I am pretty happy with Sideloading Apps, so as of now I have no interest in rooting my NT.
What I am wondering is, will a Nook update possibly plug the Sideloading capability? And is there a way for me to avoid Nook updates, or are they automatic when you have an internet connection?
I am new to Android, so perhaps these questions show my newness.
Thanks,
Matt
I really, really doubt they would block sideloading. Afaik, it's never been done on any similar device and it doesn't need to be. A lot of people will riot Considering all the dev stuff they let slide on the Nook Color, this is even unlikelier to happen. The locked bootloader is/was due to Netflix requiring it, from what I gathered, so not on their own initiative.
You can firewall all the B&N apps off, or freeze them with Titanium backup if you want, or even remove them (there is a removal tool and/or list in the dev subforum). There are ways to block OTA updates with editing various system files, but they have not been confirmed to work yet (since we have not had an update yet ), so I wouldn't mess with them. You're not rooted, and are able to do what you want with sideloaded apps, so I don't think you have much to worry about at all.
I disabled mine via, /data/data/com.bn.devicemanger/devicemanager.db
change the fota mode from auto to manual.
This should prevent the device from upgrading on its own.
snapplex said:
I disabled mine via, /data/data/com.bn.devicemanger/devicemanager.db
change the fota mode from auto to manual.
This should prevent the device from upgrading on its own.
Click to expand...
Click to collapse
Can you make a script for that? or send to Indirect to add to his root script?
snapplex said:
I disabled mine via, /data/data/com.bn.devicemanger/devicemanager.db
change the fota mode from auto to manual.
This should prevent the device from upgrading on its own.
Click to expand...
Click to collapse
Ah, that's the info! Thanks. I forgot where it was buried
snapplex said:
I disabled mine via, /data/data/com.bn.devicemanger/devicemanager.db
change the fota mode from auto to manual.
This should prevent the device from upgrading on its own.
Click to expand...
Click to collapse
Anyway to use Titanium backup to do the work, like freeze, etc? I know we haven't really have an update from B&N yet to test things out, but what files did we change in the Nook Color? I just wanna cover my bases before start messing with some important files.
Changing fota from auto to manual shouldn't mess up any important files.
Just follow the instructions and be careful and you should have absolutely no problems.
jimmysuggs said:
Changing fota from auto to manual shouldn't mess up any important files.
Just follow the instructions and be careful and you should have absolutely no problems.
Click to expand...
Click to collapse
When in doubt make a copy of the original before making changes.
Related
Forgive my ignorance, but ive never used android before and expecting my phone delivered tomorrow (htc hero! )
As i understand it, the android app store signs the apps similar to iphones itunes store to prevent piracy and malware.
Is this correct?
Ive read about how one can "root" the device by loading a image file thru the bootloader over usb, but i wonder, is there a sudo command or similar to temporarily enable root access and later return to default state?
I suppose i could flash it with the root image, install the app and then flash back the default os image, but that feels pretty awkward procedure and would probably raise a bunch of new problems as how the default os would launch the app installed under another os.
I was hoping to start tinkering with programming, but im unsure if i can "throw in the app" and expect it to work..?
After using mac´s for over 20 years ive become too used to stuff just working right out of the box, so i dont feel like experimenting on my own...
There is an option in the settings that lets you install unsigned apps, so no rooting required.
xarvox said:
As i understand it, the android app store signs the apps similar to iphones itunes store to prevent piracy and malware.
Is this correct?
Click to expand...
Click to collapse
Not exactly! Many paid apps are copy protected, but most of the free ones are not. Unlike the iPhone, where you can only install "unauthorized" apps if you jail break the device, Android allows you to install and run applications from a variety of sources on a stock device.
In essence, you do not need to root the device to develop for it, but there are certain things that applications can only be done on a rooted device (for example, receiving a file via Bluetooth, WiFi tethering etc).
I was hoping to start tinkering with programming, but im unsure if i can "throw in the app" and expect it to work..?
Click to expand...
Click to collapse
Well, programming errors aside ( ), and as long as you don't need to do anything that requires root privileges, yes you can. You should bear in mind that the *vast* majority of Android devices will not have been rooted, and therefore the vast majority of available applications do not require rooted phones.
Personally, I expect that later Android builds will remove many of the restrictions that require applications to have root access, so that they can function without requiring a device to be rooted.
Regards,
Dave
Ive found a app that would tether my laptop (mac) over wifi, but requires me to root the device.
Is there a way to temporarily do this, install the app and make the neccisary changes and then switch back to default state?
I don't believe so.
As far as I'm aware, the application requires the elevated privileges when it runs as opposed to just configuration changes. I don't think that even a setuid would help, since I believe the app expects to find and use su/sudo.
Regards,
Dave
Now that 1.4.2 is out, I'm wondering if the various OTA blocking methods are working for people. I'm using indirect's method and haven't gotten the update yet, though I keep wifi off most of the time, just to be safe.
Anyone out there that has blocked updates get it anyhow?
Or are the methods for blocking OTA holding steady?
Seems to hold steady. I've never turned off WiFi and, despite a brief stint with CM7 last week, I was up for many many weeks with rooted 1.4.0 displaying the 9.9.9 version. No updates. Can't see how I could have had the luck to miss 1.4.1 that entire time. I would say it works - I don't see why it would be any different now that 1.4.2 is out.
If you're using the OTA blocker that displays 9.9.9 what it does is sets the settings for OTA updates to manual, so you won't be getting any updates, ever.
Ah okay then, that answers that.
I'm 9.9.9 til I die (or until B&N figures out how to undo it).
Though hopefully that won't happen.
Thanks for the input.
jimmysuggs said:
Now that 1.4.2 is out, I'm wondering if the various OTA blocking methods are working for people. I'm using indirect's method and haven't gotten the update yet, though I keep wifi off most of the time, just to be safe.
Anyone out there that has blocked updates get it anyhow?
Or are the methods for blocking OTA holding steady?
Click to expand...
Click to collapse
I modified the devicemanager.db as shown here
http://forum.xda-developers.com/showthread.php?t=946969
to set fota operation mode to manual eons ago and have been at 1.4.0 ever since. I don't need no stinkin' updates to 1.4.1 or 1.4.2 just to obtain "minor system enhancements" (like breaking root and locking down exploits).
bladewriter said:
I modified the devicemanager.db as shown here
http://forum.xda-developers.com/showthread.php?t=946969
to set fota operation mode to manual eons ago and have been at 1.4.0 ever since. I don't need no stinkin' updates to 1.4.1 or 1.4.2 just to obtain "minor system enhancements" (like breaking root and locking down exploits).
Click to expand...
Click to collapse
Nothing they can do can lock down the huge "exploit" that allows sd booting.
Sd Booting is hardwired into the system which means as long as we have a signed bootloader we'll always be able to boot the device. This is on purpose and they use it for their own development as well as to issue things like repartition cards to stores.
The bauwks exploit which allows us to boot our own u-boot and therefore unsigned kernels and the such would require for them to completely change the crypto key in which they sign future updates, meaning those updates wouldn't work on current devices. This means they'd have to release a completely new batch of devices with a new crypto key support two devices with two updates just to patch this exploit. They can't patch it on our current devices because if they did all we would have to do is take an older bootloader and load it onto the device therefore re-enabling the devices ability to perform the bauwks exploit.
Updating will kill root, this is NATURAL with all BN devices, it's not something new or them trying to kill root. If you look at their update.zip you will find that it formats /system and completely rewrites it. This is the way it has always been.
Moved To Q&A
Please post all questions in the Q&A section
I have 3 NT's running brianf21's NT Hidden Settings app which has a feature of blocking ota's by changing the setting to manual updates. So far none of my 3 devices has received the 1.4.2 update (wifi is on 24/7), so I think this feature is working on this app. So far so good, anyway!
Check out this post
http://forum.xda-developers.com/note-4-att/general/supersu-please-t3110954
I tried it and got temporary root on my Verizon Note Edge. I know it is temporary but at least it is root.
I do not have the developer version btw..
Did you use the Note 4 .img file?
sbrownla said:
Did you use the Note 4 .img file?
Click to expand...
Click to collapse
I just followed the video that is posted in the OP and that gave me temporary root. I didn't use any .img files.
DV8 said:
I just followed the video that is posted in the OP and that gave me temporary root. I didn't use any .img files.
Click to expand...
Click to collapse
Doesn't it say to use one of the downloadable boot img files from the linked site? It's a boot.img file.
Also what sorts of things have you tried so far with it?
sbrownla said:
Doesn't it say to use one of the downloadable boot img files from the linked site? It's a boot.img file.
Also what sorts of things have you tried so far with it?
Click to expand...
Click to collapse
I have tried Root Explorer and it allows me to read and write to the SD card. I have Root Call blocker and that works as well, I have tried Xposed Framework and so far no go, it does a reboot and you will lose root. This is still a work in progress but it looks a lot more promising than a couple of months ago.
I did not use any img files due to mine being a note edge and I think those files are for those who have taken the lollipop upgrade on their Note 4's. Since we have not received the lollipop upgrade to our edge's yet you should be good to at least temporary root because it is only working on KitKat.
I was able to temp root with king root 4.0.1 apk ... and was able to remove bloatware files from: system/app and: system/priv-app but after reboot they are all back.
Update.... after temp rooting. . Install Titanium Backup and Freeze system apps will enable you to "turn off" apps that you otherwise wouldn't be able to disable through the stock app manager in settings menu.
See screenshot below. ...
Screenshot
Screenshot of TouchWiz disabled because I use a different Home Launcher. And YES it keeps disabled through a reboot.
Was able to turn off The KNOX apps as well... seems to keep root longer without rebooting. HOWEVER root doesn't last forever.. meaning apps like Titanium Backup will lose root... and you will have to reboot and run King root again to get temp root to freeze more apps etc.
This is still a work in progress, hopefully the losing root problem will be fixed soon.
This is nice but after messing with it all week I gave up. I could easily get temp.root and get SU installed but you lose root after about an hour even if you touch nothing. You will also get random reboots a lot and then have to start over.
Mike02z said:
This is nice but after messing with it all week I gave up. I could easily get temp.root and get SU installed but you lose root after about an hour even if you touch nothing. You will also get random reboots a lot and then have to start over.
Click to expand...
Click to collapse
If you install Titanium Backup and "freeze" all the Knox apps [see post 7, 8, & 9] you can keep root long enough to freeze all unwanted bloatware. That way you can at least "turn off" [disable] those apps from running in background etc. It's something more then we had.
Keep at it guys! I'll join when I get some time tomorrow and Monday
justjayhere said:
If you install Titanium Backup and "freeze" all the Knox apps [see post 7, 8, & 9] you can keep root long enough to freeze all unwanted bloatware. That way you can at least "turn off" [disable] those apps from running in background etc. It's something more then we had.
Click to expand...
Click to collapse
Yup, this worked. All week I was trying to "remove" these applications via tibu but yesterday I just froze them. I still lost root but see everything I froze is still listed as "Turned off" in Application manager. That will do for now, Thanks!
when you temp root, use TiBu to "convert to user app" this should move all the files to the user apps directory instead of system apps then try to uninstall and see if they come back after reboot. Just a hunch but I can't try since I don't have the retail version.
NekoShinigami said:
when you temp root, use TiBu to "convert to user app" this should move all the files to the user apps directory instead of system apps then try to uninstall and see if they come back after reboot. Just a hunch but I can't try since I don't have the retail version.
Click to expand...
Click to collapse
I do not see the option in Titanium Backup to ”convert to user app" .. Am I missing something?
justjayhere said:
I do not see the option in Titanium Backup to ”convert to user app" .. Am I missing something?
Click to expand...
Click to collapse
You need to long press on the app. Towards the end of the setting that popup you should see the convert to user app setting.
Easiest way I found was to freeze all the apps you don't want, filter for frozen apps then go through the list converting them to user apps
Edit: this doesn't work. They will install themselves back after doing this.
I figured they would come back.. freezing app is as good as it gets for now.
long press or swipe right to get to the additional options. also thank you guys for confirming that for me. i wasnt for sure since I dont have the retail version to test out on.
also i think i remember reading in the note 4 forum that they were able to get it perma deleted by uninstalling all updates then uninstalling the app or something along those lines. I will go back and read it again to be sure of what i read, i may have misread.
I used this method to disable knox and bloatware on my Verizon Edge even without root: http://forum.xda-developers.com/note-4-verizon/general/disable-knox-ota-root-t2972263
As far as temp root is concerned using King root, I suppose while on a rooted state, one can make changes to the system such as:
1) Enabling 3rd party apps like ES File Explorer to write to SD card by modifying platform.xml as described here: http://forum.xda-developers.com/showthread.php?t=2524277
2) Enabling hidden menu (if this is important to you) by modifying /efs/carrier/HiddenMenu file.
Even if you lose root, the changes you made to these files should stick, correct?
So... I have an Archos 55 and well, root is dangerous, particularly when you're being annoyed with pop up adverts and want to get them gone.
TL;DR:
So basically this all started when I found that web pages and adverts were just opening. Whether I was using the device or not, they'd just magically appear, sometimes ten at a time, accessing the internet at will. I was not best pleased as I have not long purchased the phone, but true to form, Archos have no idea what customer service means, so I was left to attempt to remedy the situation myself. Ordinarily, I would have just formatted and reinstalled the O.S, I do that with linux all the time alas I knew that was difficult.
Instead I sought to find out what exactly was causing the adverts. I deleted all the apps I had installed, but still the adverts kept coming. I did a factory wipe. Still with the adverts. At this point I was a bit stuck, so I grabbed an anti-virus app. It showed a few things that were causing problems including one trojan, under com.android.settings (or something to that name). I made a few enquiries and needless to say, this wasn't a false positive, but it had meant that I had a trojan...and I really don't like trojans. Cue the rage and the not thinking properly as I deleted com.android.settings without making a backup thinking... "shouldn't be too hard to put back"...oh how wrong I was...
I of course tried to make amends by grabbing a "copy" of settings from another site (and possibly a different phone) but I was told that it was ROM and no amount of permission changing was going to change that (I tried and I apparently failed, I may have possibly been doing something wrong, but I don't think my chown/chmod skills are `that` shabby).
The problem:
- No access to settings. Settings doesn't exist. (No access to USB Debugging either because that requires tapping the about phone bit and guess what...)
- Can't install apps as something has "Stopped".
- No access to WiFi
- Using Linux (Ubuntu something or other...15 I think).
- Mobile Tinkering Newb (But I'm not totally tech illiterate).
I do have access to fastboot mode apparently.
So what I think I need is a way to reinstall lollipop 5.1 so I can get back to square one, without (at least initially) using ADB (because I've tried and my device just refuses to show). I've also tried a few "needrom" things but, of course, they don't work because linux.
If anyone could possibly help me, I would be greatly appreciative in any way. I just want wifi back really. (I can see that wifi works and a network is available I just can't edit the settings to access it). If I can provide more information, please ask and I shall provide.
[SOLUTION]
Back up your device <- Essential
Grab a rom from NeedRom
Enable Fastboot.
Enable USB Debugging etcetera.
Use custom software (provided by NeedRom) (I know this seems dodgy but you try anything when you're desperate enough and this works so...if you're worried then take precautions and make a backup of your own phone first.) to open up the .pac file. Check where the files have been opened up to.
Copy the files to a more stable area (i.e from Temp to your Data drive), they should be in .img format as .pac basically appears to be some kind of archive that groups them all into one.
Use Fastboot (you might need to enable this so make sure you do it) and flash the .img files to the phone and sparse them to about 250MB.
Restart the phone.
Check phone works properly.
If works properly, consider donating to NeedRom.
Anyone?
Trojan
I have the same problem, but I didn't uninstall the setting, did your Trojan installed random apps too? Like MyApps or something like that?
Seeing the same problem I think the problem is that the device comes with it, but I haven't found anything else to do apart from installing avast to tell me when unknown sources get on to install a random app.
Talasa said:
Anyone?
Click to expand...
Click to collapse
Hey I fixed it, I have Uninstalled settings and successfully installed them again, no pop ups since.
Message me so I can tell you how to do it.
Fantasma198 said:
Hey I fixed it, I have Uninstalled settings and successfully installed them again, no pop ups since.
Message me so I can tell you how to do it.
Click to expand...
Click to collapse
Hi! How did you solve the problem? Please let me know
It appears to involve installing an apk installer from the Google Play stores (any will do it seems). Then by installing a copy of the Settings.apk.
Neither of which I am able to do as, due to getting rid of settings Google Play won't work. So....
Edit. I managed to get Google Play installed and then installed an APK installer. However installing settings is restricted as security won't let me install unofficial apps. >.>
How do u get rid of pop ups
Fantasma198 said:
Hey I fixed it, I have Uninstalled settings and successfully installed them again, no pop ups since.
Message me so I can tell you how to do it.
Click to expand...
Click to collapse
How do u get rid of them my phone is plaqued with them they are so annoying I didn't even root my phone just done a simple software update thanx
R3b3l3k8 said:
How do u get rid of them my phone is plaqued with them they are so annoying I didn't even root my phone just done a simple software update thanx
Click to expand...
Click to collapse
Hi,
What you have here is a virus.... and like me, it's probably embedded in settings. I.e It comes with the device.
There is no way to get rid of those adverts....except...by voiding your warranty. You will need to wipe your device and reinstall a rom, preferably not your original. (That or send it back to Archos). Taking your phone back to the store and demanding a refund is an option before I proceed further and this is the solution I recommend.
Take this moment to back up all your data.
What I did however and what seems to have gotten rid of them is firstly head over to NeedRom (search) and acquire a freely provided Rom of someone else's phone. There are two versions for the Archos Platinum 55 and it will depend on your specific phone.
Now you will need to flash (this will destroy all data on your phone so make sure you get it backed up) your rom. You can use the ADB solution but that couldn't work for me. So I used Fastboot instead, however to use this the rom provided by needrom is in a .pac file format, you need to get the .img file from it. You can do this by loading up the software provided by NeedRom (named FactoryUpload or something like that) load the .pac file and look at the file path locations. The one I checked was for System. I then went to where it said it was, in my case a Temp folder, copied and pasted all the data to somewhere not temp (all the .img files I needed were there).
Then I used Fastboot to flash the rom entirely there are much better Fastboot tutorials out there than I can explain myself. This flash included System, Recovery, Cache and basically everything, however it wouldn't let me do it all at once. I had to use a particular "flag" or "switch" so that it would `sparse` all the files over 250MB (that was the number I chose) and it worked after that.
This is the only way without returning the phone to get rid of the adverts *if* the virus is indeed in Settings. There's no way to remove Settings safely. I tried.
Redmi 4x satoni(not rooted or flashed)
Is there any way to detect root by exploit, apps like Kingo root and king root and many other one click root apps do this kind of thing where they use and exploit in the Android system and root the phone using it and similarly a malware can do the same?
(I'm assuming this is what it is)(spear phishing)
Can an apk file really gain root access and rewrite your device's rom with a malware in it, is that a thing?
I have installed a third party app where it just disappeared into the background(most likely social engineering) and I tried all avs but it came clean even went into safe mode and settings and tried app managers and settings but all failed
Next I tried the factory reset and the symptoms still persists
Note that I have created new accounts and changed passwords and have MFA on but is there any way for it to reinfect because I'm using the same device to create the new account?
Like is it because it infected my google access or something to come again after factory reset
Thanks
If you think a girlfriend virus is bad, just wait until you get married.
To answer your question....
Android is designed to be very rootkit-resistant. Features such as Verified Boot prevent unsigned/modified images from loading if the bootloader is locked; while it is possible for a malicious app to use an unpatched exploit to root the device every time it runs, any modificaiton made to any critical partiion such as /boot and /system would be detected, and the device would warn the user that the system is corrupted.
Since you've removed the app from your device and performed a factory reset, you should be safe. Good job on using MFA, by the way.
V0latyle said:
If you think a girlfriend virus is bad, just wait until you get married.
To answer your question....
Android is designed to be very rootkit-resistant. Features such as Verified Boot prevent unsigned/modified images from loading if the bootloader is locked; while it is possible for a malicious app to use an unpatched exploit to root the device every time it runs, any modificaiton made to any critical partiion such as /boot and /system would be detected, and the device would warn the user that the system is corrupted.
Since you've removed the app from your device and performed a factory reset, you should be safe. Good job on using MFA, by the way.
V0latyle said:
If you think a girlfriend virus is bad, just wait until you get married.
To answer your question....
Android is designed to be very rootkit-resistant. Features such as Verified Boot prevent unsigned/modified images from loading if the bootloader is locked; while it is possible for a malicious app to use an unpatched exploit to root the device every time it runs, any modificaiton made to any critical partiion such as /boot and /system would be detected, and the device would warn the user that the system is corrupted.
Since you've removed the app from your device and performed a factory reset, you should be safe. Good job on using MFA, by the way.
Click to expand...
Click to collapse
Click to expand...
Click to collapse
No I think I misunderstood there were two apps that I downloaded one disappeared into the back ground (which is causing more havoc) and is undetectable by android avs and i m having trouble removing(got from a sketchy link from my gf)
The second app was just an Instagram app follower which ran in the background and I could uninstall directly(got from playstore)
I want to know how to detect and remove the first one
alokmfmf said:
got from a sketchy link from my gf
Click to expand...
Click to collapse
That's why one should always use protection.
alokmfmf said:
The second app was just an Instagram app follower which ran in the background and I could uninstall directly(got from playstore)
I want to know how to detect and remove the first one
Click to expand...
Click to collapse
What makes you think the first app is still there? If you've performed a factory reset, it's gone - unless it downloaded again when you restored your Google account to your device.
Are you sure you're not mistaking a built-in app?
alokmfmf said:
Is there any way to detect root
Click to expand...
Click to collapse
Yes, almost every banking / payment app does it.
V0latyle said:
That's why one should always use protection.
What makes you think the first app is still there? If you've performed a factory reset, it's gone - unless it downloaded again when you restored your Google account to your device.
Are you sure you're not mistaking a built-in app?
Click to expand...
Click to collapse
Yes I'm sure as my accounts getting hacked my personal media getting leaked permissions asked repeatedly and sim getting disabled
Also I'm trying not to log in to my google account and see how that works
Although I have tried to make new accounts from scatch and start from a clean new slate from factory reset it it may be the device itself I'm afraid
Social engineering-spear phishing(I think)
Redmi4x satoni
I was asked to click on a link and download an apk by my girlfriend and as soon as I downloaded it, it disappeared and I was asked to delete the apk
(I do not have access to the link also)
Later I realized that it tracks permissions, media and keyboard(except of exactly who I'm texting to because of android sandbox)
I tried FACTORY RESET but the symptoms still persisted (like getting hacked again and my private info getting leaked,sim deduction and detection of sim card and permissions being asked again and again even though I allowed it)
I checked all the settings of my phone and nothing is abnormal(I'm not rooted)
Is it possible that a used account could somehow transmit virus because I had a nasty malware on my phone so I factory reset my phone but the symptoms still remain so I used a new google account and others also but it still comes back so I'm guessing its the kernel or the ROM that got infected
I tried all avs but they all came clean and I'm certain that my android is infected with something
First and foremost I need to know how to DETECT the malware (to know which app is causing this)
And second how to REMOVE the malware
Thanks.
Which OS version? If not running on Pie or higher it's suspectable to the Xhelper family of partition worming malware
Yeah sounds like you got a worm... nasty critters.
A reflash may be the best option although if it is Xhelper it can now be removed without a reflash.
You are what you load
blackhawk said:
Which OS version? If not running on Pie or higher it's suspectable to the Xhelper family of partition worming malware
Yeah sounds like you got a worm... nasty critters.
A reflash may be the best option although if it is Xhelper it can now be removed without a reflash.
You are what you load
Click to expand...
Click to collapse
Yes I know I made a stupid decision its completely my fault I tried using the xhelper method but it comes clean I assume there is only one method that involves disabling the play store
I run on miui 11 nougat 7
Any methods to detect and remove the malware are welcome
And about reflashing its very complicated for mi phones most
alokmfmf said:
I run on miui 11 nougat 7
Any methods to detect and remove the malware are welcome
And about reflashing its very complicated for mi phones most
Click to expand...
Click to collapse
Reflash it to stock firmware. If you can upgrade to Android 9 consider doing so for security purposes. It may have performance/functionality drawbacks though for your application though, not sure as I never used 6,7 or 8.
Make sure you reset all passwords, keep social media, sales and trash apps off the phone. Always keep email in the cloud ie Gmail or such.
Run Karma Firewall. Be careful what you download and especially install... don't sample apps unless you have a real need for that particular app. Once installed don't allow apps to update as they may try to download their malware payload, a way to bypass Playstore security.
blackhawk said:
Reflash it to stock firmware. If you can upgrade to Android 9 consider doing so for security purposes. It may have performance/functionality drawbacks though for your application though, not sure as I never used 6,7 or 8.
Make sure you reset all passwords, keep social media, sales and trash apps off the phone. Always keep email in the cloud ie Gmail or such.
Run Karma Firewall. Be careful what you download and especially install... don't sample apps unless you have a real need for that particular app. Once installed don't allow apps to update as they may try to download their malware payload, a way to bypass Playstore security.
Click to expand...
Click to collapse
Will not logging in my google account help
alokmfmf said:
Will not logging in my google account help
Click to expand...
Click to collapse
No. The malware is in the phone apparently in the firmware.
blackhawk said:
No. The malware is in the phone apparently in the firmware.
Click to expand...
Click to collapse
I disagree, unless Xiaomi/Redmi's AVB/dm-verity implementation is useless, it should prevent a persistent rootkit.
I suspect this has little to do with the phone and more to do with reused passwords and other "organic" security failure.
V0latyle said:
I disagree, unless Xiaomi/Redmi's AVB/dm-verity implementation is useless, it should prevent a persistent rootkit.
I suspect this has little to do with the phone and more to do with reused passwords and other "organic" security failure.
Click to expand...
Click to collapse
You're probably right. Forgot it was running 11... lol, organic security failure, I like that
blackhawk said:
You're probably right. Forgot it was running 11... lol, organic security failure, I like that
Click to expand...
Click to collapse
The security measures that prevent persistent rootkits have been in place long before Android 11.
The most common root cause of a breach of security is the failure to ensure sufficient security in the first place. Simple passwords, reused passwords, no MFA, connected accounts, etc. Yes, there are plenty of Android viruses out there, but all of them "live" in the user data space. Of course, there may be unpatched exploits that allow root access, but these must be exploited every time the app is run. An app cannot modify the boot or system partitions without tripping AVB (if the bootloader is locked) whereupon the device would warn that the OS is corrupted.
At the end of the day, it's much much easier to simply use social engineering or other methods to gain someone's credentials, rather than trying to hack their device.
V0latyle said:
The security measures that prevent persistent rootkits have been in place long before Android 11.
Click to expand...
Click to collapse
Yeah Android 9 was where the hole for the Xhelper class of rootkits was plugged for good. It runs securely unless you do stupid things. This phone is running on that and its current load will be 3 yo in June. No malware in all that time in spite of the fact it's heavily used. It can be very resistant to attacks if set up and used correctly.
V0latyle said:
The most common root cause of a breach of security is the failure to ensure sufficient security in the first place. Simple passwords, reused passwords, no MFA, connected accounts, etc. Yes, there are plenty of Android viruses out there, but all of them "live" in the user data space. Of course, there may be unpatched exploits that allow root access, but these must be exploited every time the app is run. An app cannot modify the boot or system partitions without tripping AVB (if the bootloader is locked) whereupon the device would warn that the OS is corrupted.
Click to expand...
Click to collapse
I was initially thinking his was running on Android 8 or lower. Forgot On Android 9 and higher (except for a big hole in Android 11 and 12 that was patched if memory serves me correctly) about the only way malware is getting into the user data partition is if the user installs it, doesn't use appropriate builtin settings safeguards or by an infected USB device. Any phone can be hacked if the attacker is sophisticated and determined enough to do so... in my opinion. Even if this happens a factory reset will purge it on a stock phone unless the hacker has access to the firmware by remote or physical access. Never allow remote access to anyone...
V0latyle said:
At the end of the day, it's much much easier to simply use social engineering or other methods to gain someone's credentials, rather than trying to hack their device.
Click to expand...
Click to collapse
Lol, that's what social media is for
blackhawk said:
No. The malware is in the phone apparently in the firmware.
Click to expand...
Click to collapse
OK thanks for helping its been good
alokmfmf said:
OK thanks for helping its been good
Click to expand...
Click to collapse
You're welcome.
I retract that (post #12) as I forgot it is running on Android 11. Like V0latyl said it's probably the password(s) that were compromised if a factory reset didn't resolve the issue other than the exceptions I stated in post #16.
Also i found this on the net if that helps with the situation
Be especially wary of spear phishing. Do not click on any weird link sent by your closest friends, or if you feel compelled to do so, open it from a tightly secured operating system (a fresh VM) where you have never logged in to your social networks.
And
Factory resets are not enough to santitize the device.
Also I'm a bit scared as some people on the net have told that in some cases that even a flash might not wipe it as it resides in the boot logo or some places where flashes do not reach or in flash ROMs chips(but of course this is all very rare)
I am very fascinated and would like to learn more about it any suggestions would be helpful