Let me start this off by saying I'm sorry for posting this thread in this side forum which is designed for developers, I only done this so the thread can be recognized and hopefully I can get some expert advice.
I am a 2nd year Forensic Computing student (UK resident/university) and I've been looking into a final year project which involves some form of forensic analysis of a computing system. Ever since I bought my HTC One and I rooted it, I've become quite interest in android as a whole. As of late, my HTC became carrier blocked (I bought it on contract from an eBay seller and they blocked it and won't respond back) so in essence I have a glorified media player but still a powerful device.
I want to make my final year project (Which accounts for roughly 40% of degree) a forensic analysis of a rooted android phone.
I'm posting here (In the midst of developers) because I wish to attain advice and knowledge and some form of help (I'm not asking for anyone to do it for me, neither am I attempting to cheat) so I can produce a great project and a impressive dissertation.
Thank You (I'm sorry moderators but in normal forums, I don't know if this would have become recognized)
You need something like this thread:
http://forum.xda-developers.com/showthread.php?t=2024422
Sim Unlock Guide [Desire C]
Then to work out the whole how-and-why from being Carrier Locked to Unlocking and how it's worked out to do it I guess?
Bashing away at my HTC Desire C
Antagonist42 said:
You need something like this thread:
http://forum.xda-developers.com/showthread.php?t=2024422
Sim Unlock Guide [Desire C]
Then to work out the whole how-and-why from being Carrier Locked to Unlocking and how it's worked out to do it I guess?
Bashing away at my HTC Desire C
Click to expand...
Click to collapse
Thank you for the response, although it's not quite what I'm after. I'm looking at criminal point of view. For example if I obtain a phone which is rooted. How is it different to obtaining Data from a non rooted phone. Thank You
Sent from my SM-P600 using xda app-developers app
In that case we'd need to know 'Who's' data you are after obtaining, the users data or data from the handset itself?
Both can have the same or disimilar results when rooted or unrooted depending on the previous, what and who's data :what: along with, on different handsets, different controls, software and securities, under different handsets not all data is in the same place.
Seems a simple question to answer but it all depends on the goal and with which ball you're playing with
Bashing away at my HTC Desire C
Antagonist42 said:
In that case we'd need to know 'Who's' data you are after obtaining, the users data or data from the handset itself?
Both can have the same or disimilar results when rooted or unrooted depending on the previous, what and who's data :what: along with, on different handsets, different controls, software and securities, under different handsets not all data is in the same place.
Seems a simple question to answer but it all depends on the goal and with which ball you're playing with
Bashing away at my HTC Desire C
Click to expand...
Click to collapse
I intend to use my rooted my HTC One for the analysis but my main objective is to get at the data as it may prove to critical for a criminal case. My overall objective is looking into rooted phones as a whole but since I only have access to my own HTC and it's rooted, it'll be based on that. Thank You
Sent from my SM-P600 using xda app-developers app
User Data the objective.
Rooted or Unrooted isn't necessarily what is required to access User Data, having access to Recovery and the ability to install a Stock/Pre-made/Self-Built Recovery can give you the ability to 'copy out' the required data.
Only having root access helps when you require the same access whilst the OS is operational or running a command window using adb/fastboot as to the handset you are still at a 'User' level, Recovery (because what it can and has the ability to do) is more like an 'Admin' level, where you could, if the option is there or built in, copy the complete storage device.
This thread http://forum.xda-developers.com/showthread.php?t=2706308
[Please Read] We need help to try and find out how to get into stock 4.4 recovery!
shows if you have no access to a system and there is no access in Recovery to Backup your Data you are to a degree denied your basic right to have 1 backup copy for restoration but can also render gaining root access almost impossible which makes gaining copying User Data harder.
Hope this helps
Bashing away at my HTC Desire C
Antagonist42 said:
User Data the objective.
Rooted or Unrooted isn't necessarily what is required to access User Data, having access to Recovery and the ability to install a Stock/Pre-made/Self-Built Recovery can give you the ability to 'copy out' the required data.
Only having root access helps when you require the same access whilst the OS is operational or running a command window using adb/fastboot as to the handset you are still at a 'User' level, Recovery (because what it can and has the ability to do) is more like an 'Admin' level, where you could, if the option is there or built in, copy the complete storage device.
This thread http://forum.xda-developers.com/showthread.php?t=2706308
[Please Read] We need help to try and find out how to get into stock 4.4 recovery!
shows if you have no access to a system and there is no access in Recovery to Backup your Data you are to a degree denied your basic right to have 1 backup copy for restoration but can also render gaining root access almost impossible which makes gaining copying User Data harder.
Hope this helps
Bashing away at my HTC Desire C
Click to expand...
Click to collapse
I only mentioned "rooted" because I currently have a HTC One which is rooted.
After a small conversation with my tutor, he gave me ideas which included how rooting changes data inside the phone, looking into different rooting methods for different phones, can I bypass the lock screen ?! And many more
Sent from my SM-P600 using xda app-developers app
Really you need to know if...
Attempting root by means of an app/program whilst the /system is in operation.
Attempting root via recovery/fastboot/hboot/ruu/euu at lower level programs.
I don't envy you on trying to work one out wish it was the sort of thing I could get my head into 100% but it's Old Dog New Tricks with me but keeping at it helps me not Brick phones
Bashing away at my HTC Desire C
Antagonist42 said:
Really you need to know if...
Attempting root by means of an app/program whilst the /system is in operation.
Attempting root via recovery/fastboot/hboot/ruu/euu at lower level programs.
I don't envy you on trying to work one out wish it was the sort of thing I could get my head into 100% but it's Old Dog New Tricks with me but keeping at it helps me not Brick phones
Bashing away at my HTC Desire C
Click to expand...
Click to collapse
Thanks ! I'm still in my 2nd year so I'm still thinking but I'm really into phones and I keep tabs technological news so I thought I'll base my project off that, I don't mind doing something that's time consuming providing it's not exactly impossible and it's something that I personally think I can do
Sent from my SM-P600 using xda app-developers app
Well XDA is probably one (if not The) best place to find out what is and isn't possible to do anything with a phone and idea's are where it starts and the knowledgebase can quickly expand once people twig what you're onto :what:
I've learnt more from scratch by bouncing ideas round, talking with the more technically minded than I would have by only reading pages in a book and DEV's and almost everybody will point you in the right direction if asked.
Bashing away at my HTC Desire C
Antagonist42 said:
Well XDA is probably one (if not The) best place to find out what is and isn't possible to do anything with a phone and idea's are where it starts and the knowledgebase can quickly expand once people twig what you're onto :what:
I've learnt more from scratch by bouncing ideas round, talking with the more technically minded than I would have by only reading pages in a book and DEV's and almost everybody will point you in the right direction if asked.
Bashing away at my HTC Desire C
Click to expand...
Click to collapse
Hence the reason why I posted here ! I would heavily appreciate whatever help I can get and I like to think this can ultimately improve my knowledge, I know knowledge wise, I'm pretty much catered for, here at XDA !
Sent from my SM-P600 using xda app-developers app
okay
Don164 said:
Hence the reason why I posted here ! I would heavily appreciate whatever help I can get and I like to think this can ultimately improve my knowledge, I know knowledge wise, I'm pretty much catered for, here at XDA !
Sent from my SM-P600 using xda app-developers app
Click to expand...
Click to collapse
so if i understand you, you want to break into the phone, yes? that's what forensics is.
flash a stock kernel to your recovery partition or, mod recovery images mount points ramdisk and permissions to enablde adb operations
to pull the data, loop mount it in linux , browse pull analyse change etc.
seems like a long winded way to complicate an orgasm, having read through the thread i still don't get the surface of what you asking.
if your trying to carve out deleted files find or cross compile foremost. if prof argues about rights and legality argue a national security
life and death security over freedom angle.
forensics.
m
Related
I have always been one to keep my OS and apps up-to-date, even using custom ROMs on my pre-Android, Windows Mobile devices. Right now I have the latest official ROM installed, but would like to apply/install some of the nifty things rooted phones can eg. SetCPU, Titanium Backup, etc. Now here's the newbie/naive question. Why doesn't the Android OS come pre-rooted? If we want to mess around with our phones and potentially turn them into expensive paperweights then that should be our decision. To me, going root seems to be a choice tricky to go to and difficult to return from, and one that disallows future "official" updates. Damned if I do... damned if I don't syndrome. Do the benefits so greatly outnumber the (perceived) risks?
My Hero, and the XDA app, made this post possible.
It doesn't come pre-rooted because of the security breaches that would allow. Think about it...
Get universal androot and you can use most of the programs you mentioned. Really simple. Click root and you have root - click unroot and you have a non rooted phone. Couldn't be simpler. You've been reading those out of date guides again
Even from a Custom ROM it's really easy to return. I don't know where you've got your information from but its incorrect or outdated XD
It's about the money.
Who would upgrade to a new handset when their existing one will receive perpetual updates from the community?
Again, new to Android so security breeches are unknown to me. I fairly regularly modded my WM phone (also HTC) but guess I am wary of the negative responses I read every so often. I am sure though that once I start on this platform there will be no stopping me. Regardless, even something as 'simple' as rooting elicits a number of "oh, I bricked my phone" statements. Mostly, I guess, I am looking for that (maybe not so) gentle push to get me going. Thanks for the responses all the same.
My Hero, and the XDA app, made this post possible.
O no - the security breaches are not android specific! If you have root (administrator) access on ANY system it is a security hazard. If someone somehow got access to the system they would also have full admin rights and therefore the ability to do what they like. It doesn't matter whether its Windows 7, Windows phone, PalmPre, Blackberry, iPhone - the reason phones don't come with root access is because it would make that phone a target for hackers. Also most people (like yourself) clearly don't understand what root access means. AFAIK there have been no major android security breaches - its meant to be one of the most secure platforms but it is at least partly because root access is not allowed by standard that it is so secure. For this reason modding your WM phone is just as risky (if not more) as doing it on Android - just no-one mentions the security aspects of it.
Rant over. Hopefully you understand a little bit more about what you're doing when you get root access now. In order to do so and start tinkering with your system there is a guide here for you: http://forum.xda-developers.com/showthread.php?t=645253
btdag said:
It doesn't come pre-rooted because of the security breaches that would allow. Think about it...
Get universal androot and you can use most of the programs you mentioned. Really simple. Click root and you have root - click unroot and you have a non rooted phone. Couldn't be simpler. You've been reading those out of date guides again
Even from a Custom ROM it's really easy to return. I don't know where you've got your information from but its incorrect or outdated XD
Click to expand...
Click to collapse
What? How? Did I miss this comming out.......oh yes I see it's in the Nexus section which I dont go near cos I have a Hero...however Thanks for the pointer
Oddly enough I did administrate a UNIX network years ago, and not that long ago a Windows 2000 server environment. Stupidly I am now realising the similarities and connections. A light just went on... of course, root. Unix prided itself on security, and a superuser (like I was) is king. "Rooting" (the word) used here just didn't seem the same. But what you are also saying is that the phones can be compromised from external sources, like any network? And/or via malicious software granted root access?
My Hero, and the XDA app, made this post possible.
Android has it's own user account control system in the form of the superuser prompt.
But it's easy to bypass If you're clever, although with universal androot, everyone should be careful what they do on non rooted handsets too.
Okay, what one-click root method, if any, can be applied after the latest OTA update (1.70.605.0)? I just bought the phone already updated, and I cannot find if there is one compatible. I'm to much of a noob to root without one click, so don't send me in that direction please! Any help is appreciated, Nick
Easyroot is about as close as you're going to get to a one-click for the Thunderbolt.
It should still work fine after the latest OTA.
Easyroot: http://forum.xda-developers.com/showthread.php?t=1005292
Instructions: http://forum.xda-developers.com/attachment.php?attachmentid=552281&d=1301123842
Has this worked for you with the Thunderbolt ?
Or you could just go to http://revolutionary.io Those easy root scripts are notoriously unreliable. I would also recommend getting ADB up and running and learn to use it and fastboot as well. They can be life savers when you get in trouble.
Sent from my HTC Thunderbolt
Yea, I saw Rev had another update for Tbolt yesterday so maybe it will work nicely for you.
Seriously though...if you're looking at Easyroot vs Manual method....learn from other panicking users and go the Manual route.
http://forum.xda-developers.com/showthread.php?t=996616
Absolute_Zero said:
Yea, I saw Rev had another update for Tbolt yesterday so maybe it will work nicely for you.
Seriously though...if you're looking at Easyroot vs Manual method....learn from other panicking users and go the Manual route.
http://forum.xda-developers.com/showthread.php?t=996616
Click to expand...
Click to collapse
Disagree. I looked at the manual vs easyroot method, and if your goal is to just flash custom roms, then theres nothing useful about learning ADB and what any of it means/does. Thats like saying to use windows you should learn C++.
RunNgun42 said:
Disagree. I looked at the manual vs easyroot method, and if your goal is to just flash custom roms, then theres nothing useful about learning ADB and what any of it means/does. Thats like saying to use windows you should learn C++.
Click to expand...
Click to collapse
No. That isn't accurate by any stretch of the imagination. It's more accurate to say if you want to use Windows, you should learn something about command line DOS. You absolutely SHOULD and I'm fairly certain most devs would agree. Please don't advocate ignorance.
I'm disappointed by the OP's flat rejection of obtaining new skills to perform a somewhat technical task and I think we, as a community, should not support that attitude, but rather foster an environment of support and encouragement towards increasing knowledge and experience.
Furthermore, the Revolution and AlphaRevX sites are still down which means obtaining a beta key to use their tools will not be possible. When these or other resources become reliable in the eyes of their creators as alternatives to the jcase method, and I have time to evaluate them, I will be adding them to my thread stickied at the top of this Q&A section. Until then, if your concern is to backup data before a manual root, then I'd suggest TwistedUmbrella's tools to perform that task.
RunNgun42 said:
Disagree. I looked at the manual vs easyroot method, and if your goal is to just flash custom roms, then theres nothing useful about learning ADB and what any of it means/does. Thats like saying to use windows you should learn C++.
Click to expand...
Click to collapse
While the comparison of learning C++ to typing (or copy/pasting) ADB commands that are listed verbatim in procedural order for you is a spot on* comparison, I will also have to disagree.
The problem is that when these scripts error/do not work (and they do quite often) the user has no idea whatsoever the step that caused the error. I'm going to have to say that the majority of users on here (along with a large number of users that panicked when the auto rooting scripts screwed up) will agree that the manual method is the way to go. Not only does it help you troubleshoot if something didn't work and therefore get help faster (b/c you know what command errored) but the failure rate is much lower to begin with. The manual method is actually very quick and painless (as many users have noticed after trying the auto scripts). Maybe it's just people's avoidance of anything that says "manual".
I suppose I (along with a majority of users here) will have to agree to disagree with you.
*read "not even remotely reasonable"
RunNgun42 said:
Disagree. I looked at the manual vs easyroot method, and if your goal is to just flash custom roms, then theres nothing useful about learning ADB and what any of it means/does. Thats like saying to use windows you should learn C++.
Click to expand...
Click to collapse
C++ is much harder to learn than adb (and perhaps one of the harder languages period to master due to the leadway it gives a user to screw things up). C++ you actually learn something useful. I dont think anyone will hire you because of your 1337 adb copy/paste skills alone
Overall I'd say that was a metaphor fail. I'd say learning to use adb is more like learning to use cmd.exe. Mostly useless unless you really really really need to do something out of the ordinary.
*full disclosure: i hate cmd.exe and use cygwin when on windows
RunNgun42 said:
Disagree. I looked at the manual vs easyroot method, and if your goal is to just flash custom roms, then theres nothing useful about learning ADB and what any of it means/does. Thats like saying to use windows you should learn C++.
Click to expand...
Click to collapse
So while your flashing those ROMS you end up with a bad flash and bad luck loving to come all at once your recovery gets corrupt as well. On top of that you don't have any recent backups for apps or a nandroid. Now the link to the bootloader flashable recovery is down. So now what?
Not the most likely scenario but still very possible. I guarantee when someone says "oh that's easy just fastboot a recovery on" your going to be wishing you had learned how to fix your phone before you messed it up.
Sent from my HTC Thunderbolt
JBO1018 said:
So while your flashing those ROMS you end up with a bad flash and bad luck loving to come all at once your recovery gets corrupt as well. On top of that you don't have any recent backups for apps or a nandroid. Now the link to the bootloader flashable recovery is down. So now what?
Not the most likely scenario but still very possible. I guarantee when someone says "oh that's easy just fastboot a recovery on" your going to be wishing you had learned how to fix your phone before you messed it up.
Sent from my HTC Thunderbolt
Click to expand...
Click to collapse
Sure you could end up with a bad flash as a result of improper script. But if you were just copy/pasting command lines then you still dont know wtf to do, so what difference does it make? In fact, since all of you are advocating just copy/pasting one line at a time, exactly what the hell are you learning from this process? You still have no idea what any of the commands mean or what they're doing, you're just taking 10x as long to do what a batch file does for you.
Because if you copy and paste the commands one by one and you run into a problem at least you know what step it happened on. So now when you go asking for help you can provide some useful information to those trying to help you.
Revolutionary makes all that moot in a way. The fact remains however you can still very easily end up in a situation where you need to fastboot a recovery on. So having ADB and fastboot installed and working plus knowing how to use them are definitely things EVERYONE who is rooted SHOULD know.
Sent from my HTC Thunderbolt
I also just found another damn good reason to know how to use ADB and fastboot. Until Alpharev and Unrevoked release an s-on tool the ONLY way, I'm fairly certain, to get back to stock s-on after using Revolutionary or the hard patched hboot is with fastboot and a special command.
Sent from my HTC Thunderbolt
loonatik78 said:
..the Revolution and AlphaRevX sites are still down which means obtaining a beta key to use their tools will not be possible. When these or other resources become reliable in the eyes of their creators as alternatives to the jcase method, and I have time to evaluate them, I will be adding them to my thread stickied at the top of this Q&A section.
Click to expand...
Click to collapse
Hmm.. pardon my confusion, but I just came back from a jcase thread on how to root and in red letters, it says NOT to use that method anymore.. that it was outdated. But if the Revolution and AlphaRevX methods are not available then the jcase method is really the only option.
I am all for learning how to do this. I never was a monkey at a keyboard that just followed a flow chart to solve a problem, I want to know what I am doing. But while I am still reading and learning, it would be helpful to know what I am reading is correct, up to date, and not out of date as I am no expert at rooting yet. Maybe a different disclaimer on that post is in order?
Hot Carl said:
Hmm.. pardon my confusion, but I just came back from a jcase thread on how to root and in red letters, it says NOT to use that method anymore.. that it was outdated. But if the Revolution and AlphaRevX methods are not available then the jcase method is really the only option.
I am all for learning how to do this. I never was a monkey at a keyboard that just followed a flow chart to solve a problem, I want to know what I am doing. But while I am still reading and learning, it would be helpful to know what I am reading is correct, up to date, and not out of date as I am no expert at rooting yet. Maybe a different disclaimer on that post is in order?
Click to expand...
Click to collapse
I believe he meant the rest of the post was outdated and to use revolutionary.io as of August 14th.
The old method will still work. It just does not give you the opportunity to save your apps and data like revo will.
Please do not rehost the testing software over at infectedrom - I would like to maintain some control if possible to ensure things do not get out of hand going forward. I am not trying to write viruses, just show how the issue works so we can all protect ourselfs. While I cannot stop anyone from turning the code malicious I highly frown upon modifying this to write values in any way. Trust me from experience, you dont want to play anyway you will probably just bork your own wimax.
Note: Please be aware that rooting your phone to install this patch will void your warranty with HTC. You should all already be aware of this when you unlocked your bootloader. As with anything posted in these dev boards this patch may also affect the functionality of your device, so proceed at your own caution!!!
What are we patching?
This post is a call to arms for help from devs on patching the issue shown in PoC#2. You can read the vulnerability report and find test software to see if you are effected over on infectedrom. HTC has been notified on this particular issue on October 20th so they will be working on an official patch.
Download
http://www.androidfilehost.com/main/.TrevE/PoC2/TrevE_WiMAX_Patch.zip is an unofficial patch I started that anyone can use / modify / whatever attached to this post. Its crude but its an immediate quick fix that cuts the negative implications down by manually stop & start wimax services / show 4g settings.
Using Patch:
In a nutshell these 3 binaries do not need to always run, and them being flawed we want them off all the time. When you want to use 4g, start the above app and turn on the binaries then 4g radio like usual.
If you do not want to edit ramdisk you should be able to use the app just to stop the binaries each boot.
To disable these binaries completely and only start when there needed edit init.shooter.rc to appear as below (or wherever binaries are started in ramdisk) and manually start them when you are going on 4g with attached app.
Code:
service wimaxDaemon /system/bin/wimaxDaemon
user root
group root
disabled
oneshot
# setWMXPropd daemon
service setWMXPropd /system/bin/
setWiMAXPropDaemond
user root
group root
disabled
oneshot
# getWMXPropd daemon
service getWMXPropd /system/bin/getWiMAXPropDaemond
user root
group root
disabled
oneshot
Big thanks to the help getting in touch with HTC from egzthunder1!
Other Possible patch solutions
The other issue I would like to bring to attention is the code was 99% the same from PoC#1 - connecting to 127.0.0.1. Is there anything we can do to make some kind of ipchain firewall blocking apps from access to certain resources? I would think this would be important for all rooted users especially having some type of easy firewall, and everything Ive seen seems primitive. Mobile malware is coming and we should be ahead of the tides.
Non Root solutions?
Non root users may be able to kill the PIDs or stop the services, I have not had the time to try.
TrevE said:
As always I think its a good general warning to stay away from shady apps, things arent always as sandboxed as you would think. While HTC is already working on an official patch for this and other issues where theres a will theres a way with malware. I think firewalls and protective measures need to start stepping up before things get worse, its a linux pc in our pockets with a radio - not just a phone anymore.
Click to expand...
Click to collapse
You always know how to keep us one step ahead, Thanks for this info
This is def way over my head...but I thought I should ask b/c im sure others will probably ask the same. Should I worry about this if I am not in a Wimax market? No Wimax within a 100+ miles from me at least (San Diego). I'm guessing not, but what do I know??
Thanks for looking out for us n00bs!
MFD00M said:
This is def way over my head...but I thought I should ask b/c im sure others will probably ask the same. Should I worry about this if I am not in a Wimax market? No Wimax within a 100+ miles from me at least (San Diego). I'm guessing not, but what do I know??
Thanks for looking out for us n00bs!
Click to expand...
Click to collapse
the issue effects all 3ds with wimax and more, I actually had mine in airplane mode with all radios off for video and was able to crash phone and read / write values.
videos rotating guys, sorry shot it alittle funny and running around right now....
Very interesting. Going to sit down and read real quick!
Gonna use it either way, but lets see whats we got going.
Thanx buddy!
hTc
I didn't really understand that, but it looks important. I'm not really sure but I think that the video meant that the wimax can be accessed when its not on. Something like that?
Read the article on this.... Sprint deserves a wag of the finger from Colbert. Its just dirty. Back doors like crazy. And why the **** would HTC not pro actively remove all the crap in the first security patch. They KNOW everything before we FIND it.
Sent from my PG86100 using Tapatalk
TrevE, would that LBE tool be enough to revoke privilege for network access?
not an expert, but we could probably port over the iptables and add some default configuration for our phone.
Heck, maybe I just build one. Ha.. MOM.
Thanks TrevE for being on this!
TrevE, thank you for putting this out there. And thank God you aren't a maligned dev, or we'd all be in trouble. HTC should be paying you for doing QC on their code. Oh, wait... I forgot, all this was on purpose.
Warm & cozy.
Always treve you are one step ahead of the dictatorship known as HTC and Sprint I am grateful your on our side man thank you
Sent from my PG86100 using xda premium
Well isn't this lovely, they set that up for debugging and forget to disable it or something?
Just read about this on Phandroid. Kinda crazy. Thanks Treve for all you do.
Sent from my SPH-D710 using xda premium
xHausx said:
Well isn't this lovely, they set that up for debugging and forget to disable it or something?
Click to expand...
Click to collapse
those binaries are actually whats called if you logcat connecting to wimax. While I cant say for sure my guess is it wasnt left open for debugging, more hey nobody will look here. The wimax monitoring port is very curious as well - if you look at the poc app it can query DUN state, release keys and rom versions among other things.
These ports look like they are never used until you connect to 4g, so the best solution I came up with is just shutting them off all the time and turning them on with an app before you connect 4g. This atleast limits vulnerability time from any random app reprogramming your wimax values to only be possible when your on 4g.
As always I think its a good general warning to stay away from shady apps, things arent always as sandboxed as you would think. While HTC is already working on an official patch for this and other issues where theres a will theres a way with malware. I think firewalls and protective measures need to start stepping up before things get worse, its a linux pc in our pockets with a radio - not just a phone anymore.
huytrang90 said:
TrevE, would that LBE tool be enough to revoke privilege for network access?
not an expert, but we could probably port over the iptables and add some default configuration for our phone.
Heck, maybe I just build one. Ha.. MOM.
Click to expand...
Click to collapse
Not sure, I kinda see this as a problem in android - local and internet arent really separated. I cant say for sure if revoking will work, download the proof of concept app and try This is one of the reasons i feel strongly about demonstrating issues like this, everyone can learn from it how it works and how to squash this stuff and protect ourselves. The last thing we need is winnuke/sasser/whatever on android.
Forgive for the noob??? But I'm just trying to gain an understanding of how to use this. Do I just edit the int file or use your app before I turn 4g on?? Also since Im in an area that has little to no 4g is there a quick way to completely disable the 4g antenna untill I want to use it??
Locked & Loaded
""shooter on Deck""
HTC loves you TrevE!
Good work again!
TrevE, I just gotta say, because it's not said enough, thank you. You are afaik the ONLY low-level dev still working for the end user in public, and I for one find it both heartening and praise-worthy. With all the drama we see around here, and get involved in, you still keep on pushing forward. I'm thoroughly grateful that you are doing this and not some douchebag hacker who wants to nuke our phones from the cloud
#idrankthekoolaid
So...I just got an Android ~5 days ago. My friend told me to root the phone and get plain Android on it instead of HTC's bloated modified version of it. I'm not a newbie to SSH and managing linux via prompt (I assume rooting the phone is what that means?..) Anyway, I have no clue what I'm doing. I've been an iPhone user for...~2 years. I'm completely new to Android.
Can anyone start me on the right path, maybe give me some explanations as to what I'm actually doing? Does this void my warranty with Best Buy (probably...jailbreaking the iPhone does, but recovering from that is easy-peezy..)
I'd like to tinker with my phone, but it seems so much more complicated to fix the phone if I make an oops than doing so with an iPhone does.
Thanks in advance.
Assuming you have the DNA, as that is the section you are in, there is quite a few helpful threads already. Check the sticky posts, they usually link to helpful threads.
With the speed of the quad core phones, debloating isn't needed as much as before, but rooting does have it's ups and downs.
I found that AOSP (pure android) based roms compared to sense (HTC software) are a little mote buggy and not as fluid. They feel snappier, but really aren't.
Try some sense based roms before going full aosp on this device. Take it from me. My old devices, I would run only AOSP, but after usi.g sense 5 on this phone, it has so.e good HTC only features.
Sent from my DNA using my mind.
I'll echo Uzephi, give sense a try first. If you really want to tinker make sure to make a nandroid in recovery. You will probably need to use either moonshine or rum runner to do what's called s-off your phone first. That will also root it. I've found the easiest way to do that is to boot to a live USB Linux, then you don't have to deal with driver issues. If you have windows 8 or 8.1 64 bit there have been fastboot issues with drivers seeing the phone for some users, myself included. Give us some more info on what your PC set up and phone OS versions are and we can help some more when and if you want. Have you gotten the latest OTAs.
Sent from my HTC6435LVW using xda app-developers app
My PC is a Windows 7 Ult and my Phone is HTC Droid DNA (Android v4.2.2 and Sense v5)
Thanks guys for the replies. I have no clue what this Android jargon is mostly, can I get some clarification or where I can read about it? Thanks a bunch.
jake6177 said:
My PC is a Windows 7 Ult and my Phone is HTC Droid DNA (Android v4.2.2 and Sense v5)
Thanks guys for the replies. I have no clue what this Android jargon is mostly, can I get some clarification or where I can read about it? Thanks a bunch.
Click to expand...
Click to collapse
Android 4.2 is the base operating system and HTC customized it to their liking, which they call Sense, and you have version 5 of Sense.
jake6177 said:
...I have no clue what this Android jargon is mostly, can I get some clarification or where I can read about it? Thanks a bunch.
Click to expand...
Click to collapse
Android phone manufacturers like to give their phones a specific look and feel, which is why android phones can look so different. This modification/augmentation of the base android software environment is commonly referred to as a UI (user interface), or Skin.
The term 'skin' is a terrible over-simplification, but it gets the point across. The vanilla Android software environment is, for many, quite boring, and not as powerful as it can be. Companies like HTC and Samsung incorporate cool animations, graphics, and sounds effects, as well as software that takes advantage of their camera's capabilities.
HTC's UI is called Sense
Samsung's is called TouchWiz Motorola's used to be called Blur (don't know if it still is)
Sent from my dlx using Tapatalk
If you're brand new to Android, I would just use the phone as it is now without rooting or putting a custom ROM on it. Once you're comfortable and familiar with Android then you can decided if you want to root and rom.
jake6177 said:
My PC is a Windows 7 Ult and my Phone is HTC Droid DNA (Android v4.2.2 and Sense v5)
Thanks guys for the replies. I have no clue what this Android jargon is mostly, can I get some clarification or where I can read about it? Thanks a bunch.
Click to expand...
Click to collapse
Rooting is akin to jailbreak, gaining control of your phone. You can root your phone (get root directory access) and still remain completely stock for your Rom.
I personally have had the best experience with sense based roms. Your experience may differ depending on what you use.
If you want to use mobile hotspot on your phone without paying subscription then rooting is a must.
Linux used to be a must to root. Now there are windows based options, I used moonshine.
Sent from my dlx using Tapatalk
Correct me if I'm wrong, but I'm pretty sure you don't have to pay extra to use your phone as a mobile hotspot if you're on a capped data plan. I think only unlimited data folks are expected to pay extra to use that feature.
Sent from my dlx using Tapatalk
That might be right. I've got the unlimited data. My co workers with company phones also have to pay for the hot spot.
Sent from my dlx using Tapatalk
BBEgo said:
Correct me if I'm wrong, but I'm pretty sure you don't have to pay extra to use your phone as a mobile hotspot if you're on a capped data plan. I think only unlimited data folks are expected to pay extra to use that feature.
Sent from my dlx using Tapatalk
Click to expand...
Click to collapse
ldw213 said:
That might be right. I've got the unlimited data. My co workers with company phones also have to pay for the hot spot.
Sent from my dlx using Tapatalk
Click to expand...
Click to collapse
Yes, correct, capped data is forbidden by law to charge for mobile hotspot, unlimited data is chargeable.
Edit* At OP, Sense is the king flavor of android, stick unrooted for a while as you won't really see a need for it yet, unless you want to go and throw on different ROM's and try them out, which in that case def. go and try viperDNA (best sense ROM avail.) AOSP/CM based ROM's are still a WIP and are ok to use but you will miss out on everything sense (sense apps, widgets, features, and even some hardware features)
Gaining root is becoming the sys admin of the phone, you would be able to read/write to the system partition of the phone and execute system privileged commands that are more for the hacker/modder/enthusiast (not normal user, you really wouldn't find a use for that type of stuff, the only app that would serve you good is "Titanium Backup" that does require root but it basically backs up all of the apps and their data)
Since I asked a lot of question on this forum I would like to share the answers with everybody and maybe help them.
NOTE: Please don't post any replys as I want to keep the post clean and room for updates, send me a PM if you have and idea or any fails that I made in this post, if this post helped you don't post hit just the thanks button. Cheers.
Current list of questions with answers(will be updated):
Why would I want to root my phone?
Is rooting worth the trouble?
Is rooting illegal?
Will I have any customer support?
Is it dangerous?
Isn't rooting a complex and difficult process?
Will I still receive operating system updates from my carrier?
Application updates?
What if I want to un-root my phone?
Do I run the risk of bricking my phone?
Could my phone overheat and explode?
Why would I want to root my phone?
Everything in a Linux system is a file, or is treated as a file. Since Android runs on top of Linux, it acts the same way. Most of the files you will need to access or change are available to you without having elevated permissions. "Most" being the key term here. When you want to do things that affect or change the core software of your device -- like updating the version of Android on your phone, or adding a nice piece of software from another device -- you'll have to do it as root. Dream and Magic users have been running Eclair on their phones for a good while now, and it’s because they have rooted their device. Rooting also gives you access to some handy software that you couldn’t use otherwise. Things like a complete system backup or ad blocking software require you to root your device. Don’t root your phone just for the sake of rooting your phone, but if you come across something you feel you could use or would like to have, then consider it. You'll find that the open source community is usually pretty helpful and encouraging new people to do new things is common. And when you get to the point where you can lend a hand to the new folks, pay it forward.
Is rooting worth the trouble?
The answer is a resounding yes. The phone is faster than it has ever been, the battery lasts longer, and have all kinds of new features, including free wireless tethering and notification-bar widgets. Rooting your phone is generally a fairly quick process, though the complexity depends on your specific situation. Once you're rooted your handset, you can begin installing apps (many directly from Android Market) that will take advantage of your handset's new capabilities. Installing custom ROMs (replacement operating systems) built by hackers is a longer, more involved process , and generally involves your wiping all the data from your phone, but even that is worthwhile.
Is rooting illegal?
Nope. You bought the phone, it's your equipment, you own it, and you can do what you want with it. No one is going to come and get you, and your service provider will not cancel your contract. In fact, the U.S. federal government recognized the legality of rooting a phone in July 2010.
What you will do, however, is void the warranty on your device. If you don't want to live without a warranty, rooting isn't for you. Personally, I finally decided to take the plunge when I realized that the potential benefits outweighed the potential consequences. My phone was becoming slow and buggy, with lots of force-closes, and I was just about eligible for an upgrade anyway.
Will I have any customer support?
Rooting can be daunting because there is no toll-free number you can call for help, and no governing body to which you can turn for definitive answers. But the collective process of rooting phones and creating custom ROMs has engendered cool and supportive communities. The user-generated forums out there contain a staggering amount of information; the CyanogenMod forum has offered answers to almost all of my questions, as has the XDA Developers forum, but you can find many more. No matter your question, the forums most likely already have threads that can answer it. If you really can't find anything, you can always start a new thread to ask your question. If you think you've really mucked things up and you need immediate help, many IRC chat channels specialize in support for rooters. (Download an IRC client on your computer and head to irc.freenode.net, where the channels #android and #android-root are particularly helpful.)
Is it dangerous?
It can be, It might, and Yes. By not allowing access to the superuser account, the manufacturer and your carrier have basically protected you from doing things that change the system and make it unusable. All it takes is one wrong keystroke to turn your shiny new Android phone into a plastic and metal brick with no connection. Most times this is recoverable, but not always. You have to decide how capable you feel you are, and how well written the instructions you’ve found seem to be. Nobody will blame you if you decide against the risk, especially your cell carrier. All major carriers and manufacturers plainly state that altering or using unapproved software voids your warranty, and rooting falls into that category. While that seems a bit harsh, they need to be able to support the products they sell. For that to happen, they need to know exactly what’s running and what it’s doing.
Apps that run as root need a little further consideration. You need to have a level of trust in the person who wrote the app first and foremost. Does the developer have other software available? Do the user comments (for Market apps) have anything that raises a red flag? Do the requested permissions seem a little odd? These are all questions you need to think about before you allow something to run as root. For a further level of security, think about installing an application that warns you anytime something tries to run as root. SuperUser Whitelist is a great little app that does exactly that. If you decide to go on and root, ask users with the same device as you for a link to a version of SuperUser Whitelist that works with your firmware. Once installed, anytime something wants to run as root, the app intercepts and asks if you would like to allow it. You’re given the choice to accept, decline, or grant the app in question full privileges each time it runs.
One last thing to touch on here. Many custom ROMs include some sort of SSH server. This can be a wonderful tool, or it can get you in hot water. This is what caused the whole “Rick-Roll” episode with the latest iPhone jailbreak. The server sits and waits for an outside connection, and if that connection provides the right password full control of the device is turned over. In the case of the iPhone, users never bothered to change the default SSH password for root. A clever (or devious) group of users simply scanned for servers listening on the correct port, then attempted to sign in as root with the default password. Lesson learned, but this is easy to prevent. Ask other users of the ROM or firmware you’re thinking of flashing if there is a server listening, and if so how to disable it or change the default password.
Isn't rooting a complex and difficult process?
Yes and no. It really depends on what model of phone you have. On many phones (such as the Nexus One, Motorola Defy, or EVO 4G) the process is incredibly easy: You can download an app such as Simple Root, Universal 1-Click, or Z4root that will safely root your phone with a single click. Those apps are no longer available from the Android Market, but you can find them online with a simple search and install them onto an SD Card.
It is important to note that different approaches will work for different phones. For example, Z4root will work on many Android phones, but it won't work on most HTC models. Some rooting apps will work on an early build of Android 2.2 (Froyo), but will not work on later builds (though more and more apps are being released for that now). Rooting is phone/OS specific, so make sure to check that the root tool you're considering is compatible with your phone. For other models, rooting may take much more work. You might be required to connect the phone to your computer and enter some lines of code in a terminal utility.
Fortunately, more and more root apps do not require you to hook up your computer and get in that deep. Do some research as to what is required for your setup, read some step-by-step guides, and be honest with yourself about how comfortable you would be trying to follow the directions. If it feels like you'd be in over your head, it's probably best to avoid rooting.
Note that generally rooting is even tougher to do if you use a Mac, as most of the software for doing this sort of thing is written for Windows or Linux.
Will I still receive operating system updates from my carrier?
Maybe. More than likely if you’ve just rooted your phone so you could have access to the full file system and haven’t drastically changed things, the phone will still pass your carrier's checks and upgrade. If you’ve delved deeper and really customized your device, count on not being able to upgrade. Carrier updates were designed to work with the original software, so they need to be sure that’s what the phone is running. Again, this is for your own good. T-Mobile or Verizon can’t offer technical support for things they haven’t trained their technicians on, and if you flash a carrier approved update over custom software it’s probably not going to work.
The good news is that failing the checks the carrier does during an update won’t cause any damage to your phone. The update will just quit and you’ll be back where you started. Then you can decide if you would like to un-root and upgrade or take another path. The worst case scenario is that the phone passes the carriers checks, updates, and then things get broken. That’s pretty unlikely, but possible. If that would happen, you won’t be alone. Everyone in your situation will scramble to their favorite Android user forum and hopefully a work around can be found.
Note - a carrier update may also break the ability to root the device and a new method will need to be found. Any discussion of upgrading and root needs this mentioned as well. Most folks who root and decide to install a custom ROM wait for the ROM developer to provide an update that includes any bug fixes or new capabilities of the carrier update.
Application updates?
Yes. While it’s not being used, the program that allows permissions to be upgraded just sits and does nothing. Normal applications won’t even be aware it’s there, and applications that use it expect it to be there. Application updates, whether they are from the Market or other third parties will still install as normal.
What if I want to un-root my phone?
It depends on the model of your phone. Some are ridiculously easy to revert, some not so much. This is the most important question you can ask before you dive in and root your phone. Usually the website you found the method to root your phone will also have a discussion about un-rooting and going back to stock firmware. Take the time to find and read this information so you’re aware of just how difficult it’s going to be to go back. Pay close attention and create backups when recommended while you’re rooting your phone, as these may be needed to go back. I’ve not heard of any device that can’t be restored to factory firmware provided the original was backed up properly as recommended during the rooting process. The most important thing to always remember is to ask for help. If you do find yourself stuck without a backup or a working phone and need to roll back, ask for advice. Our forums are full of fine folks from all walks of life, and the majority are more than happy to help. There’s a good chance you’re not the first person in that situation and a solution has already been worked up!
Do I run the risk of bricking my phone?
This is one of the Internet's favorite bogeymen. "Bricking" is the idea that if you try to tinker with root access, you'll mess something up so it becomes completely unusable, and you'll essentially turn your phone into a paperweight. While that's certainly not outside the realm of possibility, the good news is that Android phones are generally very hard to brick. Yes, even the Droid X, which was purported to be the "unrootable" phone, has been safely rooted for quite some time (Z4root reportedly works with the Droid X).
If you do get caught in a boot loop, you may have to connect your phone to your computer and rewrite some code, but if you are patient and willing to do some more reading, you will almost always be able to find a way to at least restore your phone to its original state (read more on where that help comes from in the next section).
A common mistake that actually will lead to a bricked phone is running out of battery power in the middle of trying to install a custom ROM. The operating system only half installs, and that really is tough to fix. So always make sure that your battery is full before you install a new OS or ROM.
Also, just because a phone is rootable does not mean you can install any custom ROM you want. Differerent ROMs will work for different phones. Even the extremely popular CyanogenMod works for many phones, but certainly not all, so do plenty of research to make sure your phone is supported before trying to install a custom ROM.
Could my phone overheat and explode?
One of the major incentives to root your phone is the ability to overclock your processor to gain more speed (or underclock it to extend battery life). My phone has gotten considerably faster because of overclocking. When you overclock your processor, though, it will get hotter. If you try to push your phone too far and you don't set any fail-safes (a maximum allowable temperature in the overclocking utility), then you could burn out your processor. However, it is very easy to set safety thresholds to ensure that you don't do that.
SetCPU, the most popular app for overclocking or underclocking, allows you to set up various profiles.
Reading the rooting forums will give you plenty of advice on how far you can push your specific device and maintain stability. It pays to do some experimentation: Different phones behave differently, even if they're the same model.
Sources: androidcentral.com, pcworld.com
Useful threads:
[TUTORIAL] Unlocking, rooting, custom roms installing, going back to stock
[INDEX] HTC Desire X (protou) - Everything Desire X is here!
Reserved.