I know when I jailbroke the iPhone you had to set a password via SSH so random people couldn't hack into your phone and hijack it.
Does the same vulnerability exist on a rooted Atrix? I know you get the notification that SU is being requested and you can deny it, but is there an IP back door as well that is "silent"?
Generally speaking, should people change/set and SU password? I've read some horror stories about it so far, so I'm not sure that's the right way to go.
Thanks
Afaik there is no way to set a su password. lookout security will scan all apps on your phone and when you downlad to prevent malicious software. There are several others but Lookout is my fav.
the reason the iphone requires this is that it is running SSHD always. the atrix doesnt run sshd unless you install an app to do so.
I was under the impression that "lookout " and the like are at best useless, and at worst, malware in and of themselves... no?
Sent from my MB860 using XDA App
I thought so too at one point
dmdmd said:
I was under the impression that "lookout " and the like are at best useless, and at worst, malware in and of themselves... no?
Sent from my MB860 using XDA App
Click to expand...
Click to collapse
but lookout has gotten good marks from every point of review I've seen thus far, including friends and colleagues who've used it personally. While there is little in the way of malware for lookout to catch, it has been updated quickly to catch all the known malware out there.
I also had the same concern with su as a previously jailbroken IP4 owner. The difference here is the java layer. All java apps that try to gain root will have to go through the 'superuse' app that accompanies the installation of 'su'. 'superuser' will ask you to approve the privilege escalation of each app that requests it. I don't know enough about android to know if native apps will come with this same restriction or not. If you shell into your phone, however, nothing stops you from running 'su' yourself.
Pirateghost said:
the reason the iphone requires this is that it is running SSHD always. the atrix doesnt run sshd unless you install an app to do so.
Click to expand...
Click to collapse
Exactly this here. An Android phone doesn't have this daemon (aka thing that runs in the background) like jailbroken iPhones do, so there is nothing to password protect. Just gotta make sire someone doesn't plug your phone into their computer if you have usb debugging enabled... lol.
Sent from my MB860 using XDA App
no such requirement
because there is no server app for SSH thus no way to access to your phone via LAN
Sent from my MB860 using XDA App
I'd like to install an anti theft app on my n7. I've got Where's My Droid on my phone, but the thing is, the nexus doesn't have a data signal to access its GPS location at the drop of a dime.... it would only be able to be tracked if it is currently connected to WiFi, right? If it wasn't connected to WiFi then there would be no way to track it that I can think of. Anyways, what are some good anti theft apps that you guys are using?
Another question, has any used Tablet Talk, or so,etching similar? Its an app that sync your phone and tablet together which allows text messages to be sent front your nexus, but it uses your mobile number. Are there any other apps out there like this? Would really love to hear about some experiences with Tablet Talk or similar apps so I know what I should purchase. Thanks in advance.
Sent from my Nexus 7 using xda app-developers app
Cerberus. Paid, but worth it. Got my SGS2 back with it.
thcaddict said:
I'd like to install an anti theft app on my n7. I've got Where's My Droid on my phone, but the thing is, the nexus doesn't have a data signal to access its GPS location at the drop of a dime.... it would only be able to be tracked if it is currently connected to WiFi, right? If it wasn't connected to WiFi then there would be no way to track it that I can think of. Anyways, what are some good anti theft apps that you guys are using?
Another question, has any used Tablet Talk, or so,etching similar? Its an app that sync your phone and tablet together which allows text messages to be sent front your nexus, but it uses your mobile number. Are there any other apps out there like this? Would really love to hear about some experiences with Tablet Talk or similar apps so I know what I should purchase. Thanks in advance.
Sent from my Nexus 7 using xda app-developers app
Click to expand...
Click to collapse
i was using Lookout (and disabled the anti-virus stuff), but i believe most people prefer Cerberus...i think it's $3 in GP right now. check out some demos/reviews on youtube.
frescagod said:
i was using Lookout (and disabled the anti-virus stuff), but i believe most people prefer Cerberus...i think it's $3 in GP right now. check out some demos/reviews on youtube.
Click to expand...
Click to collapse
What is the point... besides a password how would a tracking app help. They will just wipe the tab anyway doesn't even need to be booted. If it's password protected its not going to connect to unknown networks anyway. So either way you look at it you lose it its gone. If you left it open counting on them to connect it good luck...lol if they are smart enough to steal it I'm pretty sure they understand how to do a factory reset.
Danny80y said:
What is the point... besides a password how would a tracking app help. They will just wipe the tab anyway doesn't even need to be booted. If it's password protected its not going to connect to unknown networks anyway. So either way you look at it you lose it its gone. If you left it open counting on them to connect it good luck...lol if they are smart enough to steal it I'm pretty sure they understand how to do a factory reset.
Click to expand...
Click to collapse
You're giving the common criminal too much credit. Most of the time these people are looking to sell it for a few dollars.
Danny80y said:
What is the point... besides a password how would a tracking app help. They will just wipe the tab anyway doesn't even need to be booted. If it's password protected its not going to connect to unknown networks anyway. So either way you look at it you lose it its gone. If you left it open counting on them to connect it good luck...lol if they are smart enough to steal it I'm pretty sure they understand how to do a factory reset.
Click to expand...
Click to collapse
You can install Cerberus as a system app and it will withstand a factory reset. However, if they decide to flash a new ROM you are screwed. But you are pretty much right about once you lose it is is gone since it has to be connected to WiFi to send back data.
Sent from my SGH-T999 using xda premium
I have Cerberus.. but it most likely will be useless... unless it is taken like at work where I already have Wi-Fi setup on it, it will never be able to phone home and the pattern lock will prevent the new owner from setting up a new access point without having to wipe the unit anyway because it will get locked out.
A phone is a different beast altogether.
Sent from my Nexus 7
For the "no known wifi" problem I use "wefi pro automatic wifi" or "wifi buddy beta". Both will try to scan and connect your tablet to open networks.
Sent from my Nexus One using xda app-developers app
zeus_chingon said:
For the "no known wifi" problem I use "wefi pro automatic wifi" or "wifi buddy beta". Both will try to scan and connect your tablet to open networks.
Sent from my Nexus One using xda app-developers app
Click to expand...
Click to collapse
That's good to know. I'll be sure to try those out.
Sent from my Nexus 7 using xda premium
krelvinaz said:
I have Cerberus.. but it most likely will be useless... unless it is taken like at work where I already have Wi-Fi setup on it, it will never be able to phone home and the pattern lock will prevent the new owner from setting up a new access point without having to wipe the unit anyway because it will get locked out.
A phone is a different beast altogether.
Sent from my Nexus 7
Click to expand...
Click to collapse
Yea, phones are a different thing... not only do you have the opportunity to track but also they are tagged to a network. But a WiFi only tab... even with an autowifi app.. the chances of both apps running at the time stolen and connected to WiFi are really slim. Besides the fact that you couldn't go busting in a residence just because you knew it was in there......
+1 Cerberus good support too
Sent from my Nexus 7 using xda premium
thcaddict said:
I'd like to install an anti theft app on my n7. I've got Where's My Droid on my phone, but the thing is, the nexus doesn't have a data signal to access its GPS location at the drop of a dime.... it would only be able to be tracked if it is currently connected to WiFi, right? If it wasn't connected to WiFi then there would be no way to track it that I can think of. Anyways, what are some good anti theft apps that you guys are using?
Another question, has any used Tablet Talk, or so,etching similar? Its an app that sync your phone and tablet together which allows text messages to be sent front your nexus, but it uses your mobile number. Are there any other apps out there like this? Would really love to hear about some experiences with Tablet Talk or similar apps so I know what I should purchase. Thanks in advance.
Sent from my Nexus 7 using xda app-developers app
Click to expand...
Click to collapse
Bought Cerberus myself and a few coworkers bought it too. Love the features.
Sent from my Nexus 7 using Tapatalk 2
Nexus 7 do have gps integrated unsure if it can sync the position on cerberus server without wifi
Envoyé depuis mon Nexus 7 avec Tapatalk
Assuming that your tab has some sort of pin/pattern lock/face unlock protection and your Wi-Fi is always on, then there shouldn't be much problem for the auto-Wi-Fi app to connect and enable access for Cerberus. Mind you that wefi pro DOES start on boot.
Danny80y said:
Yea, phones are a different thing... not only do you have the opportunity to track but also they are tagged to a network. But a WiFi only tab... even with an autowifi app.. the chances of both apps running at the time stolen and connected to WiFi are really slim. Besides the fact that you couldn't go busting in a residence just because you knew it was in there......
Click to expand...
Click to collapse
Sent from my Nexus 7 using XDA Premium HD app
zeus_chingon said:
Assuming that your tab has some sort of pin/pattern lock/face unlock protection and your Wi-Fi is always on, then there shouldn't be much problem for the auto-Wi-Fi app to connect and enable access for Cerberus. Mind you that wefi pro DOES start on boot.
Click to expand...
Click to collapse
Except if course that using open Wi-Fi is insecure...but if you are willing to do that, it might be a solution...you would need to test it first.
Sent from my Nexus 7
I have Avast installed on my Nexus 7. Don't care for the AV, but it does have built in anti theft, where if your N7 is rooted, it can bury itself deep in the system and survive hard-resets. Not sure how well it does, and hope never to find out, but it looks alright. There are probably similar apps out there.
Avast here too. AV does seem to slow some things down some, I guess I'll turn it off. The "locate" feature works well with Google Voice number. Turns on your GPS then sends location to GV (on a PC). Only time I hope to need it is if I leave my Nexus somewhere and I need to remember where (hoping it wasn't stolen). I'm a bit paranoid since I recently had a phone stolen with no security software on it.
Danny80y said:
What is the point... besides a password how would a tracking app help. They will just wipe the tab anyway doesn't even need to be booted. If it's password protected its not going to connect to unknown networks anyway. So either way you look at it you lose it its gone. If you left it open counting on them to connect it good luck...lol if they are smart enough to steal it I'm pretty sure they understand how to do a factory reset.
Click to expand...
Click to collapse
Not with cerebrus.
Sent from my HTC One X using xda premium
---------- Post added at 02:01 AM ---------- Previous post was at 01:59 AM ----------
krelvinaz said:
I have Cerberus.. but it most likely will be useless... unless it is taken like at work where I already have Wi-Fi setup on it, it will never be able to phone home and the pattern lock will prevent the new owner from setting up a new access point without having to wipe the unit anyway because it will get locked out.
A phone is a different beast altogether.
Sent from my Nexus 7
Click to expand...
Click to collapse
Actually you can flash cerebrus and even if they wipe it will still be there.
Sent from my HTC One X using xda premium
Danny80y said:
What is the point... besides a password how would a tracking app help. They will just wipe the tab anyway doesn't even need to be booted. If it's password protected its not going to connect to unknown networks anyway. So either way you look at it you lose it its gone. If you left it open counting on them to connect it good luck...lol if they are smart enough to steal it I'm pretty sure they understand how to do a factory reset.
Click to expand...
Click to collapse
Passwords aren't going to get your tablet back. IMO, the biggest risk of losing a tablet is accidently leaving it someplace. I have a business card taped to the protective case of my Nexus and have the app "Android Lost" installed. If my tablet is found by an honest person, then they will call the number on the business card and all is well. If it is found by someone not so honest, the odds of them being sophisticated enough to know how to "wipe the tab" are slim to none. It is more likely that if they are stopped by a passwork, they'll just ditch the tab in the trash or try to "get a reward" by calling me. Without a password, they'll probably at least use it long enough to run down the battery. In that case I at least have a chance of locating it via "Android Lost".
edit: If I were a student, using my tablet "on campus" everyday, I might reconsider the risk. The "campus environment" probably is more conducive to actually having a tablet stolen.
RC196 said:
Not with cerebrus.
Sent from my HTC One X using xda premium
---------- Post added at 02:01 AM ---------- Previous post was at 01:59 AM ----------
Actually you can flash cerebrus and even if they wipe it will still be there.
Click to expand...
Click to collapse
Even if that were true, so what?
You are missing the point.
Okay. I'm at a conference and and look away and someone grabs my Nexus 7. I was using WiFi via my phone since I never use WiFi from unsecure sources. They run away and hours later turn it on. Password is required. They don't know it and after X number attempts the tablet is now locked.
The tablet is not going to connect to any WiFi near them because it is setup to not allow unsecure WiFi connections.
How is cerebrus going to help me find my Tablet ??? It won't, it can't. If they can't use the Tablet (its locked out now right), it doesn't matter if Cerebrus is on it or not.
On a device with 3G, We are talking about something totally different. and I use Android Lost for that. Works great and I know a couple people who found their phones with it, including one that didn't even have it installed when it was "acquired".... they had it installed via the play store and then took control of the device.
The tablet without 3G is not the same beast as it requires working WiFi to do anything. Can't phone home or do anything without it.
The best protection is my data and backing it up OFF the tablet on a regular basis so that if I break my tablet or it gets stolen, I can quickly rebuild a new one with my apps and data in a short time period.
Here is my idea:
I wanted to order a pair of Raspberry Pis to offload some work from my main laptop, like downloading torrents, streaming music and more.
My HD2 became useless after I got Nexus 4, so all the time it was resting on the shelf. I thought - damn, it would be nice to make a use of it without actually using it.
So I am going to install debian lenny on HD2. (tonight)
It will be visible to the network over wifi (preferably usbnet), and with a hard drive attached over the network.
It will run transmission, nginx with php, teamspeak and airtime server.
I think this is brilliant and f'ing genious
Had anyone done this before?
P.S. There will be no luck with teamspeak and airtime - they ain't compiled for arm... sad.
Sent from my Nexus 4 using xda app-developers app
I normally use my phone for online banking, but it is not rooted. Do people bank online with a rooted phone or a phone with a custom ROM? If so is it safe?
It's got nothing to do with being rooted or custom ROMS.
The issue is if you have malware from dodgy websites or apps.
Sent from my GT-I9505 using XDA Premium HD app
Obagleyfreer said:
It's got nothing to do with being rooted or custom ROMS.
The issue is if you have malware from dodgy websites or apps.
Sent from my GT-I9505 using XDA Premium HD app
Click to expand...
Click to collapse
Yep, agreed! It's safe as long as you take precautions. If you will use an app to access your account, always use official apps from your bank. Keyboard apps have the potential to include keylogging, so be weary of that, and use well known keyboards and never, ever use a pirated keyboard.
As with any platform, the more popularity it gains, the more targeted it becomes by criminals. Based on a report (Feb 2013) from an independent IT security institute (AV-Test), the amount of malware threatening android systems at the time of that report was over 185,000, so the risk is there. I would recommend using an anti virus if you do plan on doing regular banking as the bulk of the malware comes in the form of applications whether it be via Google Play Store or other sources for your applications.
AV-Test carry out a monthly round-up of AVs available for android, if you haven't already got hold of one, this can help you make your decision as to which one to use! Some offer protection not just versus malware but phising websites as well, so they may be more suited to regular banking on the phone.
I cannot yet post links but if you search for "av-test android" on google, it should point you in the correct direction.
Good luck!
Oh...banks, I thought that said something else
There's so many anti virus apps I don't know which one to use, and they are battery hogs. I've always thought that custom ROMs had less security because the developer could secretly tweak or add something.
The biggest risk is physically losing the phone.
The banking app has you login data, even if its encrypted or password protected. Its there. Someone who has hands on your phone can get that information. And if you dont have that banking app password protected anyone who picks up you phone has access to your accounts instantly.
That is the biggest risk.
Sent from my SGH-M919 using xda app-developers app
Jason2k13 said:
There's so many anti virus apps I don't know which one to use, and they are battery hogs. I've always thought that custom ROMs had less security because the developer could secretly tweak or add something.
Click to expand...
Click to collapse
Of course the potential for backdoors is there, however, XDA is quite a good resource of recognised and reputable developers. If you wish to use a custom rom and it's open source, you could even compiled it yourself.
As for stock roms, even here a risk exists. Carrier IQ was quite a controversial topic back in 2011, towards the end of the year. This was installed by default on a lot of mobile devices by carriers, to collect data for the carriers. Investigations showed that it was even logging keystrokes.
Skipjacks said:
The biggest risk is physically losing the phone.
The banking app has you login data, even if its encrypted or password protected. Its there. Someone who has hands on your phone can get that information. And if you dont have that banking app password protected anyone who picks up you phone has access to your accounts instantly.
That is the biggest risk.
Sent from my SGH-M919 using xda app-developers app
Click to expand...
Click to collapse
Yeah this risk exists without a doubt, the best steps you can take is ensure use of security lock for your phone, remote wipe functions as well as reporting the lost phone so your provider can take the necessary measures to disable the network or block the IMEI.
All in all, I think mobile banking is fairly safe, but it's a choice you make at the end of the day. You just need to be aware of the risks. Use official apps only, and keep it updated. Be careful of your surroundings when using in public. Do not use mobile banking on public or unsecured WiFi networks. If you use a password, ensure it is strong. Disable bluetooth when banking. Be weary of phising websites. Keep track of your device, like you would your wallet. If you are rooted, always check permissions requested by apps.
As for anti-viruses, I use Avast myself, and find it has little impact on the battery and has decent protection (Close to 100% detection rate on the last AV-test analysis), and it's free! It also has remote wipe/lock functions, and a firewall usable if you are rooted. But as I mentioned earlier, you can browse through their website and anything with a full usability score shouldn't have too much impact on battery. I would not consider banking without an AV.
I saw all the other threads about how everyone says that it doesn't store our ccs or passwords but how are we 100% sure?
I take precaution with everything I do on my phone since everything nowadays is so easily stolen. I know its the top app in the play store but still.
Is there anyway to take more precautions?
I downloaded DroidWall to stop this app from accessing the internet over 3g or wifi. Is there anything else I could do? For all we know the company stored our info and then sells the company to someone else and that other person uses our stuff in bad ways.
Blocking it from the Internet should do the trick. Your best bet is to decompile the APK and see exactly what it does. I'm sure somebody has done that already though.
Sent from my Nexus 7 using XDA Premium 4 mobile app
I just wanna be safe as possible.
But keeping it from internet should work perfect right?
honeyp0t said:
I just wanna be safe as possible.
But keeping it from internet should work perfect right?
Click to expand...
Click to collapse
If the internet access is blocked your informations will not be shared.