I've been pondering about this question for some time now and would like to seek for some people's advice on it. We all trust the developpers in the Dell Streak community with their custom roms and I do trust them since I've been using their roms in my D.Streak. But my question is that what if a rom developper puts a malicious code in their rom(stealing accounts,passwords...) and we flash it without knowing about the potential security issues that could result in using it. Has this happened before on Xda forums that a Custom rom contain some malicious code?
Dragonner said:
I've been pondering about this question for some time now and would like to seek for some people's advice on it. We all trust the developpers in the Dell Streak community with their custom roms and I do trust them since I've been using their roms in my D.Streak. But my question is that what if a rom developper puts a malicious code in their rom(stealing accounts,passwords...) and we flash it without knowing about the potential security issues that could result in using it. Has this happened before on Xda forums that a Custom rom contain some malicious code?
Click to expand...
Click to collapse
dont be in the middle. use custom rom or just wait for official. u dont have any other choice unless if u can cook for urself. but thr is always some guys who can find something if thr is anything wrong in roms. like Themanii who find that Olleh roms have serious bug. so dont worry mate.
sajibcy said:
dont be in the middle. use custom rom or just wait for official. u dont have any other choice unless if u can cook for urself. but thr is always some guys who can find something if thr is anything wrong in roms. like Themanii who find that Olleh roms have serious bug. so dont worry mate.
Click to expand...
Click to collapse
That Olleh ROM works perfectly fine , that was just FUD , check the DSC ROM which is based on 406 ROM thread in development section, the most stable ROM uptodate, the Manii need to correct that mistake he did there.
Sent from my Dell Streak using Tapatalk
I've been thinking of keeping track of outbound connections.
You could easily see destinations if you have a good firewall.
You may use osmonitor to see active network connections.
btvbtv said:
I've been thinking of keeping track of outbound connections.
You could easily see destinations if you have a good firewall.
You may use osmonitor to see active network connections.
Click to expand...
Click to collapse
Have you tested os monitor on the streak as 3g watchdog is unable to track application's use on the streak specifically.
Sent from my Dell Streak using xda premium
None of your devs put there changelog on a github???
Sent from my BIG OL' INFUSE using xda premium
gregianos said:
Have you tested os monitor on the streak as 3g watchdog is unable to track application's use on the streak specifically.
Click to expand...
Click to collapse
I'd track connections using external (gateway) firewall.
Streak firewall is good in whitelisting applications you trust.
If you're unsure then dont use custom roms.
The majority of code work is in the kernel, everything else is more or less unmodified or basic stuff like deodexing, there's virtually no work done on roms outside kernel/theming/non-code tweaks.
There's really only 1 kernel too, Streakdroid more or less, pretty much all roms with custom kernels are based off the SD kernel. You can grab the source and compile your own rom, and do all the tweaks yourself, the kernel is 99% of the work.
The only safe way to to monitor it from an external method, if hypothetically there was malicious code inserted, i would imagine it's in the kernel and i'd imagine it could mask itself from any app. Just because the source is given doesnt explicitly imply that it was the source for THAT EXACT kernel since duh you wouldnt point out that it's there.
No way the do not contain malacious code
Yes they do not contain any such mal code
Related
Maybe its just me, but I'd like to see Rom manager properly used for our device.
My friend has the ego 4G and when using Rom manager he early goes to xda for his updates or a new Rom because for the Evo devs have it set up so their Rom populated the download section of Rom manager. Also this way when a Rom is updated you get a notification that there's an update.
This would benefit the users of the mt4g because a lot of the Rom downloads and mirrors are not always mobile friendly.
Was just wondering why none of our devs take use of this feature.
Sent from my HTC Glacier using XDA Premium App
shadowmike said:
Maybe its just me, but I'd like to see Rom manager properly used for our device.
My friend has the ego 4G and when using Rom manager he early goes to xda for his updates or a new Rom because for the Evo devs have it set up so their Rom populated the download section of Rom manager. Also this way when a Rom is updated you get a notification that there's an update.
This would benefit the users of the mt4g because a lot of the Rom downloads and mirrors are not always mobile friendly.
Was just wondering why none of our devs take use of this feature.
Sent from my HTC Glacier using XDA Premium App
Click to expand...
Click to collapse
+1
10 char
Me and RK have been talking about it. I dont know if it will work with the multiupload links, so we need to see how his server is gonna be able to handle the load.
- We do a lot that you guys dont even have a clue we're doing.
option94 said:
Me and RK have been talking about it. I dont know if it will work with the multiupload links, so we need to see how his server is gonna be able to handle the load.
- We do a lot that you guys dont even have a clue we're doing.
Click to expand...
Click to collapse
i dont doubt that a bit! option, and team royal, are always busy behind the curtains! just thought it was a bit odd that the mt4g roms arent on there... but yall recomend that we do a full wipe every time and ppl may also try to flash via ROM manager rather than recovery and doing a TRUE full wipe as advised... so i can see both sides as wellits all good in the hood homie, just wanted to put in my 2 cents
We could make it work with rom manager, at this point its just a matter of hosting bandwidth and such.
2 things:
1) Load balancing (deals with server issues)
2) How much bandwidth?
I happen to have 3 dedicated servers in EU(London), USA(NY), and USA(CA) and may be able to help. Servers are used for work (not just idle), but it may be enough...
These are windows servers btw.
Sirs,
How are you all doing? this is my very first post and I decided to ride dirty with the android OS finally (I'm late..) Originally coming from that dead Symbian OS environment.. I love customization and everything related to tinkering the phones hardware and software..
So now I am about to buy a used galaxy S I9000, I just want to know what are the things to look for this used android unit? I can see it's just slightly used so what will I look for aside from the outside appearance? How about in the software itself?
I only know that the phone is on GB 2.3.3 I think and it has like a custom way of killing apps, launching..really it's my first time on android and I need professional advises and this is the best site to ask from, I know.
Jesse
Check usb connection and it powers on and gets signal ..... Duplicate thread
Sent from my GT-I9000 using xda premium
as expected, so if this is a duplucate thread, could you please give a me a link to this thread sir? I already read the guidelines, rules, and regulations but I just want to ask from a personal standpoint and I expect this forum to be the best and expert in this Android revolution..
Someone else opened the same.thread
Just make sure usb is secure, make sure it boots ok and speaker is ok.
Sent from my GT-I9000 using xda premium
alright alright gotcha!
How do you want to use your phone?
In my opinion, this device is a disappointment for normal,everyday basic use.
If you really want android ride on SGS, keep yourself ready for be here on xda regularly for help (you tasted it already)and hacks,be ready to root your phone and be ready to reboot your phone n number of times(sometime it does auto ) and be ready to get a mixed feeling,sometime it makes you happy and sometimes you would like to throw it away.
Its my opinion based on use, not intended for anything else.
Sent from my GT-I9000 using Tapatalk
GreenSGS said:
How do you want to use your phone?
In my opinion, this device is a disappointment for normal,everyday basic use.
Click to expand...
Click to collapse
Unless you're installing the latest beta ROMs or custom ROMs, this phone is actually very stable and reliable for day to day use. And the UI is fast and responsive enough on 2.3.3. In any case, in terms of reliability and speed, the SGS is miles ahead of any Symbian device.
Wtf???
Mate. He said he likes to customize.
I have nothing but good things to say about my phone. Gps is accurate and always has been. I knocked back an sgs2 upgrade to wait for next nexus.
Check pixels and speaker.
Check Gps accuracy in maps.
Usb connects and check for 3 button combo to recovery/download mode.
Good luck and enjoy.
Sent from my GT-I9000 using XDA App
Guys,
My use of phone dialer,messaging and call logs comes under basic use.
And dialer lags, contacts gives message 'no additional info available' and then shows number.no matter which rom you use.
Even dialer removed from memory.
I have 2 phones in house one running stock 2.3.3 and one 2.3.5 so I am not imagining anything.
Dont reboot phone for a week and see what happens.
If it was all that good, all the ram tweaks,kernel tweaks,optimization tweaks, wouldn't even exists.
If your expr. & opinion differs post it.
Sent from my GT-I9000 using Tapatalk
wow thanks! a lot of tips already! my appreciation to you guys,
well i want my phone for calls, sms, internet, productive apps,some graphically good games?, storage for photos(bought a 16GB microSD yesterday for this phone, excited am I?) videos-movies perhaps? some noobie photography (BTW I love that touch to focus feature!)
I guess I'm more into content, really LOL
Again thanks!
PS how to enter to download mode?
I'll try first dealing with the stock roms, is there any 2.3.7 GB for galaxy cause I see it everywhere along with the CM7? is that an official firmware or CM7 based on that OEM firmware? maybe when I want more, that's the time I'll do a CM7 flash..what about skype video calling or google talk? is it good in this phone?
GreenSGS said:
How do you want to use your phone?
In my opinion, this device is a disappointment for normal,everyday basic use.
If you really want android ride on SGS, keep yourself ready for be here on xda regularly for help (you tasted it already)and hacks,be ready to root your phone and be ready to reboot your phone n number of times(sometime it does auto ) and be ready to get a mixed feeling,sometime it makes you happy and sometimes you would like to throw it away.
Its my opinion based on use, not intended for anything else.
Sent from my GT-I9000 using Tapatalk
Click to expand...
Click to collapse
Trollollololol - back under your bridge fellow.
"Do not feed the trolls"- epic quote
I will be using this phone for everyday use, k?
Another important thing to look for: if it enters Download Mode [Vol Down + Home + Power]
If not, it can be fixed, but it involves a little risk. This would be the only risky thing you'll do software wise, after your Download Mode works, it's very hard to brick the phone.
jcagara08 said:
I'll try first dealing with the stock roms, is there any 2.3.7 GB for galaxy cause I see it everywhere along with the CM7? is that an official firmware or CM7 based on that OEM firmware? maybe when I want more, that's the time I'll do a CM7 flash..what about skype video calling or google talk? is it good in this phone?
Click to expand...
Click to collapse
2.3.7 was a Nexus upgrade that added things like NFC, which most phones do not have the hardware to support this. CM7 uses Nexus source code. I don't believe anything helpful for you was added/changed.
And try not to believe the crap these people are spewing. My contacts, diallers, and whatever else that guy was rambling about are just fine. And obviously that is not a problem across all ROMs, considering most ROMs use different apps (for example, Samsung apps aren't run on AOSP ROMs—and I haven't seen this problem on either).
Good luck! It's an exciting phone.
wow, thanks to all of your advices dudes! what would be a good protector for this phone aside from the screen guards?
An Android app developer has published what he says is conclusive proof that millions of smartphones are secretly monitoring the key presses, geographic locations, and received messages of its users.
http://www.theregister.co.uk/2011/11/30/smartphone_spying_app/
You can download the app to see if you have CIQ from here:
http://forum.xda-developers.com/showpost.php?p=17612559&postcount=110
Im running Miui and came out ok. Need root to run the app / clean it out.
http://forum.xda-developers.com/showthread.php?t=1122569&highlight=ciq
That's pretty f**ked up. This logs keys as they are pressed, even in dialer. It doesn't appear to be installed on all android builds, seems to be carrier dependant.
I ran TrevE_Logging_TestApp_v7 to check for CIQ on my SGHT959 stock froyo.uvka6 rooted (Tmobile USA) and it came back clean, no CIQ found.
It would be good to post a list of which carriers/phone manufacturers are utilizing this rootkit so they can be avoided.
Anyway I think the only ones affected would be users of stock roms like me, CM7/MIUI and other custom roms should be fine.
Vibrant
just ran it on my Samsung Vibrant running Trigger 3.2 and it came up clean...
Phrack said:
It would be good to post a list of which carriers/phone manufacturers are utilizing this rootkit so they can be avoided.
Click to expand...
Click to collapse
Agree!
I found it on my T-Mobile SGS2.... :/ I killed it with Titanium backup and rebooted. So far so good. I backed it up just in case it does mess up the phone by removing it.
Cool thanks.
sw20 said:
Agree!
I found it on my T-Mobile SGS2.... :/ I killed it with Titanium backup and rebooted. So far so good. I backed it up just in case it does mess up the phone by removing it.
Click to expand...
Click to collapse
From my research the only way to tell if your phone has icq is to run log cat on your phone. Also just uninstalling the visible program didn't stop the program. I have found that asop and Muiu roms do not have ciq installed and only custom roms or kernels (in sgs2 case) which specifically removes listed as it removed.
I talked to a customer rep @ T-Mobile and she had no idea what I was talking about when I asked about ciq.
Can't wait for the class action law suit against ciq and see if this company can survive especially after eckhart's new video showing the program logging everything.
Sent from my SGH-T959 using xda premium
Does anyone know how i get sqlite3?
Hey man! this is ****ed up. How do we remove this?
It depends on which rom you are using. If you are using CM7/MIUI they don't have CIQ because they are based on open source android builds. CIQ is added by carriers and some phone manufacturers so if you are running stock rom or hacked rom based on a stock rom there is a good chance you have CIQ.
You need to download TrevE's Logging Test App to check for CIQ:
http://forum.xda-developers.com/showpost.php?p=17612559&postcount=110
There's different versions, try them until you find one that works for your phone. This will tell you if CIQ is found. To remove it you need to pay 99 cents for pro version of app and your phone needs to be rooted.
**EDIT
Here's some more info on Carrier IQ from the author of Logging Test App. It details what Carrier IQ does and logs.
http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/
IMHO CIQ would probably be useful software if
A) Subcribers voluntarily participated
B) The software can easily be removed
As it stands this is classified as a rootkit because it is carefully hidden with no way for an average person to remove or disable it.
**EDIT ++
On the plus side there seems to be a plethora of apps available in Android Market for checking if Carrier IQ exists on your phone.
https://market.android.com/search?q=carrier+iq&so=1&c=apps
I have a feeling there will be eventually a simplified method for removing CIQ. Just be patient.
vibrant doesn't have it...
Sent from my SGH-T959 using xda premium
im glad mine doesn't have it. i put important stuff like mine and my moms bank accounts on my phone. cm7 is a safe choice
All right the company Carrier IQ is suddenly popping up in news stories everywhere. I assume I am safe from this garbage if I am using Cyanogenmod but how do I make sure my Wife's shift is clean of this if she's using Stock rooted 2.2? She will not let me change roms or even upgrade her to 2.3 so I would like to know what I need to delete to make sure Carrier IQ is not installed on her Shift or at least not sending any info back to it's mother ship.
If you haven't heard Carrier IQ is installed on millions of phones of different manufacturer's and is supported by many carriers including HTC and Sprint. It collects data and sends it back to Sprint or who knows who. Apparently it can log everything and it ignores any permissions or security you have set up or something like that. It is installed "invisibly" and you do not have the option to opt in or out. I assume Titanium or some other program can see the pieces I would need to delete but I don't know what they are.
Here's where I read about it and it does list an app that may be able to take care of it but I would rather know how to do it manually:
http://www.engadget.com/2011/12/01/carrier-iq-what-it-is-what-it-isnt-and-what-you-need-to/#comments
Thanks
Evo_Shift said:
All right the company Carrier IQ is suddenly popping up in news stories everywhere. I assume I am safe from this garbage if I am using Cyanogenmod but how do I make sure my Wife's shift is clean of this if she's using Stock rooted 2.2? She will not let me change roms or even upgrade her to 2.3 so I would like to know what I need to delete to make sure Carrier IQ is not installed on her Shift or at least not sending any info back to it's mother ship.
If you haven't heard Carrier IQ is installed on millions of phones of different manufacturer's and is supported by many carriers including HTC and Sprint. It collects data and sends it back to Sprint or who knows who. Apparently it can log everything and it ignores any permissions or security you have set up or something like that. It is installed "invisibly" and you do not have the option to opt in or out. I assume Titanium or some other program can see the pieces I would need to delete but I don't know what they are.
Here's where I read about it and it does list an app that may be able to take care of it but I would rather know how to do it manually:
http://www.engadget.com/2011/12/01/carrier-iq-what-it-is-what-it-isnt-and-what-you-need-to/#comments
Thanks
Click to expand...
Click to collapse
Run supreme sense
VICODAN said:
Run supreme sense
Click to expand...
Click to collapse
I know! I told my wife it is better...she still says no
You can use Treve's app http://forum.xda-developers.com/showpost.php?p=17612559
https://market.android.com/details?id=com.treve.loggingkey
Evo_Shift said:
I know! I told my wife it is better...she still says no
Click to expand...
Click to collapse
Show her that video and tell her you want a divorce if she doesn't agree.
lol jk about the divorce part but seriously I just watched that video and im so glad im not on stock sense.
Flash MikShifted G v1.76 or Supreme Sense, then hand her back the phone. If she doesn't like them better than stock there is something wrong
i think people over think things too much about these little threats
+1 OP, I'm in exactly the same boat!
Unfortunately it seems at this point, no way to remove CIQ without root
guyandhisdog said:
+1 OP, I'm in exactly the same boat!
Unfortunately it seems at this point, no way to remove CIQ without root
Click to expand...
Click to collapse
I think he already mentioned that yes she does have root on stock if you read the OP. So yes titanium backup should be able to remove it no problem. Use the app carrier IQ detector to find out how much of it needs to be removed.
CIQ is built into the kernel too. He needs to swap kernels as well as remove the apps.
Sent from my PG06100 using XDA App
Ron Overdrive said:
CIQ is built into the kernel too. He needs to swap kernels as well as remove the apps.
Sent from my PG06100 using XDA App
Click to expand...
Click to collapse
I looked at the kernel. All there is in the kernel is bug fixes to allow CIQ to run properly. If you remove the system apps there is nothing for the bug fixes in the kernel to use.
Sent from my PG06100 using xda premium
has anyone used the advanced version of treve's app on a shift successfully?
or removed the the ciq stuff manually with success? if so is there anything that needs to stay on the device so it doesn't brick.
i'm using a stock rooted rom and kind of want to stick with it.
Totally out of left field: dell released a new rom for softbank.
The changelog does not seem to state much.
Android 2.2.2
Build date: Jul 10, 2012
Build: 29579
Dell Stage 1.6
The rom is completely identical to 366 except for the following files:
<root>\boot.img
<root>\amss.mbn
<root>\dbl.mbn
<root>\dsp1.mbn
<root>\osbl.mbn
<root>\system\build.prop
<root>\system\app\quickoffice.apk
Out of all those, only boot.img seems to have changed more then just being resigned/trivial changes.
Dell normally holds a rom for 1 month to test before releasing, but the normal release date for a rom built in july would be mid/late august.
So for whatever reasons: they held it back for a month.
It also only includes a trivial amount of changes, so it's not much more then going though the motions of a release
I received the update SMS today and came here to check. Figured you would have some additional info on this.
Still Froyo? I guess I'm never getting a phone from Softbank again.
Blame Dell/Qisda's dell team/Softbank
The SPro's still on GB too.
The Lenovo LePad S2005 (ie the "Opus one") got ICS back in April.
I dont even know why they released 369, I cant tell if it even changed anything as far as softbank's changelog is concerned.
TheManii said:
I dont even know why they released 369, I cant tell if it even changed anything as far as softbank's changelog is concerned.
Click to expand...
Click to collapse
maybe the user or the dev is old school type .. and pretty much on comfort zone...
Official roms arnt custom roms, they cant simply release it and hope there's no serious issues. They have to have staff on hand to test for 3 weeks before releasing.
Even if they only changed like a dozen lines of code at best for it.
irmtsNa particle
TheManii said:
Official roms arnt custom roms, they cant simply release it and hope there's no serious issues. They have to have staff on hand to test for 3 weeks before releasing.
Even if they only changed like a dozen lines of code at best for it.
Click to expand...
Click to collapse
See also mb.softbank.jp/scripts/japanese/information/fota/detail.jsp?id=20120912153155186
The package is supposed to fix Wifi issues with access points.
Package name is streak_29579_12.pkg
Has anyone tried this?
EverPing said:
See also mb.softbank.jp/scripts/japanese/information/fota/detail.jsp?id=20120912153155186
The package is supposed to fix Wifi issues with access points.
Package name is streak_29579_12.pkg
Click to expand...
Click to collapse
I currently sport the Dell official 360 rom and I was wondering if it was worth the bother of udating to this one? has anyone given it a go and does it work?
Any pointers would be appreciated! Also interested in whether it requires a complete reset or if it upgrades leaving data/apps in place? :fingers-crossed:
chriscullen42 said:
I currently sport the Dell official 360 rom and I was wondering if it was worth the bother of udating to this one? has anyone given it a go and does it work?
Any pointers would be appreciated! Also interested in whether it requires a complete reset or if it upgrades leaving data/apps in place? :fingers-crossed:
Click to expand...
Click to collapse
Any time you flash a DELL update.pkg it's going to do a factory reset.
TheManii may put together a zip package for it though
Sent from my GT-I9100 using Tapatalk 2
http://mb.softbank.jp/en/products/dell/001dl.html
rom: 2.5 gb
are we going to get an official ics as we had before from olleh an official gb ??
2.5gb is 500mb nand + 2gb innerSD.
I dont expect them to ever make official ICS.
Even 2.3.5+ isnt something I'd expect.
oic
Oakc 2.2.2 ?
Sent from my Dell Streak using xda app-developers app
Has anyone installed this yet? Does it improve wifi performance and is it ok in the UK? I hate being the first at these things!!
Well I took the plunge and generally I am pleased with the results. Wifi seems much more stable and most things work, although mms does not seem to be working at the moment. Also softbank does not come with a sms app pre-installed, instead they use their own combined messaging app which I have not tried yet. I installed an sms app from the market and it works ok, apart from mms
Sent from my 001DL using xda premium
chriscullen42 said:
Well I took the plunge and generally I am pleased with the results. Wifi seems much more stable and most things work, although mms does not seem to be working at the moment. Also softbank does not come with a sms app pre-installed, instead they use their own combined messaging app which I have not tried yet. I installed an sms app from the market and it works ok, apart from mms
Sent from my 001DL using xda premium
Click to expand...
Click to collapse
I tried to install it but was not able to find in the wireless settings the tethering & portable hotspot, does anyone also encountered this?
Sent from my Dell Streak using xda premium
angelerikz said:
I tried to install it but was not able to find in the wireless settings the tethering & portable hotspot, does anyone also encountered this?
Sent from my Dell Streak using xda premium
Click to expand...
Click to collapse
The MMS issue I was having was me being an idiot - I had run out of credit I have never used Wifi Hotspot. There is an app that comes rolled into this rom which seems to be for tethering but i have not used it. The WiFi in general is excellent and seem way more stable that any other ROM I've used to date (and I've used quite a few). I think it may be easier to look up a 3rd party (barnacle I think) tool to get the tethering working - but I know very little about this.
chriscullen42 said:
The MMS issue I was having was me being an idiot - I had run out of credit I have never used Wifi Hotspot. There is an app that comes rolled into this rom which seems to be for tethering but i have not used it. The WiFi in general is excellent and seem way more stable that any other ROM I've used to date (and I've used quite a few). I think it may be easier to look up a 3rd party (barnacle I think) tool to get the tethering working - but I know very little about this.
Click to expand...
Click to collapse
Regarding the mms.apk can we replace that softbank mms.apk with that of mms.apk from stock 360 rom
Sent from my 001DL using xda premium
so is anybody still testing this? any problems or real improvements?
Softbank seems ok so far....
peterson65 said:
so is anybody still testing this? any problems or real improvements?
Click to expand...
Click to collapse
I've been using it for a while and generally all is good. It seems better on battery than the 360 rom, the WiFi seems more stable, though I do get the odd issue with it not connecting but far less than any other rom I've used. I do not use tethering and I know that is not present, but there are apps in the market to do this anyway. SuperUser.zip also happily rooted it with no issues. It does seem to be quicker than other Froyo roms too - so overall I'd say it's worth an upgrade. Be aware that the native messaging app will not work on it for some reason, but Handsent or Go SMS are just fine and dandy - unless you run out of credit (see earlier post by me)
If I had to stick to a single rom this would be the one. I am tempted to go for DSC and I've been told by the author that it can be flashed over this rom - so I may report back when 1.6 is rolled out fully and I've installed it to give a comparison.
I hope this helps!
I've looked and haven't found any links for what I'm looking for which is just the amss and dsp1 files to flash in fastboot... anybody got those uploaded anywhere? I hate to flash the entire ROM just to extract those two, but if I have to then I just have to... thanks guys for any help