Related
I'm using Modaco latest r8 rom with froyo 2.2. I noticed 2 things:
1. wave secure will not download my account data automatically when I factory reset. I need to register again which make it vulnerable. >> Anyone can disable wave secure
2. I don't even need to factory reset and I can reset wave secure by clearing the data in settings!!!!
I have tried in original HTC ROM 2.09(rooted) and flash in /system/app. same situation.
And I've tried that if wavesecure hasn't been register, you can't lock it from wavesecure.com or sms
I don't know if this is due to the nature of froyo or it's been like this since 2.1
wave secure is practically useless right now on my phone!!
Anyone can confirm this?
called them and they said they disabled the function for temp as they are working on some fix, it will be up again in 3 weeks as what they said
Yep, saw this on MoDaCo. Will not be renewing my WaveSecure subscription.
Lets be honest, it was a waste of money to begin with right.
This whole thing makes me wonder...can an Android phone REALLY be protected by these kind of softwares? Even assuming there are no security issues with the app..I mean,a lot of Android phones are rooted by their owners and all are rootable (?) without booting into the OS, so even if said apps are installed as system apps (just like wavesecure can be) what's preventing a "smart/geek" thief from pulling the battery, changing the simcard,(rooting a non-rooted phone), booting into recovery, mounting system and wreaking havoc through adb, including removing the security app?? Am i going on a wild goose chase or is all this sound??
MacCarron said:
This whole thing makes me wonder...can an Android phone REALLY be protected by these kind of softwares? Even assuming there are no security issues with the app..I mean,a lot of Android phones are rooted by their owners and all are rootable (?) without booting into the OS, so even if said apps are installed as system apps (just like wavesecure can be) what's preventing a "smart/geek" thief from pulling the battery, changing the simcard,(rooting a non-rooted phone), booting into recovery, mounting system and wreaking havoc through adb, including removing the security app?? Am i going on a wild goose chase or is all this sound??
Click to expand...
Click to collapse
Yeah, but I don't think the average mugger/thief is that smart
Sent from my HTC Desire using Tapatalk
So can I cancel my current subscription then and get a refund?
If you install wavesecure to /system/app and make sure its only there and not in /data/app as well then you should not have this problem.
Also wavesecure have gone through a rough month, got brought by Mcafee who in turn just got brought by Intel. They need to adjust to the new owners. They are (were) only a small company and lets face it their app is the best around by a long long way.
If you have any problems or suggestions on how to improve they usually listen (it was one of TeamVillain and a xda mod who suggested they make a update.zip for /system/app and a number of other improvements and they did it straight away).
Don't just say "oh no its not working" no app can protect your phone from the right people, if someone who knows all about rooting etc gets your phone then your screwed anwyay. But the average joe thug who steals your phone will get it, put in a new sim the alarm will go crazy then they panic, drop the phone and run. You can then use the tracker to find it, or give details to police.
Just put the apk in your rom next time before you flash in system/app and flash the rom. Restore data from a backup (but not the app) and you still get your market link too.
Lennyuk said:
If you install wavesecure to /system/app and make sure its only there and not in /data/app as well then you should not have this problem.
Also wavesecure have gone through a rough month, got brought by Mcafee who in turn just got brought by Intel. They need to adjust to the new owners. They are (were) only a small company and lets face it their app is the best around by a long long way.
If you have any problems or suggestions on how to improve they usually listen (it was one of TeamVillain and a xda mod who suggested they make a update.zip for /system/app and a number of other improvements and they did it straight away).
Don't just say "oh no its not working" no app can protect your phone from the right people, if someone who knows all about rooting etc gets your phone then your screwed anwyay. But the average joe thug who steals your phone will get it, put in a new sim the alarm will go crazy then they panic, drop the phone and run. You can then use the tracker to find it, or give details to police.
Just put the apk in your rom next time before you flash in system/app and flash the rom. Restore data from a backup (but not the app) and you still get your market link too.
Click to expand...
Click to collapse
While i agree with you that a witch hunt isn't the proper response and that it is unlikely that the average thief will know his way around adb, i have personally tried to remove wavesecure from /system/app...it works...i did it without breaking a sweat. I intentionally triggered the lock by attempting to uninstall the uninstall-protection, pulled off the battery, booted in recovery and got rid of wavese cure with a single command. Reboot and presto! A free phone . So it is true that there is no full-proof way to be safeguarded, at least using this software, and in my humble opinion the guys over at wavesecure should clearly state so on their website. And they don't always listen..there is a long story of noisy silences concerning op's issue...omissions, censorship etc etc. I got a free lifetime subscription so i'm not particularly yelling at anyone, just making hypothetis, but wouldn't you be quite pissed off if someone stole your phone and rendered it's security software (for which you payed) impotent just because he knew "SU"?
MacCarron said:
While i agree with you that a witch hunt isn't the proper response and that it is unlikely that the average thief will know his way around adb, i have personally tried to remove wavesecure from /system/app...it works...i did it without breaking a sweat. I intentionally triggered the lock by attempting to uninstall the uninstall-protection, pulled off the battery, booted in recovery and got rid of wavese cure with a single command. Reboot and presto! A free phone . So it is true that there is no full-proof way to be safeguarded, at least using this software, and in my humble opinion the guys over at wavesecure should clearly state so on their website. And they don't always listen..there is a long story of noisy silences concerning op's issue...omissions, censorship etc etc. I got a free lifetime subscription so i'm not particularly yelling at anyone, just making hypothetis, but wouldn't you be quite pissed off if someone stole your phone and rendered it's security software (for which you payed) impotent just because he knew "SU"?
Click to expand...
Click to collapse
The thing is though, if they knew SU and other commands chances are they will get around any protection whatever it would be.
But Wavesecure offers you a way to track the phone, you can still contact your carrier and get them to IMEI blacklist it, then track the handset down via wavesecure.
hi - just check out secrep5265.blogspot.com - thats interesting information concerning your discussion.
Anyone else having these problems?
Starting Download...
When you try to download from the Market, it hangs at "Starting Download..." and stays there for days? When you try to open Gtalk it perhaps immediately force-closes?
I was trying to find the solution to this for about four or five days - in the end, I had to do a factory reset. Google is (mostly) unresponsive about this problem.
Things I tried:
Toggling Wifi (nothing)
Changing google acct password so the Market has to ask for it again, perhaps resetting something? (didn't work)
Clearing data, cache, the whole shebang from Gtalk, Market, Gapps (no juice)
Couple of restarts (noooope)
Starting downloads and then killing the Market app - still nothing, and done mostly as a last resort.
Possible causes:
It was not tied to rooting the device - what I think happened was when I went to purchase Root Explorer, I had to create a Google Checkout subaccount, and then I was able to grab it...but after that, I could not install any apps from the Market. It seems like internationally this issue is tied to being @googlemail vs @gmail, but that wasn't my case. I've since restored Vb to her former glory, but it was tedious...factory resets suck and I hope I never have to do another one.
What I've done to keep this from happening in the future:
ROM Manager and Clockwork Recovery. I had backups of my apps and data on my computer of course, but this is soooo much easier.
I'll definitely let you know if it ends up flailing out on me again, but so far I haven't had any problems. If you have an app to back up your stuff, or if you want to just do it manually, do that and then selectively restore things after the factory reset. I actually had so few apps that I ended up just re-downloading them from the Market and everything is working smoothly, but that might be a hassle for others.
I had this problem back on my G1 but that was because I removed the IM.apk package not knowing what the result would be. I got it reinstalled and all was well. I've not run into this issue yet with my Vibrant nor do I know anyone else who has.
Had the same issue and found a way to fix it.
Settings -> Applications -> Manage Applications -> Filter -> All -> Download Manager -> Clear Data
Should work. Worked twice for me. I think this is a Vibrant issue
Texag2010 said:
I think this is a Vibrant issue
Click to expand...
Click to collapse
Not so, fortunately or unfortunately. People have been having this issue for over a year and a half, and different things fix it for different people.
Hi,
Anybody seen any actual implementations of a more secure permissions model for Android? That is, patched and compiled a kernel, used it in a custom ROM or anything like that?
A little background information:
The very first time, I tried to install an app from the Market, I was stunned to find the lack of options, in regard to which permissions I wanted to grant a certain app, when installed. It is all or nothing - "That can't be true?!", I said to myself, so I went looking for a way to control, which permissions were granted to an app, only to find out, that it's simply not possible (yes, I know you can hack the .apk, but that's besides the point here, and not very user friendly).
The solution (to be?):
While searching the net on this issue, I came across a paper written by a couple of Software Engineers, which seems quite interesting, and just about the perfect solution for my problem. However, I can't find any actual implementations on this - whether the authors didn't make any, or just didn't release it, I cannot say.
The paper I'm referring to, can be found here:
http://recluze.files.wordpress.com/2007/06/and-usage-nauman10.pdf
And another paper here:
http://www.list.gmu.edu/zhang/pub/asiaccs10-apex.pdf
After reading the papers, I went "OMG, that's freaking awesome! Where can I get that?" - So does anyone know something about this? Anything? Work-in-progress perhaps?
I'm very attracted to Android, being the number one open source mobile operating system, but the lack of security features is holding me back somewhat.
There's already posted an issue about this on Google Code - I urge everyone to go and put up a vote for this issue (login, and scroll to the bottom), in order to put some focus on it.
http://code.google.com/p/android/issues/detail?id=6266
In the meantime - anybody know of any patches?
Best regards,
Michael
I notice there's always a system process called ADCP running, I think it stood for Amazon Device Control Program. Anyone investigated what it does and what happens if you disable it? I'm wondering if it's involved in any way with the OTA updates, and also what ramification disabling it has, like will the various Amazon programs not work right? I've not been adventurous enough to experiment with, in fact I've got my wifi off for now until it's clear whether the OTA update can be blocked by the methods discussed here.
jb0ne said:
I notice there's always a system process called ADCP running, I think it stood for Amazon Device Control Program. Anyone investigated what it does and what happens if you disable it? I'm wondering if it's involved in any way with the OTA updates, and also what ramification disabling it has, like will the various Amazon programs not work right? I've not been adventurous enough to experiment with, in fact I've got my wifi off for now until it's clear whether the OTA update can be blocked by the methods discussed here.
Click to expand...
Click to collapse
check this out
http://forum.xda-developers.com/showpost.php?p=20166149&postcount=1
essentially it connects the amazon apps to the kindle registration
I'm suspicious, I suspect it does more, and is the thing responsible for the OTA updates everyone is getting no matter what they do....
I really want to try and freeze it, but too afraid that it might actually be necessary...
Well I installed Droidwall and didn't give permissions to ADCP and so far my device is still registered and I can watch videos and use my books, can use the Amazon App Store (I gave it permissions, I don't think it's the program responsible). I've effectively disabled ADCP by not allowing it to connect to the internet, but it's still running in case it does, say, DRM services or something. All good and still on 6.2 (and I did do the other suggestions previously).
jb0ne said:
Well I installed Droidwall and didn't give permissions to ADCP and so far my device is still registered and I can watch videos and use my books, can use the Amazon App Store (I gave it permissions, I don't think it's the program responsible). I've effectively disabled ADCP by not allowing it to connect to the internet, but it's still running in case it does, say, DRM services or something. All good and still on 6.2 (and I did do the other suggestions previously).
Click to expand...
Click to collapse
Glad it worked for someone else too. I am not sure which process is actually responsible for downloading and installing the update though.
EDIT: Oh, I didn't post about DroidWall in this forum. I figured out DroidWall last night and we posted on Gizmodo about it.
An important element I overlooked, even after adding apps to the whitelist, you have to go back to Menu and enable firewall. It's NOT enabled by default even if you change whitelist apps. Even though I had it not running firewall until 10 minutes ago, I hadn't received update. Maybe moving otacerts.zip stopped it....
jb0ne said:
I'm suspicious, I suspect it does more, and is the thing responsible for the OTA updates everyone is getting no matter what they do....
Click to expand...
Click to collapse
I installed ADCP on CM7 when I was trying to find a way to get amazon video working. It brings up the page to register your kindle, but it never seemed to work right on CM7. There's a different apk for the OTA update, if I remember correctly.
You could put /system/etc/security/otacerts.zip back in and see if ADCP then lets your register your kindle.
I did a factory reset before submitting my device to Samsung repair. But before doing it, to not have any trace of my online/offline data after reset I had to take care of ‘Factory Reset Protection’ (FRP) so that it won't ask to enter my email after reset. I removed the device security locks including fingerprints and also any Google account associated as said by 99% articles over internet (at least in my 30 mins of read thru of Google searches specifically for Samsung & also generally for android). Also had checked necessary options for all of my datas to be synced to Google. But in order to reinforce my knowledge about FRP and how it’s getting triggered I went thru some YouTube videos and articles specifically for Samsung & also generally for android prior to reset. And finally everything was good to go and ready for repair
Got my device after repair and did a reset again for Google to ask to restore my apps from previous backup of the same device. But it didn’t as you can see from the pic attached.
So what could be the reason you ask. When I removed the Google account (primary) for reset process, all the ‘App datas’ (thankfully not my contacts and other stuffs) were cleared from Google servers. Simply to say, the ‘Remove account’ option will tell Google that this device is no longer associated with this account and to delete all Android related datas associated and there is no way you can get this back.
So I don’t know whom to blame. The hundred’s of article over Internet about FRP (example: http://www.androidcentral.com/factory-reset-protection-what-you-need-know )
OR Samsung for not giving any information anywhere in internet or even in the Software (as warnings) [Their only website related to FRP is still down here in my country at least]. OR Google? For not giving any clear information regarding this action.
Anyway there is no use in crying over spilt milk. All I have to do now is manually install all my 83 apps one by one that were previously installed and who knows whether their respective datas can still be synced. There were even circumstances which most of us should have gone thru when the Google not showing yesterday app restore list but 1 week ago in the setup process.
Things like this can very well frustrate anyone if they are heaving depending on cloud. This is just one of the many little things(software, H/W dependent) in Android that may frustrate a user very much. NO WONDER WHY PEOPLE MOVE TO iOS. Because over customizability and all there are some stuffs that matters the most and iOS still excels in that. We geeks know that but it’s the freedom and exploration that makes us forget all those important stuffs.
For those of you gonna say “YOU SHOULD HAVE USED SMART SWITCH, ADB BACKUP, TITANIUM BACKUP OR SOMETHING ELSE” -- when something is meant to work it should work. I even had bad experiences with Titanium backup, could be device specific but whatever it is.
Welcoming all POSITIVE and NEGATIVE comments. LOL.
Running stock TouchWiz with the April patch. Tried a reset without removing Google account and it didn't ask for the mail ID to be entered for verification during setup process. So basically something have changed recently on how FRP works and whatever I've wriiten is what you have to take care of. regarding backup and all. Please share this thread with you friends. .
Will appreciate a thanks.
Thanks for sharing. Seems like a good warning for all of us.
Sent from my SM-G930V using XDA Premium HD app
Sorry to hear of your difficulties. My own frustrations have been building with Android as well. It is ridiculous how much we have to eff around with hidden settings and tweaks to get decent battery life. I am keeping an eye on the iPhone 7 to be honest.
Though apple ecosystem has its own share of frustrations.
Thanks for the info. I too had experience of some backup apps not working as they intended to be. Even Titanium Backup had given me tension when new android version comes or sometimes for no reason. But my go to solution(even without root I believe) is always have been Tasker+AutoInput combo. When nothing works out I just program them both to install apps from PlayStore based on the app list I manually backed up with another app. That's it. Don't know whether that will cause any bad effect on device hardware. Does it?
xxaarraa said:
Sorry to hear of your difficulties. My own frustrations have been building with Android as well. It is ridiculous how much we have to eff around with hidden settings and tweaks to get decent battery life. I am keeping an eye on the iPhone 7 to be honest.
Though apple ecosystem has its own share of frustrations.
Click to expand...
Click to collapse
I agree as i mentioned in OP. Sad to see Snapdragon 820 users struggle with battery life by removing un-wanted system packages. This even exists to an extent in my unlocked DUOS version. Google gotta have more control over Android. Hope with Android N this is not just gonna be with updates but also else where. Come on Google it's 2016.
OH gosh. This is an important piece of information. Somebody should link to this info by posting an article in xda-developer.com . Is there any way to reuquest?
Thanks BTW for a warning
Sheryl John said:
.Simply to say, the ‘Remove account’ option will tell Google that this device is no longer associated with this account and to delete all Android related datas associated and there is no way you can get this back
Click to expand...
Click to collapse
1) Disable Internet connectivity (wifi, data)
2) Remove accounts, then
3) Factory reset
Google doesn't know that about the removal so app data is still in your account, yet the device no longer has any link to the Google account so it's safe against FRP.
That said, with multi devices (and household members sharing 1 common account as the base account), I don't back app data to Google at all. TiBu has its quirks but I've yet to lose anything with it. On the contrary, I probably have too much back up (who needs Gingerbread apps back ups??? yeah, I still have them LOL).
lost_ said:
1) Disable Internet connectivity (wifi, data)
2) Remove accounts, then
3) Factory reset
Google doesn't know that about the removal so app data is still in your account, yet the device no longer has any link to the Google account so it's safe against FRP.
That said, with multi devices (and household members sharing 1 common account as the base account), I don't back app data to Google at all. TiBu has its quirks but I've yet to lose anything with it. On the contrary, I probably have too much back up (who needs Gingerbread apps back ups??? yeah, I still have them LOL).
Click to expand...
Click to collapse
That's the only way it seems for hard reset. But as I mentioned in my OP there is no need of removing the Google account for soft reset. FRP won't be triggered.