If you have a device password set then you think you are safe? Not necessarily if you also have some toolbar apps, like xBar or Pocket Nav.
On the xda you can get to the start menu and run programs by following these steps. For this example I use PocketNav.
Tap on the Pocket Nav icon and close the Password program.
Press the green Phone button to start the Phone application.
Type *#06#
The Start menu appears and you can now run programs that appear in the menu, and change settings and access data, but not run files in the Programs folder.
A soft reset puts the device back to normal.
8)
The password is like a car door lock--only keeps the average casual observer out. Your data is unencrypted and accessible in a variety of ways. If you have sensitive data, get encryption. Things like CodeWallet Pro are great for specific items, or get a system-level encrypter to hide contacts, schedule, etc.
Carlos said:
The password is like a car door lock--only keeps the average casual observer out. Your data is unencrypted and accessible in a variety of ways. If you have sensitive data, get encryption. Things like CodeWallet Pro are great for specific items, or get a system-level encrypter to hide contacts, schedule, etc.
Click to expand...
Click to collapse
All nice and well: you create an encrypted file-system on an SD-card. But given that the device has persistent RAM, I would tend not to trust any encryption solution at this time. I mean: anything you enter anywhere gets stored in RAM, and none of the regular Pocket PC user applications even attempt to clean up after themselves.
If I'm shown a text-aditor or an addressbook manager that was especially written to be secure, did not use things like the Pocket PC addressbook, and came with sourcecode, I could begin to trust it.
I guess it all depends on whether you need to store the launch codes for nuclear missiles or your Visa numbers. How much effort is a potential thief willing to put towards getting your device and then getting the data out?
The data in RAM can be encrypted also by most security programs. They don't create encrypted stores necessarily; they can encrypt the built-in contacts database for example.
Carlos said:
I guess it all depends on whether you need to store the launch codes for nuclear missiles or your Visa numbers. How much effort is a potential thief willing to put towards getting your device and then getting the data out?
The data in RAM can be encrypted also by most security programs. They don't create encrypted stores necessarily; they can encrypt the built-in contacts database for example.
Click to expand...
Click to collapse
Bruce Schneier said:
There are two kinds of cryptography in this world: cryptography that will stop your kid sister from reading your files, and cryptography that will stop major governments from reading your files. [...]
(preface to "Applied Cryptography")
Click to expand...
Click to collapse
Heh, exactly. Most of us only need to keep the "kid sister" or a person who finds a lost device out of our data. Some may need slightly more--to prevent a lost device from divulging a company secret, for example. If you really need to keep governments from reading data on your PPC, you should probably re-think your choice of storage device for such data.
I'm looking for some screen locking and encryption software for Windows Mobile 6 (or 6.1).
I'm looking for software that will lock the screen and buttons when the PDA is turned on, and require a password, either PIN or button entry.
I would also especially like a poison pill where the system would hard reset after a number of password failures, or failing that, at the very least it would autodelete the internal memory and PIM data. It would also be great if such a program had an OEM install for adding to one of DCDs ROMs, but that's more wishful thinking than an actual requirment.
I would be willing to pay for this software, but freeware is my first choice for obvious reasons.
Thanks to anyone who can help out.
Currently running Telus P4000 (aka Titan) with DCD 2.3.2, but willing to reflash to get the security software runing if necessary.
ncotton said:
I'm looking for some screen locking and encryption software for Windows Mobile 6 (or 6.1).
I'm looking for software that will lock the screen and buttons when the PDA is turned on, and require a password, either PIN or button entry.
I would also especially like a poison pill where the system would hard reset after a number of password failures, or failing that, at the very least it would autodelete the internal memory and PIM data. It would also be great if such a program had an OEM install for adding to one of DCDs ROMs, but that's more wishful thinking than an actual requirment.
I would be willing to pay for this software, but freeware is my first choice for obvious reasons.
Thanks to anyone who can help out.
Currently running Telus P4000 (aka Titan) with DCD 2.3.2, but willing to reflash to get the security software runing if necessary.
Click to expand...
Click to collapse
I don't know about a program will hard reset the phone on failure to authenticate, that is a hard one. But your phone should already have a security feature were you can add a pin to lock your phone or add a longer password.
Every time you boot up it will prompt you for a password.
built in security
The built in security can be bypassed by connecting to activesync, which is one of the reasons I want to replace it.
ncotton said:
The built in security can be bypassed by connecting to activesync, which is one of the reasons I want to replace it.
Click to expand...
Click to collapse
How can you bypass it through active sync?
I mean when I set the password and connected through active sync, it wouldn't sync or read unless i typed in the pin on my phone. It prompted me first and if i was unsuccessfull it would kick me off and not let active sync work.
PIN entry on PC
It's also possible to enter the PIN from the PC side (at least with WMDC on vista), which means it's easy to brute force the PIN.
There are programs that can do this, matter of fact, there are security programs out there that can remotley flash your phone should it ever get stolen or lost. Normally they are set up that you send a certain text mesage to your phone and it wipes itself clean. I just did a google search and found this: mSecure PDA
Features:
Function
Enforces security policies Windows Mobile, Palm OS and Symbian devices
Broad platform support including Windows Mobile, Palm OS
Reliable and automatic data protection, without downgrading the user experience
Protection on device or removable media using centrally-controlled, policy-based security
Remote data destruction if device is lost, stolen or subject to misuse
Sadly
"You're just a couple of steps away from an mSuite trial... Remeber that mSuite is for Enterprises only, requires a minimum of ten users for purchase and as an installer you will need Administrator rights to your corporate server. "
Click to expand...
Click to collapse
Cite
The price is ok, if I only had to buy it once that is. It seems like most of the software that does this is enterprise only.
There's another one called SafeGuard PDA but they discontinued the single user version before they got to WM6 compatability (and the WM5 version absolutely kills a WM6 device).
WM5
For anyone running WM5 who's looking at this thread someday, PocketSecure is a great program that does pretty much everything I was looking for but sadly isn't compatible with WM6 (or at least, the version I'm using anyway).
And I thought the cold war was over.
It seems if you guys want to get some James Bond gadgetry on your phones.
I understand this because we keep highly value data in our phones, but even if we do lose our phone they are is always a way to crack any locking mechanism or security measure if they have physical access to your device.
I mean if the other person is smart enough to do so.
True enough
I'm not planning on keeping national secrets on my PDA, it's just that I would like to keep some phone numbers on there that I don't want someone stumbeling upon if I'm draft enough to lose my phone or someone is quick enough to lift it.
The annoying thing is that there's a lot of decent software like this for Palm platforms. (TealLock, etc).
ncotton said:
I'm not planning on keeping national secrets on my PDA, it's just that I would like to keep some phone numbers on there that I don't want someone stumbeling upon if I'm draft enough to lose my phone or someone is quick enough to lift it.
The annoying thing is that there's a lot of decent software like this for Palm platforms. (TealLock, etc).
Click to expand...
Click to collapse
All security measures should start at the physical level. By not allowing others to steal our phones or lose them, but if you feel that you need software to secure your phone in any way check out.
http://www.handango.com/SoftwareCat...E97X&platformId=2&osId=993&N=4294913805+95886
they have many types of software that could help you. It is a start, better to be protected then not.
[email protected]$
Sorry mate, I'm not sure if I'm just missing something there or if I didn't what I'm looking for properly...
I've looked through the handango store and while it's got plenty of good software for encrypting a file (word doc etc) and plenty of good stuff for storing extra data like passwords and credit card info, all I really want is something that will lock the PDA and the built in PIM (contacts mainly) inforamation.
I'm *not* looking for a way to encrypt my storage card or individual files in main memory (and I've already got a password managent program that encypts that data and syncs it with my laptop).
P.S. It's not like I don't plan on keeping my phone secure, but the idea is that good security STARTS with physical security, it doesn't end there.
ncotton said:
Sorry mate, I'm not sure if I'm just missing something there or if I didn't what I'm looking for properly...
I've looked through the handango store and while it's got plenty of good software for encrypting a file (word doc etc) and plenty of good stuff for storing extra data like passwords and credit card info, all I really want is something that will lock the PDA and the built in PIM (contacts mainly) inforamation.
I'm *not* looking for a way to encrypt my storage card or individual files in main memory (and I've already got a password managent program that encypts that data and syncs it with my laptop).
P.S. It's not like I don't plan on keeping my phone secure, but the idea is that good security STARTS with physical security, it doesn't end there.
Click to expand...
Click to collapse
Hmm I have looked for some apps that describe your needs and found some, but they are for WM5 ...... you can try it out and see if it works. As some cabs from WM5 still work..
Well here is another website that might help out..
http://pocketpccentral.net/software/security.htm
Other then that I would recommend using google to search for your needs due to the fact that not many people here post about this.
http://www.truecrypt.org the windows version can install a program to mount a truecrypt encoded card on your PPC, but so far I dont think it can encrypt on it.
also found this http://www.microsoft.com/downloads/...CF-EF96-4567-B817-215E24668F75&displaylang=en
Dont know if these help, worth a look maybe.
I'm very confused, trying to make the leap from a PC (Windows and Linux),
where it is OBVIOUS how to distinquish one user in the household from another,
to my new B/N Nook Tablet.
Ok, so I'm now using my tablet. When I hit 'Home', my desktop shows that my logged-in email is an active app. (and so are a few others).
So, I completely power it down.
When I power it back up, I expected that my email would NOT be active.
But, it IS!
What if it was some OTHER household member who powered up the tablet?
(I do NOT want them, by default, seeing my email screen!)
Is there a solution? (Or should I just return this goofy 'tablet' to Barnes and Noble, and wait til next year to see if next-year's tablet OS works the
way most of us would want it to???)
For now, think of this tablet as a personal device such as a mobile phone. Pretty sure ICS works the same way too so it might be a long wait for you.
Ok.
Meanwhile, how do I explicitly shutdown (stop) my running apps
(e.g. my email app)?
Do I 'visit' each one, and find how each app handles stopping it?
Or, better...is there a 'task-mgr' (list) for my apps, so that I could select
them all and abort them?
You could get "advanced task killer" from the market. Not sure if it needs to be rooted or if you could just side load it.
Sent from my BNTV250 using Tapatalk
MonkeysInACan said:
You could get "advanced task killer" from the market. Not sure if it needs to be rooted or if you could just side load it.
Sent from my BNTV250 using Tapatalk
Click to expand...
Click to collapse
Hmm...I'm still a newbie to all this 'root' vs 'side-load' terminology.
Side-load just means: 'Get it first on a real PC, then plug-in the USB-cable
to the tablet, and 'move it over'?
To 'root' something seems to mean that, in Linux-terminology, I first need to
have 'root' (super-user) privs, right? (I saw a thread about how to 'root'
the device, but am unclear about DETAILS. Does it violate warranties?
(yada, yada) Also, I THINK I'm hearing that, right now, I can only use
the Barnes/Noble 'app store' and NOT to the generic Android 'app store'?
True/false?
Are you saying I might need 'root' to INSTALL the app 'adv task killer', or
to RUN 'adv task killer'? (or both?)
It sounds like you want to have some form of screen locker in place so when you power back up (or unsleep) you have to enter a code or a pattern. This prevents unauthorized access to your personal tablet.
You should be able to activate it from the settings menu.
Concerning multiple logins, the presumption is one user per device. As to 'working how "most of us" would want it to'... Most people do prefer it this way. If someone else wants their own tablet, they should get their own tablet.
>the presumption is one user per device.
This is a legacy of Android still being a phone OS. Tablet is a more social device, and safe bet is that multiuser acct handling will show up at some point. Hopefully, soon. Else, Win8 will do what Android can't.
Android still has a lot of holes it needs to fill, and I'm not talking about apps.
---------- Post added at 10:05 PM ---------- Previous post was at 09:56 PM ----------
@OP
You don't need to "close" apps in Android. The OS manages memory as needed per least-recently-used basis. Using apps such as "Task Killer" is inefficient and will shorten battery life. There've been many articles/posts written on this topic. Google to find.
What's recommended is to run something like System Panel (free app in market). Over time, it'll give you a profile of which app is eating up the most battery. Use that to remove apps that are power-hogs.
At least on my Android cell phone, hitting the Home key leaves the current application running. Hitting the "Back" key ends the application. Not sure if the NT has a "Back" function...
rmm200 said:
At least on my Android cell phone, hitting the Home key leaves the current application running. Hitting the "Back" key ends the application. Not sure if the NT has a "Back" function...
Click to expand...
Click to collapse
The NT does have a back key, but that behavior depends on how the app was designed and it not true for many apps. In fact, because of what e.mote described about Android's design for "backgrounded" apps, Google recommends that apps not be designed to close itself with the back button, menu command, etc except for special circumstances.
e.mote said:
>
[...]
@OP
You don't need to "close" apps in Android. The OS manages memory as needed per least-recently-used basis. Using apps such as "Task Killer" is inefficient and will shorten battery life. There've been many articles/posts written on this topic. Google to find.
What's recommended is to run something like System Panel (free app in market). Over time, it'll give you a profile of which app is eating up the most battery. Use that to remove apps that are power-hogs.
Click to expand...
Click to collapse
Ah, but that's the question/issue: i.e. I WANT to close this particular app (email), for
security reasons!
Are you saying that apps in Android are often NOT programmed with a
mechanism to STOP them?
By design, yes - most apps are not programmed to fully stop themselves - they remain resident in memory in case you return to that app - it reduces load times and allows content viewing sites (news readers, downloading the newest emails, periodic alerting tools, etc) to work in the background so the information is available when you want it without having to do a load at the time you bring up the app.
Any app that's paused (not the current focus) may be asked to relinquish resources by the OS in order to allow another app (with the current focus) the ability to run. This is all handled by the OS, and applications are expected to always be interruptable, thus constantly persisting their state as they are being used. This allows for something else to interrupt (such as a phone call or selection of another app, or an alert from your alarm program) with a reasonable expectation that whatever you were doing wasn't lost.
The security built into Android is the ability to require a passcode or pattern to unlock the phone when coming out of a sleep state. Failing to set that pattern or passcode is a failing of the user, not the OS.
Phones and Tablets, from the android perspective, are an extension of the person. Though I sometimes use my wife's NookColor, or she mine - it is a rare thing and any use beyond that by friends is always supervised.
Other tablet OSs may have the concept of 'logging in', but not Android.
So, I'm screwed? No way to get her email logged in?
Hmm...I HOPE I'm still missing something simple. (Otherwise, I'm
screwed, and I'll have to return this diabolical BEAST to the store.)
This unit is a gift for my wife for Xmas.
To familiarize myself with it, I setup and logged-in to my
Gmail acct.
Of course, NOW I want to:
'Log out' of my gmail, and setup the 'email app' to login to
her email (non-Gmail-based). [And, have THAT one be the
always-open email-acct, (tho I do NOT LIKE this 'feature'
of always-logged-in at all!)]
How do I do that? ('Rooting' this Nook Tablet is NOT an option, so
if that's part of your proposed "solution", forget it.)
TIA...
cookdav said:
Hmm...I HOPE I'm still missing something simple. (Otherwise, I'm
screwed, and I'll have to return this diabolical BEAST to the store.)
This unit is a gift for my wife for Xmas.
To familiarize myself with it, I setup and logged-in to my
Gmail acct.
Of course, NOW I want to:
'Log out' of my gmail, and setup the 'email app' to login to
her email (non-Gmail-based). [And, have THAT one be the
always-open email-acct, (tho I do NOT LIKE this 'feature'
of always-logged-in at all!)]
How do I do that? ('Rooting' this Nook Tablet is NOT an option, so
if that's part of your proposed "solution", forget it.)
TIA...
Click to expand...
Click to collapse
There should be an option in the Settings section to add and remove email accounts. I don't have a NT but that's pretty standard as Android devices go.
I have to say you seem to have a lot of misinformed expectations of the Android/Nook experience. Keep remembering that the software was originally developed for mobile phones, so expecting things to be done in the same way to a desktop OS is gonna cause you grief.
tomegranate said:
There should be an option in the Settings section to add and remove email accounts. I don't have a NT but that's pretty standard as Android devices go.
Click to expand...
Click to collapse
Ah...'should' is the operative word. But, I do NOT see any such option.
I have to say you seem to have a lot of misinformed expectations of the Android/Nook experience. Keep remembering that the software was originally developed for mobile phones, so expecting things to be done in the same way to a desktop OS is gonna cause you grief.
Click to expand...
Click to collapse
Hmm...I'd characterize my expectations quite differently. This is the FIRST
(and I hope LAST) implementation of an 'email reader' that was designed
with NO WAY to log out/close down. Common sense SHOULD dictate
that they'd provide a way to log-out or reset to a different email-acct,
but so far, there's NO SIGN that anyone had any common sense.
Hey, maybe the 'crime-stoppers' (aka 'big brothers'/homeland-security) folks
asked for this 'feature'. It will make it easier now...they can just say:
"Great...there's her B/N Nook Tablet! She can't have logged out, so just look
thru her emails, and see who she's been corresponding with."
Right now, my opinion of this beast is worse than the 'Hotel California':
Last thing I remember, I was
Running for the door
I had to find the passage back
To the place I was before
�relax,� said the night man,
We are programmed to receive.
You can checkout any time you like,
But you can never leave!
Hell, on a Nook, I can't even checkout!
cookdav said:
Ah...'should' is the operative word. But, I do NOT see any such option.
Hmm...I'd characterize my expectations quite differently. This is the FIRST
(and I hope LAST) implementation of an 'email reader' that was designed
with NO WAY to log out/close down. Common sense SHOULD dictate
that they'd provide a way to log-out or reset to a different email-acct,
but so far, there's NO SIGN that anyone had any common sense.
Hey, maybe the 'crime-stoppers' (aka 'big brothers'/homeland-security) folks
asked for this 'feature'. It will make it easier now...they can just say:
"Great...there's her B/N Nook Tablet! She can't have logged out, so just look
thru her emails, and see who she's been corresponding with."
Right now, my opinion of this beast is worse than the 'Hotel California':
"You can checkout any time you like, But you can never leave! "
Hell, on a Nook, I can't even checkout!
Click to expand...
Click to collapse
But you can lock the tablet.
The option is there. I don't have my NT in front of me, but there is an option to remove B&N account settings and wipe the device. That's what you want. It will remove everything that you set up.
As far as your opinion that this is the first such email program that doesn't log out...there has never been a smartphone OS email program that logs completely out, or one that allows multiple users. Android was developed for Phones. The expectation is that you will use your phone, not share it with 10 people with each of them having their own settings.
Something that you are referring to is available, but not from an Android, Blackberry or iOS device. You would have to get a Windows (not Win Mobile) tablet, which will not work as well (yet) as any of the other OS's because it was not designed specifically for the hardware it's running on.
Easy way to have what you want on this tablet: Don't set up email using the built in email program. Use the browser and don't have it remember the password.
@OP
Your expectations aren't unreasonable. It's just that Android-on-tablet is still very much a work in progress, and you along with all of us are beta testers.
Multiuser handling is just one of many issues that have arisen. In the Kindle Fire forum, there are complaints about not being able to disable one-click purchasing for when handing the KF to your kids. iOS has had the same issue, and has a partial workaround. Until Android supports multiuser, there is no good solution.
For e-mail, you can try various email clients to see if any supports discrete logins/logouts (and of course pulling mail from your webmail account).
http://google.com/search?q=email+apps+for+android
cookdav said:
Ah...'should' is the operative word. But, I do NOT see any such option.
Hmm...I'd characterize my expectations quite differently. This is the FIRST
(and I hope LAST) implementation of an 'email reader' that was designed
with NO WAY to log out/close down. Common sense SHOULD dictate
that they'd provide a way to log-out or reset to a different email-acct,
but so far, there's NO SIGN that anyone had any common sense.
Hey, maybe the 'crime-stoppers' (aka 'big brothers'/homeland-security) folks
asked for this 'feature'. It will make it easier now...they can just say:
"Great...there's her B/N Nook Tablet! She can't have logged out, so just look
thru her emails, and see who she's been corresponding with."
Right now, my opinion of this beast is worse than the 'Hotel California':
"You can checkout any time you like, But you can never leave! "
Hell, on a Nook, I can't even checkout!
Click to expand...
Click to collapse
Jesus guy, it's not an 'email reader', whatever that means, it's a mobile tablet computer, and it handles email accounts the same way as all tablet computers that use a mobile OS (ones based on Android, iOS, and presumably webOS and Blackberry too), because they're designed for personal, individual use. Smartphones don't have a way to log out of your email account in the way you're expecting, and neither does a modern tablet.
If this is the first time you've used this type of device, you need to exercise more patience before you start stamping your feet, otherwise people are gonna be unwilling to help you.
I'm 100% certain there is a way to remove your email account from the device, you just haven't found it yet. This is very likely not the fault of the device! Did you even read the user manual? http://img1.imagesbn.com/pimages/nook/tablet/mediakit/userguide_NOOKTablet_111115.pdf
Reset the unit to factory standard and put it in the box, it is an option under 'settings' and will return it to the "as-purchased state" with all data wiped.
Then decide if you're returning it or wrapping it to give to your your wife.
In the future, consider letting the person receiving the gift having the pleasure of opening a unit in pristine condition. My wife would kill me if I "pre-opened" an electronic device intended for her "to familiarize myself with it". Let that happen on the day she opens it, after she's decided she needs help. I think it's deplorable that you've cracked the seals and denied her the experience of opening something new.
If you want to 'log out', then you have to shut the device down instead of leaving it in 'sleep mode'. No power means the apps aren't running (unless you or the OS have set them up as background processes). When you turn it back on, you'll realize quickly that there is no 'select profile' or 'choose user' function because it is designed to be one device for one user.
If the user wants security to prevent other people from reading sensitive information, they should set the screen lock code in the settings menu.
-=-=-
At this point, I believe you have all the information you need:
1) Devices are intended to be single user, by design, regardless of your desire to have them be otherwise.
2) Use the built in screen lock capability if you are concerned about sensitive information being viewed.
3) You should reset the device to factory settings via the settings menu to wipe all data you've entered and return it to a nearly 'as new' state.
4) You should not be playing with your wife's new device and instead allow her to experience the setup guide and walk through the configuration of the device in the way she desires.
If there is another specific question about how things work or operate, please ask. If there are further conspiracy theories I'm sure there are better forums for that than this one.
Wow. lotta words - no Solution...
You're going to have to factory reset the device:
Settings>Device Info>Erase and Factory Reset
Once its resets, enter your wife's information.
You seem to think that phones and Pads run like Windows where you can log out as yourself and no one can see your email. Phones and pads are single user devices and will not work like Windows. Even Windows phones and pad don't operate like that.
Hi,
I try to be as brief as I can but I'm known to write "walls of text". Please, I really try to write differently but it always ends up with at least one A4...
I need some input from you who have vastly more knowledge then me, I have a few pondering's that I need to ask if they hold or not.
As you know I'm "rusty" in my knowledge so I have been reading up. Especially on SELinux.
I have a Note 3 that is plain vanilla and 2 days ago I got an "SELinux rules update #16". Didn't know how to take a screen pic of it. Sorry.
Did anybody else get that? I didn't even saw that there was a way to turn it on/off.
I know that SELinux is a bunch of text-files. It's making a MAC-solution for the kernel and can hinder you from accessing parts in system-space.
If can control all vital functions in user-space, including fs, files, sockets, network, processes and run own processes without disclosing them to
you as a user. They are simple text-rules. Pretty straight forward.
Made a "wall of text" -- > http://forum.xda-developers.com/showpost.php?p=48287600&postcount=1392 again.
I'm sorry if I c/p some from that, you can just sift it through if you feel for it
This is from their own White-paper on Knox:
Secure Boot requires the device boot loader, kernel, and system software to be cryptographically signed
by a key verified by the hardware. Secure Boot uses X.509 certificates and public keys which are embedded
into the boot loader of the device. A secure hash of the certificates is fused into hardware Read-Only
Memory (ROM) at the time of manufacture. The Secure Boot loader will only continue if the authorized
secure signed binaries are present. Next, Secure Boot verifies the cryptographic signature of the Linux
kernel and system image before handing control to the OS.
So they boot-loader contains the SELinux and it won't boot if it's not verified for a cert in your phone.
This has been planned for a long time.
Since I don't have any I9505 but and I9506 (that only has one bootloader so far. Knoxed) I need to ask a few questions to see if my assumptions hold or not.
Q1: Is it true that if you upgrade to a Knox-bootloader never can downgrade?
Q2: If you trip the Knox-flag can you do that or is it still impossible?
Q3: Can you while already having a Knox-bootloader downgrader WITHIN the Knox-bootloaders?
Good and bad
Bad: They can have your Prog->serial that you signed in your store->You. Sinister, as I think Knox is this is bad.
Good: It's still a PROM. There might be some way to read from it. Next year Knox is totally integrated on a chip, black boxed, WITH E-FUSE.
Then we are toast and can all buy a HTC...
If Q1 holds then you always have a boot with SELinux. The bootloader fit's a kernel just fine, right?
I get a strange error on my phone. It's saying I have space left on my device but when I try to download from Play it says I'm out of space.
Q4: Is this a know bug? Is this software? Have anyone had it before Knox?
I took and started to read a bit on Wikipedia. It's good sometimes for quick info: Selinux,
So it's a container basically. I also stumbled over this baby: NSA SEAndroid
So this leads me to some other questions.
Q5: Could it be possible that the device is virtualized?
Q6: Do we have some programs that can go deep into the system and pick up system info?
Q7: Does all custom kernels work after the Knox (with the flag tripped of course). Where are they loaded? The bootloader or somewhere else?
It's hard to know if you ARE virtualized but not impossible so there need to be some comparison between a pre-knox and knoxed device. I don't own any.
So I ask here is anyone does?
Q7: Has someone verified that it refuses to boot the pre-Knox bootloaders with or without trippning the flag?
Because it would make perfect sense. We have the hardware for it for sure. They are still chit-chatting about their bootloaders and warranty and that is
something I don't have to care about since I have written permission to flash away, as much I want from my cell-provider.
So I don't know if this is just a wild theory of mine or not but I started to wonder why the enforcement and the total lockout when it comes to the bootloader.
If what they also say in the White paper is true then there is no way that we CAN make a non-Knox boot, can we?
Privacy wise this is also a catastrophe. They can connect the device directly to you, with targeting, for instance, a grouping of some kind. Good or bad.
Up to the ones that controls the phone, right?
So sorry for maybe obvious questions but I though that here, if anywhere, if the place to asked them.
Oh, another thing, I stumped over this one when I was researching why my Windows was desperately making contact with the standard 6to4 replay
that there is a written about. I see that it does that over and over (among trying to make a tunnel through ICMP when you turn on Skype). Caught them on that.
This one: Geoip Locator
How does it show at your place? I've turned off all my localisation platforms. Hard. I even run behind a VPN.
But when I run it in Chrome (where I should have it turned off and are behind a VPN it's waaay to close).
In FF you can turn it off with the about:config --> geo.* and put the value to false the the address to localhost.
But I did the same in Chrome but it's still leaking.
When it comes to IE. If you have your "Localisation policy" set to "ON" you can turn it off in IE. If you disable it it's greyed out (I have Win 8.1).
Think I'll soon move to BSD totally....
All the best,
Abs
Hi everyone! This is my first post, but I have used the search tool already without success. I am just a user, not developer and quite noob regarding mobiles and security.
Situation
1. I've got hacked, total control (photos, emails, camera, contacts, whatsapp, screen etc) of my unrooted android phone (xiaomi redmi note 7).
It was a targetted attack, no manual app installed, no unsafe 3rd party apps allowed. Attackers only had my gmail account (linked to android) and telephone number. I know them personally, and they leaked personal information to people at work (who enjoy it between them but won't help me at all).
No high consumption of battery/data. Just leeching information, launching some apps eventually, and few interactions with the screen minimizing etc.
2. I Installed antimalware (e.g malwarebytes), antivirus (avg, esset etc). No positive results. I also installed "Noroot firewall" to control programs accessing internet, nothing strange.
3. I've changed emails(new), SIM + Telephone. Got hacked again. I suspect my own wifi was compromised.
Additionally, added 2 step verification to emails, changed passwords, encrypted the device etc. I have found no IP from them in the emails log, nor alert from gmail. Only once a session from Linux device (not mine). I believe they have accessed through the device.
4. I want to restore the device somehow and avoid getting hacked again.
One of the problems I face is taht that now I'm not in the same circle of people from which I gathered most of the info on the leaked information, so I can't get to know if the actions I am taking got rid of the hack, besides some punctual actions they may do (launch app etc). So I have to act quite paranoid and do the most secure action.
Question
1. Any idea on how they managed to do that? how can I prevent it or prove it? a reset would get rid of any proof, but I kinda prefer it if it is once and for all.
2. A hard reset only formats one partition (user data), so if there is a trojan located in /system it would be pointless. With an unrooted device I can only get rid of /cache and /data.
Should I install another ROM?(my phone has always been unrooted) which one? (restoring the stack ROM would probably be pointless if the vulnerability is due to android...
3. Is there any other measure I could take?
I'd appreciate any help.
Thank you!