Related
Hope this hasn't been posted before but apparently google is blocking rooted phones from accessing the new movies app.
www.androidcentral.com/google-movies-blocked-rooted-devices?utm_source=ac&utm_medium=twitter
probably wouldn't have used this service anyway
but what a BS move by Google
I hope that this isn't starting point for blocking another services on rooted phones (like whole market)..
Seems like some bad logic... They don't want you renting a movie if your phone is rooted, since you might pirate it. However, you would think if one is technical enough to root their phone (or even know that it is an option), they probably know enough to pirate a movie without paying for it in the first place...
Something tells me this isn't Google's idea. I think they've had their arms twisted.
Wonder how an internet connection can tell phone is rooted .
jje
Ayrlupine said:
Something tells me this isn't Google's idea. I think they've had their arms twisted.
Click to expand...
Click to collapse
What he said. Movie studios and record companies are a money grabbing greedy lot who will do anything to continue filling their pockets.
I highly doubt this is Google. It goes against their ENTIRE WAY of thinking/operating.
Google don't encourage rooting, but they certainly don't condemn it - because that's one of the joys of open source development.
Google "making" this decision is like Apple, forgetting to patent one of it's products/possible products...and we all know that will never happen!
As (below/above/previous post said) it has to be legalities with the studio companies.
I don't think it's possible to detect you're rooted. If you have root, you have full control over your OS, so you can make some app think it's installed on non-rooted device. No problem, really.
Brut.all said:
I don't think it's possible to detect you're rooted. If you have root, you have full control over your OS, so you can make some app think it's installed on non-rooted device. No problem, really.
Click to expand...
Click to collapse
It's pretty easy to detect root actually
Sent from my MB860 using XDA Premium App
LancerV said:
It's pretty easy to detect root actually
Sent from my MB860 using XDA Premium App
Click to expand...
Click to collapse
mehh, someone will find a loop-hole!
LancerV said:
It's pretty easy to detect root actually
Click to expand...
Click to collapse
It's easy to detect root if OS will let you detect it ;-) E.g. you could look for "su" command or Superuser.apk, but it should be possible to hide them for specific app. Also it should be possible to crack an app, so it won't look for root at all.
Brut.all said:
It's easy to detect root if OS will let you detect it ;-) E.g. you could look for "su" command or Superuser.apk, but it should be possible to hide them for specific app. Also it should be possible to crack an app, so it won't look for root at all.
Click to expand...
Click to collapse
Yeah. I'm also sure you could move su to another name, and refactor Superuser.apk to use another app name. Then you could create a symlink for su to the new binary, and use a service or daemon to remove it when a particular event occurs.
Or, they could simply be checking ro.secure, which is set in the initramfs...
Hello, I've found a few threads around these forums discussing malware in Roms, and I was wondering if G2 users have had any bad experiences?
I've been playing around with a few of the ICS roms the last week, and out of nowhere my FB password was compromised and I have no idea how. Is there any security software I should be looking at installing? Is this a common thing to happen, or should I just chalk it up as coincidence?
if you download random APK's on the internet outside of XDA then you're more likely to find some malicious code. So always remember to check discussions or people commenting on the software for your best bet to stay clean. Most of the stuff on XDA should not have malware, atleast not intentionally. If you suspect anything immediately, you should probably post it in the correct thread you got it from to get input from other users.
Although, regarding your FB getting compromised, it might not be limited to your apps, I've gotten it compromised before highly suspecting that was from using public wifi.
Do the antivirus softwares from the market work?
Sent from my MSM using XDA App
e183348 said:
Do the antivirus softwares from the market work?
Sent from my MSM using XDA App
Click to expand...
Click to collapse
They're just snaike oil.
Rantanplan1980 said:
They're just snaike oil.
Click to expand...
Click to collapse
I use Lookout for the GPS tracking capability, but they are useless if you have half a brain. Don't download "Pretty Sexy Girls!?!" from obscure chinese developer in the market and you'll be fine. Trusted apps from trusted devs.
http://www.crn.com/240000735/printablearticle.htm
What software do you have to protect yourself/information?
Alias8818 said:
http://www.crn.com/240000735/printablearticle.htm
What software do you have to protect yourself/information?
Click to expand...
Click to collapse
Before I open any app I open manifests.xml and change permissions. lol
Anything else We can do?
IMO, If you get anything like this. You deserve it! Almost just like on a PC. If your not smart enough to check your stuff before you put it on your phone, then stick to buying your apps. Don't open and launch things from emails you don't know about. Your not smart enough to know what sites are bad and how to control what your clicking through. By all means hurry and pirate an anti... app too please. Then I can charge you to fix it. XXX only make me money.
Did I miss anything? lol
Love,
Your loving IT Pro
Oh yeah I forgot. LBE security guard. Amazing root permissions app. It allows you to revoke certain apps permissions. Like if you don't want angry birds access to your data and wifi you can do that. An added plus is with that you dont get any more stupid adds.
Sent From My Sprint Galaxy Nexus via XDA Premium
Avast! Is pretty awesome, mostly anti-virus protection.........the malware stuff is a totally different kinda animal, would be great to see a good solid app.........gonna try Uber's recommendation.
Sent from my SPH-D700 using xda premium
I use a combo of several apps
Superuser (with PIN) for SU rights
AdFree - to block most ads
Droid Wall - to totally block data & WiFI on an app by app basis
LBE Privacy Guard - to remove specific permission from apps that require data access
One of the easiest thing to do, is only get apps from trusted sources, which will drastically cut down on risks
Finally, think twice about installing an app with a low number of downloads.
DCRocks said:
I use a combo of several apps
Superuser (with PIN) for SU rights
AdFree - to block most ads
Droid Wall - to totally block data & WiFI on an app by app basis
LBE Privacy Guard - to remove specific permission from apps that require data access
One of the easiest thing to do, is only get apps from trusted sources, which will drastically cut down on risks
Finally, think twice about installing an app with a low number of downloads.
Click to expand...
Click to collapse
Why do you have LBE and Droid wall. You do know LBE has that function too right? Internet Firewall....
Sent From My Sprint Galaxy Nexus via XDA Premium
ÜBER™ said:
Oh yeah I forgot. LBE security guard. Amazing root permissions app. It allows you to revoke certain apps permissions. Like if you don't want angry birds access to your data and wifi you can do that. An added plus is with that you dont get any more stupid adds.
Sent From My Sprint Galaxy Nexus via XDA Premium
Click to expand...
Click to collapse
I agree 100% with this. The UI is super simple, and you can see how much data each app is using. It opened my eyes the first few times I used it as there were apps using data that had no real reason to. It didn't make sense to me.
As UBER mentioned, you can also disable GPS for apps like Angry Birds Space. I love how when you install a new app, a notification shows up up top reminding you to set permissions for that app.
Very basic, easy to use, and most importantly, powerful.
Thread Cleaned
And reopened
FNM
MALWARE Reply
So many people have Android devices now that it ruins it for everyone. That is what makes it a popular platform for that kind of stuff. Nobody ever released malware for Windows Mobile.
- 2 Bunny
kainppc6700 said:
So many people have Android devices now that it ruins it for everyone. That is what makes it a popular platform for that kind of stuff. Nobody ever released malware for Windows Mobile.
- 2 Bunny
Click to expand...
Click to collapse
I don't see the issue I download everywhere and even sites I know aren't protected yet I have no malware or problems.
Sent from my SPH-D700 using xda premium
Alias8818 said:
What software do you have to protect yourself/information?
Click to expand...
Click to collapse
My brain
VIRUS Reply
XxLostSoulxX said:
I don't see the issue I download everywhere and even sites I know aren't protected yet I have no malware or problems.
Sent from my SPH-D700 using xda premium
Click to expand...
Click to collapse
Same here. What kind of places do you actually have to go to to get a virus?
- 2B
kainppc6700 said:
Same here. What kind of places do you actually have to go to to get a virus?
- 2B
Click to expand...
Click to collapse
Most likely, any Russian or Chinese market for cracked apps, as most of the infected apps come from these two regions.
Also, any hacker board for cracked apps has a higher than average chance of having an infected app
SECURITY ON MOBILE Reply
DCRocks said:
Most likely, any Russian or Chinese market for cracked apps, as most of the infected apps come from these two regions.
Also, any hacker board for cracked apps has a higher than average chance of having an infected app
Click to expand...
Click to collapse
I don't live in Russia or China, so I can't say I've ever been to one of these "cracked markets".
Could you provide an example of a "hacker board for cracked apps"?
- 2B
Used to use lookout, but I flash my phone so often I haven't downloaded it in a while.
Sent from my SPH-D700 using XDA
Is someone more technical than me able to tell me if the stock 5.0.1 Tmobile has us on vulnerable to this?
http://blog.zimperium.com/experts-found-a-unicorn-in-the-heart-of-android/
Yes. Even the nexus 5 on 5.1.1 is still vulnerable. Google has already distributed a patch to all carriers, but as far as I know, none of the carriers have actually released it. The only patched rom so far is the most recent cyanogenmod 12.1 nightlies
acdcflame said:
Yes. Even the nexus 5 on 5.1.1 is still vulnerable. Google has already distributed a patch to all carriers, but as far as I know, none of the carriers have actually released it. The only patched rom so far is the most recent cyanogenmod 12.1 nightlies
Click to expand...
Click to collapse
Switched to the CM nightly today. It's going to take for ever for Samsung to get this patch of there.
Sent from my SM-N910T using XDA Free mobile app
Turn off auto retrieve in mms settings of you messaging app and only accept vids and pics from close friends! It's an annoyance but it'll keep you safe for now!
I have also heard you can just use hangouts as your default text app and avoid the issue all together.
Sent from my SM-N910T using XDA Free mobile app
ShrekOpher said:
I have also heard you can just use hangouts as your default text app and avoid the issue all together.
Sent from my SM-N910T using XDA Free mobile app
Click to expand...
Click to collapse
I'm not so sure seeing as it centers around that video being downloaded with the virus automatically before you even open it but if true that would be nice!
Dvanzutphenkann said:
I'm not so sure seeing as it centers around that video being downloaded with the virus automatically before you even open it but if true that would be nice!
Click to expand...
Click to collapse
Hangouts uses a cloud based system to handle mms. Basically everything goes through Google Photos. The pictures and videos are the loaded to you phone once you click on them. As long as you dont click on a video or picture from someone you dont know, it would never reach your phone and thus not be an issue.
Sent from my SM-N910T using XDA Free mobile app
ShrekOpher said:
Hangouts uses a cloud based system to handle mms. Basically everything goes through Google Photos. The pictures and videos are the loaded to you phone once you click on them. As long as you dont click on a video or picture from someone you dont know, it would never reach your phone and thus not be an issue.
Sent from my SM-N910T using XDA Free mobile app
Click to expand...
Click to collapse
Do you have a link to a reference on that?
I ask this because the guys that originally found the exploit stated that depending on what SMS app you use, you may not even know you were infected, hangouts being one of those.
(Joshua) Drake found that when the exploit code was opened in Google Hangouts it would “trigger immediately before you even look at your phone… before you even get the notification”.
Click to expand...
Click to collapse
http://www.forbes.com/sites/thomasbrewster/2015/07/27/android-text-attacks/
pcriz said:
Do you have a link to a reference on that?
I ask this because the guys that originally found the exploit stated that depending on what SMS app you use, you may not even know you were infected, hangouts being one of those.
http://www.forbes.com/sites/thomasbrewster/2015/07/27/android-text-attacks/
Click to expand...
Click to collapse
Drake found that when the exploit code was opened in*Google Hangouts it would “trigger immediately before you even look at your phone… before you even get the notification”
The above is true, but hangouts allows you to approve the messages which hold them in photos before they are delivered. You can also block all sms message that are not from contacts in hangouts.
See the screen shot below. The stock messaging app on many android phones does not have this option.
Also hangouts can be updated without a carrier approval so they will address it in the next update. The infamous hangouts 4.0.
Sent from my SM-N910T using XDA Free mobile app
ShrekOpher said:
Drake found that when the exploit code was opened in*Google Hangouts it would “trigger immediately before you even look at your phone… before you even get the notification”
The above is true, but hangouts allows you to approve the messages which hold them in photos before they are delivered. You can also block all sms message that are not from contacts in hangouts.
See the screen shot below. The stock messaging app on many android phones does not have this option.
Also hangouts can be updated without a carrier approval so they will address it in the next update. The infamous hangouts 4.0.
Sent from my SM-N910T using XDA Free mobile app
Click to expand...
Click to collapse
I suppose the clarification I wanted to get out there is that this isnt some inherently present functionality without some forethought to change those settings. So hangouts like any other text app needs to be made secure enough to prevent the exploit if you are not running a patched build. Just making sure the people reading don't get a false sense of security simply because they are using Hangouts.
pcriz said:
I suppose the clarification I wanted to get out there is that this isnt some inherently present functionality without some forethought to change those settings. So hangouts like any other text app needs to be made secure enough to prevent the exploit if you are not running a patched build. Just making sure the people reading don't get a false sense of security simply because they are using Hangouts.
Click to expand...
Click to collapse
In all reality this is just a puff piece to try and make Apple who is losing market share look more secure and to get this Drake guys name in some press. The threat HAS NOT BEEN SEEN IN THE WILD, and its very likely Drake is the only one to ever produce it.
Its also very low class to unveil a zero day exploit that you know hasn't been patched and that no one else has found. Dude just wants the fame, in reality no one is at risk as long as it gets patched in the near future (months) . And if that douche would have kept his mouth shut and just let Google know and not the press none of us would have been at risk at all.
Sent from my SM-N910T using XDA Free mobile app
ShrekOpher said:
In all reality this is just a puff piece to try and make Apple who is losing market share look more secure and to get this Drake guys name in some press. The threat HAS NOT BEEN SEEN IN THE WILD, and its very likely Drake is the only one to ever produce it.
Its also very low class to unveil a zero day exploit that you know hasn't been patched and that no one else has found. Dude just wants the fame, in reality no one is at risk as long as it gets patched in the near future (months) . And if that douche would have kept his mouth shut and just let Google know and not the press none of us would have been at risk at all.
Sent from my SM-N910T using XDA Free mobile app
Click to expand...
Click to collapse
It's not even really about Google dropping the ball after the fact. Google has already released the patch, it just hasn't been implemented across the various OEMs. Just because it has yet to be exploited doesnt mean it shouldn't be brought to light. In fact the exploit was found in APRIL and the article I cited was posted June 27th. Also Google has its own team of software nerds that do this very thing. Find vulnerabilities in software and give the authors a window to respond before publishing it. Of course the last 0day exploited posted to google for windows 8.1 was published 90 days after its finding but the person who found it NEVER contacted Microsoft..
This is why I would be weary of trying to call this dude out as starved for attention when our beloved Google does the same thing his firm does.
I'm sorry but I am all for transparency when it comes to security issues no matter how big or small. Especially in this mobile world we live in.
And now more potential hackers have been made aware of this.
StageFright defense
ChompSMS has patched their sms app from running StageFright, fingers crossed, you will see the explanation when you search PS for it
---------- Post added at 08:06 PM ---------- Previous post was at 08:03 PM ----------
pcriz said:
It's not even really about Google dropping the ball after the fact. Google has already released the patch, it just hasn't been implemented across the various OEMs. Just because it has yet to be exploited doesnt mean it shouldn't be brought to light. In fact the exploit was found in APRIL and the article I cited was posted June 27th. Also Google has its own team of software nerds that do this very thing. Find vulnerabilities in software and give the authors a window to respond before publishing it. Of course the last 0day exploited posted to google for windows 8.1 was published 90 days after its finding but the person who found it NEVER contacted Microsoft..
This is why I would be weary of trying to call this dude out as starved for attention when our beloved Google does the same thing his firm does.
I'm sorry but I am all for transparency when it comes to security issues no matter how big or small. Especially in this mobile world we live in.
Click to expand...
Click to collapse
I'm with you, what's really hilarious is that when I called the nation's largest carrier, and as usual I was transferred 3 times for a simple question, no one knew of the SF exploit, what does the word EMAIL or MEMO mean again Verizon??
Sprint released their patch specifically for stagefright...
The other major carriers will soon follow!
Do not download the Korean version released today 910t3...
You may be sorry!
But that's just my 2 cents...
acdcflame said:
Yes. Even the nexus 5 on 5.1.1 is still vulnerable. Google has already distributed a patch to all carriers, but as far as I know, none of the carriers have actually released it. The only patched rom so far is the most recent cyanogenmod 12.1 nightlies
Click to expand...
Click to collapse
So would the latest cm nightly rom from here be good to go? http://forum.xda-developers.com/not...-temaseks-unofficial-cm12-0-build-v9-t3066174
There is an app called stage fright detector in the playstore that can tell you if you are vulnerable.
Sent from my SM-N910T using Tapatalk
I was reading about drammer and how they have tested multiple phones on unrooting them? could someone possibly get this to work on the S7? i know it wont lead to roms, and i have no clue if this is really helpful but i just wanted to ask. and to also inform them about the this new threat.
I tried posting the web link but im "new" (what i get for not posting as much) you can just google Drammer and it should come out it is also named Rowhammer bitflips
Enlighten us. What the heck is the drammer process? You introduced the subject so let us know exactly what it is and how it works. I don't want to search.
gaz189 said:
I was reading about drammer and how they have tested multiple phones on unrooting them? could someone possibly get this to work on the S7? i know it wont lead to roms, and i have no clue if this is really helpful but i just wanted to ask. and to also inform them about the this new threat.
I tried posting the web link but im "new" (what i get for not posting as much) you can just google Drammer and it should come out it is also named Rowhammer bitflips
Click to expand...
Click to collapse
Drammer roots phones, it doesn't unroot phones from what i've read....
I downloaded the apk to test if you are vulnerable and i didn't see any flips, so we may not be vulnerable. It's still too early to tell at this point...
Here is the link for the test app....
https://www.vusec.net/projects/drammer/
Also need to look in to the DirtyCow root process....
https://nakedsecurity.sophos.com/2016/10/25/dirtycow-linux-hole-works-on-android-too-root-at-will/
dkb218 said:
Enlighten us. What the heck is the drammer process? You introduced the subject so let us know exactly what it is and how it works. I don't want to search.
Click to expand...
Click to collapse
DylanTheVillian said:
Drammer roots phones, it doesn't unroot phones from what i've read....
I downloaded the apk to test if you are vulnerable and i didn't see any flips, so we may not be vulnerable. It's still too early to tell at this point...
Here is the link for the test app....
https://www.vusec.net/projects/drammer/
Click to expand...
Click to collapse
dkb: i will explain further when i am out of school and work.
and dylan that stress app is not used for unrooting it was simply a field test where they can see which phones can be compromised. but what i meant was in the same way they did can someone possibly look into developing a way. because if you scroll down they released the templating code. which they also mention they have not released it as a exploit but maybe they will and maybe from that code someone can compile a root maybe?
gaz189 said:
dkb: i will explain further when i am out of school and work.
and dylan that stress app is not used for unrooting it was simply a field test where they can see which phones can be compromised. but what i meant was in the same way they did can someone possibly look into developing a way. because if you scroll down they released the templating code. which they also mention they have not released it as a exploit but maybe they will and maybe from that code someone can compile a root maybe?
Click to expand...
Click to collapse
I'm not sure you know what you're talking about... you keep saying "unroot" that would be to remove root... the exploit roots phones and allows us to gain root not remove it....
And That is exactly what i said.... "I downloaded the apk to test if you are vulnerable and i didn't see any flips, so we may not be vulnerable."
DylanTheVillian said:
I'm not sure you know what you're talking about... you keep saying "unroot" that would be to remove root... the exploit roots phones and allows us to gain root not remove it....
And That is exactly what i said.... "I downloaded the apk to test if you are vulnerable and i didn't see any flips, so we may not be vulnerable."
Click to expand...
Click to collapse
sorry I am meaning root, just getting things mixed up, and yeah but they also stated not all device may be ticked at the same time, it can be when device is on low battery.. stuff like that. or simply we might be vulnerable, but we wont know till someone actually tries it out
DylanTheVillian said:
I'm not sure you know what you're talking about... you keep saying "unroot" that would be to remove root... the exploit roots phones and allows us to gain root not remove it....
And That is exactly what i said.... "I downloaded the apk to test if you are vulnerable and i didn't see any flips, so we may not be vulnerable."
Click to expand...
Click to collapse
Curious... How long did it run with you? I'm running it atm (its been over 45 mins) on aggresive and its still running... ..
djr4x4 said:
Curious... How long did it run with you? I'm running it atm (its been over 45 mins) on aggresive and its still running... ..
Click to expand...
Click to collapse
I didn't run on aggressive I left it at default and it didn't run for more than 2 minutes...
Is your device still responsive? Is the word flip or flips in any of the output on the screen?
Sent from my SM-G935U using Tapatalk
Still responsive and its still running.. the times i have glanced at it.. flips is still at 0.. its running right now and im using the phone to type this..
Sent from my SM-G935T using Tapatalk
---------- Post added at 05:56 PM ---------- Previous post was at 05:53 PM ----------
Just finished and showed 0 flips..
Sent from my SM-G935T using Tapatalk
So far, "Drammer," as the researchers have dubbed their exploit, has successfully rooted the following handsets: the Nexus 4, Nexus 5, and G4 from LG; Moto G models from 2013 and 2014 made by Motorola; the Galaxy S4 and Galaxy S5 from Samsung; and the One from OnePlus. In some cases, the results aren't always consistent. For example, only 12 of the 15 Nexus 5 models were successfully rooted, while only one of two Galaxy S5 were compromised.
Click to expand...
Click to collapse
ref: http://arstechnica.com/security/201...tflips-to-root-android-phones-is-now-a-thing/
It's not even a sure bet with the Samsung phones two generations ago. So I doubt that it'll work.