What is SE Android? - Galaxy S 4 Q&A, Help & Troubleshooting

Custom ROM is failure, the cause of failure is very simple, because there is no consideration to the Se.Android, the method including the use of the packaging system is wrong, because the device can not use Odin, want more friends to know about it!
http://selinuxproject.org/page/SEAndroid

Mod edit: Deleted quote removed
i believe this is a security feature for android. to prevent spam and other thing like that.

security enhanced for who ?
artojeda1988 said:
Mod edit: Deleted quote removed
i believe this is a security feature for android. to prevent spam and other thing like that.
Click to expand...
Click to collapse
Oh really, I doubt that, unless you define security for who. Like, NSA make an app for android to help us fight spam ? Think again, what app would N.S.A. make for us ? You can find and remove the app using other apps, like android tuner, android assistant, battery monitor widget, and others.
Whatever you think it is, take a look at SEAndroid's permissions. Then compare that to any super-user app you have/use. SEAndroid has ALL permissions. Still, the app doesnt 'exist' in app store, app lists, and the likes. No choice to install nor uninstall it ?
I removed it, and among several results, the sms messaging is faulty now. So much for security feature.
Even as security feature has two sides <to be seen from>. What do you think ? There's apparently tons of threads on this subject inhere under a spread of various mobiles, but like this one there aren't always much to gain. Frankly, I don't GET the OP's point in posting this thread..seems it starts off with rhetorical question, then the actual post:
'custom ROM is failure' . uhm ok - what ? ... 'there is no consideration to se.android' uhm ok..what ?? i could go on by every sentence following. 'wrong packaging' , 'device cannot use odin' etc etc The OP is just too strange for me. Sure, I don't get all the jargon maybe, not.
and the the link. Can someoone tell me the point of the OP ?
artojeda> I don't even consider it a security feature, and it doesn't prevent spam IMO. Why is it a feature, when is has no settings ? A feature has settings, right ? This SEAndroid has no settings, it is not appearing under apps, and it does not seem to be able to be installed (or uninstalled) through the app market. I hides undercover in the memory/cache and dumping it, makes it re-load again. With a rooted phone, it consistently comes up with a grey triangle notification message saying this
'Detect Information. The device has detected and application attempting unpermitted actions. To protect your device, it is recommended you reboot.'
OK some questions one by one: WHY..
00) WHY is it called security app ? is it a 'NSA Security app' for android or is it a 'security app' from NSA, what's the difference ? DOes it secure NSA or does it secure YOU?
0) WHY does this app(seandroid> not identify itself in the message, or the notification message header ? Pressing the notification does nothing.
1) WHY is this 'app' referring to the device in question as 'device' ? It KNOWS what device the device-in-use it is, and anyway, it is the-app-in-question (seandroid) that has detected anything, not 'the device'. the app-in-question is not mentioned anywhere, there is just a grey triangle, and that crap for information.
2) WHY does the app (seandroid) not mention WHICH app that has <apparently> attempted unpermitted actions ? The app-in-question KNOWS this, or at least have an idea, but it doesn't let you know. With hundreds of apps installed it could be any app, even seandroid
3) WHY does the app-in-question not tell you details on what the actual actions are/were, regarding the <apparently> 'attempting unpermitted actions' ? It KNOWS or has an idea of this, but does not let you know.
4) WHY, or why, is there no settings ? The app (seandroid) claims the <unknown> actions are 'unpermitted'. Well, if so, what permits and unpermits these actions, who decides what ?? With no setting, no knowledge, and no information of what app does what actions, and what is unpermitted about it, what is one to judge hereof ?? Just trust seandroid on, like "Something's not right, somebuddy screwed up something somewhere, and better sleep on it, and start all over" ?
5) Why does it tell you to protect your device ? 'To protect your device' is subtle, as there is hardly any idea of what is the invasive / corrupt application or whatever it is - nor whatever thread it poses to the 'device'. Anyhow the advice for a cure of the disease is just as wicked
6) WHY does it recommend a reboot for 'protection' ? a Re-start of phone, hot or not, would just repeat the cycle, bring up the notification message soon enough, advicing you to reboot again. Eventually if you open whatever app caused the triangle to pop up.
since all software and hardware are manmade, human analogies are often quite in place. the NSA app was naggin me, cos i had rooted phone. Therefore I removed it. Then OTHER apps are naggin me or slowing down much. Now, the texting doesn't work, they aren't getting sent. As intuitive android can ever get, there is this blue waving ring for waiting, like something's actually going on.. but no. it keeps like that forever. Call it broken handshaking or whatever.
If you ask me, that's just proof it's a stupid backdoor program, it has ALL permissions, and since the texting doesnt work without seandroid, it obviously have a say regarding the outgoing text messages.

Thread Cleaned
Please stay on topic.

Aerobotix said:
Oh really, I doubt that, unless you define security for who. Like, NSA make an app for android to help us fight spam ? Think again, what app would N.S.A. make for us ? You can find and remove the app using other apps, like android tuner, android assistant, battery monitor widget, and others.
Whatever you think it is, take a look at SEAndroid's permissions. Then compare that to any super-user app you have/use. SEAndroid has ALL permissions. Still, the app doesnt 'exist' in app store, app lists, and the likes. No choice to install nor uninstall it ?
I removed it, and among several results, the sms messaging is faulty now. So much for security feature.
Even as security feature has two sides <to be seen from>. What do you think ? There's apparently tons of threads on this subject inhere under a spread of various mobiles, but like this one there aren't always much to gain. Frankly, I don't GET the OP's point in posting this thread..seems it starts off with rhetorical question, then the actual post:
'custom ROM is failure' . uhm ok - what ? ... 'there is no consideration to se.android' uhm ok..what ?? i could go on by every sentence following. 'wrong packaging' , 'device cannot use odin' etc etc The OP is just too strange for me. Sure, I don't get all the jargon maybe, not.
and the the link. Can someoone tell me the point of the OP ?
artojeda> I don't even consider it a security feature, and it doesn't prevent spam IMO. Why is it a feature, when is has no settings ? A feature has settings, right ? This SEAndroid has no settings, it is not appearing under apps, and it does not seem to be able to be installed (or uninstalled) through the app market. I hides undercover in the memory/cache and dumping it, makes it re-load again. With a rooted phone, it consistently comes up with a grey triangle notification message saying this
'Detect Information. The device has detected and application attempting unpermitted actions. To protect your device, it is recommended you reboot.'
OK some questions one by one: WHY..
00) WHY is it called security app ? is it a 'NSA Security app' for android or is it a 'security app' from NSA, what's the difference ? DOes it secure NSA or does it secure YOU?
0) WHY does this app(seandroid> not identify itself in the message, or the notification message header ? Pressing the notification does nothing.
1) WHY is this 'app' referring to the device in question as 'device' ? It KNOWS what device the device-in-use it is, and anyway, it is the-app-in-question (seandroid) that has detected anything, not 'the device'. the app-in-question is not mentioned anywhere, there is just a grey triangle, and that crap for information.
2) WHY does the app (seandroid) not mention WHICH app that has <apparently> attempted unpermitted actions ? The app-in-question KNOWS this, or at least have an idea, but it doesn't let you know. With hundreds of apps installed it could be any app, even seandroid
3) WHY does the app-in-question not tell you details on what the actual actions are/were, regarding the <apparently> 'attempting unpermitted actions' ? It KNOWS or has an idea of this, but does not let you know.
4) WHY, or why, is there no settings ? The app (seandroid) claims the <unknown> actions are 'unpermitted'. Well, if so, what permits and unpermits these actions, who decides what ?? With no setting, no knowledge, and no information of what app does what actions, and what is unpermitted about it, what is one to judge hereof ?? Just trust seandroid on, like "Something's not right, somebuddy screwed up something somewhere, and better sleep on it, and start all over" ?
5) Why does it tell you to protect your device ? 'To protect your device' is subtle, as there is hardly any idea of what is the invasive / corrupt application or whatever it is - nor whatever thread it poses to the 'device'. Anyhow the advice for a cure of the disease is just as wicked
6) WHY does it recommend a reboot for 'protection' ? a Re-start of phone, hot or not, would just repeat the cycle, bring up the notification message soon enough, advicing you to reboot again. Eventually if you open whatever app caused the triangle to pop up.
since all software and hardware are manmade, human analogies are often quite in place. the NSA app was naggin me, cos i had rooted phone. Therefore I removed it. Then OTHER apps are naggin me or slowing down much. Now, the texting doesn't work, they aren't getting sent. As intuitive android can ever get, there is this blue waving ring for waiting, like something's actually going on.. but no. it keeps like that forever. Call it broken handshaking or whatever.
If you ask me, that's just proof it's a stupid backdoor program, it has ALL permissions, and since the texting doesnt work without seandroid, it obviously have a say regarding the outgoing text messages.
Click to expand...
Click to collapse
This thread has apparently been seriously cleaned up and I guess much of the discussion here is lost, but I wanted to point out a few things. My apologies if this is completely unrelated to whatever was being discussed here.
SEAndroid is not an app. Its a port of most of the SELinux (also developed mainly by NSA) mechanisms to Android. Keep in mind that SELinux comes by default with Fedora and quite a few other distros and is a very popular security enhancement to Linux based systems. If you are referring to the SEAdmin app that is bundled with SEAndroid (both of which are 100% open source), the app is simply gives you control over which SELinux components and mechanisms along with the MAC enforcement, you want to enforce.
SEAndroid is completely open source, and no one has been able to find any kind of suspicious looking code in there. Of course the modifications and additions that SEAndroid brings with it runs deep. Same with SELinux. This is obviously necessary to provide mandatory access control (MAC) to an operating system which is DAC based.

Related

Pragmatic Guide to (Positively) Influencing the Market

Based on my experience thus far with my HTC Desire HD, and feedback from friends and reddit/r/android I've been writing up an overview of pragmatic tips, tricks, and "best practices" to keep your Android happy.
So, I present my Pragmatic Tips to a Healthier Android. Or rather, I would, but seems I need 8 posts first. So I present some of the tips. Hope the are useful to someone.
I'm VERY interested in feedback (corrections) via the members of this forum, if any group of people would be able to correct my errors it would likely be xda-developers, but without my post, not sure I'll get much.
This part of the tips is on managing apps and giving proper app feedback.
Apps Badly Behaving
regularly check the "running apps" screen
if there are apps there you haven't launched since reboot, make a serious judgement call as to whether you need that app or not. check all the options for that app, seeing if you can disable features that might be triggering the "run in background"-ness, if you've disabled all features, and the app isn't a "it needs to do this" (i.e. handsent sms and the like) app, uninstall the bastard. It's poorly written to behave like that, so post a comment on their rating to the effect of "stop running background apps unnecessarily" and "one star" it (if you're as mean as me
apps that stay in the notification bar, and stay listed as "ongoing" (I'm looking at you third party media apps) even when they are not actively doing anything, are behaving badly. Give them the honour of a 1 star rating and a comment as to their offense (if they fix it consider fixing your rating), such as "If you're not 'active' don't stay active, biatch, 1 star till fixed, uninstalled"
Well Intentioned Apps
(AFAIK) androids "intents" and the like should make it unnecessary for apps to "launch" with the OS, or constantly stay active
by this I do NOT mean they just stay resident, that's a good thing, that's Android doing it's "i'm your OS dammit let me manage your memory" thing
Refusing to Quit (Properly)
some apps, usually without good reason, have a quit button. These apps will remain (the Android definition of) active unless you push quit from within the app, (usually) irrespective of how you exit the app
this is similar to the "apps written badly" rant, if they stay in the notification "ongoing" and aren't ongoing, uninstall the app and give the dev a piece of your mind
some apps don't quit when you push "back" and leave the app. This is against Android conventions, so again, give the dev feedback. (And learn how to quit it "it's" way. Or uninstall it, simpler!)
some apps don't quit when you leave them via the home key (see previous point)
some apps never quit. uninstall
Uninstall. Please uninstall?
Manners aren't going to help you here, and I'm not sure why this isn't better documented.
Some (eg. Widgetsoid, F-Secure Mobile Security) apps don't uninstall when you think they should.
This is (in my experience) because you've at some point given those apps "administrative" privilages.
Having these privalges somehow enables them to prevent their own uninstallation (or something along those lines).
For both the aformentioned apps, go into your settings -> security (or locations, YMMV) and find something like "adminstrators allowed" or something. You'll find your apps listed there. Uncheck them, and then you can uninstall them!
Huzzah! No more annoying uninstallable background processes, even if they are neato apps, uninstall should "just work" or at least be warned (and NO widgestoid developer I don't think that the last line of your lengthy readme which points uninstall issues to the FAQ is "obvious enough" as how to uninstall you properly).
good one
+1
useful guide.
+ 1 thanks for you.

[Q] Virus or Android now Untamed?

Hello Good People of XDA
I have been a i9506 owner for quite long, had a 9100 before,
I am used to root and mess with apps to customize things to my wim,
at the best of my knowledge (I lack android programming skills, but I can do things with terminal and filesystems).
All that before to say I am not totally a noob, but my lack of technical knowledge might bite me there.
System wise, I am under 4.2.2, rooted, unknow sources are not allowed, system check for apps is allowed,
I have an antivirus (more than one, but only one works each day, just to be sure I don't miss things)...
My problem is that I recently found out that some apps, actually system apps, blocked
with Titanium backup, or with gemini app manager, or app quarantine,
were actually running anyway.
They are marked as blocked in my app manager, but can still be force closed,
and they appear in battery displays (most of these under the android system block, in the list of services/apps used),
and in process running when using Ccleaner apps.
Also, my battery display show GPS is activated, while when I go into options, all boxes are off or unticked.
I thus wonder what's happening?
How is it possible to have these schrödinger apps tamed and blocked like I want them.
I want these to shut down and only work when I DO ALLOW these, for them not to suck my battery or do unauthorized chores like tracking me when I don't want.
How is it possible that they even behave like that? In i9100, I never observed that in Android 4.0.
I wonder if Google didn't change the workings for making us unable to disactivate what we don't want to work, which was pissing them off.
They already change the permissions displays in the market so permissions as intrusive as "contacts/sms message/USB stockage" are considered "not relevant/important",
while they are depending on the announced display of the app.
But I don't want to go on the "conspiracy route" (I am not like that, I am a pragmatist and I just observe facts, like these apps, with sensitive access, not being able to be deactivated), so let's focus on the technical part:
such apps were Maps, Samsung sync adapters, NFC service , Google Agenda/Contact synchronisation, sysscope, context provider, etc.
That's a lots of things that are supposed to communicate to cloud or other devices, with feels lot like a gaping flaw in the armor...
I want a phone and a tool, not something that track me or put me at risk of being stolen by somebody with technical knowledge.
Am I alone?
Thanks for any insights.
Blocked apps still working
I don't know if my title was too unclear, so I would like to change the title but am unable to do so?
Is it please possible for a moderator to do it (with the title of this post)?
Thanks by advance.
I feel like it is a true problem not being able to block some apps,
or even more, to believe they are blocked while they perfectly perform in the background,
and display activity only in secondary reports, not under their respective "buttons"/information tabs.
I wonder abourt the technical reason to such behavior.
Then delete those apps or block some of the permissions with an app (eg Privacyguard).
It's my opinion that an antivirus app (at the moment) is a waste of resources. Just think before you install something. Also if you are worried about security, you should always run the latest version of Android. 4.2.2 is an old version.
Lennyz1988 said:
Then delete those apps or block some of the permissions with an app (eg Privacyguard).
It's my opinion that an antivirus app (at the moment) is a waste of resources. Just think before you install something. Also if you are worried about security, you should always run the latest version of Android. 4.2.2 is an old version.
Click to expand...
Click to collapse
Thanks for your answer.
Well I don't want to delete system app when they might be useful at time.
I just want them to behave correctly, that is, not work when they are blocked.
That is not a solution to say "uninstall this", while the true problem is Android general behavior here.
I didn't installed system apps, they came with the thing, and all of them are not bloatware.
"NFC service" is something I want to keep for when I am ready to use it,
but I don't want to let it free and unleashed because of the opening it leaves on my phone.
Same goes for bluetooth, synced backups and so on.
I don't want backups on the cloud, so I deactivated the options, and blocked the apps.
Why are they running? It is not normal!
And my old version is maybe not secure, but actually trying 4.3 hasn't changed anything,
and I only suspect this to be some "new feature".
The antivirus is a waste for scans, I agree, still it has useful firewall features that justifies in itself its uses.

Hacks? Word Arounds? Black Magic?

Hey all,
So, I was issued an S5 for work (on Big Red), and I had a couple of questions and needed some...expert...advice...
My company nerfed the phone pretty bad. They disabled almost all of the pre-installed apps (Amazon, Gmail, Flipboard). They also use a whitelist to only allow certain apps to be installed. Everything else installs, then is immediately uninstalled "by IT policy". For a while, I figured out how to delete the admin policies and install whatever I wanted (we use Knox for enterprise stuff, and I don't mess with that; just the "personal" side, which isn't so personal anymore). Some of the apps they let you install are silly (Candy Crush? Really?) but I can't install Timley or something useful.
Is there a way to Trojan horse an app? It seems that the policy checks the app against the white list and lets it install if it's cool, removes it if it isn't. Can I somehow rename and sideload an app to one on the list? I don't want to hack the phone, per se, just use it (Flipboard can't be installed, but CNN, NBC News, USA Today, etc all can). Or is the admin policy too advanced on Android now?
Thanks in advance...
ret4425 said:
Hey all,
So, I was issued an S5 for work (on Big Red), and I had a couple of questions and needed some...expert...advice...
My company nerfed the phone pretty bad. They disabled almost all of the pre-installed apps (Amazon, Gmail, Flipboard). They also use a whitelist to only allow certain apps to be installed. Everything else installs, then is immediately uninstalled "by IT policy". For a while, I figured out how to delete the admin policies and install whatever I wanted (we use Knox for enterprise stuff, and I don't mess with that; just the "personal" side, which isn't so personal anymore). Some of the apps they let you install are silly (Candy Crush? Really?) but I can't install Timley or something useful.
Is there a way to Trojan horse an app? It seems that the policy checks the app against the white list and lets it install if it's cool, removes it if it isn't. Can I somehow rename and sideload an app to one on the list? I don't want to hack the phone, per se, just use it (Flipboard can't be installed, but CNN, NBC News, USA Today, etc all can). Or is the admin policy too advanced on Android now?
Thanks in advance...
Click to expand...
Click to collapse
If Timley (did you mean Timely?) is a useful app and helps with your job to boot then I would suggest that you try talking to someone in the IT department about having it added to the whitelist. I would expect that any company which goes to this lengths to keep your phone secure will have the phone verify the md5 checksums of certain files. The Apps won't be added instantly to the whitelist, but after the IT department has had time to verify that the app is secure then they will probably add it.
Kaliaila said:
If Timley (did you mean Timely?) is a useful app and helps with your job to boot then I would suggest that you try talking to someone in the IT department about having it added to the whitelist. I would expect that any company which goes to this lengths to keep your phone secure will have the phone verify the md5 checksums of certain files. The Apps won't be added instantly to the whitelist, but after the IT department has had time to verify that the app is secure then they will probably add it.
Click to expand...
Click to collapse
Damn the md5. Damn them to Hell...
If only my IT department were so benevolent.

Some serious questions about the P4 and LOS

Hello,
please excuse me if some of the following statements seem a bit strange or even offensive. But be assured: there's no offense meant! I've been using the P4 for some days now and I there are just a few things I really don't understand and I'd be thankful if someone could explain them to me. Some questions might sound silly, but please forgive me, I am not an expert, neither on Android, nor on the hardware!
1.
To be able to install LOS at all, the bootloader had to be unlocked. What about afterwards: could the BL be closed again, to get rid of that nasty message at startup, warning about data integrity?
2.
I really miss the notification LED from previous phones I used to own. The elders of the universe might know why Google decided not to include a simple and cheap LED in their latest models, but it is beyond me. I know that there's this feature called "always on display", showing the clock, the battery status and notifications about messages and stuff. But that feature surely uses more power than a simple LED. And the information on the screen doesn't seem to move, so I fear that this will damage the screen on the long run. So, my questions about this feature are:
a) Shouldn't the information on this screen at least be moved from time to time to prevent screen damage?
b) Shouldn't there be an option to show this information only when the device is not inside a pocket? Showing these notifications inside a pocket or a bag doesn't make much sense, does it?
3.
There's an option "tap to activate". That is a nice feature, but I'd very much prefer this to be "double tap to activate" (optional), because a double tap is much more unlikely to happen than a simple touch. It is nearly impossible to get the phone out of a car mount or a pocket without accidentally touching the screen, thus activating the phone. One might say that this is not a big deal, but I would say that this unnecessary activation will waste unnecessary battery power.
4.
Google play store forces me to install a lot of apps that are said to be of great importance and that I can neither deselect nor remove from my P4, and that I have never seen on my previous phones running LOS:
- carrier service
- device personalization service
- exchange service
- pixel ambient services
- accessibility tools
- (the app) google
Why am I told I need these apps on my LOS driven phone? Why can't I deselect them?
When I choose LOS to be the operating system on my phone for the first time, I did this because I wanted to avoid Google as much as possible. Most of all, I don't want Google to collect all my data, I don't want them to be able to autofill any credentials or other information, I don't want them to have access to my bank account via Google Pay. Frankly, those ideas scare me! The Play Store is the only GAPP I would like to have on my phone, in order to be able to buy other apps. But, for example: what is "carrier service" needed for? Of course I do have a vage idea about what it is needed for, but why wasn't I forced to install it on my previous phones? Why is it coming as a separate app now? Are the developers not allowed to include it in LOS any longer? Did Google change the rules (again)?
What about the other apps?
I simply don't understand the need for these apps to be forced onto phone that I would like to have de-googled. Is it some dependencies of the MindTheGapps package, that OpenGapps, which I used to install on previous phones, did not have?
If so, would the need for these apps vanish if I reinstalled LOS and use OpenGapps instead of MTG?
Thanks in advance for any hints, help and explaining!

Needing help with my cheap A03s

Couldn't find that one listened anywhere here specifically. I'm pretty sure my phones compromised but I'll probably just get people telling me I'm being paranoid. Just notice a lot of weird stuff going on.
I'll give some examples, but it would be cool if someone else here has an A03s and could give me a full list of the system apps to know for sure if mine has some extra ones that aren't truly factory. Because I've restore it several times and they don't go away.
Like under the apps screen under the basic ones I got apps like Android auto, webview, configapk, customization service, and something called data restore tool, device health services, group sharing, meet, nearby device sharing, quick sharing, quick share, settings..etc. which to my knowledge are pretty normal apps to see on phones right? But I seem unable to control them, if I disable them and go back and check later they mysteriously reenabled again, or after that the permissions lists will be greyed out not being able to do anything. Also there is a app called "permissions controller", as well as ones called "apps", "apps update", "tools", "app recommendations", "settings recommendations"..etc. is that normal? I never noticed that with my old samsung. They are really small file size apps with pretty generic looking icons and they don't let me disable them.
What gets more weird to me though is when I enable the system apps too. I see all kinds of suspicious looking ****.
Like for the android setup, and android system apps there are two of each, and the other two have generic looking icons, also got stuff like configuration restore, audio mirroring, auto hotspot, automation test, bluetooth/bluetooth midi service, call & text on other devices, callbgprovider, camera extensions proxy, carrier login engine, sim tool kit, cell broadcast services, clipboardsaveservice, cmh provider, companion device manager (where I have no idea where my "companion is or how to control it so I must be the one being controlled?", configupdater, csc, dcktimesyncapplication, dynamic system updates, ipservice, enterprise sim pin service, external storage, like 10 different gestural navigation bars, group sharing, iaft, ims service, settings, and logging, input devices, iothiddenmenu, keycustomizationinfobnr, launcher, locale overlay manager, service mode and service mode ril, media and devices, mdmapp, vpndialogs, mmigroup,mmsservice, mobilewips, mtp host, nearby device scanning (2 instances), network diagnostic, nsdswebapp, one handed mode, osulogin, package installer, an app called "people", private share, proxy handler, quick share agent, samsung core services? (is that a real app even? I can disable it but who wants to disable "core" system apps, so touche there if it is a program deployed by a hacker on their app naming skills lol, smart switch agent, 2 instances of software update, system connectivity resources, system uwb/wifi resources, an app called "tasks", tethering, tethering provision and tethering automation, tfstatus/tffunlock always running when I never access them, usbsettings, and theres one called wallpaper services/wallpaper and style that looks really generic which is confusing because I assumed the samsung theme manager just handled all that stuff in one? We also got wearable manager installer running, and sometimes wificalling and wifi direct or work setup will be running when I don't have any of those configured.
Sorry for the huge block of text, I'm sure I missed a bunch i missed because there's some that don't show even when you tap "show system apps", like the skms agent as one example, so got a few general questions for you, so for the file/download system I got a bunch of default apps. There's two different files apps, there's a download manager and download app, and also a storage manager, and ALSO a app called the external storage that always wants to be running but can you explain that if I have no external storage? Is the built in storage space on the a03 called external storage? I even have my drive apps and stuff disabled.
Another things that's suspicious to me is secmediastorage, secvideoengineservice, secsoundpicker, secureelementapplication, media and devices + ext storage. Like why should there be a SECOND video or audio engine running when I'm old school and don't even use cast programs/features or anything like that? In fact it's usually one of the first things I just go ahead and try disable.
I noticed a lot of weird things going on with the display though too, looking really sharp then suddenly almost looking like there's two layers of gui not exactly lined up, like off by a pixels making things look blurrier. Like the one ui home is the default factory launcher right? So why does my phone also have a app called "launcher", plus another hidden launcher or something running in the background? I can't remember the name of it offhand, something GUI..
And I understand the concept of android have a permission controller, and "core apps" but are there actually apps under the system apps named that lol? "permission controller", "samsung core apps" one called "device services"...
also is service mode suppose to be running in the background? I googled into it and know it's a genuine service, but I really don't understand why a lot of these apps are stopping and running or renabling themselves.. It's like I have zero control over my own phone and if I'm just paranoid and they are meant to be just seems like a waste of complete waste of ram/data to me.
****, I was just sitting here thinking for like a few minutes about to post and almost forgot the most suspicious ones I've noticed in last few days. all the "com." overlay apps. I guess I really saw the word "overlay" as something you should be suspicious about until the vpn I recently bought had a feature that is suppose to block web browser based overlays. Then I noticed that MOST of my com. apps are all overlay apps! Lol, ranging from google/samsung to mediatek.
I won't post all of them because there's probably 20 at least but here's a few.
com.mediatek.frameworkresoverlay
com.mediatek.settingsproviderresoverlay
com.mediatek.systemuiresoverlay
com.samsung.android.networkstaack.tethering.overlay
com.samsung.android.smartswitchassistant
com.samsung.android.wifi.p2paware.resources
com.sec.android.app.camerasaver and a camera.app.cameraapp one (camera always running in background even if background and battery saver with restricted settings enabled)
com.google.android.ondevicepersonalization.services (I never used any personalization service or see a personalization app for that matter)
com.google.android.networkstack.tethering.overlay
and there's a bunch of com.google.android.overlay.gmsconfig ones /common geotz/ gsa/ photos/
com.google.android.overlay.modules.captiveportallogin.forframework
plus a overlay broadcastreceiver, ext.services, documentsui, permissioncontroller, and sdksandbox one.. tetheringresoverlay, wcmurlsnetworkstackoverlay, locale overlay manager..etc.
Also I get my service through straight talk which I think uses verizon and I noticed when I go to connections/mobile networks and network operators and uncheck the box "select automatically" that for some reason it only wants to connect to a network operator called "Home". I just thought that was kind of a weird and generic name for a network operator. I tried to use a android hidden settings app to change that because it was blocked out and thought I messed up my phone because I no longer had data and couldn't access the menu through the app anymore, but luckily a reformat fixed it but I'm still dealing with all this crap haha.
Can someone tell me I'm not crazy and there's definitely someone that is accessing and controlling my phone without my permission and what would be the best way to go about dealing with this?
Thanks.
First things fist: Here on XDA we expect you to follow the Forum Rules:
2.5 All members are expected to read and adhere to the XDA rules.
Click to expand...
Click to collapse
If you haven't done that yet, click the link in my signature and do it now.
One of the rules you'll notice is this one:
5. Create a thread topic or post a message only once, this includes external links & streaming media.
As a large forum, we don't need unnecessary clutter. You're free to edit your message as you like, so if you do not receive an answer, revisit your message and see if you can describe your problem better. Not everyone is online at the same time so it might take a while before you receive an answer.
You can bump your unanswered question once every 24 hours
Duplicate threads and posts will be removed
Always post in an existing thread if a topic already exists, before creating a new thread.
Use our search function to find the best forum for your device.
Click to expand...
Click to collapse
You've copied this post at least once. We'll be removing the duplicate.
Now on to your question...
It is my opinion that the problem may not be with what you are observing, but with your assumptions. In the duplicate thread, you assume two possibilities:
You're being hacked
Your paranoia is justified
Have you thought there may be a third or even fourth option? Such as, maybe you don't understand that much about Android, you don't recognize what you see, you're assuming it's malicious, which combined with your own confirmation bias, has led you to the conclusion that foul play is afoot?
Nothing you have described sounds in any way abnormal. You have a Samsung device running OneUI (Samsung's framework overlaid on top of Android) that is powered by a Mediatek chipset. Everything you describe sounds completely normal to me, with over 10 years of experience in Android, most of that with Samsung devices.
My conclusion, to be frank: You are not being hacked, and your paranoia is unfounded.
OP your post gave me a headache trying to read it.
So...
Have it reflash to the stock firmware if you really think it's behaving erratically and a factory reset doesn't work. Change Google password and all others.
Then be careful what you install.
Don't put in foreign thumb drives or let others use it.

Categories

Resources