There have been many mentions on the web of how Android 2.3.5 introduced full device encryption, and a page or two mentioning it on the Note. I started a thread in the international on this and it seems Samsung somehow left it out of the Note, and the web pages mentioning it were just vague enough to not explicitly say it would be on there upon closer inspection, though first impressions would suggest it would be there.
I do remember reading AT&T material discussing encryption as one of the enterprise features of their Note, but lo and behold, it's nowhere to be found here, either (or I'm blind.) What's the deal? This is an important feature to me, and I feel somewhat duped.
I was looking for this too, not that I'm a criminal, but with the recent court rulings about not decrypting hard drives I want to encrypt my phone so big brother can't get into my stuff and can't make me let them. Hopefully it never comes to that but it could.
Sent from my SAMSUNG-SGH-I717 using XDA App
AT&T has the habit to disabling features that cost them support $$. Encryption is one of them starting from GS2.
Encryption is supported on ICS, so it might be present there unless AT&T actually removes it. Bad news is that it could be a very long time before we see ICS officially.
Sent from my Samsung Galaxy Note
This is Samsung's page that suggests the Note will have On-Device Encryption:
http://www.samsung.com/us/news/newsRead.do?news_seq=20085&page=1&gltype=localnews
It's part of their SAFE - Samsung Approved for Enterprises - certification that they clearly state the Note and Galaxy Tab 7.7 will have.
I swear I saw an AT&T document mentioning these enterprise features as well, but I can't find it now, so it might have been some 3rd party review.
I wonder if AT&T would require the enterprise data plans in order to enable this? (Doubt it, but you never know, maybe they finally found a way to actually differentiate those plans beyond lying to consumers and saying that the personal plans don't work with Exchange.) When I go to my Exchange account security policies, the line item about requiring device encryption is greyed out and "disabled". I don't know if this is functionality that can be unlocked/enabled from a back-end source or if there's an OTA switch for it.
fwiw, i was expecting this feature on the unlocked international version that i have, and it's nowhere to be found.
So I found myself looking around at different smartphone related articles like I always do when I stumbled across one in particular that had me scared! The article was talking about Samsung and Google bringing Knox to android L. We all know how much of a problem Knox has been to us here at the dev community.
Anyways have a look for yourself here
skeezer308 said:
So I found myself looking around at different smartphone related articles like I always do when I stumbled across one in particular that had me scared! The article was talking about Samsung and Google bringing Knox to android L. We all know how much of a problem Knox has been to us here at the dev community.
Anyways have a look for yourself here
Click to expand...
Click to collapse
Hate to break it to you, but knox or no knox it will likely be a step up in security.
Why wouldn't it be?
Call it what ever you want, just make sure you start shopping for a dev edition.
Yes this was reported when they released the L preview because it's the first time they've included Samsung code into AOSP.
Every release of android will be a step up in security, I'm just going to move on from Verizon if it gets to the point where no boot loader can be unlocked.
joshm.1219 said:
Yes this was reported when they released the L preview because it's the first time they've included Samsung code into AOSP.
Every release of android will be a step up in security, I'm just going to move on from Verizon if it gets to the point where no boot loader can be unlocked.
Click to expand...
Click to collapse
The bottom line is that flexibility and customization will always interfere with security and both, fortunately and unfortunately, the latter is one that is of major concern to corporations.
Some of the arguments and measures are over the top but for the most part it part of technology maturing. Rooting a phone for most people here is harmless and enables a purpose, but it also opens the door to circumvent security and encrypted materials from our devices.
It seems Samsung and Verizon are open to creating a "developer" version to allow for justified valid reasons to root and customize, but the more personal and business purposes merge the more security becomes more important over flexibility.
I am not saying this makes it good or that you should like it. But it something that inevitably will continue to progress making it more difficult for complete control of your device.
Capitalism is based on profitability and adoption and if you get large corporation to endorse you methods then you have a huge revenue channel, right, wrong or indifferent.
Hopefully an innovation will come along that will enable the right balance, but only time will tell.
Personally I have recently decided to join BYOD at my work and consequently had to unroot my device, and I have to admit that I miss some aspects, but not enough to give up the convenience of having all I need in ONE device.
Just my $0.02
Well the part that had me concerned was knowing how locked down Samsung devices have become, especially on Verizon and ATT networks. I may be wrong but I think part of the reason we still haven't been able to find an exploit to unlock the bootloader is because of the tightening grips of Knox. Now don't get me wrong I understand that there is a need for security, especially in business with BYOD. I was half scared they were attempting to lock down android to that extent as a whole. As I read further into the article I had learned that some of the Knox feature I was fearing wear hard ware implemented. I think this part from the article pretty much sums it up.
"Even though Samsung is sharing many of the Knox functions with Google on Android L, they will still offer a superior security solution on Samsung devices. This is due to several features requiring deep hardware integration that can only be managed directly by Samsung. As listed on the Samsung Knox blog, the following will remain specific to Samsung:
TrustZone-based Integrity Measurement Architecture (TIMA)
Real-time Kernel Protection
Client Certificate Management (CCM)
Trusted Boot-based Key store
Remote attestation
Trusted Boot
Biometric authentication
KNOX Smart Card Support"
skeezer308 said:
Well the part that had me concerned was knowing how locked down Samsung devices have become, especially on Verizon and ATT networks. I may be wrong but I think part of the reason we still haven't been able to find an exploit to unlock the bootloader is because of the tightening grips of Knox. Now don't get me wrong I understand that there is a need for security, especially in business with BYOD. I was half scared they were attempting to lock down android to that extent as a whole. As I read further into the article I had learned that some of the Knox feature I was fearing wear hard ware implemented. I think this part from the article pretty much sums it up.
"Even though Samsung is sharing many of the Knox functions with Google on Android L, they will still offer a superior security solution on Samsung devices. This is due to several features requiring deep hardware integration that can only be managed directly by Samsung. As listed on the Samsung Knox blog, the following will remain specific to Samsung:
TrustZone-based Integrity Measurement Architecture (TIMA)
Real-time Kernel Protection
Client Certificate Management (CCM)
Trusted Boot-based Key store
Remote attestation
Trusted Boot
Biometric authentication
KNOX Smart Card Support"
Click to expand...
Click to collapse
There is a BIG difference between locked bootloaders and Knox...the bootloader is a proprietary part of the firmware, not the OS...Knox is integrated in the OS....neither have anything to do with the other. Please venture into the T-Mobile, Sprint and International S4 forums to see the effects of Knox. If you do not want a locked bootloader switch to a carrier that does not do it or phones that do not have it. I understand Verizon has even blocked the use of HTCDev on their newer HTC devices and updates. These carriers locking the bootloaders do so to have the most secure phones and be able to go after the military and commercial contracts. So again, do not think Knox has anything to do with the lock down of AT&T and Verizon....that is all between the carrier and Samsung.
m3Jorge said:
The bottom line is that flexibility and customization will always interfere with security and both, fortunately and unfortunately, the latter is one that is of major concern to corporations.
Some of the arguments and measures are over the top but for the most part it part of technology maturing. Rooting a phone for most people here is harmless and enables a purpose, but it also opens the door to circumvent security and encrypted materials from our devices.
It seems Samsung and Verizon are open to creating a "developer" version to allow for justified valid reasons to root and customize, but the more personal and business purposes merge the more security becomes more important over flexibility.
I am not saying this makes it good or that you should like it. But it something that inevitably will continue to progress making it more difficult for complete control of your device.
Capitalism is based on profitability and adoption and if you get large corporation to endorse you methods then you have a huge revenue channel, right, wrong or indifferent.
Hopefully an innovation will come along that will enable the right balance, but only time will tell.
Personally I have recently decided to join BYOD at my work and consequently had to unroot my device, and I have to admit that I miss some aspects, but not enough to give up the convenience of having all I need in ONE device.
Just my $0.02
Click to expand...
Click to collapse
I don't know, I don't understand how it would affect anything if they let a user decide if they wanted their bootloader unlocked for every device.
joshm.1219 said:
I don't know, I don't understand how it would affect anything if they let a user decide if they wanted their bootloader unlocked for every device.
Click to expand...
Click to collapse
Because the users are not always the owners. My work phone is an Apple 5s. But "My" is not really accurate. It's my employer's phone that they give to me to use for work purposes. So I'm the user, but if the owner wants it locked down, that's their prerogative.
Sent from my SCH-I545 using Tapatalk
brizey said:
Because the users are not always the owners. My work phone is an Apple 5s. But "My" is not really accurate. It's my employer's phone that they give to me to use for work purposes. So I'm the user, but if the owner wants it locked down, that's their prerogative.
Sent from my SCH-I545 using Tapatalk
Click to expand...
Click to collapse
So require owner account access then
I personally think if they did include knox in android L there would still be an option to use fastboot to unlock the device.
xXsquirr3lsXx said:
I personally think if they did include knox in android L there would still be an option to use fastboot to unlock the device.
Click to expand...
Click to collapse
This would be correct. Please see OP linked articled to see what is is actually being implemented here.
My rant about At&t and I why I am angry with them about my predicament with my s7.
PLEASE READ DISCLAIMER AT THE BOTTOM AND ALL ASTRICKED ITEMS. READ AT YOUR OWN RISK.
YOU HAVE BEEN WARNED.
I will say how disappointed in at&t I am; it should be illegal to lock phones like this. The last samsung galaxy able to be rooted was the s4 and note 2 (don't quote me on that is was guestimation). But like all the idiots caught up in the buzz of owning the newest device, I got burned by the note 4. Fool me once shame on you, but fool me twice shame on me. I got burned again on the s7, and developers on here have basically given up rooting anything else (since the note 4 crisis there's a large bounty for whomever get the first permaroot) . Maybe if millions of us write to samsung about how at&t is ruining their products, they could do something about this travesty. <b>
Well if could some root required apps to work on my phone I would be much happier. I can't even use the current version of lucky patcher, how stupid is that. <b>
If your phone isn't rooted or have never felt the joy of a rooted phone (it is like endless possibilities all in the palm of your hand), and if you don't know what rooting is, get a clue, (Google it). Beg, barrow, steal one from a guy the next County over, forge one, trade for one, find one, save up for 3 months to buy one on eBay, I don't care how you get a clue, but you need one. The ability to Root our phone should be a fundamental right. (particularly with what went on with Apple and the FBI in California) We buy the phone, pay for it's service, then you treat us like we somehow don't know something has changed. (All the sudden "security updates that happen right after finding root for other devices and then people update their devices and it is gone back to square one.) Who is going to be responsible for all the millions of phones that are going to be trash because of this?
(because now on certain devices it softbricks the phone, sure it roots it, but what good is a rooted phone when you can't use it? (I relate it to something close to ransomware, on a computer, where software hold it (the computer) hostage until you meet the criminal's demands (usually money), so that you can get your computer back, and then sometimes they just leave it in place. (nasty crap fun to get rid of without reinstalling the OS) In this case it holds your phone hostage until you meet at&t's demands of "removing non at&t software", and until such time that the software is removed it remains bricked. If you have this issue, which I have only seen it mentioned a handful of time, and happen to have a Samsung device (with or without warranty) they will fix for free and even pay shipping both ways (now that's how you keep customers happy) I still have this issue as I have not sent my phone in yet and if someone knows how to fix it I would like to know. It goes from the ransom page with the padlock unlocked and warnings from at&t, then it goes to a second page saying that I have a Reactivation Lock in place. I have tried everything stated on the forum about RL, but my case is unique because of my stupid idea of seeing if king root had figured out how to root note 4 at&t sm-N910A version. To answer your question did it work, yes and no. Read the bricking bit above.)
Surely not your loyal customers, surely not the one who actually make and put their name on the phone, no I blame the cell phone companies. They have gotten to big for their own shoes on this one, they stepped in a giant pile of it. How many millions of customers have you lost at&t? Hmmm? Answer that one. Maybe I'll be the next to jump ship, sprint has a great plan, half the price, and they'll pay our way out of the eta( early termination fee(s) ln case you didn't know) up to 600 USD on each line. Sounds good to where do I sign, oh you need to take my piece of it phone and trade it for one the COMES with an unlocked bootloader. Take it I never wanted this piece of it to begin with. Bye At&t, you had a good ride with most of us for longer than a decade, but you done shot yourself in the foot on this one. You should have never changed your name and started in the cell phone business. South Western Bell is dead, and this monstrosity that has been created is nothing more than a shell of its former company, what a bunch of sell outs. I hope you sleep good at night knowing how many people are cursing your name from every roof top and highest building. You don't play with other people's it. It isn't proper nor is it called for. Some customers will be loyal to the end, but I am sick of all the red tape and garbage we have to put up with. Higher rates for the same service? Do you think we are stupid?
DISCLAIMER
*PLEASE NOTE THAT THIS IS MY OWN OPINIONS. IT IS AIMED AT AT&T, AND THEIR INABILITY TO LEAVE A GOOD THING ALONE. IT IS NOT MEANT TO OFFEND US NORMAL FOLK THAT PAY RIDICULOUS PHONE BILLS EVERY MONTH. IF YOU ARE ONE OF THESE PEOPLE AND YOU FIND THIS OFFENSIVE I AM SORRY. I NEVER CUSSED OR SAID ANYTHING OFFENSIVE ABOUT OR TO AN INDIVIDUAL. *
*ANY INSTANCES OF "IT" THAT ARE EXTRAGRAMMATIC ARE A CUSS WORD IN DISGUISE AND IS SELF EXPLANATORY*
PLEASE FEEL FREE TO COMMENT WITH YOUR OWN OPINIONS THIS A JUDGEMENT FREE ZONE, SO PUT SOME FEELING IN IT. OCCASIONAL SWEARING IS TO BE EXPECTED (AS LONG AS IT IS OK WITHIN THE POLICIES OF XDA IF DOUBT DON'T DO IT.).
ANY HELP WITH ABOVE STATED ISSUE PLEASE LINK BELOW SO THE POST ENDS UP IN THE PROPER SECTION (TROUBLESHOOTING AND WHATNOT).
ANYTHING FOUND IN PARENTHESES WAS ADDED FOR CLARIFICATION PURPOSES, AND NOT MEANT TO DEMEAN ANYONE. THERE ARE PEOPLE WHO DO NOT KNOW THE TERM OF KNOWLEDGY.
IF ANYTHING IN THIS RANT HAS BEEN MISREPRESENTED OR IS INCORRECT PLEASE BRING TO MY ATTENTION.
THANK YOU TO ANYONE WHO ACTUALLY READ ALL THIS.
God bless and peace out,
Kelentaria
I switched to AT&T because of direcTV unlimited (saves me 15 bucks a month from what I was paying). I don't really care much about having root access, but I do care about being able to erase the bloat on the phone. Bloat should be optional software, not burned into the OS. Look at Windows for a PC. If you don't want an app that came preloaded, you simply uninstall it. How is that even legal to have software stuck on your phone, which you have no idea what it is doing in the background and also claim you have 32gigs of storage, but you actually only have 19?
I see some of your points, but the whole rooting thing will be an uphill battle. Each company is required by law to patch exploits that allow the system to be compromised. Unless Google makes root access standard (meaning easily unlocked with an app etc) you won't see it again , and if you do, rarely.
I could forgive them for the root issue, but not for the bloat, lack of WiFi calling on android devices, etc.
Your points and opinion is well taken here as a fellow ATT user. We won't even get Samsung to move on rooting and bootloader unlocking since they're path is the business level users. That's mostly to do with all of us modder folks being in the small minority when it comes to purchasing their phones. There should be an option to unlock the bootloader from them directly. Basically them allowing us to either choose to void our warranty to unlock the bootloader which relieves them of the responsibility of folks blaming them for their choice of modding the phone. Similar to the HTC process. But again this is my opinion. ATT on the other hand has been a constant pain with not being consumer friendly for the last 4 years from my guestimation.
psufan5 said:
I switched to AT&T because of direcTV unlimited (saves me 15 bucks a month from what I was paying). I don't really care much about having root access, but I do care about being able to erase the bloat on the phone. Bloat should be optional software, not burned into the OS. Look at Windows for a PC. If you don't want an app that came preloaded, you simply uninstall it. How is that even legal to have software stuck on your phone, which you have no idea what it is doing in the background and also claim you have 32gigs of storage, but you actually only have 19?
I see some of your points, but the whole rooting thing will be an uphill battle. Each company is required by law to patch exploits that allow the system to be compromised. Unless Google makes root access standard (meaning easily unlocked with an app etc) you won't see it again , and if you do, rarely.
I could forgive them for the root issue, but not for the bloat, lack of WiFi calling on android devices, etc.
Click to expand...
Click to collapse
I suggest you try Package Disabler Pro, its a small price to pay but it works perfectly disabling bloat from Samsung devices. It is not root but at the very least it helps make touchwiz bearable.
---------- Post added at 02:58 PM ---------- Previous post was at 02:54 PM ----------
I don't think there is a single ATT user that doesn't share your opinion but nowadays we all know what we are getting into with them. Only the Nexus line remains untouched but with the recent surge in mobile payment use the manufacturers are locking down phones harder than eve, one the plus side it helps maintain security and protect your hard earned money but sadly some sacrifices must be made. My only wish is that Samsung would finally see the light and at the very least give us the option of stock android in their devices, a tall order I know but one that would be met with enthusiasm.
glm0025 said:
I suggest you try Package Disabler Pro, its a small price to pay but it works perfectly disabling bloat from Samsung devices. It is not root but at the very least it helps make touchwiz bearable.
---------- Post added at 02:58 PM ---------- Previous post was at 02:54 PM ----------
I don't think there is a single ATT user that doesn't share your opinion but nowadays we all know what we are getting into with them. Only the Nexus line remains untouched but with the recent surge in mobile payment use the manufacturers are locking down phones harder than eve, one the plus side it helps maintain security and protect your hard earned money but sadly some sacrifices must be made. My only wish is that Samsung would finally see the light and at the very least give us the option of stock android in their devices, a tall order I know but one that would be met with enthusiasm.
Click to expand...
Click to collapse
Ive done that, but the bloat still takes up a huge chunk of space - the APKs are just disabled
there hasn't been a bootloader unlocked at&t galaxy since the S3. The S4 was bootloader locked, but anyone with AMDL firmware (the second OTA) could bypass the bootloader and load ROMs that way. Anyone that updated past that was stuck with bootstrapped ROMs. The S4 was never bootloader unlocked ever.
psufan5 said:
Ive done that, but the bloat still takes up a huge chunk of space - the APKs are just disabled
Click to expand...
Click to collapse
Rooted or not, you wouldn't get that space back. The pre-installed crud is installed on the system partition which is a separate space from where user apps (and all data) are stored. If you rooted and deleted those apps, the space would just go unused. (And really, those apps don't take up much space in storage.)
On the other hand, there are things in the AT&T preload that can't be disabled. Some might be daemons that load before (and outside the scope of) android, and others are embedded deep into the existing modules (such as systemUI.) For example, AT&T still uses a variation of carrier IQ software for analytics.
However, even if you had root, you couldn't easily get rid of those things without completely changing the firmware to something else. Once you did that, you'd also lose AT&T variant specific things such as AT&T's implementation of VoLTE, video calling, etc. (Just because other firmware might support features by the same name, it doesn't mean that they'll work on AT&T's network.)
My biggest complaint these days with AT&T variants is that AT&T blocks important system updates. Even VERIZON has become better about releasing firmware updates and upgrades for android phones when compared to AT&T. (Verizon used to hold the crown of being the absolute LAST carrier to update their phones... but no more. Now AT&T clearly owns it.)
Here's the funny thing: AT&T claims that they are locking down bootloaders and such in order to have a higher level of security for business customers. Yet, by taking MONTHS longer to release firmware updates, AT&T phones are often vulnerable to malicious exploits long after those exploits have been fixed by Samsung/HTC/etc.
garyd9 said:
Rooted or not, you wouldn't get that space back. The pre-installed crud is installed on the system partition which is a separate space from where user apps (and all data) are stored. If you rooted and deleted those apps, the space would just go unused. (And really, those apps don't take up much space in storage.)
On the other hand, there are things in the AT&T preload that can't be disabled. Some might be daemons that load before (and outside the scope of) android, and others are embedded deep into the existing modules (such as systemUI.) For example, AT&T still uses a variation of carrier IQ software for analytics.
However, even if you had root, you couldn't easily get rid of those things without completely changing the firmware to something else. Once you did that, you'd also lose AT&T variant specific things such as AT&T's implementation of VoLTE, video calling, etc. (Just because other firmware might support features by the same name, it doesn't mean that they'll work on AT&T's network.)
My biggest complaint these days with AT&T variants is that AT&T blocks important system updates. Even VERIZON has become better about releasing firmware updates and upgrades for android phones when compared to AT&T. (Verizon used to hold the crown of being the absolute LAST carrier to update their phones... but no more. Now AT&T clearly owns it.)
Here's the funny thing: AT&T claims that they are locking down bootloaders and such in order to have a higher level of security for business customers. Yet, by taking MONTHS longer to release firmware updates, AT&T phones are often vulnerable to malicious exploits long after those exploits have been fixed by Samsung/HTC/etc.
Click to expand...
Click to collapse
Bootloader is locked down for one reason - stop tethering on unlimited plans.
Thats about it.
psufan5 said:
Bootloader is locked down for one reason - stop tethering on unlimited plans.
Thats about it.
Click to expand...
Click to collapse
You are misinformed.
I completely agree that the situation sucks. I know that this will fall over into the Note 6, and that saddens me. That is why I set up camp on the Apple side of the fence. They are always hacking into ios somehow (no fragmentation i guess?), and the OS, while still not as open as Android has matured a little. I do miss Android, but Samsung was my home, and it isn't easy switching to another OEM when their hardware designs are so different (no physical home button).
I happen to work for Sprint (for the time being), and the prices are better, but our systems suck, and our business practices are kind of shady. Hopefully I don't get into any trouble for this, but customers deserve to know the whole story. Example: a gentleman came in to get a new sim card for his S4 Mini. Now with at&t, you just go get a sim card, and all you have to worry about is standard/micro/nano. With Sprint, however, each size sim card has a wide variety of skus (barcodes), and we use a tool to see which ones are compatible with the device in question. In this guy's case, Sprint had discontinued the only sim card that would work with his phone.
To put it plainly, we force ultimatums on our customers; buy another phone, or do without. I'm actually ashamed to work for this company.
What sickens me is that they disable perfectly fine features to replace them with their crapware. I like their network coverage, but I'm really doubtful if I would/should stay with At&t anymore. I personally don't care much about the bootloader, but the fact that they are doing this sort of thing without facing any sort of push-back, is what annoys me.
sireniankyle said:
I completely agree that the situation sucks. I know that this will fall over into the Note 6, and that saddens me. That is why I set up camp on the Apple side of the fence. They are always hacking into ios somehow (no fragmentation i guess?), and the OS, while still not as open as Android has matured a little. I do miss Android, but Samsung was my home, and it isn't easy switching to another OEM when their hardware designs are so different (no physical home button).
I happen to work for Sprint (for the time being), and the prices are better, but our systems suck, and our business practices are kind of shady. Hopefully I don't get into any trouble for this, but customers deserve to know the whole story. Example: a gentleman came in to get a new sim card for his S4 Mini. Now with at&t, you just go get a sim card, and all you have to worry about is standard/micro/nano. With Sprint, however, each size sim card has a wide variety of skus (barcodes), and we use a tool to see which ones are compatible with the device in question. In this guy's case, Sprint had discontinued the only sim card that would work with his phone.
To put it plainly, we force ultimatums on our customers; buy another phone, or do without. I'm actually ashamed to work for this company.
Click to expand...
Click to collapse
I get what you are saying 100% but the only problem for me is that a locked down Android device does more than a jailbreaked iPhone any day of the week.,at the end of the day Android is still more open than IOS. As of right now Marshmallow has proven good enough for me that I'm not missing root or custom roms, that I would root and unlock if I had the chance you better believe it but even 6.0 Touchwiz is bearable right now.
glm0025 said:
I get what you are saying 100% but the only problem for me is that a locked down Android device does more than a jailbreaked iPhone any day of the week.,at the end of the day Android is still more open than IOS. As of right now Marshmallow has proven good enough for me that I'm not missing root or custom roms, that I would root and unlock if I had the chance you better believe it but even 6.0 Touchwiz is bearable right now.
Click to expand...
Click to collapse
It heavily depends on how well you know Cydia. . You can change everything about the layout in an iphone through winterboard or dreamboard. You can customize power options, and assign on screen and button shortcuts no matter where you are on the device (app, home screen, locked). Ad blocker, free spotify premium, a youtube downloader built into youtube, custom carrier logos, system wide night mode, keyboard sub symbols, finger print locked apps, remove the media cap in imessage or text messages, enable zedge ringtone downloads, kill all background apps, pop out video for any app, and custom folder sizes.
I can agree that a few of those are just catching up with Android, but a system wide on or off wifi ad blocker is something that only root can do. There are some things, like the no media cap in messages, that even a rooted android device can't technically do (depends on the carrier I suppose), because they don't go through Apple servers.
This isn't me crapping on Android. I love Android. I just needed a place to hold up until Samsung gets it together. I refuse to buy their locked up garbage anymore. The htc 10 is looking pretty good, too, but I was hoping for something with amoled.
Just so everyone is clear, we dont discuss piracy or fraud or such on XDA.
App developers work hard for their money, trust me it is hard to earn a living at 99cents a pop. Lets support our developers instead of supporting theft.
You're dumb. You're *****ing about a $600 term fee which is impossible for a single line. Buy your phone international or unlocked if this is such an issue for you and stop whining. The ATT model of phones are NOT for power users. Plain and simple. I'm surprised so many people are taking the time to read you *****ing.
This post is so funny...
You are all over the place with your words, your thoughts and your anger.
Why would you purchase the S7 on AT&T if you already knew all of this?
Especially if this has already happened to you with your Note 4?
End of the day, most of the customers who use AT&T have no idea about root. They have no care or concern about these things.
People like us, on XDA, who love to root and customize our phones have to understand that there is a paradigm shift in Android (particularly in regards to Samsung devices) that focuses on security rather than customization. Especially when dealing with Carrier phones. The bloat, the locked bootloader, the restrictions all have their reasons for existing.
Especially when Samsung is amidst a global (albeit slow) roll out of Samsung Pay. Trying to align themselves ever so closely with Apple in terms of quality and brand recognition.
Samsung Pay will NEVER work on a rooted phone, EVER! Doesn't matter if you restore stock firmware etc...
Carriers also have their reasons as well...
There are plenty of reasons why they both do it, most of which I don't want to sit here and write out one by one. Like you said in your post... Google it.
End of the day, if you want to root or customize your device then you should do your research before dropping $700+ on a phone.
Plenty of bloat free, bootloader unlocked, international and non carrier phones available for you to achieve root and enjoy Android.
Coming on here and posting a wall of whine just makes you look silly and childish.
Yes, it sucks... I share your annoyance as I'm sure many other AT&T/XDA members do as well - for years now.
End of the day, these mega corporations don't care about you or what makes you happy. It's a business, their business, deal with it. We all have to... If you want to protest, protest with your wallet.
HNIC215 said:
Samsung Pay will NEVER work on a rooted phone, EVER! Doesn't matter if you restore stock firmware etc...
Click to expand...
Click to collapse
While I tend to agree with the majority of your post, I think this one statement I quoted might be a bit too absolute.
My understanding of SPay is that it relies on the KNOX fuse to determine if a phone is modified. If true, then if an exploit is discovered and implemented which grants root without tripping KNOX, then SPay could possibly work on a rooted device. (Hiding root is doable, and supersu has been playing the cat/mouse game with Android Pay for several months on this...)
The galaxy S6 was rootable without tripping KNOX when it was initially released...
Of course, it's possible that there's something in the samsung firmware that will immediately trip KNOX if root is even detected. If so, it's something new that hasn't been there before. Previously, tripping KNOX required an action at the bootloader level - and usually occurred when an image not signed by samsung was flashed via ODIN.
Moving slightly off topic...
The problem, in my opinion, isn't that root can't be gained. There are plenty of exploits for gaining privileges that either Samsung takes too long to patch, or that the carriers (specifically AT&T) take too long to release the patches for. (AT&T is already 2 months behind on the S7's security patches. Those are patches for security concerns that are now publicly announced and should be easily exploited by reverse engineering the fixes that google publishes.)
The real problem is that people who would develop and publish a root method for hobbyists don't care anymore. Those people aren't going to buy a bootloader locked S7. Either they'll buy a different phone entirely (from a manufacturer that's more dev friendly), or they'll buy a non-carrier model that isn't bootloader locked. (Actually, there's another group, but it's very small: Industry insiders who are constrained by legal agreements (such as NDA's) preventing them from releasing anything they might come up with.)
garyd9 said:
While I tend to agree with the majority of your post, I think this one statement I quoted might be a bit too absolute.
Click to expand...
Click to collapse
That's what a Samsung Rep told me when I had the international Note 5 and wanted to know if I would be able to use Samsung Pay here in the states.
First, they said Samsung Pay would have to be available in the device's country of origin.
Second, they said the device can NEVER be rooted. If the device is rooted, it will NEVER be able to run Samsung Pay on it for the remainder of its life. Regardless if you restore with stock firmware and unroot.
Which makes sense actually when you think about it.
Apple is and has been synonymous with security and safety - in general but especially in regards to Apple Pay.
Samsung has always been considered the "Apple" or "iPhone" of the Android world - this statement holds true now more than ever before.
With Samsung Pay being released globally (slowly but surely)... Samsung will not risk the security of their platform by any means at all.
Letting users gain root access to their devices can potentially expose parts of their secure Samsung Pay platform and risk a major security or privacy incident that would lead to global fallout regardless of where the incident took place.
They will never allow this - especially with the progress they have made over the years to build a premium brand.
With the S7 and S7 Edge - they further that tradition and bring more security than ever.
Don't take my word for it...
Samsung Knox recognised as the strongest mobile security platform
Samsung has received strongest ratings for its mobile security platform Knox in areas including authentication methods, encryption management, jailbreak or root protection and application vetting.
Click to expand...
Click to collapse
The latest version of Knox is currently available for Galaxy S7 and S7 Edge and optimised for Android 6.0 Marshmallow.
Click to expand...
Click to collapse
According to a report, Mobile Device Security: A comparison of Platforms by renowned market analyst firm Gartner, Samsung's latest security platform Knox version 2.6 got the most strong ratings for any mobile security platform. The firm analysed the core OS security features built into a total of 12 mobile device platforms as well as enterprise management capabilities. Samsung also managed to gain leadership in mobile security market though Knox, coupled with Samsung Pay.
Click to expand...
Click to collapse
Source:
http://www.ibtimes.co.uk/samsung-knox-recognised-strongest-mobile-security-platform-1554836
HNIC215 said:
That's what a Samsung Rep told me when I had the international Note 5 and wanted to know if I would be able to use Samsung Pay here in the states.
Click to expand...
Click to collapse
Okay.. I wonder if he's related to one of the "samsung reps" that work in Best Buy stores.... or the ones that come visit AT&T stores on occasion. For the most part, they are really good in reciting the marketing material, but when it comes to details, they are clueless. In fact, at least as bad as Radio Shack sales people.
"KNOX" is a confusing term.
First, there's "KNOX" as a software security suite that is very closely related to what google calls "Android for Work." Both are basically a "secure" and private container/sandbox. The idea is that you take a personal smartphone to work and can run "work" apps that are completely sandboxes from personal apps. This has nothing whatsoever to do with SPay. SPay doesn't make use of this element of KNOX.
KNOX is also the name of a fuse in the device (which is likely a qualcomm "qfuse" in the SD820 S7's) that trips when the bootloader detects an unsigned kernel/recovery. _THIS_ is the KNOX that relates to SPay. Real human beings (not samsung sales or support reps) have confirmed that once the KNOX fuse is tripped, it prevents SPay from working. (It also prevents KNOX, the software suite mentioned above, from working.)
Now I need to express things in strange ways, and I hope you'll forgive the odd phrasing:
As far as devs on XDA and other sites similar to XDA have been able to determine, "root" does not prevent SPay from functioning. In fact, my understanding is that there are people who rooted their Galaxy S6 without tripping the KNOX fuse, later reverted to factory firmware, allowed the phone to OTA to newer firmware that included SPay, and SPay worked fine. However, there are others who have tripped the KNOX fuse while rooted who can no longer use SPay. The key here is that KNOX fuse...
I can say with a very large degree of confidence that SPay will work just fine if you happened to had a device that somehow had a working "su" binary in the path AND KNOX wasn't tripped. That might happen if the bootloader was designed to not trip KNOX... such as someone who developed software for preloads might have on a test device. Based only on information in the public domain, it might also happen if an exploit was found that didn't require flashing a custom kernel, recovery, etc.
It's POSSIBLE, and I actually don't know this, that the firmware released on these devices publicly has code to force tripping the KNOX fuse if root is detected. The galaxy S6 did NOT have this mechanism when towel root (or whatever root method it was) worked on it. I somehow doubt that samsung would have added this to the firmware, as there's too great a chance for a false positive, and tripping that KNOX flag is permanent.
In android user terms, a "rooted" device is merely a device that has a working suid "su" binary in the path owned by the 'root' user. (Later versions of android also require some sepolicy changes, but that's outside the scope of this thread.) That binary might be on /system or it might be in the kernel partition. However, neither is a permanent change to the device, and therefore it can be removed with no trace.
garyd9 said:
Okay.. I wonder if he's related to one of the "samsung reps" that work in Best Buy stores.... or the ones that come visit AT&T stores on occasion. For the most part, they are really good in reciting the marketing material, but when it comes to details, they are clueless. In fact, at least as bad as Radio Shack sales people.
Click to expand...
Click to collapse
No this wasn't in person... Nor was it someone from the states (from what I could tell).
It was with a technician over the phone because the first customer service rep had no idea - so she transferred me to a technician.
Regardless, there is no point in discussing this endlessly.
There are already plenty of folks out there who are trying to solve this issue, only time will tell if they can succeed.
Let's see what happens.
The news on the Wi-Fi Krack Attack says it was discovered a few months ago, but an Android patch won't come until November 2017 security update?
So the V30 is launching with this huge Wi-Fi security vulnerability, probably not to be patched for several months or more (if ever)?
That might be enough to give many potential buyers pause, waiting on the patch. If so, discounts might ramp sooner and steeper.
Anybody have any info to offer regarding V30 and Krack Attack?
TIA...
Its a lot more hype and hysteria than anything .... IMO
Unless you go door to door visiting wifi services, it's nothing to lose sleep over.
Tinkerer_ said:
The news on the Wi-Fi Krack Attack says it was discovered a few months ago, but an Android patch won't come until November 2017 security update?
So the V30 is launching with this huge Wi-Fi security vulnerability, probably not to be patched for several months or more (if ever)?
That might be enough to give many potential buyers pause, waiting on the patch. If so, discounts might ramp sooner and steeper.
Anybody have any info to offer regarding V30 and Krack Attack?
TIA...
Click to expand...
Click to collapse
Good grief dude. This vulnerability exists on every single phone that's got Android 6 or higher (plus just about every device, not even just phones) which means every single phone launched in the past two years. So if you bought an Android phone since then (or anything that connects to wifi for that matter), you're already vulnerable and have been for a while. I'll reiterate, every device that connects via wifi is vulnerable. All of them.
But there's really great news. The V30. It's a cellphone. It has cellular data radios built in. In fact, my data speeds across my cell network are faster than across any wifi point I connect to. Which is to say, I have zero reason to connect my phone to a wifi point.
If you are using a laptop, desktop, or whatever, you have more reason to worry about those.
CHH2 said:
Good grief dude. This vulnerability exists on every single phone that's got Android 6 or higher (plus just about every device, not even just phones) which means every single phone launched in the past two years. So if you bought an Android phone since then (or anything that connects to wifi for that matter), you're already vulnerable and have been for a while. I'll reiterate, every device that connects via wifi is vulnerable. All of them.
But there's really great news. The V30. It's a cellphone. It has cellular data radios built in. In fact, my data speeds across my cell network are faster than across any wifi point I connect to. Which is to say, I have zero reason to connect my phone to a wifi point.
If you are using a laptop, desktop, or whatever, you have more reason to worry about those.
Click to expand...
Click to collapse
Thanks for more "ready-fire-aim" snark, CHH2.
The point is this: Since we all know that most existing Android phones are vulnerable to Krack, it might occur to (some of) us that we should look to our next new phone to NOT have this vulnerability.
Especially given the abysmal (to nonexistent) performance of security updates provision for most phones after the sale. (Except for Apple, Google, Samsung... am I missing any? LG sux at this too, correct?)
And further, because rooting makes OTAs (including those to get security patches) a time-consuming hassle with added risk, after the sale.
Thanks in advance to any who can offer info about the original question.
...
Tinkerer_ said:
The news on the Wi-Fi Krack Attack says it was discovered a few months ago, but an Android patch won't come until November 2017 security update?
So the V30 is launching with this huge Wi-Fi security vulnerability, probably not to be patched for several months or more (if ever)?
That might be enough to give many potential buyers pause, waiting on the patch. If so, discounts might ramp sooner and steeper.
Anybody have any info to offer regarding V30 and Krack Attack?
TIA...
Click to expand...
Click to collapse
Really?
Good grief...
Really?
steve841 said:
Its a lot more hype and hysteria than anything .... IMO
Unless you go door to door visiting wifi services, it's nothing to lose sleep over.
Click to expand...
Click to collapse
Maybe. Unless there are "script kiddy" youth nearby with too much idle time and parents buying them too many toys, who like to hack for entertainment.
I think these responses are instructive, about the sort of blasé attitude towards SW/HW faults in general, and security in particular, that lead to nontrivial system flaws and security vulnerabilities like this in the first place.
Also, note that it took a researcher in Belgium, not the US, to discover this defect. Coincidence? (Let's dispense with cute euphemisms like "bug", and call them what they are: Faults, and defects.)
Still hoping for useful info about the issue itself. (How many "good grief"s does it take?
...
Tinkerer_ said:
Thanks for more "ready-fire-aim" snark, CHH2.
The point is this: Since we all know that most existing Android phones are vulnerable to Krack, it might occur to (some of) us that we should look to our next new phone to NOT have this vulnerability.
Especially given the abysmal (to nonexistent) performance of security updates provision for most phones after the sale. (Except for Apple, Google, Samsung... am I missing any? LG sux at this too, correct?)
And further, because rooting makes OTAs (including those to get security patches) a time-consuming hassle with added risk, after the sale.
Thanks in advance to any who can offer info about the original question.
...
Click to expand...
Click to collapse
Hey! Look at this! Both my V20 and V30 have the BlueBorne patch! So, no, they do not suck at this. And that's even having to go through the carrier gateway too. And yes, I already offered to information about the original question but just for giggles....
Tinkerer_ said:
Maybe. Unless there are "script kiddy" youth nearby with too much idle time and parents buying them too many toys, who like to hack for entertainment.
I think these responses are instructive, about the sort of blasé attitude towards SW/HW faults in general, and security in particular, that lead to nontrivial system flaws and security vulnerabilities like this in the first place.
Also, note that it took a researcher in Belgium, not the US, to discover this defect. Coincidence? (Let's dispense with cute euphemisms like "bug", and call them what they are: Faults, and defects.)
Still hoping for useful info about the issue itself. (How many "good grief"s does it take?
...
Click to expand...
Click to collapse
Risking a hand slap from a mod, you're just an attention whore. Just Google the information like the rest of us did and you'll see why we're all "blase". And what exactly are you trying to infer that it took Belgians to discover this defect? There are labs, developers, companies, and testers around the world constantly poking and prodding at this stuff looking for the next hole because there will always be a next hole. Just like your home, internet security is an illusion, especially when you are connecting to wi-fi. With or without this attack, wi-fi is problematic. And that's why some of us aren't allowed to connect our work computers to wi-fi networks unless they are known entities.
You're too busy running around exclaiming the sky is falling while most of us already know not to stand under certain parts of the sky because that's not the sky falling, that's bird droppings.
Oh, and faults and defects are called bugs in software. That's just how we do things on the software side of things. (And yes, I deal with software and hardware on a daily basis for work.)
I think I understand.
The V30 will have this defect (security vulnerability affecting all wifi) for a lonnng time after launch. Asking about the vulnerability in an XDA forum brings "good grief" and hostile ad hominem in response, rather than relevant info about the issue itself. Textbook hubristic defensiveness.
Maybe the hubristic culture that tries to make everyone think SW defects and security vulnerabilities are OK, is getting a boost from the string of massive security breaches recently, like Equifax and OPM. Who cares about security and privacy, when everything is pwned anyway, right? Just go with the flow, don't even try to secure anything anymore.
Thanks for the information.
Tinkerer_ said:
I think I understand.
The V30 will have this defect (security vulnerability affecting all wifi) for a lonnng time after launch. Asking about the vulnerability in an XDA forum brings "good grief" and hostile ad hominem in response, rather than relevant info about the issue itself. Textbook hubristic defensiveness.
Maybe the hubristic culture that tries to make everyone think SW defects and security vulnerabilities are OK, is getting a boost from the string of massive security breaches recently, like Equifax and OPM. Who cares about security and privacy, when everything is pwned anyway, right? Just go with the flow, don't even try to secure anything anymore.
Thanks for the information.
Click to expand...
Click to collapse
Way to make up what you want to read. Like I said, LG update the V20 and V30 for the BlueBorne attack pretty quickly. I suspect that as soon as Android is patched for this, it'll filter down pretty quickly. In the meantime, you can just wear a tinfoil hat to keep the bad rays out. All manufacturers will be working on this and getting fixes out ASAP. After that, it'll be on to the next bug. Because that's how things are in the software world.
CHH2 said:
Hey! Look at this! Both my V20 and V30 have the BlueBorne patch! So, no, they do not suck at this. And that's even having to go through the carrier gateway too. And yes, I already offered to information about the original question but just for giggles....
Risking a hand slap from a mod, you're just an attention whore. Just Google the information like the rest of us did and you'll see why we're all "blase". And what exactly are you trying to infer that it took Belgians to discover this defect? There are labs, developers, companies, and testers around the world constantly poking and prodding at this stuff looking for the next hole because there will always be a next hole. Just like your home, internet security is an illusion, especially when you are connecting to wi-fi. With or without this attack, wi-fi is problematic. And that's why some of us aren't allowed to connect our work computers to wi-fi networks unless they are known entities.
You're too busy running around exclaiming the sky is falling while most of us already know not to stand under certain parts of the sky because that's not the sky falling, that's bird droppings.
Oh, and faults and defects are called bugs in software. That's just how we do things on the software side of things. (And yes, I deal with software and hardware on a daily basis for work.)
Click to expand...
Click to collapse
Agreed.
My 2014 Moto XT1225 -- rooted with Nougat custom ROM -- has BlueBorne patch while Motorola couldn't care less about a 3 year old phone that never got anything past Marshmallow. And next month, when Google releases the security patch for this Krack Attack, I'll be patched for that too!
This is why rooting and custom ROMs will ALWAYS give you the latest security patches, and you don't have to depend on the kindness of OEMs who might take 3 or 4 months to push out something even if you do have "new" device that still gets updates.
If someone if suggesting to skip the LG V30 because of this, that's really silly.
1) LG will most certainly patch it. Will just take some time. Rooting and custom ROMs are the way to go. You can even get OTA updates with most ROMs nowadays.
2) What happens when the "next big thing" hits? Is that person going to always sell their phone every time out of fear?
^Exactly
Oh look! Someone finally put together an article about why this is such a Chicken Little issue! You'll note that not even the Pixels have the fix and it doesn't really matter.
https://arstechnica.com/gadgets/201...until-december-but-is-that-really-a-big-deal/