I got this head unit installed in my car recently. https://www.joyingauto.com/newest-j...ar-stereo-apple-carplay-radio-android-10.html
Everything works pretty well apart from one thing. I can't add my Google account because the setup app crashes - the moment the email input screen appears the it just closes and I don't know why. I updated the software to the latest version (so the head unit got factory resetted), cleared Play Services data, checked Play services permissions (everything is granted) and I have no more ideas what can cause it. It also happened on the firmware the head unit came with.
Also, I tried to install Youtube Vanced with it's microG module and when I tried to sign it there it also crashes in the same spot - on the email input screen.
Any ideas how to fix it or add Google account in a different way?
I have the same issue after resetting to factory defaults.
https://www.forum-joyingauto.com/online.php
I'm struggling with this right now too ever since updating to their latest firmware. I've been going back and forth with them but thus far no luck. They sent me an updated installer last night but it didn't fix the problem.
techy101 said:
I'm struggling with this right now too ever since updating to their latest firmware.
Click to expand...
Click to collapse
Same
As of last my email with Joying last night they seem to have acknowledged the issue and have passed the issue to their engineer(s) and have said they will be in touch when a fix has been found.
Hi guys I got mine working. Go to apps hit the 3 dots show system apps look for Google play services and uninstall system update. Hard power of the device. You should now be able to set up your Google account. If there's steps don't work the only other step I done was update android system Web view good luck
Burnzy56 said:
Hi guys I got mine working. Go to apps hit the 3 dots show system apps look for Google play services and uninstall system update. Hard power of the device. You should now be able to set up your Google account. If there's steps don't work the only other step I done was update android system Web view good luck
Click to expand...
Click to collapse
After you uninstall the update to Google play services you should now be able to see clear data available in the options for Google play services
Joying emailed me this. It worked... had to reinstall everything though
Do not worry friend, we know this google account issue.
After looking into this google account this issue, we find that google server has upgraded, now we need to upgrade and adjust our software to make it compatible with google server, so pls try below new firmware to see if it can fix this google service issue.
(the upgrade steps is the same, below firmware only has 2 file after unzip, just need to upgrade your head unit with these 2 files)
https://drive.google.com/file/d/1aSGUljOrqwF8cFSIHKyrYSOhthDBHcqT/view?usp=sharing
EDIT:
Hey guys,
I had the same Google account login issues, after contacting them they sent me a link to two changed files to copy onto their original firmware update. I updated with this new "firmware" and my Google account worked.
Then 2 days later (March 17th 2021) my Google account was compromised for the first time in 15 years. I only use that password for my Google account so I don't know how it was hacked but the audit logs say they just input my password.
They opened up a Google Adwords account and started selling fortnight ads, then attempted to get into my brokerage account, then logged into a dormant Etsy account and tried to do something with square before I caught on (40min total in my account). They were quickly deleting any account emails that came in so I wouldn't notice them.
I am highly suspicious of this new update to my head unit. The timing is spot on, and I haven't used my Google account anywhere other than my phone and this Joying unit.
I am very concerned now about the security of this device. I also don't understand the claim that "Google updated their servers". Smells very fishy to me, and I hope somebody that knows more about device security can figure this out.
explorer_200 said:
Joying emailed me this. It worked... had to reinstall everything though
Do not worry friend, we know this google account issue.
After looking into this google account this issue, we find that google server has upgraded, now we need to upgrade and adjust our software to make it compatible with google server, so pls try below new firmware to see if it can fix this google service issue.
(the upgrade steps is the same, below firmware only has 2 file after unzip, just need to upgrade your head unit with these 2 files)
https://drive.google.com/file/d/1aSGUljOrqwF8cFSIHKyrYSOhthDBHcqT/view?usp=sharing
Click to expand...
Click to collapse
Hi mate what tipe of head unit is this link for. Is in the 13.3" screen
Joying 9" for my 2008 Tacoma
Newest Android 10.0 9 inch Android Car Radio For Toyota Tacoma 2005-2015 Apple CarPlay
SKU: JY-TQ187N4G-BShip From: Chinese WarehouseCPU: UIS7862 12nm Dual ARM Cortex-A75 + Six ARM A55Ram: LPDDR4 4GB Rom:EMMC 64GBSupport Bluetooth, WiFi, DVR, OBD2, Back-Up Camera
www.joyingauto.com
Joying emailed me this. It worked. For unit JY-UQB09N4G-H
Please try to do as below:
Go to settings> click on blue phone icon button on bottom>click APPS> click Google Play Services Icon > Click "Storage and Cache"> click on both "Clear Cache" and "Clear Storage" Reflash with Firmware.
Here is the file: https://drive.google.com/file/d/1aSGUljOrqwF8cFSIHKyrYSOhthDBHcqT/view?usp=sharing
Following are the notes for the update:
1) You need to unzip the updated files on the Windows system.and then copy all the unzipped files (not the folder ) to the USB, which is formatted as FAT32.
and then insert it into the USB port which on the back of the head unit, it will be updated automatically.
2) Please do not unzip the files on the USB.
3) You better use the 32GB or less than 32GB USB.
Just today my Google account was hacked... I'm not sure if this update compromised it but I can't think of anything else that would have.
They claimed that the original didn't work because "Google updated their servers" but I'm starting to grow suspicious of nefarious code
explorer_200 said:
Just today my Google account was hacked... I'm not sure if this update compromised it but I can't think of anything else that would have.
They claimed that the original didn't work because "Google updated their servers" but I'm starting to grow suspicious of nefarious code
Click to expand...
Click to collapse
I also was just recently hacked, I have a joying as well and was able to put gmail account info in last month and then was hacked soon after. They set up some kind of advertising account which charged back to my credit card which was under google pay. I had to block the card and get a new one and visa. What should one do in this situation? Make a new google account with no personal info to use with the head unit?
6KayZee9 said:
I also was just recently hacked, I have a joying as well and was able to put gmail account info in last month and then was hacked soon after. They set up some kind of advertising account which charged back to my credit card which was under google pay. I had to block the card and get a new one and visa. What should one do in this situation? Make a new google account with no personal info to use with the head unit?
Click to expand...
Click to collapse
Wow, exactly what happened to me:
New Joying Android 10 UIS7862 Octacore 1.8GHz (4GB RAM, 64GB flash)
EDIT: XDA didn't like me attaching the photos, just got broken links so I'm sorry that they're embedded like this. Joying just sent me a review unit of their new 10.1" Android 10 head unit so I figured it should have its own thread. It looks...
forum.xda-developers.com
Email Joying about this. It's very bad
Does anyone know what the issue was? And what joying changed in the new firmware to fix it?
I've got an Allwinner T3 Head Unit with the same issue and lots of others with the same unit are also facing the problem. We've tried contacting the manufacturer for a firmware update but having no luck so far.
No idea, but the new firmware fixed the issue instantly for me.
I'm pretty concerned to see the reports of people getting hacked. I have 2-factor authentication and did not have a problem.
Related
I left my Nexus 7 in the airport. Once I discovered I left it I changed my Google password.
I have been checking the Android Device Manager daily to see if it registers on the service. It has not. Today when I checked ADM it is not listed as an option to search for anymore.
I went to Google Play and it is still listed there as one of my devices.
Does this mean that someone has logged on to a different google account with it. Is there someway I can still track it?
Thanks for any info.
Jason
More info from Google on ADM. Once someone logs out of a Google account on your device it is not able to be found again within Google's systems. This is complete BS but it's their position.
"Thank you for contacting Google Play Support.
Unfortunately the only way to see the device ID is to look in our systems by using a Google account. If we do not have the Google account unfortunately we cannot see that the device has been used or who has it. I do apologize for any inconvenience this may cause.
If there is any further questions or issues that I can help with feel free to respond to this e-mail or contacting us at support.google.com"
Capt-Capsaicin said:
I left my Nexus 7 in the airport. Once I discovered I left it I changed my Google password.
I have been checking the Android Device Manager daily to see if it registers on the service. It has not. Today when I checked ADM it is not listed as an option to search for anymore.
I went to Google Play and it is still listed there as one of my devices.
Does this mean that someone has logged on to a different google account with it. Is there someway I can still track it?
Thanks for any info.
Jason
Click to expand...
Click to collapse
I think so.... You can manage your accounts in the Settings... Think that someone has turned off WiFi or (if you have) 3G and then deleted your account and registered with his or completely wiped your N7. Tracking could be difficult if no software is installed like AVG Anit Virus that had a tracking option. But if he has wiped your N7 to factory reset I don't see a chance to get it back....
Hi Guys,
I have an issue with my new head unit, a fair few apps are not working properly, but worst of all is google play and its accounts.
If I disable all internet access and try to open google play, it tries to load, does its "checking info" thing, and then comes up with an error about network connectivity.
If I then provide the device with internet connectivity, try to open google play, or create a google account - it comes up with "Checking Info" then the app just closes without reason.
Anyone got any ideas why this might be the case?
James
Mine has been doing the same thing since a factory reset. My device is android v6.0.1. I'm going to try and reflash GAPPS.
Hello Guys, sorry for necroposting.
Did any of you found a solution for this error?
Thanks
Maybe you can try Google installer to update Google Play and install missing components:
Google Installer für Android - APK herunterladen
Lade Google Installer apk 3.0 für Android herunter. Easily install the Google Play Store in your Xiaomi smartphone.
m.apkpure.com
Will do. I'll post the results.
Thanks!
lcamaral said:
Will do. I'll post the results.
Thanks!
Click to expand...
Click to collapse
Did it work? Same issue here
Nope. I was able to update google play services and other google apps, but the issue still remains when I try to login on google through play services
Joying has an update if you email them. They sent me this:
Do not worry friend, we know this google account issue.
After looking into this google account this issue, we find that google server has upgraded, now we need to upgrade and adjust our software to make it compatible with google server, so pls try below new firmware to see if it can fix this google service issue.
(the upgrade steps is the same, below firmware only has 2 file after unzip, just need to upgrade your head unit with these 2 files)
https://drive.google.com/file/d/1aSGUljOrqwF8cFSIHKyrYSOhthDBHcqT/view?usp=sharing
edit
double post
Joying emailed me this:
Do not worry friend, we know this google account issue.
After looking into this google account this issue, we find that google server has upgraded, now we need to upgrade and adjust our software to make it compatible with google server, so pls try below new firmware to see if it can fix this google service issue.
(the upgrade steps is the same, below firmware only has 2 file after unzip, just need to upgrade your head unit with these 2 files)
https://drive.google.com/file/d/1aSGUljOrqwF8cFSIHKyrYSOhthDBHcqT/view?usp=sharing
explorer_200 said:
Joying emailed me this:
Do not worry friend, we know this google account issue.
After looking into this google account this issue, we find that google server has upgraded, now we need to upgrade and adjust our software to make it compatible with google server, so pls try below new firmware to see if it can fix this google service issue.
(the upgrade steps is the same, below firmware only has 2 file after unzip, just need to upgrade your head unit with these 2 files)
https://drive.google.com/file/d/1aSGUljOrqwF8cFSIHKyrYSOhthDBHcqT/view?usp=sharing
Click to expand...
Click to collapse
Hey guys,
I had the same Google account login issues, after contacting them they sent me a link to two changed files to copy onto their original firmware update. I updated with this new "firmware" and my Google account worked.
Then 2 days later (March 17th 2021) my Google account was compromised for the first time in 15 years. I only use that password for my Google account so I don't know how it was hacked but the audit logs say they just input my password.
They opened up a Google Adwords account and started selling fortnight ads, then attempted to get into my brokerage account, then logged into a dormant Etsy account and tried to do something with square before I caught on (40min total in my account). They were quickly deleting any account emails that came in so I wouldn't notice them.
I am highly suspicious of this new update to my head unit. The timing is spot on, and I haven't used my Google account anywhere other than my phone and this Joying unit.
I am very concerned now about the security of this device. I also don't understand the claim that "Google updated their servers". Smells very fishy to me, and I hope somebody that knows more about device security can figure this out.
Hi,
I just bought one android head unit from aliexpress for my car. While waiting it to arrive, I am setting up my tablet to see which interface and apps which I want to use later on after install. It just occurred to me that privacy and security is an issue I just thought off. Unlike your phone which is always with you. Your car may be
1. driven by someone else,
2. Serviced
3. Involve in an accident
4. Sold
5. Stolen
Situations like above mean that you can never be too sure about security and privacy. The reason most people get the android screen is to use navigation from the phone. While android auto is useful where user data is not stored in the vehicle, most android players are just mounted tablets in the car. I can think of some methods of security include.
1. Lock screen password
2. Using a different Google account
The first method anove is good since you can bring all your apps and profiles. Not sure how good is android lock screen is.
Second option means that some app profiles need to be rebuilt. Personal info is safe?
Any thoughts on the security?
First thing I'd point out is do you really want to have to unlock your screen every time you turn the ignition key? Your car key is your protection as long as no one else has access to it the same way it keeps your car from being stolen but then... Really you ask a good question, so many things to consider. I always have separate accounts for every device. It's less convenient but I have more control over what is exposed on a particular device; it's hard to keep an eye on all of them all the time.
A car device gives you an opportunity to add sort of a valet switch to keep anyone from snooping around when you have to part with your key. It would have to be a fairly large switch able to handle 10-15 Amp DC or a small one with a relay. Just add it in line with the red power wire.
Of course we're talking about Android, there is no real privacy. You can make it a little better by controlling what apps are allowed access to or don't use apps if possible and go through a browser that blocks everything. As you point out Android Auto keeps your private stuff off the HU and that is probably the better option. Android Auto is a proprietary standard and is not available to every HU and also doesn't work with every phones. Many of those Chinese HU have a screen mirroring app that is supposed to be more universal but there's no guaranty it will work either.
I would say if you want the most privacy get an iPhone and a HU with built in Carplay or one that is known to work with a Carplay USB dongle.
I see
Thanks for that. Will use separate accounts. What is the best app to transfer poi links? Sometimes I get links from phone to navigate. I am thinking of Google keep, however it needs an extra step to share keep notes. Better use some sort of shared messaging account so that the notes are always there. Open to suggestions
I agree that you should NOT use your prime Google account for your head unit. All your mail and Drive files will be available for everyone that accesses your car. Also, there's quite a big risk of leaking software on these units.
You can share POIs by simply placing them on a Google Map, and sharing that map with the account of your car's device. I have not found a way to create a map from the Maps app, so I tend to use the Maps browser interface. As follows: in your browser open Google Drive, then press the New button. Under More, select My Google Map. Then you can place or import POIs in that map. Share the map with your car account. You can always add additional POIs later to the map. This way, I have a single shared MyMap that I use to transfer POIs to my car.
To use this: In your car, open the Maps app, open the menu and select "My places". Your map should be visible under the "Maps" tab (last tab). You can now simply click a POI and navigate there. Need new POIs? Just add them to the shared map.
An alternative for individual POIs that you receive through Whatsapp is using the browser-based interface of whatsapp. Open Chrome on the unit, scan the barcode with the whatsapp app on the phone, and you can click the POI on the unit. That will open Maps or Waze or whatever you have configured.
One more tip: I invite my car for appointments.... Then if you fill in the location field in your home or office calender (in an application like Outlook or Google Calendar), that location will be in the Calendar app in the car as well. Maps will automatically pick that up from the calendar (and even warn you to leave on time if you happen to be in the car ).
MiS_NL said:
I agree that you should NOT use your prime Google account for your head unit. All your mail and Drive files will be available for everyone that accesses your car. Also, there's quite a big risk of leaking software on these units.
You can share POIs by simply placing them on a Google Map, and sharing that map with the account of your car's device. I have not found a way to create a map from the Maps app, so I tend to use the Maps browser interface. As follows: in your browser open Google Drive, then press the New button. Under More, select My Google Map. Then you can place or import POIs in that map. Share the map with your car account. You can always add additional POIs later to the map. This way, I have a single shared MyMap that I use to transfer POIs to my car.
To use this: In your car, open the Maps app, open the menu and select "My places". Your map should be visible under the "Maps" tab (last tab). You can now simply click a POI and navigate there. Need new POIs? Just add them to the shared map.
An alternative for individual POIs that you receive through Whatsapp is using the browser-based interface of whatsapp. Open Chrome on the unit, scan the barcode with the whatsapp app on the phone, and you can click the POI on the unit. That will open Maps or Waze or whatever you have configured.
One more tip: I invite my car for appointments.... Then if you fill in the location field in your home or office calender (in an application like Outlook or Google Calendar), that location will be in the Calendar app in the car as well. Maps will automatically pick that up from the calendar (and even warn you to leave on time if you happen to be in the car ).
Click to expand...
Click to collapse
Thanks for the tips. I was thinking of using Google Keep to share waypoints. I did try to send location from phone to the car account, but I think I need to access the email for it to work as it does appear in maps after sharing the POI. whatsapp Web is useful since most of the places I get are through WhatsApp. Did not think of this. However, this means the car chrome browser keep a record of whatsapp? I have managed to get waze to work and login to my account. So I have all the POIs. From waze. Entering a destination on the car is easy, but transferring from phone to car.
mystvearn said:
Thanks for the tips. I was thinking of using Google Keep to share waypoints. I did try to send location from phone to the car account, but I think I need to access the email for it to work as it does appear in maps after sharing the POI. whatsapp Web is useful since most of the places I get are through WhatsApp. Did not think of this. However, this means the car chrome browser keep a record of whatsapp? I have managed to get waze to work and login to my account. So I have all the POIs. From waze. Entering a destination on the car is easy, but transferring from phone to car.
Click to expand...
Click to collapse
Having a different Google account on your head unit versus your phone/pc, allows you to use Google drive.
Simply create a "share" folder on the car account google drive and share this with your phone/pc account. Everything that is not very privacy sensitive can be exchanged that way. Simple and straight-forward.
surfer63 said:
Having a different Google account on your head unit versus your phone/pc, allows you to use Google drive.
Simply create a "share" folder on the car account google drive and share this with your phone/pc account. Everything that is not very privacy sensitive can be exchanged that way. Simple and straight-forward.
Click to expand...
Click to collapse
Maps can be shared as well?
mystvearn said:
Maps can be shared as well?
Click to expand...
Click to collapse
Downloaded google maps as offline maps can't be shared AFAIK as they are stored in some weird format in multiple binary "blob" blocks inside your data folder. At least: I do not know how to do that. I tried it but I could not make it work. I'm not a Google Maps user anyway so I did not really try it extensively (, but I like to tinker and try).
Other maps for apps with offline maps like OsmAnd, Magic Earth and MNF Navigator work that way. As my PX5 WiFi is terribly slow I download the maps on my phone or pc and then copy them to my head unit. But as maps can be very big and my PX5 car WiFi is so slow, I use a USB-stick for that. I use Google Drive for GPX-routes, POIs, apks, etc. Everything below ~30MB.
You started this topic about security, privacy and the like and that's why I (and others) mentioned to use a separate account and why I mentioned how to share with drive.
There is of course a draw-back. Apps bought on your phone account will not be available on your car account, unless the app can be used in a "family group" and you add the car account to your family group. There are not so much apps supporting that though.
I mostly use open source apps from F-droid and Play Store. I'm a light user: navigation, DAB-radio and media player (and my JET and OneKey apk).
Yes. Already using a separate account like you suggested. Bought apps too on that account. Two cars share the same account. So I am fine with the current setup. Will try to explore more. Thanks
Wow I wish I had read this earlier
I had the Google account login issues after updating the firmware, after contacting Joying they sent me a link to two changed files to copy onto their original firmware update. I updated with this new "firmware" and my Google account worked.
Then 2 days later (March 17th 2021) my Google account was compromised for the first time in 15 years. I only use that password for my Google account so I don't know how it was hacked but the audit logs say they just input my password.
They opened up a Google Adwords account and started selling fortnight ads, then attempted to get into my brokerage account, then logged into a dormant Etsy account and tried to do something with square before I caught on (40min total in my account). They were quickly deleting any account emails that came in so I wouldn't notice them.
I am highly suspicious of this new update to my head unit. The timing is spot on, and I haven't used my Google account anywhere other than my phone and this Joying unit.
I am very concerned now about the security of this device. I also don't understand the claim by Joying that "Google updated their servers" and that is what broke Google authentication.
My unit is this:
SKU: JY-TQ187N4G
Ship From: Chinese Warehouse
CPU: Octa Core 1.8GHz. 64-bit high-performance processor
Ram: LPDDR4 4GB Rom:EMMC 64GB
Support Bluetooth, WiFi, DVR, OBD2, Back-Up Camera
I updated with this firmware sent to me by Joying, which broke google sign in:
https://drive.google.com/file/d/1J6f3gv8wt1rujAYePFQCXj1yUV3F-pYh/view
I emailed Joying and told them the firmware broke my Google sign in they sent me this email. I updated my firmware with it. I was then hacked 2 days later:
Do not worry friend, we know this google account issue.
After looking into this google account this issue, we find that google server has upgraded, now we need to upgrade and adjust our software to make it compatible with google server, so pls try below new firmware to see if it can fix this google service issue.
(the upgrade steps is the same, below firmware only has 2 file after unzip, just need to upgrade your head unit with these 2 files)
https://drive.google.com/file/d/1aSGUljOrqwF8cFSIHKyrYSOhthDBHcqT/view?usp=sharing
I have no idea what they mean by "Google server has upgraded". Sounds sketchy to me
explorer_200 said:
Wow I wish I had read this earlier
I had the Google account login issues after updating the firmware, after contacting Joying they sent me a link to two changed files to copy onto their original firmware update. I updated with this new "firmware" and my Google account worked.
Then 2 days later (March 17th 2021) my Google account was compromised for the first time in 15 years. I only use that password for my Google account so I don't know how it was hacked but the audit logs say they just input my password.
They opened up a Google Adwords account and started selling fortnight ads, then attempted to get into my brokerage account, then logged into a dormant Etsy account and tried to do something with square before I caught on (40min total in my account). They were quickly deleting any account emails that came in so I wouldn't notice them.
I am highly suspicious of this new update to my head unit. The timing is spot on, and I haven't used my Google account anywhere other than my phone and this Joying unit.
I am very concerned now about the security of this device. I also don't understand the claim by Joying that "Google updated their servers" and that is what broke Google authentication.
My unit is this:
SKU: JY-TQ187N4G
Ship From: Chinese Warehouse
CPU: Octa Core 1.8GHz. 64-bit high-performance processor
Ram: LPDDR4 4GB Rom:EMMC 64GB
Support Bluetooth, WiFi, DVR, OBD2, Back-Up Camera
I updated with this firmware sent to me by Joying, which broke google sign in:
https://drive.google.com/file/d/1J6f3gv8wt1rujAYePFQCXj1yUV3F-pYh/view
I emailed Joying and told them the firmware broke my Google sign in they sent me this email. I updated my firmware with it. I was then hacked 2 days later:
Do not worry friend, we know this google account issue.
After looking into this google account this issue, we find that google server has upgraded, now we need to upgrade and adjust our software to make it compatible with google server, so pls try below new firmware to see if it can fix this google service issue.
(the upgrade steps is the same, below firmware only has 2 file after unzip, just need to upgrade your head unit with these 2 files)
https://drive.google.com/file/d/1aSGUljOrqwF8cFSIHKyrYSOhthDBHcqT/view?usp=sharing
I have no idea what they mean by "Google server has upgraded". Sounds sketchy to me
Click to expand...
Click to collapse
sorry to hear this. any updates in the past few weeks?
btrcp2000 said:
sorry to hear this. any updates in the past few weeks?
Click to expand...
Click to collapse
I've used it with a fake account since then with no problems. Still unsure where the account was compromised but there was another member on this board with a similar issue
explorer_200 said:
I've used it with a fake account since then with no problems. Still unsure where the account was compromised but there was another member on this board with a similar issue
Click to expand...
Click to collapse
I've seen references to sharing things like map POIs from your real account to the fake account. Any other tips or workarounds you've put in place? I'm thinking I might use an app for vpn too.
btrcp2000 said:
I've seen references to sharing things like map POIs from your real account to the fake account. Any other tips or workarounds you've put in place? I'm thinking I might use an app for vpn too.
Click to expand...
Click to collapse
No but that sounds like a great idea. I'll look into it
Hello,
For context: My friend bought an essential phone a while back that her and her sister used for a while until supposedly an update released requiring them to sign into their google account. None of their credentials seemed to work and so they gave up on the phone all together and got new devices. My ancient LG G4 needs to be replaced and she offered me the phone if I could figure out how to get around the lock-out. At first I thought it'd be as simple as performing a factory reset or rooting the phone, etc.
Well, it turns out that they had already tried that. The lock-out persists even after a full factory reset was performed. I double-checked all of their credentials with them to make sure none of them worked. Nothing. Since I am locked out and the phone has been reset, installing rooting programs is much more difficult and I really don't know what options I have left. My only hunch at the moment is that there might be some way to use the shell on the fast loader to interface with the phone, but I doubt I'd have many permissions. I've scoured lots of forums and videos looking for new approaches, but many of them assume I have access to the phone and can install apps, etc. Does anyone have advice? Let me know if you need more info. Thank you!
Are you getting a message like "This Device was reset. To continue, sign in with a Google Account that was previously synced on this device"
If so, that is Factory Reset Protection (FRP). If the password on the Google account used on that phone was changed, it makes it even harder to solve.
I don't know if FRP can be bypassed on a PH-1. You could try searching for it.
ktmom said:
Are you getting a message like "This Device was reset. To continue, sign in with a Google Account that was previously synced on this device"
If so, that is Factory Lockout Protection (FRP). If the password on the Google account used on that phone was changed, it makes it even harder to solve.
I don't know if FRP can be bypassed on a PH-1. You could try searching for it.
Click to expand...
Click to collapse
Yes, that is exactly the message I received. At least now I know what that security measure is called. That might help me on my search. Thanks!
Nekomancer.exe said:
Yes, that is exactly the message I received. At least now I know what that security measure is called. That might help me on my search. Thanks!
Click to expand...
Click to collapse
I was able to bypass FRP on a used Essential Phone I got from eBay, which was running PPR1.180610.091 (August 2018 Pie release, the first one ever). Most instructions seem to involve using TalkBack or GBoard input settings to navigate to the online Help & Support activity, then searching for a help page that has a YouTube video to launch Chrome from there and download a replacement Google Account Manager and another app to force browser sign-in for Google accounts.
Hopefully, those hints will be enough to help figure out which instructions you find online are legitimate.
jabashque said:
I was able to bypass FRP on a used Essential Phone I got from eBay, which was running PPR1.180610.091 (August 2018 Pie release, the first one ever). Most instructions seem to involve using TalkBack or GBoard input settings to navigate to the online Help & Support activity, then searching for a help page that has a YouTube video to launch Chrome from there and download a replacement Google Account Manager and another app to force browser sign-in for Google accounts.
Hopefully, those hints will be enough to help figure out which instructions you find online are legitimate.
Click to expand...
Click to collapse
Good to know that can work on Essential Pie, I thought it was a fake video the 1St time I saw someone doing that on some other phone!
jabashque said:
I was able to bypass FRP on a used Essential Phone I got from eBay, which was running PPR1.180610.091 (August 2018 Pie release, the first one ever). Most instructions seem to involve using TalkBack or GBoard input settings to navigate to the online Help & Support activity, then searching for a help page that has a YouTube video to launch Chrome from there and download a replacement Google Account Manager and another app to force browser sign-in for Google accounts.
Hopefully, those hints will be enough to help figure out which instructions you find online are legitimate.
Click to expand...
Click to collapse
I appreciate your advice, but I've seen that one before and it no longer works with my release. The video never loads in, can't actually be clicked on to open. I'd need a more modern approach unfortunately.
I had the Google account login issues that many had in here, after contacting Joying they sent me a link to two changed files to copy onto their original firmware update. I updated with this new "firmware" and my Google account worked.
Then 2 days later (March 16th 2021) my Google account was compromised for the first time in 15 years. I only use this password for my Google account so I don't know how it was hacked but the Google Admin audit logs say the hacker just input my password.
They opened up a Google Adwords account and started selling fortnight ads, then attempted to get into my brokerage account, then logged into a dormant Etsy account and tried to do something with Square before I caught on (40min total in my account). They were quickly deleting any account change emails that came in so I wouldn't receive notices of changes.
I am highly suspicious of this new update to my head unit. The timing is spot on, and I haven't used my Google account anywhere other than my Pixel phones, Nvidia Shield, Laptop and this Joying unit.
I am very concerned now about the security of this device. I also don't understand the claim by Joying that "Google updated their servers" and that's why their firmware wasn't working with Google accounts. Smells very fishy to me, and I hope somebody that knows more about device security can help figure this out. I still have copies of the update that they sent me, but I will not be using this brand new head unit anymore with my Google Account.
I posted this thread because I have seen other comments about Google accounts being hacked and concerns about third party device security and thought it would be best to consolidate them here in one thread rather to take other threads on a tangent.
Just be aware that Joying in particular didn't have anything to do with it, they are just resellers and pass on software given to them by the actual manufacturer of the hardware, FYT. Also be aware, that data breaches are happening very often nowadays so that is also a possibility. I'm not defending the manufacturer in any way, but there's too many variables in order to single out the headunit itself. You did mention that you use this google account on your phone as well. It could be that you installed an app on your phone that stole your account information as well. Also a new "virus" has been discovered that disguises itself as a system update that can steal your info. Info here: https://www.androidpolice.com/2021/...retends-to-be-a-system-update-for-your-phone/
Only way to know for sure if it was the headunit itself is to use a new dummy Google account on it and see if it gets taken over as well. Also, I don't see the purpose of needing to login to Google on these devices anyways since we're not using them like phones and, me in particular, I don't consume streaming media on it so i don't give it network access at all. These new units have spotty GPS reception at best and sometimes i find myself forced to use Android Auto anyways so the only streaming media consumed is straight from my phone.
What I can recommend you do is install a firewall app on your headunit and monitor where it tries to connect and determine if it needs to access it or not. To put yourself at ease, I would change your password and enable 2 step authentication on your account.
Let us know if you decide to sideload a firewall app and post your results. With that info, we can take this concern up to Joying/Teyes/etc and have them press their supplier for information. I can assure you that with the proper evidence, the resellers will put some effort into fixing this wrongdoing, since they wouldn't want to tarnish their reputation and possibly lose out on some sales.
I was also hacked in mid March soon after installing a joying unit and connecting to my google account. The hacker opened a google ads account and used a credit card associated with my google account to charge 260 dollars to my visa. They would have charged more but my limit on the card is low for just this reason. Visa had to cancel my card and send me a new one. I never even connected the hack in my mind to the joying head unit until explorer_200 happened to post his experience, but this seems like far to much of a coincidence given that we both have had the same experience at the same time and all we have in common is the joying unit.
I agree that it may not be something joying knows about, but its probably a good idea to see how many have been affected by this hack. For now I will be setting up a locked down google account just for the joying box and my head unit will only be connected to apps that are no real risk to my passwords and personal data.
I need to login to google to use voice commands and google assistant as well.
explorer_200 said:
I posted this thread because I have seen other comments about Google accounts being hacked and thought it would be best to consolidate them in one thread.
Click to expand...
Click to collapse
Could you please link to these other comments. Right now there is just your say so which is a sample size of one. Not doubting what you are saying, but correlation is not necessarily causation.
6KayZee9 said:
I never even connected the hack in my mind to the joying head unit until explorer_200 happened to post his experience, but this seems like far to much of a coincidence given that we both have had the same experience at the same time and all we have in common is the joying unit.
Click to expand...
Click to collapse
That is flawed logic.
Allow me to use similar thinking in another way.
I notice that everytime I go outside when it is raining, there are people with umbrellas. I deduct that it is too much of a coincidence to see people with umbrellas when it is raining to think they are not linked. I don't see these same people carrying umbrellas when it is not raining. I can only conclude that the umbrellas are causing the rain.
You say that you and one other have the same head unit and have been hacked therefore it is the headunit's fault. DO a survey on how many people with Samsung phones were hacked yesterday and get back to me to let me know if the number was greater than two.
We can then move on from there.
Once bitten, twice shy... learn or get burned.
If you had a secure password that you managed well until 2 days ago that should narrow down your list of suspects substantially.
Time to take out the trash...
Results are all that matter; take out anything that might have been involved. The napalm method.
Overkill yes, but it's effective.
Breaching your Google account is completely unacceptable and I go nuts on anything/one that was potentially involved.
explorer_200 said:
I had the Google account login issues that many had in here, after contacting Joying they sent me a link to two changed files to copy onto their original firmware update. I updated with this new "firmware" and my Google account worked.
Then 2 days later (March 16th 2021) my Google account was compromised for the first time in 15 years. I only use this password for my Google account so I don't know how it was hacked but the Google Admin audit logs say the hacker just input my password.
They opened up a Google Adwords account and started selling fortnight ads, then attempted to get into my brokerage account, then logged into a dormant Etsy account and tried to do something with Square before I caught on (40min total in my account). They were quickly deleting any account change emails that came in so I wouldn't receive notices of changes.
I am highly suspicious of this new update to my head unit. The timing is spot on, and I haven't used my Google account anywhere other than my phone and this Joying unit.
I am very concerned now about the security of this device. I also don't understand the claim by Joying that "Google updated their servers" and that's why their firmware wasn't working with Google accounts. Smells very fishy to me, and I hope somebody that knows more about device security can help figure this out. I still have copies of the update that they sent me, but I will not be using this brand new head unit anymore with my Google Account.
I posted this thread because I have seen other comments about Google accounts being hacked and thought it would be best to consolidate them in one thread.
Click to expand...
Click to collapse
If you're not using MFA/2FA on your account(s) expect it be a matter of time until your account(s) be compromised again.
The joying update is what I would call purely coincidence and post hoc (Post hoc ergo propter hoc.)
Exactly this, without hard evidence that the Joying/Teyes/etc update is the cause of your Google account getting hacked, this is all pure coincidence. So far I'm aware of only 2 reports of accounts getting hacked, @explorer_200 and @6KayZee9. I've been lurking "the other" forum and i haven't seen any reports there either. Get some evidence to back up your claims and then start pointing fingers and have fyt (the software comes from them) be held accountable.
gamer765 said:
Exactly this, without hard evidence that the Joying/Teyes/etc update is the cause of your Google account getting hacked, this is all pure coincidence. So far I'm aware of only 2 reports of accounts getting hacked, @explorer_200 and @6KayZee9. I've been lurking "the other" forum and i haven't seen any reports there either. Get some evidence to back up your claims and then start pointing fingers and have fyt (the software comes from them) be held accountable.
Click to expand...
Click to collapse
It's not so much as proving anything as it is plugging the most probably source(s) of the leak to prevent it from ever happening again for the user.
If that means never using the software even the hardware, it's a small price to pay.
An OS reload may also be good idea at this point on all potentially infected devices and another password reset. Go nuts... this could get real messy if it's in the data drive and gets into the backups.
The perp may only target high value targets and leave the smaller fish be giving the illusion the site, software or whatever is safe.
blackhawk said:
Once bitten, twice shy... learn or get burned.
If you had a secure password that you managed well until 2 days ago that should narrow down your list of suspects substantially.
Time to take out the trash...
Results are all that matter; take out anything that might have been involved. The napalm method.
Overkill yes, but it's effective.
Breaching your Google account is completely unacceptable and I go nuts on anything/one that was potentially involved.
Click to expand...
Click to collapse
Have you considered aliens? Or ghosts? They both fit in with your assumptions thus far.
I guess you failed statistics 101. Your conclusion is flawed. You have failed to take into account the number of hackers in the world that were active 2 days ago and you have failed to take into account all the other apps you have attached to your account / sideloaded onto other devices that have access to that account.
Do that and then you are starting to get somewhere.
By all means change your password. But don't attempt to pass off your unsubstantiated claim as fact or anywhere in the realms of probability without some data to back it up.
ludditefornow said:
I guess you failed statistics 101. Your conclusion is flawed.
By all means change your password. But don't attempt to pass off your unsubstantiated claim as fact or anywhere in the realms of probability without some data to back it up.
Click to expand...
Click to collapse
If every 1 in 1k accounts gets hacked by an unscrupulous site or device and you're that one, you're still statistically 100% boned
The OP should suspect the use of their Google password; it's probably the most recent sites it was used on or the device.
I'd purged both, no remorse...
blackhawk said:
If every 1 in 1k accounts gets hacked by an unscrupulous site or device and you're that one, you're still statistically 100% boned
Click to expand...
Click to collapse
What does that have to do with the subject at hand? The ramification from being hacked has nothing to do with how one was hacked based on the OP.
And besides, the OP wasn't 100% boned as you put it. It was less than an hour before they realised and steps were taken to counter the hack. They had a couple of hundred dollars put on a card that will be reversed no doubt.
So that is another statistic failure. Friendly advice. Stop posting about stats in anyway until you get the fundamentals of them right
ludditefornow said:
What does that have to do with the subject at hand? The ramification from being hacked has nothing to do with how one was hacked based on the OP.
And besides, the OP wasn't 100% boned as you put it. It was less than an hour before they realised and steps were taken to counter the hack. They had a couple of hundred dollars put on a card that will be reversed no doubt.
So that is another statistic failure. Friendly advice. Stop posting about stats in anyway until you get the fundamentals of them right
Click to expand...
Click to collapse
You're the one that wanted a go at me.
Is that all you got?
All my data is redundantly* backed up without Google but some use it to back up everything.
Some have a lot to lose in just a couple minutes with a hacked Google account.
Don't trivialize it... on my account
Boy you guys are grumpy, neither of us are saying anything is definitively joyings fault, however its a much bigger coincidence when you consider that neither of us ever had a problem til now and ive had gmail since soon after it came online. Here is an alternate hypothesis I have carwebguru on my head unit as well. Maybe both explorer_200 and I have it on our head units and that code is the true culprit. Other than that all my apps ive had for a long time. Im not really sure that I believe this is all that sophisticated unless its on a huge scale since they only got a few hundred from visa and or google. And for that they have some pretty powerful entities who may now be taking an interest. We are just sending all this up the flag pole to see how many salute...
blackhawk said:
You're the one that wanted a go at me.
Is that all you got?
All my data is redundantly* backed up without Google but some use it to back up everything.
Some have a lot to lose in just a couple minutes with a hacked Google account.
Don't trivialize it... on my account
Click to expand...
Click to collapse
I'm not trivalizing being hacked at all. I think you need to reread my posts. Because your response tells me you haven't understood them.
Wow. I didn't expect this to be a controversial thread. I've seen a few posts in here from people who have gone through the code on these units and found Chinese URL's that don't appear to have any uses. I am not definitively saying anything here, but Reddit is full of people wary of running Android on these devices because they have such huge potential to be compromised.
I am VERY careful with my Google account information online. I am highly aware of phishing schemes, and haven't used an external device other than my Pixel2, Pixel4, Laptop, Nvidia Shield, to log into Google in over 5 years.
The attack was similar in both of our cases, and happened within a few days of us logging into Google with a new Joying head unit (that had verified Google Login issues from a 2021 firmware update)
Anyways... I've changed my Google password 3 times since this happened, and am monitoring my Google audit log multiple times per day. So far so good, but unfortunately I won't be using this head unit with my Google account going forward
After activating my Google account on the new Navifly headunit, I received a notification from Google that I need to change all passwords (about 350 pieces). In addition, all contacts from the phonebook (on the mobile phone) and automatic backup have disappeared. I deactivated the account on headunit, but it didn't help. I plan to contact Google to see if they can help me.
nenadhebiv said:
After activating my Google account on the new Navifly headunit, I received a notification from Google that I need to change all passwords (about 350 pieces). In addition, all contacts from the phonebook (on the mobile phone) and automatic backup have disappeared. I deactivated the account on headunit, but it didn't help. I plan to contact Google to see if they can help me.
Click to expand...
Click to collapse
This doesn't make any sense.
I'll say it again; enable 2fa/mfa on your Google account.
If not using multifactor authentication or doing questionable things like accepting apps access to your Google account, expect to be compromised.
nenadhebiv said:
After activating my Google account on the new Navifly headunit, I received a notification from Google that I need to change all passwords (about 350 pieces). In addition, all contacts from the phonebook (on the mobile phone) and automatic backup have disappeared. I deactivated the account on headunit, but it didn't help. I plan to contact Google to see if they can help me.
Click to expand...
Click to collapse
Actually I lost all my Google contacts as well with the Joying unit, but I found out it had to do with the bluetooth syncing from my phone to the head unit. You've gotta disable it.
Search for "head unit deleted all my Google Contacts" and you'll see lots of threads.