security enabled. So now ya all can see why I disable google internal services as they suck both in battery power and in being capable.
Well anywho... if ya gots childeren below 13, mostlikely their devices or your own have a virus ridden app or two. Good uck if you dont have a proper anti virus app!
what virus?
what does it do?
Donno... just killed it and the game pronto. Game is still on Google Play. Wont advertise the name as many will sendvthe game to their friends and family. Plus I am not paid by google to do their security work. problem is this game is for peeps under 10, so I figure about 20,000,000 kids have it or at least had it on both their tablet or parents phone.
I'm confused. So it wasn't a virus, it was just a game that had permissions to system, and you didn't feel it should?
Sent from my Nexus 6P using Tapatalk
Doesn't sound like a virus...just an app with permissions...
HikingMoose said:
I'm confused. So it wasn't a virus, it was just a game that had permissions to system, and you didn't feel it should?
Sent from my Nexus 6P using Tapatalk
Click to expand...
Click to collapse
My anti virus app noticed it had some sort of virus known by them as infectious. Had already been installed by the end user. I did not bother with isolating further. Killed it and made sure the tablet was good to go. Problem is google, Norton and Avast did not detect it. So I gave up ever using them since then on android. I noticed the anti virus I use on windows now makes a good app for android. Low and behold being simple and small foot print, which I had to hand pick from the mess online... It found what was going on with slow down, over heating and other troubles with network speeds. Once removed, i did not need to wipe and reload a new firmware or factory reset.
I tested a few times, soon after removing it, with my tablet and anti virus app used in cleaning, to find Google was still allowing the virus ridden app to be distributed.
Obviously a game made for below 10 year of age does not get much looks at by the Android community. Thinking kiddie gamers are safe. They have no credit info, contacts worth spamming, and are filled with junk pix. Low and behold kiddie gamers are gold for spyware, hackers, and thieves as they are a true Trojan Horse to get into infrastructures on bring you kids day at corporate places, and sniff home systems behind firewalls.
I may sound a bit too out there, but this stuff has always been my fear since 2000. We ignore kids on their devices and allow them to do what they want as far as downloads that don't cost money, or share files between themselves indescriminently.
Virus on Android is near impossible without root due to the way android runs app in sandbox. Less so on the app store. I doubt that it was a true virus, maybe Spyware depending on how your scanner defines it.
Those free children's games are full of ad analytics and collect way too much information. Many of them are spamy but I wouldn't go so far as to say it's a virus.
I am unaware of any virus on Android that has spread via the app store. Either way better safe than sorry with those poorly made junk games.
Sent from my GT-N5110 using Tapatalk
Now that I have a new 4.4 build that is more locked down, I will attempt to install the app once more, to verify if it is a Virus or Trojan... the later could then attach like a virus through messaging. Since the new stagefright hack that effects media server can hit 80% of all android devices being used to date. No it may not self replicate, but do the damage without really having to send itself to others. Just send a payload. The new and better way for virus architecture. Will look up if I can remember the game, and post my findings.
HA! They must have found the virus... As of end of March the new update corrected the issue. They did not release any info about the fix, but stated there was a bug fix. Bug is loose term for virus in this case.
Well let's see... the first iteration was about 6 months older than the one I updated with in early March. So who knows how many peeps got it and did not know.
Pretty sad that developers will not tell you what they fix when releasing updates. They blind cover with needed fixes and improvements. Bah! Sux hind tit my friends.
Speaking at the RSA security conference in San Francisco*on Tuesday, Adrian Ludwig, director of Android security, said the*Stagefright hole*– which prompted the Chocolate Factory to start emitting low-level security patches on a monthly basis – did put 95 per cent of Android devices at risk of attack. However, there have been no “confirmed” cases of infections via the bug, Ludwig claimed
https://www.theregister.co.uk/2017/02/15/google_stagefright_android_bug_zero_success/
Nothing but hype as I said before no confirmed cases of anyone able to use the Stagefright bug in a attack in the wild.
Sent from my GT-N5110 using Tapatalk
jasonf1984 said:
Speaking at the RSA security conference in San Francisco*on Tuesday, Adrian Ludwig, director of Android security, said the*Stagefright hole*– which prompted the Chocolate Factory to start emitting low-level security patches on a monthly basis – did put 95 per cent of Android devices at risk of attack. However, there have been no “confirmed” cases of infections via the bug, Ludwig claimed
https://www.theregister.co.uk/2017/02/15/google_stagefright_android_bug_zero_success/
Nothing but hype as I said before no confirmed cases of anyone able to use the Stagefright bug in a attack in the wild.
Sent from my GT-N5110 using Tapatalk
Click to expand...
Click to collapse
I was speaking of the media server bug. Simple code from java script or email to open a media file can break media server, which allows code to be executed at root level. Just clicking on a link opens the back door. There Is a lot of peeps worried about this high level bug within android, and was found of recent. Probably bigger than stagefright and heart bleed combined.
I think that the last release of 4.4.2 with country code of BRI will have a wee more fixes... Only 3 that stands out that need to be applied for kitkat to be bug free.
Unfortunately I am not in Taiwan and rather have UK firmware. Maybe a good dev can make a recovery flash file to allow verification between the fixes I see as pending.
I think you are just overreacting.
an app had broad permissions that likely didn't need. So it was a shady app.
that's not a virus. just lousy practice on the programming side. Don't install it and be done, many many apps like that. But not a virus.
that or your definition of virus is not the usual one (for instance, it did not replicate itself).
profedrini said:
I think you are just overreacting.
an app had broad permissions that likely didn't need. So it was a shady app.
that's not a virus. just lousy practice on the programming side. Don't install it and be done, many many apps like that. But not a virus.
that or your definition of virus is not the usual one (for instance, it did not replicate itself).
Click to expand...
Click to collapse
It did have a variant name to the virus when detected. No other anti virus app detected it. Permissions is one thing but this was a virus.
Give me a break! No wonder android peeps are so blind, permissions are permissions and should not be detected as a virus, though if detecting security that is a different thing all together.
I think anti virus apps that have extra features like security checks confuse the bajeebus out of peeps on detection. Don't know the difference between virus and permissions when obviously being told a virus is found, they jump to app permissions.
A virus does not need to replicate to the system to be a virus. Just send a script to launch on another device to have the device infect its self by action. Pretty simple and very effective, especially when the anti virus app does not detect the media script crashing media server and starting the mess of running root and loading what ever off of some server.
Backstory: I've always used iPhones, was tired of the bull****, and wished for Android especially the S8. Was shocked, and I'm rarely shocked, but the agressive violation of privacy, the crazy amount of bloatware, and the unoptimised UX and system services overall.
Now, I'm in charge of a wide ecosystem of people using smartphones in our company as well as other companies I consult for. While people always blab about personal privacy (which is a concern of course), what I don't understand is how people dealing with either sensitive, contractual or strategic informations could use Android devices given that it *excuse but there's no better terms* rapes your privacy in every, but also I'm pretty sure, illegal, ways.
For exemple the Sound Detector app, even when disabled, is constantly listening to your environment without your priori knowledge or permissions. In fact it's mainly the permissions scheme that baffles me: on iOS or any PC or Mac, you can install any app without being constrained to accept giving out information or accessing functions that have nothing to do with the app, THEN you can choose what precise permissions, when and why. And of course there's the whole wider problem of usage and data tracking (which I apparently have to install...a firewall??) or even malware (I have to install a separate antivirus for...on a smartphone). Worst exemple being that of course: www.theverge.com/2018/1/2/16842294/android-apps-microphone-access-listening-tv-habits
Now I like Android for all their efforts, development and implementation, as well as Samsung efforts...but I'm on the verge of having to present a report to ban all Android phones (for a "leave at door" Policy or either iPhone, BBMs and any other "more" secure smartphones) like I just realise they did in the US government and other official institutions as well as some corporations...or...understand very well how it works, and devise a clearly guide on how to completely optimise and secure Android smartphones like I would for PCs/Macs.
So here's my mission if you accept to help me:
1. I want to deconstruct how Android works in a very simple scheme for noob.
2. From that I want to list all the system packages and services, to determine those that are critical, optional or bloatware, and actually describe exactly what they're for so people have a clear idea.
3. I want to list all the base applications, stores or packages apps, to determine those that are critical, optional or bloatware, then what they're for and most importantly the best alternative apps to these.
4. I want to list and make a simple schemes of how the device components (sensors, cam, mic...), the different data canals, and the the different permissions are circulating or violating privacy while screwing cpu time, battery and data.
5. Finally I want to learn, understand and create a simple noob introduction to the different tools like Xposed (and XprivacyLua which seems to be the best options), package disablers (I personally went for BK), Firewall, Adblockers and Antivirus (honestly didn't even think I would need those on Android).
So I guess first, I'll list all the apps, packages (and sub-services) that my Galaxy S8 came shipped with that overwhelmed me, so as to know for a basic Galaxy S8/+/Note what is a consensus of what to disable, why, how and by what to replace if there's alternative, while listing basic how-to's of the tools to that. Note that I only know about BK Disabler as of now.
Reserved
Upd: I haven't had time, but I'm starting to do a table with all the packages, what they're for and wether to disable them.
You do know that Silverpush do affect both iPhone and Android, right? And "leave at the door" policy or either iPhone or BBM? There's two errors in this sentence. Are you really what you claim to be? Or just someone with an agenda who just created an XDA account?
why would you need an antivirus for a phone if you stick to play store apps?
rashat999 said:
why would you need an antivirus for a phone if you stick to play store apps?
Click to expand...
Click to collapse
There are plenty of play store garbage apps with spy ware and crap in them
vladimir_carlan said:
You do know that Silverpush do affect both iPhone and Android, right? And "leave at the door" policy or either iPhone or BBM? There's two errors in this sentence. Are you really what you claim to be? Or just someone with an agenda who just created an XDA account?
Click to expand...
Click to collapse
iPhone (pretends to) be safe and secure and doesn't straight-up violate your privacy by forcing unneeded permission even before installing the app and running tons of spyware as per unbox while giving all your infos out to apps that demand it and more. It's also a question of procedure: iPhone are really easy to fix/secure with a jailbreak, I didn't even root this Android I got and realised how terribly aggressive their violation of privacy is.
But again, I just want to give people the choice as long as their device is secure, that's why I'm learning all the quirks of Android and how to secure them. All our IT guys confirmed that unless you know exactly how to secure Android devices like we did for our computer park, employees better go for an iPhone.
There's a difference between Apple that might have backdoors to the NSA, and Android that is a crazy open buffet for -permitted- informations stealing without even talking about spyware or silverpush. My Galaxy S8 came with apps and packages that were constantly listening through the mic without my prior knowledge, installation or authorisation, this is intolerable. But I switched for a reason, I'll see if using Android is easily manageable or if it's better to ban them from inside use.
OgreTactic said:
iPhone (pretends to) be safe and secure and doesn't straight-up violate your privacy by forcing unneeded permission even before installing the app and running tons of spyware as per unbox while giving all your infos out to apps that demand it and more. It's also a question of procedure: iPhone are really easy to fix/secure with a jailbreak, I didn't even root this Android I got and realised how terribly aggressive their violation of privacy is.
But again, I just want to give people the choice as long as their device is secure, that's why I'm learning all the quirks of Android and how to secure them. All our IT guys confirmed that unless you know exactly how to secure Android devices like we did for our computer park, employees better go for an iPhone.
There's a difference between Apple that might have backdoors to the NSA, and Android that is a crazy open buffet for -permitted- informations stealing without even talking about spyware or silverpush. My Galaxy S8 came with apps and packages that were constantly listening through the mic without my prior knowledge, installation or authorisation, this is intolerable. But I switched for a reason, I'll see if using Android is easily manageable or if it's better to ban them from inside use.
Click to expand...
Click to collapse
Mate my question still stand: are you really what are you claiming to be or you just have an agenda? Some badass company appointed you to decide what is secure and what not. Really? You? In Op you are talking about thinking to allow only iOS and BBM (it's Bbos BTW) only. BBOSS? Really? BBOS was discontinued one year ago...no more updates no more security patches, no more nothing.
vladimir_carlan said:
Mate my question still stand: are you really what are you claiming to be or you just have an agenda? Some badass company appointed you to decide what is secure and what not. Really? You? In Op you are talking about thinking to allow only iOS and BBM (it's Bbos BTW) only. BBOSS? Really? BBOS was discontinued one year ago...no more updates no more security patches, no more nothing.
Click to expand...
Click to collapse
That's not my job, but that's part of mine to decide or push in front of committees what tool we should use, purely from a utilitarian, managerial and system POV. None of us beside IT guys ever realised how Android were intolerably insecure, I've had my head in Apple buttock for years thinking "yeah, that's too limited and I heard Android is now as stable and well made".
But I don't want to go back to iPhone either, so here I am sitting with a Galaxy S8 I'm still not using because I don't where to start to secure it, whether I should try to fix everything on the factory rom or just root it.
OgreTactic said:
That's not my job, but that's part of mine to decide or push in front of committees what tool we should use, purely from a utilitarian, managerial and system POV. None of us beside IT guys ever realised how Android were intolerably insecure, I've had my head in Apple buttock for years thinking "yeah, that's too limited and I heard Android is now as stable and well made".
But I don't want to go back to iPhone either, so here I am sitting with a Galaxy S8 I'm still not using because I don't where to start to secure it, whether I should try to fix everything on the factory rom or just root it.
Click to expand...
Click to collapse
Okay...what exactly makes you to feel insecure? I understand you're bothered that some apps are accessing your microphone. That's easy... Settings-Apps. Tap on those three dots and chose app permission. You'll see what apps have access to microphone and deny permission for them. Job done. What else makes you to feel insecure?
vladimir_carlan said:
Okay...what exactly makes you to feel insecure? I understand you're bothered that some apps are accessing your microphone. That's easy... Settings-Apps. Tap on those three dots and chose app permission. You'll see what apps have access to microphone and deny permission for them. Job done. What else makes you to feel insecure?
Click to expand...
Click to collapse
I put my S8 away for now I went back to an iPhone. I'm using it off-grid to still try and figure out how it works.
Basically my problems are clear:
1. There's no transparency in background processes/services, the component they use and the data they send.
2. The way permissions are managed is intolerable: forcing you to accept non-necessary and arbitrary access to connected components or private information BEFORE installing the app is a form of extortion. The same goes when running the app: forcing permissions that are not critical to the app code actually running is a form of extortion. Baffles me how Google even allows that today.
3. The fact that there's even a need for a firewall and antivirus, and that the official stores is filled with illegal (copyright infringing app so blatant) and therefor myriads of potential malicious apps like Silverpush-enabled one, without any store control or curation on Google's part.
All this means there is no way I will use an Android rather than an iPhone and allow anyone dealing with private or "sensitive" commercial informations using one inside the company. I'm still trying to figure out if going straight to root is the solution, if I'll have to use cryptography for documents and coms, or if I'll have to spend days figuring out Xposed+Xprivacy, Packages Disablers, MicroG alternative libraries, Firewall and Antivirus and god knows what to make it decently secure like an iPhone (which doesn't aggressively violates your privacy and is really easy to secure with a jailbreak...unless there are hidden backdoors which is still far from the probably illegal open-buffet of private and sensitive informations Google provides to any potential malicious websites, scripts or apps).