Related
OK, so it has been said many many times before, that maybe obtaining the 1024 character long RSA key to be able to act like sony and do whatever we want to do to the phone.
Now that there has been some success cracking the PS3 through a fairly complex bruteforce algorithm, people are having some hope on the x10.
The devs have said many times it's not that simple, but it's always on the back of everyone's mind.
So what do you guys want to do about it? Prove the devs right? or prove them wrong? i'm not exactly a dev myself, but i know exactly what's going on, and i know how the phone works (i studied networking in college for a few years and also did computer science before i decided to become an auto mechanic, all through high school, and of course alot of googling and cracking my own stuff. i still have a fond interest in this stuff)
there was a guy who said he could write a program for this. and i'm sure a few people could get working on this too. it might not work, but while the real devs are hard at work, why not dedicate some cpu time overnight to maybe successfully get that 1024 character RSA key?
here's what we know.
the RSA key is 1024 characters long. a random number bruteforce means there are 1267650600228229401496703205376 combinations of numbers. if it's a HEX key, multiply that by 1.6 and thats how many combinations there are.
however, RSA keys are generated through the following formula, there is something called Open SSL that can generate 1024 bit RSA keys. and open source means we can turn this into a tool for what we want to do, if it isn't already.
the RSA algorithm itself:
http://www.di-mgt.com.au/rsa_alg.html
Open SSL:
http://en.wikibooks.org/wiki/Transwiki:Generate_a_keypair_using_OpenSSL
so, any takers?
Update:
raw buteforce is impossible after some research. however, there will have to be multiple programs written for this task, once the first program is written and does it job, write a new program to reference the data that the old program gave you. (assuming everyone wants to try and get some devs in on it.)
1. a 1024 bit key if it is only numbers will be 309 characters long. i referenced this chart :http://en.wikipedia.org/wiki/Password_strength#Password_strength_depends_on_symbol_set_and_length
2. write a program that calculates every single prime number up to 999999.....etc up to 309 characters long, and only store those numbers somewhere.
3. use distributed computing to ONLY use those calculated prime numbers that were calculated to start multiplying prime numbers by eachother.
4. discard any numbers that add up to a number that is less or more than 309 characters long. this eliminates the program asking if a password that isn't even the right length if it is right or not.
5. only test those 309 digit keys that were calculated from the data given from the last two steps on the bootloader. this eliminates every possibility of a truly random number that is that length.
the "309" changes if it's not just numbers, if it is alphanumeric its 199 digits, if it is all letters its 218 digits (just look at the chart)
does this seem viable? it definitely would speed things up quite a bit no?
as much as i remember, i read somethin like it in the milestone forum, it needs a LOT of CPUs working on it,
correct me if i am wrong, an ETA would be like what ? a year ?
mezo9090 said:
as much as i remember, i read somethin like it in the milestone forum, it needs a LOT of CPUs working on it,
correct me if i am wrong, an ETA would be like what ? a year ?
Click to expand...
Click to collapse
well if we could make a simple batch file to work on it, i think we could get a few thousand working on it at a time. and this forum is full of nerds haha, so i'm sure alot of them have OC'd quad cores like me.
and yeah cracking a 1024 bit key is basically only possible by guessing/starving the CPU of voltage to create errors so you can slowly piece together the key. but that's almost just as much work.
Or it could be a day. I don't follow the bootloader thread as it is very slow moving and doesn't appear to be getting very far, that's not a go at the people working on it either.
Maybe someone could get something like this going as a sideline? Someone could get lucky, and it gives us 'lesser mortals' a chance to help.
Sent from my X10i using XDA App
If you really want to start such a project the first thing you have to think about is:
Which files are used for signature and which parts of them.
To proove that you have to alter every single file in every line to test and proove.
We have done some work on this before and we found that some lines in the build.prop are used for that.
Jerpelea has some more informations which lines cannot be changed without softbrick -> that are the lines the signature is checked on.
So this should be the first step. The pure mathematics is very trivial and not the problem.
If you all want to go this way just think about from the beginning and do the brute force in some kind of cpu pool. If not you will not get something EVER!
1.) Find the signature parts
2.) Code some stuff to get the bruteforcing working on multi-machines
3.) Calculate & prey
Regards
Bin4ry
So anyone here have experience to set up a distributed computing project for this?
Sent from my X10i using XDA App
Please also know that the PSP is also hacked this week. The code was the same as the PS3! http://psx-scene.com/forums/f6/psp-now-also-open-console-developers-74290/
Ok, let's get this rolling guys. Anybody can make a random number generator, but we need it to check with the bootloader. Connecting to the phone and asking if each password is the right one will be slow, is there any way to get the bootloader onto a computer so we can hack it way faster?
Sent from my X10i using XDA App
I'm down for donating some CPU time from all 4 of my computers in my house.
I almost guarantee most of us are geeks who have at least 2 pc's As a result we all should have LOTS of spare cycles.
I think the most important part of this will be keeping track of whats been tried and by who.
I have been following this forum and joined this community as a result of getting my x10a.
Given how long we all waited for the initial root, and how we are all still waiting. I'm sure this may actually be possible.
I like the idea of giving people like me with very poor coding ability and no extra money a 3rd way to contribute towards these efforts
Perhaps we can use http://boinc.berkeley.edu ? (it's the back end for things like [email protected] and [email protected])
I'm definitely in if people get this to work. I have two quad core computers availible for some processing powah.
Chillaxed said:
Ok, let's get this rolling guys. Anybody can make a random number generator, but we need it to check with the bootloader. Connecting to the phone and asking if each password is the right one will be slow, is there any way to get the bootloader onto a computer so we can hack it way faster?
Sent from my X10i using XDA App
Click to expand...
Click to collapse
OR perhaps this program should be written FOR the x10a, and NOT windows?
So I can plug in my phone at night, start an application, and bruteforce while I sleep?
olafski72 said:
Please also know that the PSP is also hacked this week. The code was the same as the PS3! http://psx-scene.com/forums/f6/psp-now-also-open-console-developers-74290/
Click to expand...
Click to collapse
I have tweeted the hacker on this, whether the code can have any chance on the X10. Or look at my signature and we also ASK this at SE, to release the bootloader code. Please vote!
I have two quadcore pc and running every day so np for me to spend some time for this
Greetings
Sent from my es209ra using XDA App
Hola
I am definitely in to help with the CPU processing side of things. Like so many nerds around here I have more than 2 x quad based processor machines to help out.
Waiting in anticipation. Thanks to all.
The PS3 was broke because someone messed up with RNG IIRC.
If correctly generated private keys could be brute forced easily then RSA, and all public key crypto would fail.
Dave
Gergith said:
OR perhaps this program should be written FOR the x10a, and NOT windows?
So I can plug in my phone at night, start an application, and bruteforce while I sleep?
Click to expand...
Click to collapse
Don't make jokes, your phone would burn! This algorithm means 100% Load. This would never be finished because low cpu power.
The main problem we'll be facing when doing this is how the keys that we generated will be tested with the bootloader. We could generate a whole bunch of possible keys but we need a way figure out how to test them with the bootloader. The 2nd major problem would be making sure that the keys generated by one person aren't the same as the keys generated by the next. Those are the two major problems we need to be focusing on.
And by test them with the bootloader... I don't mean keeping the phone plugged in... we need to be able to check if the keys work in realtime.
DaveShaw said:
The PS3 was broke because someone messed up with RNG IIRC.
If correctly generated private keys could be brute forced easily then RSA, and all public key crypto would fail.
Click to expand...
Click to collapse
Yeah were gonna need to bruteforce the key with current RSA vulnerabilities and then if that doesn't work we can move on to other methods, if Sony did it right all we can do is random numbers.
Distributed computing would work because then we can split up all of the number possibilities into sections so we aren't all trying all of the combinations at once
Sent from my X10i using XDA App
With all the computing power in the world, you wouldn't be able to brute force a 1024 bit rsa key within millions of years
Basically, 128 bit is considered brute force safe. And 1024 doesn't take 8 times as long. It takes 2^(1024 - 128) = 5.28294531 * 10^269 as long.
So, plain brute force is never going to work.
gulpreet said:
The main problem we'll be facing when doing this is how the keys that we generated will be tested with the bootloader. We could generate a whole bunch of possible keys but we need a way figure out how to test them with the bootloader. The 2nd major problem would be making sure that the keys generated by one person aren't the same as the keys generated by the next. Those are the two major problems we need to be focusing on.
And by test them with the bootloader... I don't mean keeping the phone plugged in... we need to be able to check if the keys work in realtime.
Click to expand...
Click to collapse
This is where distributed computing comes into play. We can write in top of the backbone and make our own.
Sent from my X10i using XDA App
So i am running CM11, a friend used to be, and we used WhisperPush to send encrypted SMS. He got the M8, now is not running cyanogen mod, and therefore does not get the messages i send to him b/c he cannot receive WhisperPush messages. If I unregister my device from WhisperPush he can receive them. His old phone with CM also does not boot anymore.
There does not seem to be an option to delete his identity key from my phone. Anyone have any idea how I can do that?
Thanks in advance
crackmulah said:
So i am running CM11, a friend used to be, and we used WhisperPush to send encrypted SMS. He got the M8, now is not running cyanogen mod, and therefore does not get the messages i send to him b/c he cannot receive WhisperPush messages. If I unregister my device from WhisperPush he can receive them. His old phone with CM also does not boot anymore.
There does not seem to be an option to delete his identity key from my phone. Anyone have any idea how I can do that?
Thanks in advance
Click to expand...
Click to collapse
I'm in the exact same situation as you. My friend had a GS3 with CM and we used WhisperPush together. Now he also got the M8. He's in the process of rooting and installing CM now, but I still have his old Identity Key in my phone and therefore he cannot receive my messages.
Did you ever figure anything out on this? Or does anyone else out there have any clue how to remove old Identity Keys?
xluryan said:
I'm in the exact same situation as you. My friend had a GS3 with CM and we used WhisperPush together. Now he also got the M8. He's in the process of rooting and installing CM now, but I still have his old Identity Key in my phone and therefore he cannot receive my messages.
Did you ever figure anything out on this? Or does anyone else out there have any clue how to remove old Identity Keys?
Click to expand...
Click to collapse
sorry to hear that
i got no answers here or anywhere else. i seem to have gotten around the issue by turning off whisper push. i am now using paranoid android on my n5 (latest beta) and I do not think i have this issue, because thats basically the same as turning off whisper push. If you can deal without wisper push, thats the only solution i know of. i hope that helps.
the more i think about it, the less i think i need my texts encrypted anyway, so all good.
what do you think the advantage to having whisper push is?
crackmulah said:
sorry to hear that
i got no answers here or anywhere else. i seem to have gotten around the issue by turning off whisper push. i am now using paranoid android on my n5 (latest beta) and I do not think i have this issue, because thats basically the same as turning off whisper push. If you can deal without wisper push, thats the only solution i know of. i hope that helps.
the more i think about it, the less i think i need my texts encrypted anyway, so all good.
what do you think the advantage to having whisper push is?
Click to expand...
Click to collapse
The only advantage is encrypted texts. But if you don't have anything to hide, then at this point it's not worth all the hassle.
xluryan said:
The only advantage is encrypted texts. But if you don't have anything to hide, then at this point it's not worth all the hassle.
Click to expand...
Click to collapse
so if i understand correctly, the idea is that not even the NSA is able to see the encrypted whisperpush texts? I certainly dont believe that, but thats fine.
is the idea that whisperpush encrypts a text on the phone, so it is unreadable when on verizon/tmobile/etc servers, and then decrypted when on the receivers phone? wouldnt it be possible for someone who saw these encrypted messages to decrypt them on their own using the whisperpush software (some 'hacking' required)?
im just trying to understand the service better. as i understand it it seems to be a novelty now for the heck of it and not actually useful. if you have something to hide encrypting the texts isnt actually going to hide the data, it seems to me.
crackmulah said:
so if i understand correctly, the idea is that not even the NSA is able to see the encrypted whisperpush texts? I certainly dont believe that, but thats fine.
is the idea that whisperpush encrypts a text on the phone, so it is unreadable when on verizon/tmobile/etc servers, and then decrypted when on the receivers phone? wouldnt it be possible for someone who saw these encrypted messages to decrypt them on their own using the whisperpush software (some 'hacking' required)?
im just trying to understand the service better. as i understand it it seems to be a novelty now for the heck of it and not actually useful. if you have something to hide encrypting the texts isnt actually going to hide the data, it seems to me.
Click to expand...
Click to collapse
Well, encryption can be weak or it can be strong. That's a gross over-simplification, but I'd have to type for hours and hours to explain what makes encryption strong. I will say briefly this though: the NSA actually has deals with some of the companies that invent encryption algorithms to give them a back door to decrypt anything they want as long as it's using a certain algorithm. So yes, never trust the NSA.
The basic idea is to keep the data encrypted as long as it passes through the carriers servers. I'm not sure if the encryption is done on your local device, or on the WhisperPush servers (presumably it would be on your local device), but either way your carrier would not be able to read your texts, ergo they could only give the NSA/FBI/CIA/etc... the encrypted text which would be useless (again, assuming the algorithm WhisperPush uses is safe from the NSA).
As far as someone or some company breaking or hacking the encrypted text, it depends on a few things. First and foremost: how strong is the encryption. Since WhisperPush seems to be for paranoid type individuals, I would assume it's decently strong. If your encryption is strong enough, it could take years to break. Second, how much time and power does the person/company have at their disposal. With enough dedication, any encryption can be broken. Say the encryption is only 128-bit and your attacker has access to a bank of CPUs. It could be broken in a matter of hours or days.
Plus, who is to say that WhisperPush doesn't just give up your encryption keys upon request of the NSA?
The bottom line is this: if you're actually trying to hide from the NSA or likewise, you need to take a few more steps then just turning on WhisperPush. Steps like creating your own private messaging app and communicating without electronics as much as possible.
As far as WhisperPush just being a novelty... yeah, could be. Maybe it's like Google Chrome. They really just started Chrome to get the other browser giants to make a better product. Maybe WhisperPush is trying to motivate others to make texting more secure. Or maybe they're the real deal.
You can never really trust anyone in the online world these days so who knows... as far as I know the NSA developed WhisperPush. The name sure fits in with the rest of their code named projects
xluryan said:
Well, encryption can be weak or it can be strong. That's a gross over-simplification, but I'd have to type for hours and hours to explain what makes encryption strong. I will say briefly this though: the NSA actually has deals with some of the companies that invent encryption algorithms to give them a back door to decrypt anything they want as long as it's using a certain algorithm. So yes, never trust the NSA.
The basic idea is to keep the data encrypted as long as it passes through the carriers servers. I'm not sure if the encryption is done on your local device, or on the WhisperPush servers (presumably it would be on your local device), but either way your carrier would not be able to read your texts, ergo they could only give the NSA/FBI/CIA/etc... the encrypted text which would be useless (again, assuming the algorithm WhisperPush uses is safe from the NSA).
As far as someone or some company breaking or hacking the encrypted text, it depends on a few things. First and foremost: how strong is the encryption. Since WhisperPush seems to be for paranoid type individuals, I would assume it's decently strong. If your encryption is strong enough, it could take years to break. Second, how much time and power does the person/company have at their disposal. With enough dedication, any encryption can be broken. Say the encryption is only 128-bit and your attacker has access to a bank of CPUs. It could be broken in a matter of hours or days.
Plus, who is to say that WhisperPush doesn't just give up your encryption keys upon request of the NSA?
The bottom line is this: if you're actually trying to hide from the NSA or likewise, you need to take a few more steps then just turning on WhisperPush. Steps like creating your own private messaging app and communicating without electronics as much as possible.
As far as WhisperPush just being a novelty... yeah, could be. Maybe it's like Google Chrome. They really just started Chrome to get the other browser giants to make a better product. Maybe WhisperPush is trying to motivate others to make texting more secure. Or maybe they're the real deal.
You can never really trust anyone in the online world these days so who knows... as far as I know the NSA developed WhisperPush. The name sure fits in with the rest of their code named projects
Click to expand...
Click to collapse
you, my friend, are what makes xda great.
crackmulah said:
you, my friend, are what makes xda great.
Click to expand...
Click to collapse
Cheers mate :good:
xluryan said:
Well, encryption can be weak or it can be strong. That's a gross over-simplification, but I'd have to type for hours and hours to explain what makes encryption strong. I will say briefly this though: the NSA actually has deals with some of the companies that invent encryption algorithms to give them a back door to decrypt anything they want as long as it's using a certain algorithm. So yes, never trust the NSA.
The basic idea is to keep the data encrypted as long as it passes through the carriers servers. I'm not sure if the encryption is done on your local device, or on the WhisperPush servers (presumably it would be on your local device), but either way your carrier would not be able to read your texts, ergo they could only give the NSA/FBI/CIA/etc... the encrypted text which would be useless (again, assuming the algorithm WhisperPush uses is safe from the NSA).
As far as someone or some company breaking or hacking the encrypted text, it depends on a few things. First and foremost: how strong is the encryption. Since WhisperPush seems to be for paranoid type individuals, I would assume it's decently strong. If your encryption is strong enough, it could take years to break. Second, how much time and power does the person/company have at their disposal. With enough dedication, any encryption can be broken. Say the encryption is only 128-bit and your attacker has access to a bank of CPUs. It could be broken in a matter of hours or days.
Plus, who is to say that WhisperPush doesn't just give up your encryption keys upon request of the NSA?
The bottom line is this: if you're actually trying to hide from the NSA or likewise, you need to take a few more steps then just turning on WhisperPush. Steps like creating your own private messaging app and communicating without electronics as much as possible.
As far as WhisperPush just being a novelty... yeah, could be. Maybe it's like Google Chrome. They really just started Chrome to get the other browser giants to make a better product. Maybe WhisperPush is trying to motivate others to make texting more secure. Or maybe they're the real deal.
You can never really trust anyone in the online world these days so who knows... as far as I know the NSA developed WhisperPush. The name sure fits in with the rest of their code named projects
Click to expand...
Click to collapse
Whisper/Signal supports perfect foward secrecy and future secrecy, which means that they don't have your private keys. Well, they could take over whisper and push out their own "special" update. Yet another of the many many reasons I leave auto-update off. I wish the default for turning on auto-update was OFF except the apps I choose [like bank apps], but oh well. I trust moxie marlinspike and so does bruce schneier. What more could the paranoids want?
I would like to know if Signal uses SMS for messaging or does it use the internet?
What ZTE has done with the Axon 7 is nothing short of incredible. An SD820 processor, 4 GB of RAM, Front-Facing Stereo Speakers, a 5.5" QHD AMOLED panel, MicroSD/Dual-SIM support, and a fingerprint sensor. You will not find this combination on any other phone with an unlockable bootloader or CDMA support. After getting to know the device’s security, I was less than enthused. Some things, which I would consider basic features, are missing. Other [system level] security features have been altered to the point where they are useless - or at the very least handicapped. I sought to fix those problems. In sharing what I have found, I seek to help you secure your device.
A few things, going forward…
This article is written with B29 in mind. The Nougat update has just been released and I hope that it has addressed many of my concerns. With that having been said, whip out the tin foil and fashion yourself a hat.
As I write this, the fact that I am about to list security problems with this device gives me pause. I was able to find reference or information about most, but I have found problems that I have not read about anywhere else. In effect, an unscrupulous individual could use information in this guide to compromise an unsecured device. Also, while proofreading this, I was compelled to add that I am not your lawyer. I am not here to help you cover illegal activity or shield you from legal action. At the end of the day, I cannot be responsible for the actions of another. I provide this information, in good faith, to help – not to hurt.
A word on mobile security in 2017 - especially in our current political climate.
There is no going back. We use our devices for everything from paying our bills to submitting job applications. Information that your grandparents would have kept locked in a safety deposit box is now routinely transmitted at the speed of light from your device to a remote server. Given the nature of electronics and storage, if you lose possession of the device, there is no guarantee that a skilled individual could not forcibly extract and reconstruct it. Under our current leadership, surveillance laws will be expanded in the name of security. The requirement for a warrant to forcibly extract data from a device will become more lax than it already is. The operative thought process from those in power is that, ‘if you have nothing to hide…’
Second, law enforcement:
I do not want to get into this too much. I see no way to effectively describe the problem with less than a few paragraphs; So, here we go:
With regard to your tech, the Fourth Amendment is dead. Your best defense is a secure device. Reports of police officers cloning the internal storage of Android devices on the side of the road with nothing more than a black box and a data cable are rampant. In reality, the Police have been collecting ‘analytical’ data from devices for years. All of the information is input into databases, where it can be cross-referenced and used for other investigations. Google ‘Cellebrite’ for more information about this. They are one of the leading forensic software companies. Reading about what can they do is truly disturbing. Be advised that the information on their website about compatibility and capability is not up-to-date [or complete] - for obvious reasons. For this reason, I would recommend keeping USB Debugging disabled on your device when you’re not using it.
Last year, I read a police report/legal ruling where a judge granted a police agency complete power to collect enhanced biometric data on everyone in a residence while executing a search warrant for drugs. I cannot delve too deep, but essentially, there was a device and the prosecutor had some doubts that the owner of the device used their own fingerprint. Enhanced biometric information collection was authorized [and executed] for all individuals in the household. This is a more extensive data set than what is stored by the fingerprint enrollment on Android/iOS. Tech. exists to pass this collected information to the pad sensor on your device. This was a clear violation of the Fifth Amendment if they used the information to crack open the device after the owner refused to type in their password. Because of the adversarial nature of our legal system, no one will complain until someone does something about it. The case received no attention from the press. I was never privy to the outcome, but it was clear to me that they really wanted to unlock that device.
We all have stuff to hide. Whether it is personal, criminal, whatever… The reality of our legal system in this country, combined with its age, has resulted in such an extensive set of laws that you are almost certainly violating one as we speak. Did you know that it is illegal for a man with a moustache to kiss a woman in Eureka, Nevada? See what I mean? This is [obviously] not enforced, but piss the wrong person off and watch how quickly a dumb law can serve as a pretext for investigation and discovery. See Twitter: CrimeADay for a bizarre list of Federal crimes which remain enforceable to this day. Even the most well-intentioned person could inadvertently incriminate himself or herself when surrendering their device. This is all very fascinating, and probably will never happen to you, but no one wants their device to be subject to random searches. Legal information, trade secrets, etc. can be just as damaging as incriminating information can be. Additionally, all of the data they collect leaves your protection and is subject to their storage, security flaws, breaches, and decisions to sell it in the future. If you choose to surrender your data, that is your call, but I seek to make sure that it is never by force.
Now that I've given you a headache, let's move onto the biggest security flaws that I’ve found:
ZTE has removed the ability to encrypt the internal storage on B29. I do not know if this was fixed with the B15 update, but this alone made the phone unusable for me. Several apps that I use will not even start if there is no boot time encryption password set. While I’m inclined to blame the apps, I completely understand why they won’t work. Some information is too sensitive to be stored on unencrypted media.
ZTE has altered the default security behavior of Android to allow the fingerprint sensor to unlock the device, even if it has just been rebooted or locked by a Device Admin. Again, I do not know the latest update addressed this. This feature is a last resort stopgap against your data being stolen under duress. You can refuse to type in a password, but your fingerprint can be forcibly/unknowingly used to unlock your device. I’m sure that more than a few of you have seen the Vines where the suspicious female attempts to use her man’s finger to unlock his device while he’s sleeping. I was unable to fix this, and it ultimately led me to abandon ZTE’s iteration of Android.
The bootloader can be rolled back and unlocked by anyone, allowing low-level access. From here, it is not difficult to reconstruct data that is left over by the insecure factory reset process after unlocking. However, this would probably be more useful to a thief than to someone who was after information. While this is cool for us from a development standpoint, it is also a security and anti-theft nightmare.
The power menu is accessible from the lock screen. While I’ve never seen a stock version of Android lock this down, the airplane mode function is available from the power menu on ZTE’s flavor of Marshmallow. This has the unfortunate effect of bypassing any anti-theft protection on the device that requires connectivity. We will address this and as many of the aforementioned items as we can.
Custom ROMS, Bootloader Unlocking
After careful consideration, I concluded that the only way the completely guarantee the security of my device was to use CyanogenMod/LineageOS. CM has some undesirable attributes, but [in my opinion] the positives outweigh the negatives. Let's just say that I eagerly await a fully functional AOSP build. However, CM allows encryption and requires the device’s password to be entered after rebooting or locking with a Device Admin. In order to do this, the device’s bootloader must obviously be unlocked.
Post-Unlock Security, Root, and What about my warranty?
Most security conscious individuals will probably tell you that unlocking your bootloader or rooting your device is the worst thing you can do for your device’s security. I submit to you that your device’s security is already broken. With the help of this site and a few easily accessible resources, the security that your locked bootloader affords you is useless. By encrypting your /data partition, you will be increasing the security of your data by an infinitesimal factor -- assuming you use a strong password. With regard to root, the human element remains the weakest link in the chain. Having your bootloader unlocked and your device rooted might make it easier for a knowledgeable person to reset and use the device after relieving you of it, but if your device is set up properly, your data is just as safe – if not safer than it was before.
The biggest consideration is warranty. In my opinion, any manufacturer that denies a legitimate hardware-related claim on the grounds of your bootloader being unlocked is not a company that should be supported. However, it ‘is what it is’ and time will tell how ZTE will treat its customers. The choice remains yours.
Password Strength
Using a separate encryption password is a wise thing to do. Pay attention to what keyboard you're using when you type your password in...
Do me a favor. Go to this site and check your password strength. http://calc.opensecurityresearch.com/
Under keys per second, select 'Custom' and paste
Code:
1999999999999999999999
That is very close to where we are, without going over.
The Fixes:
Please forgive the breakdown of writing style from this point forward.
/data Encryption:
The only remedy for this is to encrypt the internal storage on CM and then to reinstall B29. Unlock your bootloader, install TWRP, flash CM13, boot the device and encrypt it. From here, [if warranted] you can reset the encryption password to whatever you want it to be by running
Code:
vdc cryptfs changepw password 'old_password_here' 'new_password_here'
Reboot to TWRP, wipe everything, but do not ‘Format Data’ or Factory Reset. Perform an ‘Advanced Wipe’ and wipe everything. Reinstall B29, and you’ll be prompted for your encryption password whenever you boot your device! This alone will protect your data from forcible extraction and reconstruction after the device is factory reset.
Fingerprint Sensor Unlock Policy:
Use a different version of Android. I tried everything. Locking the device with a Device Admin, killing the services using ADB while on the lock screen, unloading drivers, etc… For some reason, the damned sensor just works all of the time. Any insight on this is greatly appreciated….
Bootloader Rollback:
The B15 update contains a newer version of fastboot that, as I understand it, is fake and does not accept fastboot commands. I will be investigating the implementation of this. This would still be subject to replacement by the working version… So, it may only slow a determined intruder down.
Lock Screen Power Menu/Airplane Mode:
There is probably a way to kill the power menu when on the lock screen by editing some resource or another. My solution utilized Tasker. Disable Tasker’s battery optimization in the Android system settings. A more comprehensive write up might be forthcoming upon request, but essentially, you would do:
Code:
2 (3rd/4th optional/troubleshooting) profiles/tasks to maintain a variable as to whether or not the device had been unlocked.
Event (Display Unlocked) -> Clear Variable %Locked
Event (Display Off) -> Set Variable %Locked To 1
State (Display Off) + State (Variable Value %Locked Doesn’t Match 1) -> Set Variable %Locked To 1
Event (Device Shutdown) -> Set Variable %Locked To 1
1 Profile/Task to disable Airplane Mode
Event (Variable Set, Airplane Mode Status, value=’on’) + State (Variable Set, %Locked, value=’1’)
From here, you can either tell a task to wait a specified amount of time to turn off Airplane Mode, have Tasker immediately turn it off, or flag a variable that will be looked for the next time the display is turned off. I would suggest having the last profile set a variable, such as %DisableAeroplaneMode=1. Then do,
Code:
Event (Display Off) + Variable Value (%DisableAeroplaneMode, value=’1’)
|-> Wait 5 Seconds, Turn Off Airplane Mode, Clear Variable %DisableAeroplaneMode
And/Or
State (Display Off) + State (Variable Value, Airplane Mode Status = ‘on’ & %DisableAeroplaneMode = ‘1’)
|-> Wait 5 Seconds, Turn Off Airplane Mode, Clear Variable %DisableAeroplaneMode
By doing it the way I have laid out, where the device waits until the screen is off, the would-be thief is tricked into thinking that he has disabled the device’s connectivity. The task will repeat as many times as the attacker toggles Airplane Mode. This will not stop the attacker from powering down the device, but may give you the extra minute you need to send the self-destruct command or locate the device. The optional tasks assure that your wishes are respected even if the Display Off events are missed -- which happens.
In conclusion, ZTE should really take a hint. Don’t cheap out on security. If something is working, and has worked for a long time, there is no reason to change it. Alternatively, to employ the age-old aphorism, if it ain’t broke, don’t fix it. I hope to have given everyone something with this write-up. A true 'pick and choose' philosophy way be the best way to proceed from here. There is no such thing as a truly secure piece of tech, and there is no such thing as a secure device that is also convenient to use on a daily basis. Take care, all.
This is my first thread in my 5 years of of XDA membership. Feedback is much appreciated.
Physical security of this device was gone the day that tenfar released the boot/recovery flashing tool. That sends the signed firehose over the USB connection, which can be picked up and used by anyone who knows how (eg. tennear). Your *only* security on the device is encryption. Period.
And just so you don't feel too bad about this, you can bet that law enforcement has, or can subpoena, the firehose from any manufacturer.
Moral: always encrypt and use a strong password. That at least gives you *some* chance of security.
Very interesting read. There's very little privacy in the connected society we will live in. Who needs any kind of tracking device when the cell phone does that and so much more. In the older days (pre 2012?) one could fully shutdown the phone by pulling the battery. This is no longer possible with sealed/embedded batteries. One certainly hopes the phone is truly off when powered down or transmitter is deactivated in airplane mode.
We've traded privacy for convenience. The other day a personal banker at my bank was trying to sell me on mobile banking. How easy and convenient it is to deposit a check or transfer funds. No thanks. Just don't trust android enough to install any finance related apps.
If you leave your wifi on, the phone scanning for an AP reveals enough about itself to be a tracking marker.
IMO, best security for a mobile device is not to contain any confidential information in the first place. There won't be anything to reveal should the device become compromised.
A fantastic read, very appreciated, thanks for your work.
I know that, amazing piece of hardware, with very poor software development, with all the rumors confirmed: terribles mistakes in almost any software aspect's.
Thanks again and please, write more often !
Great write up.
I'm on B15 and when you set a pattern lock or pin it asks you if you want the device to require the pin/password/pattern on startup. So there's some change there. I have a pattern set and after reboots it does ask me to unlock it before finger print will work.
Airplane mode still accessible from the lockscreen on B15.
LineageOS 14.1 for ZTE Axon 7
QuantumFluxx said:
What ZTE has done with the Axon 7 is nothing short of incredible. An SD820 processor, 4 GBs of RAM, Front-Facing Stereo Speakers, a QHD AMOLED panel, MicroSD support, and a fingerprint sensor. You will not find this combination on any other phone with an unlockable bootloader or CDMA support.
Click to expand...
Click to collapse
Agreed. Especially the 5.5" 1440p AMOLED display. We have enough 5.5" 1080p slabs from the budget Chinese companies. ZTE "gets" it.
I wish Google had bought a MILLION of these, loaded on Nougat and sold them as the Pixel XL. The specs put Google to shame, and they charge twice the price.
If only ZTE had included wireless charging I would have bought 3 of them immediately. For now, I'm sticking with my 2014 Moto XT1225 -- basically the 5.2" version of the Moto Nexus 6, but with a BIGGER battery:
5.2" 1440p, Snapdragon 805, 3GB RAM, 64GB internal memory, Qi wireless charging, Qualcomm Quickcharge 2.0, 3900 mAh battery. And yes, I have three of them.
QuantumFluxx said:
The only remedy for this is to encrypt the internal storage on CM and then to reinstall B29. Unlock your bootloader, install TWRP, flash CM13, boot the device and encrypt it
Click to expand...
Click to collapse
CM13 is abandoned. Surely you mean CM/LOS14?
[OFFICIAL]LineageOS 14.1 for ZTE Axon 7
https://forum.xda-developers.com/axon-7/development/unofficial-lineageos-14-1-zte-axon-7-t3545679
You just wrote this three days ago. You don't know this?
ChazzMatt said:
CM13 is abandoned. Surely you mean CM/LOS14?
[OFFICIAL]LineageOS 14.1 for ZTE Axon 7
https://forum.xda-developers.com/axon-7/development/unofficial-lineageos-14-1-zte-axon-7-t3545679
You just wrote this three days ago. You don't know this?
Click to expand...
Click to collapse
I was aware. I'm even running LOS on my Axon I have personally set up an encrypted /data partition on CM13 (MM) and then reinstalled B29 (MM) without formatting /data. I haven't tried using CM14/LOS for the first step of that process. Since the recently released B15 (Nougat) update seems to have addressed the missing encryption option, this guide might mostly be deprecated -- or only useful to those who choose to remain on B29. I would not recommend using Nougat to set up a /data partition for a Marshmallow system.
This.. was very interesting. I've decided I'm not gonna buy the device until they fix this. On the other hand, my bullhead has *no* encryption as boot encryption is too much of an annoyance to me. I'm waiting for TWRP to support file-based encryption on my device (hopefully WITH f2fs) so I can contain my speed within good security. Also, on AOSP the data CAN be turned off from Quick Settings, unfortunately. I could just remove it from there I guess... (but I need to keep a watch)
I suspected that something is a miss with the device when I got it yesterday, but didn't have the time to check it out why exactly I don't see the expected encryption settings...
Saved me a lot of time and research.. Thanks for that.
Good thing that I'm actually renting the device and didn't actually bought it... I guess I won't be keeping it..
Considering ZTE has been in the frying pan by US Congress, the FBI, etc. for the past 5 years, I'm not surprised they'd make a phone our government would love everyone to get but... not use themselves. Just be glad you were able to get a fancy cheap phone to put LOS on at the moment considering Congress only recently (this past summer) gave ZTE a temporary halt on their sanctions to do business in the U.S. I read a lot before clicking "buy" but decided to pull the trigger because it is a sweet phone. Before I first used it I scanned it with practically every major antivirus and malware product, put it behind a pfSense firewall running Snort, scanned it network-side with Nessus... I'd do more if I could.
https://www.nytimes.com/2016/06/03/technology/huawei-technologies-subpoena-iran-north-korea.html
http://intelligence.house.gov/sites...s/huawei-zte investigative report (final).pdf
https://www.nytimes.com/2016/03/19/...uestions-about-huawei-and-sanctions.html?_r=0
http://techonomy.com/2013/04/huawei-zte-banned-from-selling-to-u-s-government/
https://www.theguardian.com/technology/2012/oct/08/china-huawei-zte-security-threat
http://www.phonearena.com/news/Huawei-ZTE-may-be-doing-espionage-for-China_id35269
http://www.chinausfocus.com/finance...chinese-telecom-giants-conflicts-with-the-u-s
https://www.cyberscoop.com/android-malware-china-huawei-zte-kryptowire-blu-products/
http://www.fiercewireless.com/tech/...irms-be-allowed-back-into-u-s-wireless-market
... I could go on. Literally Google Huawei and ZTE in the same search and you get this stuff.
I remember reading about Huawei's involvement in this, but not ZTE's. Corporate greed, corporate greed, corporate greed.... I guess we should all be very aware of this and any developments. Please advise us of anything you come across that doesn't look right.
jawz101 said:
Considering ZTE has been in the frying pan by US Congress, the FBI, etc. for the past 5 years, I'm not surprised they'd make a phone our government would love everyone to get but... not use themselves. Just be glad you were able to get a fancy cheap phone to put LOS on at the moment considering Congress only recently (this past summer) gave ZTE a temporary halt on their sanctions to do business in the U.S. I read a lot before clicking "buy" but decided to pull the trigger because it is a sweet phone. Before I first used it I scanned it with practically every major antivirus and malware product, put it behind a pfSense firewall running Snort, scanned it network-side with Nessus... I'd do more if I could.
Click to expand...
Click to collapse
---
I'm so sorry to have played a part, but I am very glad that you were able to find all of this out before the end of your return period. At least, I assume that you're going to return it
I wrote this piece because I couldn't find something comparable on XDA or the rest of the net. Just a one sentence reference, here or there, that says someone couldn't encrypt. You would think more people would have flipped out about this, but the average 'unlocker'/'flasher' has a very poor opinion of full device encryption.
apocalypse_bg said:
I suspected that something is a miss with the device when I got it yesterday, but didn't have the time to check it out why exactly I don't see the expected encryption settings...
Saved me a lot of time and research.. Thanks for that.
Good thing that I'm actually renting the device and didn't actually bought it... I guess I won't be keeping it..
Click to expand...
Click to collapse
---
Good luck with your upcoming TWRP update! P.S., From TWRP.me regarding the Bullhead
NOTE: Decrypting data does not work if you fastboot boot the recovery image. Decrypt works if you flash the recovery and boot it like normal. If you do not know what this means, you can ignore this note.
Click to expand...
Click to collapse
If you install the recovery image through TWRP and reboot recovery, have you had any luck? Dunno if I'm reading that wrong.
I believe that the Nougat update re-added encryption [for the Axon].
I can help you secure your quick settings while the device is locked. You need Tasker and root.
Go to a shell and do
Code:
settings get secure sysui_qs_tiles
and take notice of the output. We will call these your 'default' settings, hereafter.
In Tasker, you would set up an event that triggered whenever the display was switched off. You could create a timer, but that would be substantially more complex than just tying the functions to the screen state of the device. The next command you will need is
Code:
settings put secure sysui_qs_tiles xxx
where 'xxx' are the tiles you want to appear on the lock screen/after the command is executed (referred to as 'modified', hereafter.)
So, 1st: Event,ScreenOff->Code,RunShell 'settings put secure sysui_qs_tiles modified', Use Root
2nd: Event,DeviceUnlocked->Code,RunShell 'settings put secure sysui_qs_tiles default', Use Root
3rd: Event,DeviceShutdown->>Code,RunShell 'settings put secure sysui_qs_tiles modified', Use Root
You will end up with 3 profiles and 2 tasks. I have attached a screenshot. This is my configuration of the 'Run Shell' command that would be triggered by the 'DeviceUnlocked' event.
You could set up the two different configurations, i.e. edit the quick settings tiles to one configuration when the device is locked, and one configuration for when the device is unlocked. Retain the output of the aforementioned 'get' shell command for each configuration and use them as the 'default' and 'modified' variables for your shell commands.
I always find it extremely difficult to write about Tasker and maintain any sense of literary professionalism. My apologies for any confusion. I'm looking at what I just wrote, and....yeah.
I have the same thing set up on my device and I would be happy to provide the exported files, if you are interested.
LazerL0rd said:
This.. was very interesting. I've decided I'm not gonna buy the device until they fix this. On the other hand, my bullhead has *no* encryption as boot encryption is too much of an annoyance to me. I'm waiting for TWRP to support file-based encryption on my device (hopefully WITH f2fs) so I can contain my speed within good security. Also, on AOSP the data CAN be turned off from Quick Settings, unfortunately. I could just remove it from there I guess... (but I need to keep a watch)
Click to expand...
Click to collapse
---
Yes!!! I wholeheartedly agree. You are getting speed, reliability, support, and updates with the Pixel.
We got the speed.
We got the reliability.
We have XDA.
We finally got the updates. -- I'm on the January security patch on 7.1.1.
In short, the Pixel can remain on the top shelf. I can see no reason it is so expensive other than the fact that Google knew people would gobble it up. That's how Apple does things. smh. The Pixel (and the iPhones) are just not worth $700-870. I would pay 400$ for the Pixel and $549.99 for the XL. That is still overpriced, but much more acceptable. In my opinion, these companies would have you believe that these phones really are VERY expensive to manufacturer. From what I've heard/read, Apple is making about 200$ on every iPhone they sell. Over the years, with that amount of money coming in, there is ABSOLUTELY no excuse to release a phone with outdated hardware and inferior display technology.
By the way, your Moto sounds sweet I miss my XT1575...
ChazzMatt said:
Agreed. Especially the 5.5" 1440p AMOLED display. We have enough 5.5" 1080p slabs from the budget Chinese companies. ZTE "gets" it.
I wish Google had bought a MILLION of these, loaded on Nougat and sold them as the Pixel XL. The specs put Google to shame, and they charge twice the price.
If only ZTE had included wireless charging I would have bought 3 of them immediately. For now, I'm sticking with my 2014 Moto XT1225 -- basically the 5.2" version of the Moto Nexus 6, but with a BIGGER battery:
5.2" 1440p, Snapdragon 805, 3GB RAM, 64GB internal memory, Qi wireless charging, Qualcomm Quickcharge 2.0, 3900 mAh battery. And yes, I have three of them.
Click to expand...
Click to collapse
---
Thank you all for your kind words!
QuantumFluxx said:
I remember reading about Huawei's involvement in this, but not ZTE's. Corporate greed, corporate greed, corporate greed.... I guess we should all be very aware of this and any developments. Please advise us of anything you come across that doesn't look right.
---
I'm so sorry to have played a part, but I am very glad that you were able to find all of this out before the end of your return period. At least, I assume that you're going to return it
I wrote this piece because I couldn't find something comparable on XDA or the rest of the net. Just a one sentence reference, here or there, that says someone couldn't encrypt. You would think more people would have flipped out about this,
Click to expand...
Click to collapse
Well, I read up on all of it beforehand and then bought it anyways. Yeah, it was mainly Huawei - probably because ZTE isn't a household name in the U.S. Regardless, they never gave any proof of tampering with spying so I ultimately wrote it off as b.S. I really think the gov't just wanted to convince people to buy from our partner countries instead of China because China has been quietly buying up a bunch of U.S. businesses and property over the past decade. They're worried about our economy, really. All I know is I want quality and affordability and of China produces that I'm going to opt for it. It is true I've been screwed on some China purchases- namely Indiegogo campaigns recently.
As I have a 2017G, the latest version available is B10. I'm interested if someone from the US with Nougat can confirm the encryption situation. I highly doubt that they have very different builds for EU/US..
According to the official German(EU) support forum of ZTE, they have said that the encryption will be available in Nougat.
So last week someone dropped a weight on my phone and broke the screen completely, I can no longer see anything on the screen. So Verizon's insurance company sent me another phone and I have to ship this one back however I have 2 years of photos on this phone that I do NOT want to lose. Does anyone know any ways to recover the ALL the files on this device? For some reason the finger print scanner doesnt work either so I can't really unlock it, and can't use the samsung page to unlock it because I already setup my new phone so I wasn't phone-less. Any information would be much appreciated and is welcomed; any way to buypass the lock or somehow just download the phone to my PC ect.
THANKS!!
Display repair or forensic data recovery from USF chip
If you have no prior access enabled, that is you have usb debugging (would be easiest) still in it's default off state, you have no custom recovery ROM installed, no screen mirroring solution that was installed at an earlier date etc. then really your only option is to go for the hardware.
Basically, you can either have the display replaced or pay a professional data recovery/forensics company to remove the internal sd card and backup the data from there.
Replacing the display is the less expensive choice. It will cost around 250 Euro where I live. If you want to try it yourself, the mere hardware will cost around 100 Euros (that's for the S6 - other phones have much cheaper displays). However, you'll likely need extra tools that are not standard household items, so the effective cost may be greater. Ofcourse with this option there's the risk that more than just the display is broken and your investment will have been for nothing.
Removing the internal flash memory chip and backup the data on it was deemed somewhere between impossible and highly impropable until recently, because it is so tightly embedded into the device. Around a year ago, chances of recovery were said to be around 40% by professional data recovery companies. Apparantly, this has greatly improved lately though, with a likeliness of 95+% now being stated. However, this involves very precise work and specialised hardware, so prices are accordingly high. I don't know exact prices in western Europe but judging from other types of professional recovery think 700/800 Euro upwards. Apparantly there are eastern European companies which offer the service for only around 300 Euro though. Look for "chip-off" method and UFS if you want to go in this direction.
(And just in case you're thinking about trying this yourself, take a look at this thread - and that isn't even related to the new UFS chips embedded in the Samsung Galaxy S6.
I'm sorry that I can't provide any better prospects for you. I guess that's what we get for letting companies get away with selling ever more locked up devices to us that we have practically no control over ourselves anymore.
Still, I wish you good luck!
shevtak
Hello,
I own a pixel xl with the latest nougat android operating system. My question is , is fully encrypted? if falls in wrong hands, like business competitors, authorities, or any one who can have high tech computers and software they can unlock it? unlocking it I mean to find our my password and open it and then have access to all data and photos.
please help
nikelecy said:
Hello,
I own a pixel xl with the latest nougat android operating system. My question is , is fully encrypted? if falls in wrong hands, like business competitors, authorities, or any one who can have high tech computers and software they can unlock it? unlocking it I mean to find our my password and open it and then have access to all data and photos.
please help
Click to expand...
Click to collapse
If the phone is locked like with pin code and stuff like that, anyone can pass that by using a custom Recovery to delete some stuff from system or he can do it using adb.
If you mean an encrypted storage, then it would be hard, but like you said "high tech computers and softwares" they will possibly be able to do it.
And hackers these days don't need to have the phone to hack it, they are capable of hacking remotely!!
But don't worry, it's nothing to be worry about because the chance of this happening to you is too low, they probably target very high business men and political characters and people like that
anyway, i don't recommend keeping your sensitive information in the phone(bank accounts, IDs...), it's so dangerous like that.
MigoMujahid said:
If the phone is locked like with pin code and stuff like that, anyone can pass that by using a custom Recovery to delete some stuff from system or he can do it using adb.
If you mean an encrypted storage, then it would be hard, but like you said "high tech computers and softwares" they will possibly be able to do it.
And hackers these days don't need to have the phone to hack it, they are capable of hacking remotely!!
But don't worry, it's nothing to be worry about because the chance of this happening to you is too low, they probably target very high business men and political characters and people like that
anyway, i don't recommend keeping your sensitive information in the phone(bank accounts, IDs...), it's so dangerous like that.
Click to expand...
Click to collapse
I have bank accounts , and cards and customer file lists etc...and many other things personally. the phone have lock screen and if fully encrypted. I have a password over 10 characters. high tech software and computers what is it ? what kind of computer?
now about hackers. lets say a competitor wants to know what kind of customers/ I have on my phone. he can hack it remotely and see?
I have an app blocking all permissions from all installed apps. how he can hack it? also I dont download games, or files on the laptop or pirated movies etc
nikelecy said:
I have bank accounts , and cards and customer file lists etc...and many other things personally. the phone have lock screen and if fully encrypted. I have a password over 10 characters. high tech software and computers what is it ? what kind of computer?
now about hackers. lets say a competitor wants to know what kind of customers/ I have on my phone. he can hack it remotely and see?
I have an app blocking all permissions from all installed apps. how he can hack it? also I dont download games, or files on the laptop or pirated movies etc
Click to expand...
Click to collapse
About computers, i have no idea, but anyway, to hack remotely, it requires an infected file to get inside the phone, so you have to be safe, that infected file might simply capture the screen and show them what you're typing in the password field.
BUT as long as you don't download anything from anywhere you're safe.
Apps and games should be trusted and only be downloaded from play store.
If you're using a laptop, you should switch to Linux OS immediately, it's much much safer than Windows, especially these days ransom-ware's hackers encrypted many PCs and asked for money to get the encryption code.
Happened to people i know, but never happened to someone with Linux operating system.
MigoMujahid said:
About computers, i have no idea, but anyway, to hack remotely, it requires an infected file to get inside the phone, so you have to be safe, that infected file might simply capture the screen and show them what you're typing in the password field.
BUT as long as you don't download anything from anywhere you're safe.
Apps and games should be trusted and only be downloaded from play store.
If you're using a laptop, you should switch to Linux OS immediately, it's much much safer than Windows, especially these days ransom-ware's hackers encrypted many PCs and asked for money to get the encryption code.
Happened to people i know, but never happened to someone with Linux operating system.
Click to expand...
Click to collapse
a person who hack phones told me that most android phones can be hacked easy and open them without erase the data. he told me that the icloud is impossible.
i will take the pixel to see if he can hack it. which I doubt.
one more question, if I buy a cheaper version phone and update to android nougat will be the same safe like pixel xl or not?
my computer is mac. i was sondering to switch to chromebook to tell you honest but I must confirm if can be hacked or not the chromebook
nikelecy said:
my computer is mac. i was sondering to switch to chromebook to tell you honest but I must confirm if can be hacked or not the chromebook
Click to expand...
Click to collapse
MAC is great as well.
About the Nogut upgrade, I'm not sure that is only about the OS, native OS might be less secure than the company's OS, even if both OSs are Nogut, the Company add modifications and security to its OS that make it more secure.
MigoMujahid said:
MAC is great as well.
About the Nogut upgrade, I'm not sure that is only about the OS, native OS might be less secure than the company's OS, even if both OSs are Nogut, the Company add modifications and security to its OS that make it more secure.
Click to expand...
Click to collapse
ok, buy you didn't answer me about the cheaper option of the android phone. lets say I want to give a phone to one of my manager with credit card info, clients etc, and doesnt have the preinstalled android nougat on it. this will be the same safe like the pixel? because to this employee I don't want to buy him pixel to handle the works tasks because i did it before with an iphone and she lost it.
nikelecy said:
ok, buy you didn't answer me about the cheaper option of the android phone. lets say I want to give a phone to one of my manager with credit card info, clients etc, and doesnt have the preinstalled android nougat on it. this will be the same safe like the pixel? because to this employee I don't want to buy him pixel to handle the works tasks because i did it before with an iphone and she lost it.
Click to expand...
Click to collapse
No I did answer ?
About the Nogut upgrade, I'm not sure that is only about the OS, native OS might be less secure than the company's OS, even if both OSs are Nogut, the Company add modifications and security to its OS that make it more secure.
Click to expand...
Click to collapse