Related
Just a general warning to those who seek out APK's on the internet.
I've noticed an increasing number of people posting APK links on XDA-developers using 3rd party hosting such as multi-upload instead of the official developers websites. This is a potential security risk to your own phone, because Android code CAN be decompiled, and dodgy code can be added before re-uploading. You at a greater risk of downloading compromised APK's if you download them from an untrusted party.
Many of these APK's seem to be hosted officially by the developers already, so please link directly to the developers OWN servers when possible, and those who use their phone for business or store sensitive data on it, should avoid using APK's from sources which weren't set up by the original developers.
andrewluecke said:
Just a general warning to those who seek out APK's on the internet.
I've noticed an increasing number of people posting APK links on XDA-developers using 3rd party hosting such as multi-upload instead of the official developers websites. This is a potential security risk to your own phone, because Android code CAN be decompiled, and dodgy code can be added before re-uploading. You at a greater risk of downloading compromised APK's if you download them from an untrusted party.
Many of these APK's seem to be hosted officially by the developers already, so please link directly to the developers OWN servers when possible, and those who use their phone for business or store sensitive data on it, should avoid using APK's from sources which weren't set up by the original developers.
Click to expand...
Click to collapse
First off: Who's to say the original developer can't put this so-called "dodgy code" in their own apks?
Secondly: The Android marketplace doesn't have any strict rules as to what someone can post, and the code isn't even checked. You have just as high a chance of getting this "dodgy code" from any app you download straight from the market.
Nobody. But it is a hell of a lot safer from a trusted first party, than being passed down a chain of untrusted people before it makes it's way to you. Especially since apk's don't seem to be digitally signed (I may be wrong).
I'm just concerned that you can post any APK you want here which have an official website, insert a trojan, and nobody would be none the wiser. I'd simply like to see a change in attitude.. If someone posts an unofficial link to an APK which is already available by developers, I'd like to see people stand up and point to the OFFICIAL website.
At the moment, people are actually ENCOURAGING bad security practices, and doing so makes XDA a target ripe for future attack. And I don't want to wake up to a forum of people *****ing about Samsung, for a problem caused because of a trojaned copy of Angry birds beta on XDA.
We should build awareness now for people to get files from the last link in the chain, rather than wait for someone to try it (which they probably will, and may have already done)
andrewluecke said:
Nobody. But it is a hell of a lot safer from a trusted first party, than being passed down a chain of untrusted people before it makes it's way to you. Especially since apk's don't seem to be digitally signed (I may be wrong).
I'm just concerned that you can post any APK you want here which have an official website, insert a trojan, and nobody would be none the wiser. I'd simply like to see a change in attitude.. If someone posts an unofficial link to an APK which is already available by developers, I'd like to see people stand up and point to the OFFICIAL website.
At the moment, people are actually ENCOURAGING bad security practices, and doing so makes XDA a target ripe for future attack. And I don't want to wake up to a forum of people *****ing about Samsung, for a problem caused because of a trojaned copy of Angry birds beta on XDA.
We should build awareness now for people to get files from the last link in the chain, rather than wait for someone to try it (which they probably will, and may have already done)
Click to expand...
Click to collapse
Are you familiar with modifying an APK? It is not nearly as easy as you make it seem. If the developer doesn't release the source code, it can't easily be functionally modified minus a few graphics and the like. Not to mention, this is how the iPhone jailbreak system works in regards to getting content. And has been going on with PC for years.
I really do not think it's something we have to worry about. Just install an anti-virus on your phone if you're worried.
1) Grab 7zip to decompress your apk package.
2) And yep, there are tools to decompile dex files too. Technically it seems to be more like disassembly, but can probably easily be modified to cause the app to ring russian phone sex numbers every 10 minutes without your consent, or do other nasty things. There are some security mechanisms in place, but that doesn't make them invincible.
You tell me, what is the advantage of encouraging reposting of APK's with already existing websites? Because it doesn't seem to have any advantages, but can have BAD security implications.
Good thing to raise awareness among users, but alas - most of them don't even bother to read the permissions requested by apps downloaded from the market.
There are actually quite few people that have an idea of what could happen if they had a rouge app on their phones. I recently tried to give a similar general warning in another forum that people should take care when flashing "beta" firmwares downloaded from some hosting site and not from the developer... You think most of them cared? Sadly they didn't...
There's nothing wrong with being a bit cautious and smart about the way we do things. I'll trust the app if I see the dev is in "the" community.
Sent from my GT-I9000M using XDA App
andrewluecke said:
1) Grab 7zip to decompress your apk package.
2) And yep, there are tools to decompile dex files too. Technically it seems to be more like disassembly, but can probably easily be modified to cause the app to ring russian phone sex numbers every 10 minutes without your consent, or do other nasty things. There are some security mechanisms in place, but that doesn't make them invincible.
You tell me, what is the advantage of encouraging reposting of APK's with already existing websites? Because it doesn't seem to have any advantages, but can have BAD security implications.
Click to expand...
Click to collapse
So, obviously you've never tried to actually edit one of those XML files within it. try that and get back to me.
APK's are not open source and cannot be decompiled and edited. The only way for what you are suggesting can happen, to happen, is if the APK in question had its sources released so someone else could release an edited version of the program, made from scratch, in java.
"can probably" is not very sure. The chances of someone posting a completely separate app with the name of a well known app is much more likely than someone editing an existing app (assuming the sources were available).
If you have no clue about android apk development why even bother arguing?
opensourcefan said:
There's nothing wrong with being a bit cautious and smart about the way we do things. I'll trust the app if I see the dev is in "the" community.
Sent from my GT-I9000M using XDA App
Click to expand...
Click to collapse
Agree 100%. Much better said! You don't know who's releasing what, so watch what you're installing and just make sure it looks like the program you were looking for in the first place..
Electroz said:
So, obviously you've never tried to actually edit one of those XML files within it. try that and get back to me.
Click to expand...
Click to collapse
Refer to apktool Link
Or Apk Manager (My Signature)
Xml's can be 100% decompiled/recompiled from binary to human readable and back thanks to apktool.
2 options to make sure ur safe :
1. Dont install root applications (they require 0 upfront standard android api permissions hence u won't know what its doing behind the scenes)
2. Install apps by transferring them to ur phone and using the package manager, that way you can see standard permissions (if any) and judge accordingly.
You know what would be cool, if superuser could log the "su" commands a root requiring app executes
Daneshm90 said:
Refer to apktool Link
Or Apk Manager (My Signature)
Xml's can be 100% decompiled/recompiled from binary to human readable and back thanks to apktool.
Click to expand...
Click to collapse
Wow, my bad.... But no wonder major game companies aren't developing for the platform yet.
But even if the apk that u downloaded from the net have a virus (eg. sends SMS to get money), you will still see the permission when installing so an antivirus isnt needed, or am i wrong?
leoon said:
But even if the apk that u downloaded from the net have a virus (eg. sends SMS to get money), you will still see the permission when installing so an antivirus isnt needed, or am i wrong?
Click to expand...
Click to collapse
If its a non-root requiring app then yes, it must disclose its permissions prior to installing it through package manager not if u use adb to install.
You just have to judge, if a wifi toggle app is asking for email/sms permissions, you might want to be careful
As for root-requiring apps, theres not much you can do other than read reviews for that app or decompile and try to understand what its doing behind the scenes.
Electroz said:
Wow, my bad.... But no wonder major game companies aren't developing for the platform yet.
Click to expand...
Click to collapse
It's quite easy to modify disassembled app code as well - trust me ;-) Also I think we will have possibility to decompile to Java code in the future.
Just don't think of your phone as a smaller PC (especially Windows), because this isn't true. There will never be antiviruses for Android and your only protection are permissions. Anyone could create market account and upload malicious app.
About game companies: they usually write in native code and it's really hard to decompile (or maybe even impossible for now). Besides... did you heard about gameloft's recent games? They're really awesome. Note that first 3d-gaming capable Android phones were released just ~10 months ago, so it's still quite early.
leoon said:
But even if the apk that u downloaded from the net have a virus (eg. sends SMS to get money), you will still see the permission when installing so an antivirus isnt needed, or am i wrong?
Click to expand...
Click to collapse
It should, however, what if it is an alternate launcher, in which case, you'd expect it to be able to send SMS's and make phone calls. That's all fine, until you realise the copy of launcherPro you downloaded using a multi-upload in XDA is having phone sex with a russian operator costing you hundreds of dollars.
It's actually good Brut spoke here. Brut[Maps] is relevant, because it introduces new features which distinguishes it from Google's version. However, can we trust Brut as much as we can trust Google? He seems trustworthy yes, but as trustworthy as Google? Questionable. (Btw Brut, good work on your mod). Of course, his mod does have considerable benefits showing he is interested in helping the community and he hasn't caused any problems thus far. That only means his official multi-upload posts are safe though, if I repost them elsewhere, you shouldn't trust my copies.
It's common sense that programs should pass by as few hands as possible to remain secure. We need to build awareness about security practices (particularly for business users who may compromise their companies security or information). I'm not saying all rom's are safe.. Think about it though, if an APK is already readily accessible, why would someone go through the effort of re-uploading it?
Furthermore, we should encourage people using their phone's for important purposes to use the official Kies releases, not random firmware's available from Samfirmware's (which may not even be final versions).
Remember, trojans are common in the warez world, and it's better to change the attitude of the community before they become a problem here too (otherwise, people will be stuck in a poor mindset that compromises herd immunity). XDA is a website targeted at the technical crowd, and we should set a good example.
@Electroz. Haven't disassembled them myself, but checked a tutorial. But someone has responded already anyway.. Just because I don't have experience doing it myself anyway, doesn't mean it isn't widely known to be possible.
Several big guys already launched Antivirus For Android
Norton, Trend, and a few more
i think we are pretty safe with those
however... it's suck if they run in the background all the time eating the juice+cpu power away
Anti-virus only helps for known trojans anyway, and since so few people have it installed, it doesn't help much. When Android has it built in though, it may be more useful.
Anti-virus should be considered a last line of defense anyway. And either way, I'm not concerned, because I try to minimise the risks of my own sgs. However, it's a concern that people here don't believe such a risk exists, and are actually encouraging a global attitude which might make the Android population ripe for social engineering attacks in the future.
@andrewluecke
I understand you, I don't say there is no problem with security. I say it doesn't matter you will get malicious software from mirror or Market itself. We could assume apps downloaded from WWW are more dangerous, but this problem is general one: people should be cautious whenever they install something with critical permissions. If they won't they will have problems anyway - it's just a matter of time.
I agree with you: it's important to aware people of that problem. This is actually only one thing we can do: be aware and cautious.
Ahh and in many situations it's possible to protect yourself against problem with redistribution. First, you could check md5 - many developers give it to people, I do. Second: signatures. Each app is signed by its author, so you could check its authenticity. You could check signatures of downloaded apk using public key uploaded by dev to his WWW or using "safe" apk you downloaded earlier. Unfortunately there are no tools to do that easily :-/ Also Android does this check automatically when you install new software. So if you have installed e.g. GM modded by me, then you have downloaded new version from some mirror and succeed at installing it, you can be sure it was also from me and nobody modified it.
AllGamer said:
Several big guys already launched Antivirus For Android
Norton, Trend, and a few more
Click to expand...
Click to collapse
Hmm? I think it's impossible, cause apps can't get to data and resources of others apps. And creating an app for root users only wouldn't have much sense.
I have found Norton Smartphone Security for Android and it's anti-theft protection, not anti-virus.
I'm not a coder and came from IT field so I have lots of general questions about apk security and found this thread...great discussion. TY
Just a general question about apk security...how easy is it to alter apk for malicious intent? And is it possible for spyware writers to turn some freebie apk or rom into a bunch of botnet drone? ...just kinda scary to imagine
the news about android virus gets me nervous about installing any apk released from any individual
http://www.talkandroid.com/24949-new-android-trojan-virus-discovered-dubbed-gemini/
kobesabi said:
how easy is it to alter apk for malicious intent?
Click to expand...
Click to collapse
Quite easy for a good developer.
kobesabi said:
And is it possible for spyware writers to turn some freebie apk or rom into a bunch of botnet drone?
Click to expand...
Click to collapse
Yes, but I think that would be quickly noticed by people and then these apks, roms and developers would be banned from every forum in the internet.
Brut.all said:
Quite easy for a good developer.
Yes, but I think that would be quickly noticed by people and then these apks, roms and developers would be banned from every forum in the internet.
Click to expand...
Click to collapse
Wow, scary. Unless there is something else, that they can't get away, I don't think banning would deter much, they just laugh at the weak security as a fun challenge. If they already got tons of ip under their control...banning by account, ip, or email will not help much...they can always get new ones.
Is there a way user can authenticate/verify apk signing from authentic author/writer? Many just post apk but did not post md5 or sha sum so how can a user find out if it is original or not?
Anyway to test these apk without loading up to real phone?
Viewsonic Gtablet Specific Binaries & Drivers
For everyone who may have been waiting for this I present to you the proper Proprietary Viewsonic Gtablet Binaries & Drivers according to Cyanogen Mods Tutorial of Compiling Gingerbread Rom which also discusses how to pull the Proprietary Drivers and Binaries from a Malata smb_a1002 Device which is a Viewsonic Gtablet specifically.
To all who want to test with these Binaries and Drivers before testing with these please understand that these are the Binaries and Drivers the Viewsonic Gtablet Stock ROM uses. When using these specific Binaries and Drivers understand that these files may already exist and that replacing just one of these can disrupt the way a current ROM may be running. This can be caused for a number of reasons...
1. When replacing the libraries and binaries with these understand the alot of these specific files are tied together to make the Gtablet work the way it does, so in essence replacing one of these libraries or binaries with one on another ROM can cause the ROM itself to look for the other libraries and binary files that are specifically in this package.
2. You may get away with mixing and mingling these files but it's a hard and time consuming process to debug which ones can and can't work with other vendors binaries and libraries but this is how the work must be done
3. If there is a file missing do not blame me this is what I know according to Cyanogen MODs Wiki. If you wan to view there tutorial go to there website, and look through there WIKI.
Proprietary Android Binaries & Drivers: http://linuxboxsolution.com/linux-b...t-Proprietary-Android-Binaries--and--Drivers/
Issues have seemed to be resolved with submission to github.
That zip file would've been slightly more useful had it contained the original paths of those proprietary files.
Issues have seemed to be resolved with submission to github.
** deleted **
Thanks for the work LBS
mmenzie said:
can a MODERATOR please step in on this??? the above comments do NOTHING to further the development of this or any other thing!!! i'm not a developer or anything... i am just a tester testing all the wonderful things all the Devs let us test. are you a developer??? are you a programmer??? are you even using the products of this developer??? i am guessing the answer is NO to all questions. if thats the case please just sit back and read and do not interact with this thread or any other thread where your business is to knock the product. unless you are a developer, a programmer, or a tester willing to add CONSTRUCTIVE CRITISIM or "thank yous" there is no need for you to post anything at all in this or any other thread.
CONSTRUCTIVE CRITISIM and helpful hints and positive feedback are the only things that further development and we should all consider this before making a post.
i will now climb down from my soap box and let thgis get back on topic (hopefully)
Click to expand...
Click to collapse
Critisism and words of caution are equally as important as praise.
Be wary of of folks trumpetting the quality of their product to increase profit while doing nothing to provide evidence to support those claims.
That said, what TnT build do these files come from and are they different than what is used in CM7 or some of the AOSP based projects ?
nunjabusiness said:
What exactly does this group of files bring to the table?
If it is simply the extracted stuff from the original TapNCrap that it came with, the only thing I can think of that we are really missing now in the HC ROMs is camera support.
Click to expand...
Click to collapse
In my eyes the only major issues with HC are:
1 camera support (possibly fixed with these files)
2 hardware acceleration (probaly not fixed with these files)
So, one of the two major HC drawbacks might be fixed. IMO camera support isn't as importent as hardware acceleration, but it's still on my 'must have' list. Who cares if camera support came from TapNCrap, as long as it works?
All of the HC ROMS are on par with each other (pre-packaged apps and launchers aside) so if one HC ROM gets camera working then that would be the better ROM IMO.
ramerco said:
That said, what TnT build do these files come from and are they different than what is used in CM7 or some of the AOSP based projects ?
Click to expand...
Click to collapse
Excellent question, I'd like to know the answer too. Does it come from a ROM with keyboard/mouse support, for example?
macbroom said:
Another attempt to drive your site traffic up for profit using open source material.
Click to expand...
Click to collapse
I went to his site and I saw no ads, no banners, no links for a donation or links to other products. MAybe those links were there but they were not prominent, so it hardly looks like an ad scheme, it's not like thousands of people will flock to his site to download files and be drawn into his tangled web of crafty salesmanship. How many people are developing ROMs for the gTab?
Why does it matter if it's his site vs another site?
edirector said:
His behavior is like cyber bullying because he is following this developer from forum to forum to post often-times character assassinating stuff. He might want to consider someone pulling his ip address and seeing who he really is and if he is affecting the developers income, be sued.
Click to expand...
Click to collapse
I'm going to go out on a limb and guess that you have very little knowledge of the law in general and zero about civil law as it relates to defamation.
Regardless of provocation, please do not threaten legal action against someone (albeit groundless) as that is just as heinous a violation of forum rules.
Here they are for your edification (I particularly like #8 and #12):
Forum & Marketplace Rules
--------------------------------------------------------------------------------
FORUM RULES
1. Search before posting.
Use one of our search functions before posting, whether you have a question or something new to share, it's very likely someone already asked that question or shared that news.
2. Member conduct.
2.1 Language: XDA is a worldwide community. As a result what is ‘ok’ to say in your part of the world may not be ok in someone else’s part of the world. Please think about who is reading what you write. Keep in mind that what you think of as acceptable use of language may not be acceptable to others. Conversely, while reading member posts, remember that word you find offensive may not be to the writer. Tolerance is a two way street.
2.2 Nudity: XDA is used by people of all ages, including minors. It's not acceptable to post nude/pornographic imagery, which includes exposure of the male or female genitalia or of female breasts.
2.3 Flaming: XDA was founded as a group of people sharing information about certain mobile phones. Sharing does not involve virtual yelling (flaming) it does involve working together to solve problems in an environment of mutual respect and understanding. Losing your temper and flaming another member, or group of members, is not acceptable behavior.
2.4 Personal attacks, racial, political and/or religious discussions: XDA is a discussion forum about certain mobile phones. Mobile phones are not racial, political, religious or personally offensive, therefore none of these types of discussions are permitted on XDA.
2.5 New Members: Treat new members the way you would have liked to have been treated when you were a new member. Provide the new members with guidance, advice and instruction always with respect and courtesy.
2.6 All members are expected to read and adhere to the XDA rules.
3. Post only using a clear subject and message.
You're most likely to receive a helpful answer to your question if you use a short subject title that describes your problem and a message that explains in detail what your problem is and what you've tried to solve it.
4. Use the English language.
We understand that with all the different nationalities not everyone speaks English well, but please try. If you're really unable to post in English use an online translator, You're free to include your original message in your own language below the English translation.
5. Post a message only once.
As a large forum we don't need unnecessary clutter, You're free to edit your message as you like, so if you do not receive an answer revisit your message and see if you can describe your problem better. Not everyone is online at the same time, it might take a while before you receive an answer.
6. Do not post warez.
If a piece of software requires you to pay to use it, either pay or find your cracks and serials somewhere else. We do not accept warez nor do we permit any member to promote or describe ways in which Warez, cracks, serial codes or other means of avoiding payment, can be obtained.
7. Do not spam.
If you wish to advertise a product, contact us we provide ads. But do not post it in the forums, it will be removed and you're likely to receive a ban.
You are however allowed to sell used goods like your own device, parts of your device or accessories for your device in the marketplace forum, please read the rules there before posting. (This rule includes signatures, if you use a signature it will appear in your post)
8. Donations.
We appreciate all donations to xda-developers.com, it keeps our forum online and well maintained. As a user you're allowed to ask for donations in your signature as a thank you for your hard work. However donations up front are not allowed, this forum is about sharing, not about getting paid to do something, that's what your job is for.
9. Don't get us in trouble.
Don't post copyrighted materials or do other things that will obviously lead to legal trouble. If you wouldn't do it on your own homepage, you probably don't want to do it here either. This does not mean we agree with everything the software piracy lobby try to impose on us, it simply means you cannot break any laws here, since we'll end up dealing with legal hassle caused by you. Please use common sense: respect the forum, its users, and those that write great code.
10. Help others if you can.
If you see posts from others where you can help out, please do. This place exists because people are helping each other, and even if you are relatively new to the matter, there's probably already quite a few people newer than you that would benefit from what you've learned. Don't be shy.
11. Don’t post with the intention of selling something.
•Don’t use XDA to advertise your product or service. Proprietors of for-pay products or services, may use XDA to get feedback, provide beta access, or a free version of their product for XDA users and offer support, but not to post with the intention of selling. This includes promoting sites similar/substantially similar to XDA-Developers.com.
•Do not post press releases, announcements, links to trial software, or commercial services. unless you’re posting an exclusive release for XDA-Developers.com.
•Encouraging members to participate in forum activities on other phone related sites is prohibited.
•Off-site downloads are permitted if the site is non-commercial and does not require registration.
•Off-site downloads from sites requiring registration are NOT encouraged but may be permitted if the following conditions are met:
A) the site belongs to a member of XDA-Developers with at least 1500 posts and 2 years membership who actively maintains XDA-Developers' support thread(s) / posts, related to the download,
B) the site is a relatively small personal website without commercial advertising/links (i.e. not a competitor forum-based site with purposes and aims similar to those of XDA-Developers.com.)
12. Using the work of others.
If you are developing something that is based on the work of another Member, you MUST first seek their permission, and you must give credit to the member whose work you used. If a dispute occurs about who developed / created a piece of work, first try to settle the matter by private message and NOT in open forum. If this fails then you may contact a moderator with clear evidence that the work was created by you.
Convincing evidence will result in copied work being removed. If there is no clear evidence you created the work then in the spirit of sharing all work will remain posted on the forums.
These rules apply to all software posted on XDA unless that software comes with a license that waives these rules.
What if macbroom and LBS are the same person. He created an alter ego just to stir interest and attention to himself because he loves it. Twist!
Directed by M. Night Shamwamthankyoumam
nunjabusiness said:
...
Here they are for your edification (I particularly like #8 and #12):
...
8. Donations.
We appreciate all donations to xda-developers.com, it keeps our forum online and well maintained. As a user you're allowed to ask for donations in your signature as a thank you for your hard work. However donations up front are not allowed, this forum is about sharing, not about getting paid to do something, that's what your job is for.
12. Using the work of others.
If you are developing something that is based on the work of another Member, you MUST first seek their permission, and you must give credit to the member whose work you used. If a dispute occurs about who developed / created a piece of work, first try to settle the matter by private message and NOT in open forum. If this fails then you may contact a moderator with clear evidence that the work was created by you.
Click to expand...
Click to collapse
Well said.
The vast majority of the responses in this thread are pretty shameful. And I think the most a moderator could do is edit some of these comments (which, imo, they should).
Some advise - on occasion I've lost my cool and written things I later regretted. I suggest that some of you use the edit button, clean up the hateful comments and maybe drop in a "I apologize" retraction while you're at it.
And @LBS, keep in mind that most people do appreciate what you do (myself included). I know how hard it is to make ROM's, and support them, but there will always be a few bad apples. I have pulled back from here (and Slatedroid and TR) this summer as I decompress a bit, so I'm not sure if there's some history outside of this thread which created this tension. But from my vantage point, all LBS is doing is using his own web site to better control how he disseminates information. How is that any different than what goodintentions is doing, for example? Isn't the end goal to help users make the most of their GTAB?
bebopblues said:
What if macbroom and LBS are the same person. He created an alter ego just to stir interest and attention to himself because he loves it. Twist!
Directed by M. Night Shamwamthankyoumam
Click to expand...
Click to collapse
Lol! WHAT A TWIST! Well done on the robot chicken reference
roebeet said:
The vast majority of the responses in this thread are pretty shameful. And I think the most a moderator could do is edit some of these comments (which, imo, they should).
Some advise - on occasion I've lost my cool and written things I later regretted. I suggest that some of you use the edit button, clean up the hateful comments and maybe drop in a "I apologize" retraction while you're at it.
And @LBS, keep in mind that most people do appreciate what you do (myself included). I know how hard it is to make ROM's, and support them, but there will always be a few bad apples. I have pulled back from here (and Slatedroid and TR) this summer as I decompress a bit, so I'm not sure if there's some history outside of this thread which created this tension. But from my vantage point, all LBS is doing is using his own web site to better control how he disseminates information. How is that any different than what goodintentions is doing, for example? Isn't the end goal to help users make the most of their GTAB?
Click to expand...
Click to collapse
Thank you, Roebeet I have been tirelessly supporting LBS's effort. It was starting to feel like a full time job. I am glad you jumped in. It is bad when conversation is not about the rom but gets more personal in nature. People were coming at me because I expressed my like of his work which is pretty darn good at that. But you know I am a fan of your work too. You pioneered the HC rom industry for G Tab, so you know we appreciate you. I trbardelljr I hope I got his name right of Flashback is doing an incredible job as well even though I haven't tried his rom yet. My problem is I got hooked on illuminate because it is that good.
I noticed some have gotten into the dual rom running and I might try that so I can check out different roms at the same time, too.
Enjoy your down time. We look forward to your return.
roebeet said:
The vast majority of the responses in this thread are pretty shameful. And I think the most a moderator could do is edit some of these comments (which, imo, they should).
Some advise - on occasion I've lost my cool and written things I later regretted. I suggest that some of you use the edit button, clean up the hateful comments and maybe drop in a "I apologize" retraction while you're at it.
And @LBS, keep in mind that most people do appreciate what you do (myself included). I know how hard it is to make ROM's, and support them, but there will always be a few bad apples. I have pulled back from here (and Slatedroid and TR) this summer as I decompress a bit, so I'm not sure if there's some history outside of this thread which created this tension. But from my vantage point, all LBS is doing is using his own web site to better control how he disseminates information. How is that any different than what goodintentions is doing, for example? Isn't the end goal to help users make the most of their GTAB?
Click to expand...
Click to collapse
I have edited some of my posts in the interest of cleaning up some of the residual mess in this thread. I also suggest that some others do the same so we can get back on track.
I hope that you are enjoying your break and time with your family and we all hope that you will return in the near future. You were the main reason that I purchased my Gtab.
P.S. You may also want to edit your last post after catching up on the other threads.
macbroom said:
I have edited some of my posts in the interest of cleaning up some of the residual mess in this thread. I also suggest that some others do the same so we can get back on track.
I hope that you are enjoying your break and time with your family and we all hope that you will return in the near future. You were the main reason that I purchased my Gtab.
P.S. You may also want to edit your last post after catching up on the other threads.
Click to expand...
Click to collapse
I just went back and re-read the posts I have made in the past couple of weeks here and stand behind every one 100%.
Now ... on the OTHER forum I (and others) may have gotten a little bit too zealous in some posts but ultimately, the mods agreed with us and locked the threads.
To be completely fair though, none of those posts got really combative until "autistic" started it.
Hey,
Folks, there is a new version of illuminate that was released yesterday that is outstanding... to spin off on from the fact we are on LBS's thread. While many of us may not know how to use these "binaries and drivers" but LBS and other devs do and they are more then likely included somewhere in his updated rom. It is a pretty incredible HC rom.
The speed on it is astounding with no hick-ups. I spent last night driving it hard just to see what it could do and matching the differences in his previous releases. It is pretty incredible. Loads multimedia files...pics, videos and music like they are text.
Update from the LBS kernel thread
jerdog said:
Kernel source needs provided as per GPL. All this looks like is a rebranding of someone else's kernel - to dispel that belief please provide source and changes or else this will be removed as it would be in violation of the rules.
Click to expand...
Click to collapse
Hmmm, deja vu anyone?
macbroom said:
I have edited some of my posts in the interest of cleaning up some of the residual mess in this thread. I also suggest that some others do the same so we can get back on track.
I hope that you are enjoying your break and time with your family and we all hope that you will return in the near future. You were the main reason that I purchased my Gtab.
P.S. You may also want to edit your last post after catching up on the other threads.
Click to expand...
Click to collapse
I had mentioned that I wasn't sure if there was a history, but I suspected that there might be as these things usually are a slow boil. Since I've been out-of-the-loop, if there were other threads I hadn't seen them, at least not yet.
Honestly, I haven't delved into these other HC ROMs recently, so I don't know what's in them. So I can't base an opinion unless I ripped them apart -- the last one I did open up was Flashback, so I know that tlbardelljr had some unique stuff in the framework.
The point was that people need to be careful as these things can be taken out of context if they don't know the history (if there is a history). I know this from personal experience, unfortunately.
So, guys..
I was going through some blogs, which stated that there are so many malicious apps in android market. Recently, Avast, which has launched an app in market, reported to google about some malicious apps.
Here is the article:-
https://blog.avast.com/2011/12/13/android-malware-in-the-open-marketplace/
So, what i was thinking is that do we really need an Antivirus app, to protect our android phone??
Using an antivirus app will mean that, it will consume RAM continuously, and so will consume battery too.
I am starting this thread, so that we can discuss, here ,if we really need it.
So, share your views, experiences with any malicious app in the market place, and also suggestions about which antivirus app should we use, if this kind of thing exists in android.
Of course you do, i use Lookout Mobile Security and it has caught a few trojans which were potenially harmful to my phone, not too many but it did quarantine a few since ive had it.
Basically anyone who doesn't have any type of protection on their dog and bone is taking a big chance.
The answer is NO.
I've posted an article from tech2.com in Indian thread where someone from Google said it while talking about Trozan AV apps.
ithehappy said:
The answer is NO.
I've posted an article from tech2.com in Indian thread where someone from Google said it while talking about Trozan AV apps.
Click to expand...
Click to collapse
Did u read the link i posted?
It really shows the possibility of some malicious apps, co-existing in Android Market. Don't we need to be protected?
ithehappy said:
The answer is NO.
I've posted an article from tech2.com in Indian thread where someone from Google said it while talking about Trozan AV apps.
Click to expand...
Click to collapse
Well if you ever get a trojan on your SGSII don't come crying on here, ever heard of better be safe than sorry!!
jonny68 said:
Well if you ever get a trojan on your SGSII don't come crying on here, ever heard of better be safe than sorry!!
Click to expand...
Click to collapse
Thats what i am trying here "Better be safe than sorry"
Well you should've created this thread without the 'Do' and '?'. Everyone is entitled to his/her own opinion. You didn't like my post IGNORE it, don't quote me and advice me what I need to do. A '?' thread should only be created where everyone can share his/her opinion and then it's up to the Thread starter what he/she will take from all the answers.
Anyway, keep using what you are using.
@jonny68- Have you seen such a thread like that in this 8 + months?
This is what Chris Dibona, Google's Open Source Program Manager said,
Chris DiBona, Google's open-source programs manager stated in a blog post, “No major cell phone has a 'virus' problem in the traditional sense that Windows and some Mac machines have seen. Virus companies are playing on your fears to try to sell you bulls***protection software for Android.”
Click to expand...
Click to collapse
Source:
http://tech2.in.com/news/android/go...-antivirus-apps-in-android-marketplace/260952
Sorry I had to BOLD the line for you guys, it's a shame to modify some other comments.
Another thing, if someone even said that Antiviruses are needed for Android I would never use it.
The story is exactly the opposite when I use my Desktop PC fyi.
Regards.
ithehappy said:
Well you should've created this thread without the 'Do' and '?'. Everyone is entitled to his/her own opinion. You didn't like my post IGNORE it, don't quote me and advice me what I need to do. A '?' thread should only be created where everyone can share his/her opinion and then it's up to the Thread starter what he/she will take from all the answers.
Anyway, keep using what you are using.
@jonny68- Have you seen such a thread like that in this 8 + months?
This is what Chris Dibona, Google's Open Source Program Manager said,
Source:
http://tech2.in.com/news/android/go...-antivirus-apps-in-android-marketplace/260952
Sorry I had to BOLD the line for you guys, it's a shame to modify some other comments.
Another thing, if someone even said that Antiviruses are needed for Android I would never use it.
The story is exactly the opposite when I use my Desktop PC fyi.
Regards.
Click to expand...
Click to collapse
You forgot the rest of this story:
"Honestly, anti-virus software are not needed on mobiles, just as long as you don’t download random apps you should be just fine" ...
Most people in here download and install tons of apps, modifications and tweeaks on rooted phones ... LOL
Why not just instal a free one?
Better safe than sorry...
Send from my GT-I(OVER-9000) using XDA App.
ithehappy said:
Well you should've created this thread without the 'Do' and '?'. Everyone is entitled to his/her own opinion. You didn't like my post IGNORE it, don't quote me and advice me what I need to do. A '?' thread should only be created where everyone can share his/her opinion and then it's up to the Thread starter what he/she will take from all the answers.
Anyway, keep using what you are using.
@jonny68- Have you seen such a thread like that in this 8 + months?
This is what Chris Dibona, Google's Open Source Program Manager said,
Source:
http://tech2.in.com/news/android/go...-antivirus-apps-in-android-marketplace/260952
Sorry I had to BOLD the line for you guys, it's a shame to modify some other comments.
Another thing, if someone even said that Antiviruses are needed for Android I would never use it.
The story is exactly the opposite when I use my Desktop PC fyi.
Regards.
Click to expand...
Click to collapse
M sorry, if it hurted u.
Everyone has absolute right to express their views.Be it wrong or right.
Sent from my GT-I9100 using XDA App
Well Google are hardly gonna freely admit the fact that there are some rogue apps in the Android Market which contain trojans as this will put off many people (not just talking anti-virus here), the simple facts are despite the nonsense by Chris DeBona or whoever is the fact that you are taking a calculated rick by not having some type of protection on your phone, this is even more so if you do happen to download apps from other sources but even in the Android Market you can never be totally sure, Lookout Mobile Security is totally and utterly 100% legit and used by many thousands of people and business' alike,clearly there are some rogue apps masquerading as anti-virus apps but also others too.
Smartphones are like pc's now. What you can do with your computer your smartphone does it for you on the go. You have so many apps you browse over the net even if you are using the wireless one from home say for example anything can come through..Say if you are downloading a rom or a leak you never know what might be in them...As the OP and Jonny said above.."always be safe than sorry" that is how i see things
http://androidship.com/2011/05/29/the-android-anti-virus-epidemic/
Read that.
If you plan on downloading apps without looking at who makes them or looking at any reviews, then yes, there's a chance you can get an app that causes issues.
And that applies for ALL os's. How many apple laptop/desktop users run an antivirus? Android is built on the same type of platform, unix.
That doesn't mean an 'antivirus' app will do anything special. It uninstalls apps the same way you do under manage applications.
Sent from my páhhōniē
I all true sense you need to have read the permission that the applications needs when you install a app. If your are lazy enough to not do that have application like LBE security installed to monitor what each applications is up to ... i believe rather then a antivirus a good app fire wall is needed.
You probably don't need one, just as any power Windows user doesn't. That said you'd be crazy to not have one in Windows. Difference being a desktop has a tremendous amount of resources and allocating some to an antivirus program is no big deal. Not so on a phone. Plus there's the consideration of battery impact.
In a nutshell I'd say you'd be just fine without one.
I feel much the same way about antiviruses on Android as I do about hand-holding paid antivirus programs on Windows. If you know what you're doing, you don't need them at all. On the other hand, if you're going to download hundreds of dodgy applications at random and pay no attention to reviews/permissions/odd behaviour, then more fool you, get an antivirus app.
LBE privacy guard is a different story, since it performs a rather different function, and allows you to enjoy apps like Facebook without giving them access to the likes of text messages and phone ID.
You guys know Samsung have their own lightweight security suite in Samsung apps, yeah?
Sent from my GT-I9100 using xda premium
ithehappy said:
Well you should've created this thread without the 'Do' and '?'. Everyone is entitled to his/her own opinion. You didn't like my post IGNORE it, don't quote me and advice me what I need to do. A '?' thread should only be created where everyone can share his/her opinion and then it's up to the Thread starter what he/she will take from all the answers.
Anyway, keep using what you are using.
@jonny68- Have you seen such a thread like that in this 8 + months?
This is what Chris Dibona, Google's Open Source Program Manager said,
Source:
http://tech2.in.com/news/android/go...-antivirus-apps-in-android-marketplace/260952
Sorry I had to BOLD the line for you guys, it's a shame to modify some other comments.
Another thing, if someone even said that Antiviruses are needed for Android I would never use it.
The story is exactly the opposite when I use my Desktop PC fyi.
Regards.
Click to expand...
Click to collapse
I totally agree, like task killers and power managers, useless...
I hate the kind of pseudo-logic that is thrown around in these discussions, which paraphrase to look something like this...
LogicLord221 said:
<insert random bull**** about why their point is valid> there's a million million trojans out there and platform x is so insecure, I read this and this which says we're all in danger!
Click to expand...
Click to collapse
Basically, the point people are trying to make is that danger lurks everywhere, and you need to protect yourself, or you'll be sorry later. Scare tactics at best.
While I am an advocate for protection by prevention, that doesn't automatically lead to the conclusion that you need antivirus software for your device! It's that kind of bull**** logic that annoys the **** out of me. To quote the Oxford English Dictionary:
"Prevention"
Pronunciation: /prɪˈvɛnʃn/
noun
[mass noun]
The action of stopping something from happening or arising.
Phrases:
Prevention is better than cure.
Click to expand...
Click to collapse
Do you see the problem here? It doesn't say "The action of installing an antivirus", it says to stop something from happening. There are many ways to go about preventing infection of your device:
1) Check what you're downloading comes from either a) a reputable source, b) is backed by a reputable source, or c) is backed by numerous (>50-100) positive comments, reviews, etc. This means, don't download that app that has a bunch of one-star reviews, and has people screaming "TROJAN!" in the comments field.
2) Stick to the Market. While it's true that a lot of the infected content will indeed come from the Market itself, Google do a good job of removing offending apps, so compared to other sources of content (e.g. just downloading the APK from a server), it's a lot safer.
3) Don't pirate ****. This is probably the number-one source of malware on Android. Don't be a cheap dumbass.
4) Stay away from 'questionable' material. This includes, but isn't limited to:
- porn
- pirated content
- file sharing sites
5) Have some common sense! I can't stress this one enough, you can have the most advanced piece of software in the world, but if you're acting like a reckless child, you don't deserve to use the device, and you're bound to find yourself neck-deep in malware. Apart from the above, take some active steps to secure yourself. Change your browser settings to run Flash content on-demand instead of automatically, (if possible) set it to have you manually accept cookies, etc. Perhaps the best use of common sense would be in checking the permissions you allow an app access to when it's installed. Look, if an app that is designed to parse a line of text is requesting full internet access, access to SMS capabilities, etc., it'd be best to leave it alone, don't you think? Moreover, if something's requesting superuser permissions, it'd better have a damn good reason why. Read the permissions, and understand what you're allowing.
...because in the end, that's the hard truth -you're the one allowing access.
If you follow these simple steps, you'll protect yourself from 99% of malware. If you're worried about that 1%, don't be. Android malware hasn't progressed to the point where it's a major threat yet, so even if something does get through, it'll more than likely be nothing too major, and you'll figure out something's up pretty quick anyway. This may not be the case in say 12 months, but for now, it's fine.
If you're really paranoid, keep an app on standby, and run a scan every week or two, but disable any background process it has, it's more of a waste of time anyway. On a final note, keep in mind that it's been shown multiple times that Android antivirus software is, to be blunt, rubbish at detecting even the most common pieces of malware.
Remember, prevention is better than a cure
Im using kasperky mobile security cause i got a 1 year licence from a magazine.. But i never got an alarm until now (1,5 months), so i think atm its not necessary to use it .. Perhaps in some months when there are more viruses out in the web^^
Sent from my GT-I9100 using Tapatalk
screamworks said:
3) Don't pirate ****. This is probably the number-one source of malware on Android. Don't be a cheap dumbass.
Click to expand...
Click to collapse
Most Android apps are of such low quality they don't deserve to be purchased.
Sent from my SGH-I897
link : Mod edit - links removed
no root required..instalkl it as a apk
nemer12 said:
link : Mod edit - links removed
no root required..instalkl it as a apk
Click to expand...
Click to collapse
I installed it last week. But I find it really hard to create a phote where it works. I find it easier to use After Focus Pro to get the same effect. Plus you don't have to have a couple of tries until it can defocus. Just at home when I have the time.
for me is working ok almost all times
nemer12 said:
link : Mod edit - links removed
no root required..instalkl it as a apk
Click to expand...
Click to collapse
Trying to get thanks from someone else's work, hey?
Why not link to the original thread that the person that did the work created?
http://forum.xda-developers.com/showthread.php?t=2612382
You've been here more than long enough to know that it's essential to credit the creator of work that you share.
Sent from my C6603 using Tapatalk
nemer12 said:
for me is working ok almost all times
Click to expand...
Click to collapse
Sorry didnt mean to thank you it was meant for the post after yours.
Sent from my Xperia Z eXistenZ
kingvortex said:
Trying to get thanks from someone else's work, hey?
Why not link to the original thread that the person that did the work created?
http://forum.xda-developers.com/showthread.php?t=2612382
You've been here more than long enough to know that it's essential to credit the creator of work that you share.
Sent from my C6603 using Tapatalk
Click to expand...
Click to collapse
well...i read only the GENERAL forum other(Development, APps etc) very very rare...because I don't have a rooted phone like always(my past phones) and it doesn;t interest me like before..I found this apk on another site..
So...
i dont want any thanks...I dont please myself with " virtual thanks" . and I didn;t steal anyone work..its sony work.
This site is built on people sharing their work. You should check where it came from or at least link where you got it from instead of just posting up the direct link to the apk.
It's this sort of thing that stops people sharing their work. No contributors means no XDA developers.
As for you only checking the general section, that's no excuse. If you had posted this in the correct place, you would have seen that it originated from here in the first place.
As for it being Sony's work, it still required that the apk be modified and signed so it could be installed as a user app and not have to be manually pushed to /system/app.
If that hadn't been done, you wouldn't have it on your phone at all.
Sent from my C6603 using Tapatalk
Thread closed and link removed due to the following
12. Using the work of others.
If you are developing something that is based on the work of another Member, you MUST first seek their permission and you must give credit to the member whose work you used. If a dispute occurs about who developed / created a piece of work, first try to settle the matter by private message and NOT in open forum. If this fails, you may then contact a Moderator and provide clear evidence that the work was created by you.
Convincing evidence will result in the copied work being removed. If there is no clear evidence that it was you who created the work, then in the spirit of sharing, all work will remain posted on the forums.
As an addition, developers have the right to hold exclusivity over their work for as long as it is deemed necessary by that developer. However, if the work is claimed as exclusive, it must remain as such. No selective sharing will be allowed (ie, allowing certain people to use it and not others). Should the developer decide to start sharing the work with others, the work automatically becomes fair game for all to use, albeit with the relative credit displayed.
In regard to permissions, the same rules apply for this but if permission was already given and unless there is a very valid reason, it cannot be revoked (same applies to major updates on the work). Under that same premise, permissions cannot be denied unless the work is exclusive or under extreme circumstances.
In plain English: If you want to keep your work exclusive, go for it. However, if you are going to share your work, do it fairly.
These rules apply to all software posted on XDA (including but not limited to ROMs, RUUs, apps, games, kernels, themes, icons, etc) unless that software comes with a license that waives these rules.
Click to expand...
Click to collapse
I'm facing an issue which is contrary to what most people experience with kitkat restrictions. I cannot download anything to my internal storage. All torrent apps give me a "permission denied" error, and when I check to see my apps directory, it does show that it's internal storage, but says it's read only. However, if I change it to External Storage(SDcard), it works fine.
How can I make my phone be able to download into is own internal storage?
running stock, up to date, and rooted.
Thanks for your time!
It's karma. Maybe you shouldn't be downloading torrent apps and should be supporting the developer.
Sent from my Nexus 5 using XDA Free mobile app
You believe in karma, eh? Lol Anyhow, I did support the developers. I purchased my torrent app, as I did most of my premium apps. Thanks for your help and insight, glad I can contribute to your 'post' count.
Anyway, here's a fix to the problem described above, though you'll have to be rooted. It's a fix that was intended for Note3 devices, but will work on the Canadian Galaxy S4, and presumably the rest of the them. Thanks
http://forum.xda-developers.com/showthread.php?t=2684384
rrowe1980 said:
You believe in karma, eh? Lol Anyhow, I did support the developers. I purchased my torrent app, as I did most of my premium apps. Thanks for your help and insight, glad I can contribute to your 'post' count.
Anyway, here's a fix to the problem described above, though you'll have to be rooted. It's a fix that was intended for Note3 devices, but will work on the Canadian Galaxy S4, and presumably the rest of the them. Thanks
http://forum.xda-developers.com/showthread.php?t=2684384
Click to expand...
Click to collapse
I'm glad your support the devs I'm not too concerned about my post count, though, lol. I've got too many.
Sent from my Nexus 9 using XDA Free mobile app
..."*I'm not too concerned about my post count, though, lol. I've got too many."....
When you respond to posts for the sake of responding to posts, that'll happen....lol
Next time, try chiming in with something helpful.