Please do not rehost the testing software over at infectedrom - I would like to maintain some control if possible to ensure things do not get out of hand going forward. I am not trying to write viruses, just show how the issue works so we can all protect ourselfs. While I cannot stop anyone from turning the code malicious I highly frown upon modifying this to write values in any way. Trust me from experience, you dont want to play anyway you will probably just bork your own wimax.
Note: Please be aware that rooting your phone to install this patch will void your warranty with HTC. You should all already be aware of this when you unlocked your bootloader. As with anything posted in these dev boards this patch may also affect the functionality of your device, so proceed at your own caution!!!
What are we patching?
This post is a call to arms for help from devs on patching the issue shown in PoC#2. You can read the vulnerability report and find test software to see if you are effected over on infectedrom. HTC has been notified on this particular issue on October 20th so they will be working on an official patch.
Download
http://www.androidfilehost.com/main/.TrevE/PoC2/TrevE_WiMAX_Patch.zip is an unofficial patch I started that anyone can use / modify / whatever attached to this post. Its crude but its an immediate quick fix that cuts the negative implications down by manually stop & start wimax services / show 4g settings.
Using Patch:
In a nutshell these 3 binaries do not need to always run, and them being flawed we want them off all the time. When you want to use 4g, start the above app and turn on the binaries then 4g radio like usual.
If you do not want to edit ramdisk you should be able to use the app just to stop the binaries each boot.
To disable these binaries completely and only start when there needed edit init.shooter.rc to appear as below (or wherever binaries are started in ramdisk) and manually start them when you are going on 4g with attached app.
Code:
service wimaxDaemon /system/bin/wimaxDaemon
user root
group root
disabled
oneshot
# setWMXPropd daemon
service setWMXPropd /system/bin/
setWiMAXPropDaemond
user root
group root
disabled
oneshot
# getWMXPropd daemon
service getWMXPropd /system/bin/getWiMAXPropDaemond
user root
group root
disabled
oneshot
Big thanks to the help getting in touch with HTC from egzthunder1!
Other Possible patch solutions
The other issue I would like to bring to attention is the code was 99% the same from PoC#1 - connecting to 127.0.0.1. Is there anything we can do to make some kind of ipchain firewall blocking apps from access to certain resources? I would think this would be important for all rooted users especially having some type of easy firewall, and everything Ive seen seems primitive. Mobile malware is coming and we should be ahead of the tides.
Non Root solutions?
Non root users may be able to kill the PIDs or stop the services, I have not had the time to try.
TrevE said:
As always I think its a good general warning to stay away from shady apps, things arent always as sandboxed as you would think. While HTC is already working on an official patch for this and other issues where theres a will theres a way with malware. I think firewalls and protective measures need to start stepping up before things get worse, its a linux pc in our pockets with a radio - not just a phone anymore.
Click to expand...
Click to collapse
You always know how to keep us one step ahead, Thanks for this info
This is def way over my head...but I thought I should ask b/c im sure others will probably ask the same. Should I worry about this if I am not in a Wimax market? No Wimax within a 100+ miles from me at least (San Diego). I'm guessing not, but what do I know??
Thanks for looking out for us n00bs!
MFD00M said:
This is def way over my head...but I thought I should ask b/c im sure others will probably ask the same. Should I worry about this if I am not in a Wimax market? No Wimax within a 100+ miles from me at least (San Diego). I'm guessing not, but what do I know??
Thanks for looking out for us n00bs!
Click to expand...
Click to collapse
the issue effects all 3ds with wimax and more, I actually had mine in airplane mode with all radios off for video and was able to crash phone and read / write values.
videos rotating guys, sorry shot it alittle funny and running around right now....
Very interesting. Going to sit down and read real quick!
Gonna use it either way, but lets see whats we got going.
Thanx buddy!
hTc
I didn't really understand that, but it looks important. I'm not really sure but I think that the video meant that the wimax can be accessed when its not on. Something like that?
Read the article on this.... Sprint deserves a wag of the finger from Colbert. Its just dirty. Back doors like crazy. And why the **** would HTC not pro actively remove all the crap in the first security patch. They KNOW everything before we FIND it.
Sent from my PG86100 using Tapatalk
TrevE, would that LBE tool be enough to revoke privilege for network access?
not an expert, but we could probably port over the iptables and add some default configuration for our phone.
Heck, maybe I just build one. Ha.. MOM.
Thanks TrevE for being on this!
TrevE, thank you for putting this out there. And thank God you aren't a maligned dev, or we'd all be in trouble. HTC should be paying you for doing QC on their code. Oh, wait... I forgot, all this was on purpose.
Warm & cozy.
Always treve you are one step ahead of the dictatorship known as HTC and Sprint I am grateful your on our side man thank you
Sent from my PG86100 using xda premium
Well isn't this lovely, they set that up for debugging and forget to disable it or something?
Just read about this on Phandroid. Kinda crazy. Thanks Treve for all you do.
Sent from my SPH-D710 using xda premium
xHausx said:
Well isn't this lovely, they set that up for debugging and forget to disable it or something?
Click to expand...
Click to collapse
those binaries are actually whats called if you logcat connecting to wimax. While I cant say for sure my guess is it wasnt left open for debugging, more hey nobody will look here. The wimax monitoring port is very curious as well - if you look at the poc app it can query DUN state, release keys and rom versions among other things.
These ports look like they are never used until you connect to 4g, so the best solution I came up with is just shutting them off all the time and turning them on with an app before you connect 4g. This atleast limits vulnerability time from any random app reprogramming your wimax values to only be possible when your on 4g.
As always I think its a good general warning to stay away from shady apps, things arent always as sandboxed as you would think. While HTC is already working on an official patch for this and other issues where theres a will theres a way with malware. I think firewalls and protective measures need to start stepping up before things get worse, its a linux pc in our pockets with a radio - not just a phone anymore.
huytrang90 said:
TrevE, would that LBE tool be enough to revoke privilege for network access?
not an expert, but we could probably port over the iptables and add some default configuration for our phone.
Heck, maybe I just build one. Ha.. MOM.
Click to expand...
Click to collapse
Not sure, I kinda see this as a problem in android - local and internet arent really separated. I cant say for sure if revoking will work, download the proof of concept app and try This is one of the reasons i feel strongly about demonstrating issues like this, everyone can learn from it how it works and how to squash this stuff and protect ourselves. The last thing we need is winnuke/sasser/whatever on android.
Forgive for the noob??? But I'm just trying to gain an understanding of how to use this. Do I just edit the int file or use your app before I turn 4g on?? Also since Im in an area that has little to no 4g is there a quick way to completely disable the 4g antenna untill I want to use it??
Locked & Loaded
""shooter on Deck""
HTC loves you TrevE!
Good work again!
TrevE, I just gotta say, because it's not said enough, thank you. You are afaik the ONLY low-level dev still working for the end user in public, and I for one find it both heartening and praise-worthy. With all the drama we see around here, and get involved in, you still keep on pushing forward. I'm thoroughly grateful that you are doing this and not some douchebag hacker who wants to nuke our phones from the cloud
#idrankthekoolaid
Related
Hi All,
I have been checking a lot of ROM's recently i have find 2-3 settings in all ROM's which might sound a good choice for dev's however i am not sure whether they should be the same for user or not.
Some of the samples include
Code:
chmod 0777 /system
and all internal places.
this effectively allows us to do a adb push easily and without any hassels however per my study this allow just about anyone to mingle with any file whatsoever on my system.
Note : Having root of my own device to tinker with it is one thing. and handing over my device all permissions to someone else is another thing.
also another setting which bothers me is
Code:
ro.secure=0
which effectively allows adb to open shell in root mode directly.
can any dev help me in understand is this necessary for normal users.
also the reason why this thread is here is coz this needs discussion as this could very well turn out to be a security issues, as android platform is starting to get the limelight so will be getting eyes of both good and bad too....
also would love if someone can help me in compiling tips for normal users what they need to do and not do.
example
USB debugging should only be enabled when it is needed and not everytime.
Mod's I hope i am not voilating any rules by posting this here.
My point of view is cleary no and the obvious reason for that is that most users dont really know what they're doing, just try (most of the times to reach performance) something that someone who knows what are doing to get this or that.
I think what needs to be done is something like linux system.
You may have root but to get some modifications at least should appear some kind of msg or password needed like super root (is this the name? Cant remember, but you know what im talking )
Edit:
I wonder with some behavior of some guys and with super root access that de had what could happen to the most of users around here if we have a real bootloader crack instead of bypass. Probably need to be rich to buy a new like avery week
Cheers old IBM'ER friend
Sent from my X10i using Tapatalk
Wait, rendeiro, I think you meant Super User. But SU=Root. SU is just a method to make things simpler and safer as logging in directly as root is very dangerous.
@OP -- by CHMOD-ing the system folder to 777, you're completely vulnerable. 777 basically allows everyone to access it.
I'm not sure about the ro.secure=0 setting, but the default value is 1 instead of 0, root exploits change the value to 0 -- which lowers the security, hence allows you to be root. I think this value is also available in the kernel, just like what D did with Arc's insecure kernel -- yes, it makes the kernel insecure to allow you to root your phone.
@Hzu
You're write about the name I just forgot it since I wont use linux for about four years (since I work where im on now) but I think you get my point
Cheers
Sent from my X10i using Tapatalk
But you are still right though, people messing with the system without knowing what they are doing, and then blames the system for corrupting.
Seems like OP has did research, it should be OK for him to continue his research.
Hzu said:
Wait, rendeiro, I think you meant Super User. But SU=Root. SU is just a method to make things simpler and safer as logging in directly as root is very dangerous.
@OP -- by CHMOD-ing the system folder to 777, you're completely vulnerable. 777 basically allows everyone to access it.
I'm not sure about the ro.secure=0 setting, but the default value is 1 instead of 0, root exploits change the value to 0 -- which lowers the security, hence allows you to be root. I think this value is also available in the kernel, just like what D did with Arc's insecure kernel -- yes, it makes the kernel insecure to allow you to root your phone.
Click to expand...
Click to collapse
thats what i also thought and that's why posted here to make everyone atleast think once.
ro.secure setting i understand is to allow adb to run as root or not... basically ro.secure 1 disallows pushing to /system... also it puts you to $ prompt and you need to manually su.
Another thing i notices is we see a lot of update.zip's floating around i am not puting a question mark on anyones ethics however i suppose there should be some mechanism to check what's inside the zip or what that zip will do user should be aware of the stuff that may happen... I will try to write something in this regard in case people agree.
basically i want user to know
1) what files will be tampered specially bin xbin etc folder stuff
2) shell scripts executed.
3) partition format or permission change specially something like 777 stuff should be indicated.
and ya i will keep checking all these, i don't have any plan on launching a ROM however will keep a close eye on what others are cooking.
anantshri said:
thats what i also thought and that's why posted here to make everyone atleast think once.
ro.secure setting i understand is to allow adb to run as root or not... basically ro.secure 1 disallows pushing to /system... also it puts you to $ prompt and you need to manually su.
Another thing i notices is we see a lot of update.zip's floating around i am not puting a question mark on anyones ethics however i suppose there should be some mechanism to check what's inside the zip or what that zip will do user should be aware of the stuff that may happen... I will try to write something in this regard in case people agree.
basically i want user to know
1) what files will be tampered specially bin xbin etc folder stuff
2) shell scripts executed.
3) partition format or permission change specially something like 777 stuff should be indicated.
and ya i will keep checking all these, i don't have any plan on launching a ROM however will keep a close eye on what others are cooking.
Click to expand...
Click to collapse
Even though I tend to agree with the above posts, I have to say that there is also another side that we should all consider.
Each and every one of us, should try and be "educated" on Android. XDA forums can be a mess, but with patience and a little time every now and then, we can all learn more about what our phones do and how.
I've seen people eager to flash an update.zip with a tweak that they have ABSOLUTELY no idea what it does. Sometimes we just sit back and wait for everything to be done for us.
I am always actively interested in development and I learn new things every day.
Developers give us the tools, we need to learn how to use them.
Xperia X10i via Tapatalk
rendeiro2005 said:
I think what needs to be done is something like linux system.
You may have root but to get some modifications at least should appear some kind of msg or password needed like super root (is this the name? Cant remember, but you know what im talking )
Click to expand...
Click to collapse
Is that not what the superuser app does?
I'm not a dev but I kno enough about linux to want rw to /system but I agree most users are stupid (well at least don't know what there doing). Apps that let you do damage to /system like root explorer allows you to easily mount it rw anyway. I can't see much extra danger having it always rw when you've already got root.
Each and every one of us, should try and be "educated" on Android. XDA forums can be a mess, but with patience and a little time every now and then, we can all learn more about what our phones do and how.
I've seen people eager to flash an update.zip with a tweak that they have ABSOLUTELY no idea what it does. Sometimes we just sit back and wait for everything to be done for us.
I am always actively interested in development and I learn new things every day.
Developers give us the tools, we need to learn how to use them.
Click to expand...
Click to collapse
Agree ppl flashing roms should take a little time to learn about what they're doing but ppl are too lazy and want a quick fix. But if someone soft bricks their phone because they don't understand what their doing and don't read the instructions properly then its their fault and not the devs. But its not hard to connect to PC companion and repair and they've learnt a valuable lesson in the process.
No, the superuser app don't ask for password. Like in linux distros for the pc, you can set whether to have password or not, this can be done via visudo. Just google for visudo then you will understand.
Sent from my X10 using XDA App
Yeah the post requested a message or password, superuser provides a message. Yeah I use linux for a PVR so know what you mean.
resurrecting an old thread just to inform all dev's i have compiles some of the issues that i see could be a potential security issues.
http://blog.anantshri.info/whitepaper-security-issues-in-android-custom-roms/
hope this could help making ROMs more secure.
From http://blog.anantshri.info/whitepaper-security-issues-in-android-custom-roms/#comment-66733
"
Hi Anant
After i´ve read your white paper i got 2 conclusions:
1. you`re absolutely right and explain it as it should but…
2. If Devs consider all that why develop anything?
As principle i think you´re right but that fact is if any rom will be developed as “closed” almost anyone use it and no matter what make you develop you certain won´t develop for 1/2 guys/gals. For that we have stock ones
Now. I can agree with something like a big alert on every rom development section/thread about the potential risk by install an “open” rom but more than that it will kill all development in the end
Cheers pal
"
Perhaps the way forward is to have the warnings you have mentioned, but also encourage our devs to have a "security tester", another dev with the time and skill to give approval to the zip package. Zips have worried me too. This is a community after all, security is in all our interests.
Sent from my X10i using XDA App
Hi All,
few things to clarify.
see i am not against development.
the point is when we have developer style softwares like say flashtool its just too good for people like us.
now look from a prospective of a person who is visiting this forum just to get a new rom coz he is told they are good.
he is handling his faith to us.
in this case lets say we say in flashtool for example
after rebooting, check usb debugging and unknown source.
however we never say to disable it after you are done with flashtool or tell that this could be a problem.
also most of the rom's have ro.secure set to 0. Good for dev's i loved it.
but no use for a normal user besides the prospects that due to ignorance a person could actually move in and install a backdoor or malware in.
All i am saying is we should have something like two profiles
1) if you are supporting dev launch this
2) if you are normal user use this.
hope you all get my point.
besides that issues like custom recoveries. right now as i said the efforts are towards improving them and people might look at security prospective after that.
I know some of you might say if a person is visiting a after market forum he should be smart enough to read a bit.
that's idealism, not reality.
NOTE :
I am excited about 4.0 ICS coz with that comes features like disk encryption etc.
anantshri said:
Hi All,
few things to clarify.
see i am not against development.
the point is when we have developer style softwares like say flashtool its just too good for people like us.
now look from a prospective of a person who is visiting this forum just to get a new rom coz he is told they are good.
he is handling his faith to us.
in this case lets say we say in flashtool for example
after rebooting, check usb debugging and unknown source.
however we never say to disable it after you are done with flashtool or tell that this could be a problem.
also most of the rom's have ro.secure set to 0. Good for dev's i loved it.
but no use for a normal user besides the prospects that due to ignorance a person could actually move in and install a backdoor or malware in.
All i am saying is we should have something like two profiles
1) if you are supporting dev launch this
2) if you are normal user use this.
hope you all get my point.
besides that issues like custom recoveries. right now as i said the efforts are towards improving them and people might look at security prospective after that.
I know some of you might say if a person is visiting a after market forum he should be smart enough to read a bit.
that's idealism, not reality.
NOTE :
I am excited about 4.0 ICS coz with that comes features like disk encryption etc.
Click to expand...
Click to collapse
Hi bro
i did get your point! maybe i didn´t explain my point very clearly sorry if i didn`t
i perfectly support your idea...as you say ... "that's idealism, not reality."
like i said before, may devs should include those issues on there threads, i agree, but more than that...do no know it´s like ...hey! i got a custom rom but...i can´t do nothing...
cheers R
Crowds said:
Hi bro
like i said before, may devs should include those issues on there threads, i agree, but more than that...do no know it´s like ...hey! i got a custom rom but...i can´t do nothing...
cheers R
Click to expand...
Click to collapse
actually that's my point
keeping
say ro.secure=1
disabling usbdebugging, unknown sources or portecting custom recoveries
I still see a normal user can use all the benifits of rooting inside the device.
i am right now focusing on what third party can do when phone is giving out data outside.
well we both agree that its a point that needs some consideration so i think i have succedded in making my point heard.
anantshri said:
actually that's my point
keeping
say ro.secure=1
disabling usbdebugging, unknown sources or portecting custom recoveries
I still see a normal user can use all the benifits of rooting inside the device.
i am right now focusing on what third party can do when phone is giving out data outside.
well we both agree that its a point that needs some consideration so i think i have succedded in making my point heard.
Click to expand...
Click to collapse
ok, ok, you won
but regarding that ro.secure
i understand your explanation on white paper and try to include on my current build.prop file but...can´t see any diference why? my phone "behaves" exactly the same way as before
Crowds said:
ok, ok, you won
but regarding that ro.secure
i understand your explanation on white paper and try to include on my current build.prop file but...can´t see any diference why? my phone "behaves" exactly the same way as before
Click to expand...
Click to collapse
change in ro.secure need to go to ramdisk.
also after that setting try pulling /data/data or /system in adb.
nothing except adb's default behaviour will change.
HTC AMAZE ROM Bible
No one is responsible for what YOU do with YOUR phone. Any software modification to technology carries with it a certain risk of permanent damage, when you modify your device you accept this as your own responsibility.
XDA specific stuff:
Useful information/posting rules
XDA Developers Android application
Useful software (PC)
How to Root your HTC Amaze
Unlock Bootloader - Unlock bootloader on your HTC AMAZE
S-OFF - Everything S-OFF on your HTC Amaze
Quick glossary
ADB - The Android Debug Bridge. A collection of tools that any rooted Android user should have. ADB allows one to interact with their device from a terminal interface. This enables the user to do a variety of tasks such as sideloading applications and more.
Android - A Linux based operating system created and mostly designed by Google. The major revisions are 1.0, 1.1, 1.5 (Cupcake), 1.6 (Donut), 2.0/2.0.1/2.1 (Eclair), 2.2 (Froyo) 2.3 (Gingerbread), and 3.0 (Honeycomb - tablet only). The majority of Android major revisions are named after desserts.
APK - Android PacKage. These are, basically, Android applications and all of their data. They are run via the Dalvik Virtual Machine on your device.
Bootloader - The part of a computer that loads the operating system. If this is damaged/deleted you are screwed.
Flashing - The act of installing a ROM onto an embedded device or emulator.
Overclocking - Increasing the "clock" of a processor to increase its speed at the expense of battery life and possibly your phone. Not all processors overclock the same, even if the hardware is identical. One phone with a Hummingbird SoC will not be able to overclock to 1.2ghz, yet another would be able to overclock to 2.0ghz (very unlikely).
S-ON/S-OFF - S-ON is a "security" measure put in place by HTC on their newer phones that read locks /system and /recovery. Switching S-ON to S-OFF disables this protection and allows you to replace the stock recovery, and modify /system while the phone is in Android.
Radio/Modem - The parts of a firmware that allow communication between the operating system, the telecommunication hardware, and a mobile network. Some radios give good battery life, some good signal, some neither.
CRT - Also known as "Cathode ray tube" is the "animation" when you turn on and off a T.V. The animation of the line flashing across the screen and then the image appearing/disappearing.
XDA - This site, XDA is a community of likeminded developers, hackers, and users who modify various phones running various operating systems (Windows Mobile, Windows Phone 7, and Android specifically).
ROMs
Rom||RUU|| Shipped Ruby ROM Collection
These are the original htc amaze ROMs. (for more info read the thread)
[ROM][*NEW*] |Jun 20| Energy™ -.¸¸.·´¯ ICS Sense 3.5 Themed BLUE ¯´·.¸¸. -
SenseUI
[ROM][*NEW*] |Jun 20| Energy™ -.¸¸.·´¯ ICS Sense 3.5 Stock Look ¯´·.¸¸. -
SenseUI
Amazing QuikSense v3.0.0||Sense 3.0||Wifi Calling ||Free Teathering||CIQ Free||CRT||
SenseUI
ROM||BulletProof v1.0.0||Sense 3.0||Wifi Calling ||Free Teathering||CIQ Free||CRT||
SenseUI
[ROM][Sense 3.0] One Good ROM V1 [Base 1.46][Stock Kernel]
SenseUI
Fourth Bar Sense [ICS Themed|
This ROM is Ice cream sandwich like.
http://forum.xda-developers.com/showthread.php?t=1313017?referrerid=922386
How To Flash Kernels
Kernels
[Kernel]Amaze -COMPATIBLE with ALL Amaze (AKA Ruby) Rooted Stock and Custom ROMs
Radios
None at the moment.
Mods
Launchers
Widgets
Live wallpapers
Solar Wind live wallpaper
Matrix live wallpaper
Snowfall live wallpaper
Apps
Copied the format from
http://forum.xda-developers.com/showthread.php?t=924793
You guys all are more than welcome to edit this.
I'm new to this phone.
xologist said:
Copied the format from
http://forum.xda-developers.com/showthread.php?t=924793
You guys all are more than welcome to edit this.
I'm new to this phone.
Click to expand...
Click to collapse
I did edit the ROMs text. You forgot the /center but other than that I left it untouched.
Oh.. and I stuck it too. Nice job!
I was wondering when you were going to do this.
You're missing QuickSense in the rom list...
2sh0rt said:
You're missing QuickSense in the rom list...
Click to expand...
Click to collapse
I was just gonna say that.
- dredd
2sh0rt said:
You're missing QuickSense in the rom list...
Click to expand...
Click to collapse
Added.
Also shortened it up a little bit by hyperlinking the urls to the text.
great job!! hopefully this decreases all the repeated questions in other threads and makes binarys life easier haha!
Yes, but the all in 1 root tool thread got deleted.. or I dont see it anymore.. so that'll bring questions
will this work? what do you think.:
http://forum.xda-developers.com/showthread.php?t=1310115&page=24
xologist said:
Yes, but the all in 1 root tool thread got deleted.. or I dont see it anymore.. so that'll bring questions
Click to expand...
Click to collapse
I had to delete it b/c it was starting to get complaints because it was too similiar to the HTCSuperToolv2. He did modify a great deal of the script but since it was so simliar it was removed.
If it failed, do it again before post questions
When I first:
* Attemped to unlocked my Amaze: When I paste the unlocked code, HTCDev failed me and told me that my device is unlockable or something like that. I have to copy and paste the code again and it's worked.
* Attempted to root: My device told me the file signature is wrong (or invalid or something in that nature). I have to re-doing it the second time. Especially in this step, my phone kept unzipping the file and copy/update and repeating the unzipping process several times before successfully installed/update the file
* Along the way, when flashing new rom and kernal, sometime the phone told me that the zip file is wrong/invalid or stuff like that. At one point it even told me that it can not find the file. I have to do it the second time ...
* Browsing through the forum I've often encounting many replied from new Amaze owners complaining/asking as why they can not do as instructed, eventhough they did followed the step-by-step guide
To top it off, for some reason, the Amaze (compared with my old HD2 when come to flashing stuff) often gave me that wrong/invalid/fail results and I always had to do the second time to make it work. So, to the OP, Xboarder and other chiefs or anyone who would like to wrote guides like this, I'ld suggest to put a note telling noobies to DO IT AGAIN before gave up and posting questions which may not be a pleasant to others to read/answer/reply/helps ...
Just a though
Binary100100 said:
I had to delete it b/c it was starting to get complaints because it was too similiar to the HTCSuperToolv2. He did modify a great deal of the script but since it was so simliar it was removed.
Click to expand...
Click to collapse
What ever happened to the open source community that used to be XDA? Nobody seems to care anymore about the overall advancement of things, so sad the direction things are going. I saw some posts in that thread where even xboarder was acting like an ass towards someone that was actually interested in learning things. What happened to the XDA that was all about everyone helping each other to get the most out of our devices?
Willieumm said:
What ever happened to the open source community that used to be XDA? Nobody seems to care anymore about the overall advancement of things, so sad the direction things are going. I saw some posts in that thread where even xboarder was acting like an ass towards someone that was actually interested in learning things. What happened to the XDA that was all about everyone helping each other to get the most out of our devices?
Click to expand...
Click to collapse
I agree that this needs to be an open source community but the issues begin when developers feel that they don't receive the appropriate amount of credit for the time and effort that they put into a project. If you spend hours or days making something just so that someone else can simply rename it and pass it off as their own, you would be upset too. What do you think would happen if I took CM9 rom, made some xml edits and renamed it to BinaryMod. Cyanogen and team spent HUNDREDS or THOUSANDS of hours making it and I spent maybe one renaming it. They would be pissed! Would you blame them? Who would want a BinaryMod anyway?
I would try a binarymod, I'm a masochist, er, ummmmm I mean an adventurist.
jimczyz said:
I would try a binarymod, I'm a masochist, er, ummmmm I mean an adventurist.
Click to expand...
Click to collapse
I don't feel like being banned. Yes, even moderators can be banned.
Even worse I might get CM team after me. They would put a hit out on me. Good think I have confidential plates though!
Even though our device is fairly new, Its been almost three months since it has been out I really do believe we need much more support. I'm trying to help people as much as I can myself...but we need more developers. HTC also needs to make it easier, we need S-off, if warranty is voided why wouldn't they give us S-off?!!! Limited availability of this phone to a few carriers also restricts development... I still love this phone!!!
wouldn't it be great if pershoot started developing for the amaze!!!
seansk said:
Even though our device is fairly new, Its been almost three months since it has been out I really do believe we need much more support. I'm trying to help people as much as I can myself...but we need more developers. HTC also needs to make it easier, we need S-off, if warranty is voided why wouldn't they give us S-off?!!! Limited availability of this phone to a few carriers also restricts development... I still love this phone!!!
wouldn't it be great if pershoot started developing for the amaze!!!
Click to expand...
Click to collapse
Let's not forget that HTC won't release the full kernel source either.
Dev friendly my ar$e!
Binary100100 said:
Let's not forget that HTC won't release the full kernel source either.
Dev friendly my ar$e!
Click to expand...
Click to collapse
I believe they are also withholding other things like wifi, no?
seansk said:
I believe they are also withholding other things like wifi, no?
Click to expand...
Click to collapse
Exactly. I suppose the wifi drivers isn't their source so they can't pubish it. That's what I understand of it though.
I want to root only to remove some built-in apps including HTCLinkifydispatcher.apk.
However, I don't want to deal with any issues related to: having 3rd party apps running on a rooted device that also handles my money money, receiving any OTA updates, and warranty eligibility.
<< If my above assumptions of potential issues are wrong, please correct me ! >>
I know rooting is just getting underway and that I need to wait patiently wait for the unroot process as well, but I'm curious if my following plan makes sense:
1. Root phone
2. Remove apps I don't want
3. Unroot phone
4. OTA updates come as needed. If a major OTA update adds back a removed app I dont want, repeat steps (1-3) as needed once the community has had a chance to root/unroot the OTA update
Whoops just realized that this might be better for Q+A forum, so feel free to move the topic there.
I just froze the above apk with TB. The usual open with dialogue did not come up. I think it's going to take alot more than just getting rid of the htc apk's to return that type of functionality.
gpz1100 said:
I just froze the above apk with TB. The usual open with dialogue did not come up. I think it's going to take alot more than just getting rid of the htc apk's to return that type of functionality.
Click to expand...
Click to collapse
Ah I see, good to know going in before I make the plunge and get this phone. I hope the situation improves (maybe HTC can really improve the preset linking capabilities) because from the threads I've seen so far quite a few linkable objects just don't work or redirect to the wrong thing (especially linkable objects the HTC linker app doesn't know about).
I'm hopeful CM will have something mostly functional before the year's end or sooner. While some prefer aosp, I really want an OS that has no HTC apk's in it . For the longest time I didn't want to switch from sense. After some prodding from another member here, I saw the light. While it took more time to get cm configured to my liking, eventually it was perfect. Everything worked (99%), and there was no bloat at all.
Let me start this off by saying I'm sorry for posting this thread in this side forum which is designed for developers, I only done this so the thread can be recognized and hopefully I can get some expert advice.
I am a 2nd year Forensic Computing student (UK resident/university) and I've been looking into a final year project which involves some form of forensic analysis of a computing system. Ever since I bought my HTC One and I rooted it, I've become quite interest in android as a whole. As of late, my HTC became carrier blocked (I bought it on contract from an eBay seller and they blocked it and won't respond back) so in essence I have a glorified media player but still a powerful device.
I want to make my final year project (Which accounts for roughly 40% of degree) a forensic analysis of a rooted android phone.
I'm posting here (In the midst of developers) because I wish to attain advice and knowledge and some form of help (I'm not asking for anyone to do it for me, neither am I attempting to cheat) so I can produce a great project and a impressive dissertation.
Thank You (I'm sorry moderators but in normal forums, I don't know if this would have become recognized)
You need something like this thread:
http://forum.xda-developers.com/showthread.php?t=2024422
Sim Unlock Guide [Desire C]
Then to work out the whole how-and-why from being Carrier Locked to Unlocking and how it's worked out to do it I guess?
Bashing away at my HTC Desire C
Antagonist42 said:
You need something like this thread:
http://forum.xda-developers.com/showthread.php?t=2024422
Sim Unlock Guide [Desire C]
Then to work out the whole how-and-why from being Carrier Locked to Unlocking and how it's worked out to do it I guess?
Bashing away at my HTC Desire C
Click to expand...
Click to collapse
Thank you for the response, although it's not quite what I'm after. I'm looking at criminal point of view. For example if I obtain a phone which is rooted. How is it different to obtaining Data from a non rooted phone. Thank You
Sent from my SM-P600 using xda app-developers app
In that case we'd need to know 'Who's' data you are after obtaining, the users data or data from the handset itself?
Both can have the same or disimilar results when rooted or unrooted depending on the previous, what and who's data :what: along with, on different handsets, different controls, software and securities, under different handsets not all data is in the same place.
Seems a simple question to answer but it all depends on the goal and with which ball you're playing with
Bashing away at my HTC Desire C
Antagonist42 said:
In that case we'd need to know 'Who's' data you are after obtaining, the users data or data from the handset itself?
Both can have the same or disimilar results when rooted or unrooted depending on the previous, what and who's data :what: along with, on different handsets, different controls, software and securities, under different handsets not all data is in the same place.
Seems a simple question to answer but it all depends on the goal and with which ball you're playing with
Bashing away at my HTC Desire C
Click to expand...
Click to collapse
I intend to use my rooted my HTC One for the analysis but my main objective is to get at the data as it may prove to critical for a criminal case. My overall objective is looking into rooted phones as a whole but since I only have access to my own HTC and it's rooted, it'll be based on that. Thank You
Sent from my SM-P600 using xda app-developers app
User Data the objective.
Rooted or Unrooted isn't necessarily what is required to access User Data, having access to Recovery and the ability to install a Stock/Pre-made/Self-Built Recovery can give you the ability to 'copy out' the required data.
Only having root access helps when you require the same access whilst the OS is operational or running a command window using adb/fastboot as to the handset you are still at a 'User' level, Recovery (because what it can and has the ability to do) is more like an 'Admin' level, where you could, if the option is there or built in, copy the complete storage device.
This thread http://forum.xda-developers.com/showthread.php?t=2706308
[Please Read] We need help to try and find out how to get into stock 4.4 recovery!
shows if you have no access to a system and there is no access in Recovery to Backup your Data you are to a degree denied your basic right to have 1 backup copy for restoration but can also render gaining root access almost impossible which makes gaining copying User Data harder.
Hope this helps
Bashing away at my HTC Desire C
Antagonist42 said:
User Data the objective.
Rooted or Unrooted isn't necessarily what is required to access User Data, having access to Recovery and the ability to install a Stock/Pre-made/Self-Built Recovery can give you the ability to 'copy out' the required data.
Only having root access helps when you require the same access whilst the OS is operational or running a command window using adb/fastboot as to the handset you are still at a 'User' level, Recovery (because what it can and has the ability to do) is more like an 'Admin' level, where you could, if the option is there or built in, copy the complete storage device.
This thread http://forum.xda-developers.com/showthread.php?t=2706308
[Please Read] We need help to try and find out how to get into stock 4.4 recovery!
shows if you have no access to a system and there is no access in Recovery to Backup your Data you are to a degree denied your basic right to have 1 backup copy for restoration but can also render gaining root access almost impossible which makes gaining copying User Data harder.
Hope this helps
Bashing away at my HTC Desire C
Click to expand...
Click to collapse
I only mentioned "rooted" because I currently have a HTC One which is rooted.
After a small conversation with my tutor, he gave me ideas which included how rooting changes data inside the phone, looking into different rooting methods for different phones, can I bypass the lock screen ?! And many more
Sent from my SM-P600 using xda app-developers app
Really you need to know if...
Attempting root by means of an app/program whilst the /system is in operation.
Attempting root via recovery/fastboot/hboot/ruu/euu at lower level programs.
I don't envy you on trying to work one out wish it was the sort of thing I could get my head into 100% but it's Old Dog New Tricks with me but keeping at it helps me not Brick phones
Bashing away at my HTC Desire C
Antagonist42 said:
Really you need to know if...
Attempting root by means of an app/program whilst the /system is in operation.
Attempting root via recovery/fastboot/hboot/ruu/euu at lower level programs.
I don't envy you on trying to work one out wish it was the sort of thing I could get my head into 100% but it's Old Dog New Tricks with me but keeping at it helps me not Brick phones
Bashing away at my HTC Desire C
Click to expand...
Click to collapse
Thanks ! I'm still in my 2nd year so I'm still thinking but I'm really into phones and I keep tabs technological news so I thought I'll base my project off that, I don't mind doing something that's time consuming providing it's not exactly impossible and it's something that I personally think I can do
Sent from my SM-P600 using xda app-developers app
Well XDA is probably one (if not The) best place to find out what is and isn't possible to do anything with a phone and idea's are where it starts and the knowledgebase can quickly expand once people twig what you're onto :what:
I've learnt more from scratch by bouncing ideas round, talking with the more technically minded than I would have by only reading pages in a book and DEV's and almost everybody will point you in the right direction if asked.
Bashing away at my HTC Desire C
Antagonist42 said:
Well XDA is probably one (if not The) best place to find out what is and isn't possible to do anything with a phone and idea's are where it starts and the knowledgebase can quickly expand once people twig what you're onto :what:
I've learnt more from scratch by bouncing ideas round, talking with the more technically minded than I would have by only reading pages in a book and DEV's and almost everybody will point you in the right direction if asked.
Bashing away at my HTC Desire C
Click to expand...
Click to collapse
Hence the reason why I posted here ! I would heavily appreciate whatever help I can get and I like to think this can ultimately improve my knowledge, I know knowledge wise, I'm pretty much catered for, here at XDA !
Sent from my SM-P600 using xda app-developers app
okay
Don164 said:
Hence the reason why I posted here ! I would heavily appreciate whatever help I can get and I like to think this can ultimately improve my knowledge, I know knowledge wise, I'm pretty much catered for, here at XDA !
Sent from my SM-P600 using xda app-developers app
Click to expand...
Click to collapse
so if i understand you, you want to break into the phone, yes? that's what forensics is.
flash a stock kernel to your recovery partition or, mod recovery images mount points ramdisk and permissions to enablde adb operations
to pull the data, loop mount it in linux , browse pull analyse change etc.
seems like a long winded way to complicate an orgasm, having read through the thread i still don't get the surface of what you asking.
if your trying to carve out deleted files find or cross compile foremost. if prof argues about rights and legality argue a national security
life and death security over freedom angle.
forensics.
m
I'm currently running an 8.9" HDX with a working AOSP - thanks to all the help I got on this forum and specifically followed this thread:
http://forum.xda-developers.com/showthread.php?t=2582773
but the main applications that I now need to use for work are iOS only (don't ask... NOT happy) so I'm back to carrying an iPad around everywhere and as such I'm going to sell my HDX. Before I do that I need to return it back to stock... I found a number of threads referencing how to do this but wanted to be extra careful. At present I'm just running Safestrap with a second ROM slot that I boot with all the non-standard stuff, I got there via SuperSU.
What's the right sequence of de-activates / un-installs / magic incantations to get this thing back to "boring, stock" just like it would come from Amazon? Is it as simple as re-enabling over-the-air updates and letting it "fix" itself? Or do I need to specifically back out some of the safestrap/superSU stuff first?
Help? (and THANKS)
ljwobker said:
I'm currently running an 8.9" HDX with a working AOSP - thanks to all the help I got on this forum and specifically followed this thread:
http://forum.xda-developers.com/showthread.php?t=2582773
but the main applications that I now need to use for work are iOS only (don't ask... NOT happy) so I'm back to carrying an iPad around everywhere and as such I'm going to sell my HDX. Before I do that I need to return it back to stock... I found a number of threads referencing how to do this but wanted to be extra careful. At present I'm just running Safestrap with a second ROM slot that I boot with all the non-standard stuff, I got there via SuperSU.
What's the right sequence of de-activates / un-installs / magic incantations to get this thing back to "boring, stock" just like it would come from Amazon? Is it as simple as re-enabling over-the-air updates and letting it "fix" itself? Or do I need to specifically back out some of the safestrap/superSU stuff first?
Help? (and THANKS)
Click to expand...
Click to collapse
Depends on how you used SafeStrap. If you ONLY installed in the stock rom, then an update likely would do it. If you installed safestrap a second time from the working rom-slot as well, then updates won't work, because the BL & Kernel CANNOT be flashed.
The best thing is to remove all wifi connections with "forget network", then go into safe strap & activate stock rom. Then go back to the boot options & delete the rom-slot you created. Boot back into stock partition, uninstall Safestrap & then reconnect to wifi & check for updates.
I would HIGHLY recommend you follow my directions about forgetting nearby, if not all, wifi networks. If you turn wifi off in a slot, but not in stock, or vice versa, it can cause boot issues , as well as wifi issues.
I would not return it to stock. That device could go for a premium right now to other users simply because you can get AOSP and so many cannot yet.
EniGmA1987 said:
I would not return it to stock. That device could go for a premium right now to other users simply because you can get AOSP and so many cannot yet.
Click to expand...
Click to collapse
Why would it go for a premium? It is absolutely 100% rootable. It has not been patched against the VolumeManager/vold ASEC exploit. In fact, I am nearly certain the bootloader can bed unlocked from my investigation. Unfortunately that part is beyond my abilities & exceeds the time I would need to get caught up on the msm89xx+ SoC, but I would just about bet the farm that it can be done.
GSLEON3 said:
Why would it go for a premium? It is absolutely 100% rootable. It has not been patched against the VolumeManager/vold ASEC exploit. In fact, I am nearly certain the bootloader can bed unlocked from my investigation. Unfortunately that part is beyond my abilities & exceeds the time I would need to get caught up on the msm89xx+ SoC, but I would just about bet the farm that it can be done.
Click to expand...
Click to collapse
Because when I posted that we had no root, and it was still a "hopefully sometime soon" with 9/10 of the HDX's on a version that couldnt be rooted.
It is nice that we have one Chinese method now and that you might get something soon, though I think you are suddenly pretty full of yourself on these forums with the little bit of knowledge you gained recently. Much better people at this have not been able to get the bootloader cracked. But best of luck to you.
EniGmA1987 said:
Because when I posted that we had no root, and it was still a "hopefully sometime soon" with 9/10 of the HDX's on a version that couldnt be rooted.
It is nice that we have one Chinese method now and that you might get something soon, though I think you are suddenly pretty full of yourself on these forums with the little bit of knowledge you gained recently. Much better people at this have not been able to get the bootloader cracked. But best of luck to you.
Click to expand...
Click to collapse
Actually, the little time I've been around is well over a decade. This ain't my first username. Secondly, there is already an ASEC based root that WAS created by someone better with this stuff than me, so it's not full of myself, it is FACT. I am rooted, have been each & every time, without blocking anything & without having to sacrifice connectivity, another FACT. Coincidentally, the reason it was never published, well I'd venture a guess that it's because of stupid posts & self-entitled people ignorantly writing or PM'ing to insist that things be done for them on their terms. Another fact, it was that kind of crap that made me leave this forum a few months ago. So, I don't know what "better people" you are talking about that have failed at it, but I do know the better people that have done it.
Another fact, anyone at all can read & discover just how small the patch for the ASEC vulnerability was. It doesn't take a genius to then decompile the vold & search for the that one event which was used to patch it, which subsequently tells all you need to know.
GSLEON3 said:
Actually, the little time I've been around is well over a decade. This ain't my first username. Secondly, there is already an ASEC based root that WAS created by someone better with this stuff than me, so it's not full of myself, it is FACT. I am rooted, have been each & every time, without blocking anything & without having to sacrifice connectivity, another FACT. Coincidentally, the reason it was never published, well I'd venture a guess that it's because of stupid posts & self-entitled people ignorantly writing or PM'ing to insist that things be done for them on their terms. Another fact, it was that kind of crap that made me leave this forum a few months ago. So, I don't know what "better people" you are talking about that have failed at it, but I do know the better people that have done it.
Another fact, anyone at all can read & discover just how small the patch for the ASEC vulnerability was. It doesn't take a genius to then decompile the vold & search for the that one event which was used to patch it, which subsequently tells all you need to know.
Click to expand...
Click to collapse
lol. I am glad you know your FACTS. No need to act so butthurt.