Directions for recovering (small amount of) data from internal memory - Android Q&A, Help & Troubleshooting

Recently I lost some (relatively) short amount of text in a UI glitch of some app. Do not know its exact name and where did this piece of crap come from, but it has android.permission.READ_NOTEBOOK and android.permission.WRITE_NOTEBOOK permissions, that suggests it stored my texts in Android’s internal storage. The glitchy app is still running, but the device currently isn’t rooted (yes, I’m miserable and clumsy, but that’s the fact).
Which are prospective directions searching for small amount of data in the system memory of an (unrooted) device? Switch the device off, dismantle it, and search in the flash memory? Or install the rootkit software, reboot, and also search in the flash memory? Or first try to break into memory space of the running process? Or some else action on it?
Any help and/or links to tutorials are appreciated. I’m utterly not an advanced Android user, but have sufficient skills locating and extracting various data from memory dumps, so this part would not pose a great obstacle for me.
If one is interested in helping me with specific problem, then
the device is Explay sQuad 7.82 3G
the OS is Android 4.2.2 kernel 3.4.5 (the one supplied by manufacturer)

In the specific situation files were found in the internal filesystem. See android.stackexchange.com/questions/119256/extracting-data-from-running-app-s-memory-address-space for details.

Related

[Q] Allow this application to access... ?

I recently got my SGS2 GT-i9100, and I wonder about all the things the different apps want to hava access to... Either they are simple games or apps...
Your location
Coarse (network-based) location, fine (GPS) location
Network Communication
Full Internet access
Phone Calls
Read phone status and ID
Storage
Modify/delete USA storage contents
...and many more I have not yet familiarized with.
I'm just thinking about whether allowing some apps to have access to all of these things can be harmful in any way, or if I should be concerned in any way. F. ex why should Fruit Ninja be allowed to read phone status and ID? ... I don't get it.
I need a clarification to exactly what all these permissions stand for and mean, what exactly they will have access to if I permit them, and whether to avoid some apps to have access to these, or if it is "safe". I hope you all understand my concerns.
//Steria
Phone status: So the game can pause when the phone rings
Stuff like location would be for location based stuff like checkins or finding out whats in your area.
Phone ID can be used as a personal ID for your phone, aka for building a profile on you for targeted adverts.
Storage: lots of apps, games mostly, put there data on the SD card to save space on the data partition, aka a game might have 700mb of data and your phone only 1gb of app storage.
If you want to block apps from accessing things, on stock roms there is LBE privacy guard or even better Pdroid (which needs a rom patch)
You don't need to post the same question twice in different subfora.

[Q] How to do Android Forensic

Hello everybody,
Is there a way to do forensic analysis on Android,
using free tools ?
In order to access personal information stored.
Especially when the device seems damaged, like booting only
in dowload mode or with a broken screen after a fall/hit.
I had a dead N7100 that caused me a lot of headache since
many things where stored there.
My dream is to do a Apple "time-machine" like system in which
I can recover and analyze my device.
Thanks a lot to everyone.

[Q] Android Security : A question for Developers (in light of govt spying, etc)

Ok so this is a question for lets say hardcore developers, lately Ive taken an interest in android security after the Snowden revelations, (not that any of us have anything to hide), but mainly due to the simple principle of privacy in the digital age... anyhow in my research ive found various ways and sites that can help harden ones security on android , and there are also tools that have been developed to purposely get around these same security precautions on android. My question is to various developers that design security related apps, those who design custom recoveries (TWRP, CM, etc), and even those that work on fastboot (Google).
1) I know there are plenty of apps that are made for security, but are developers sure they are cleaning up (read "wiping ram, on say an app FC, a reboot, or upon receiving a fastboot request from a host")? In the age of NSA and everyone else wanting all in your business, are developers making sure that keys, and other secure info is destroyed, and not still in memory or God forbid in some file on the SD card?
2) Is there any way to make/modify the bootloader so that before you could even get to the bootloader menu (ie. fastboot/recovery/boot/etc..) the bootloader either nukes the entire RAM or fills it with random data? Granted there are always ways to get to ones data, but i was just wondering if there was consideration for the lifespan of said 'security' once one is done with some secure app are the keys tossed(?) ram cleared before deallocation, etc?
3) And... in the interim is there a way users can auto clear/wipe deallocated RAM and SD/internal storage space (as well as within the system area on rooted devices) every so often using something like the Tasker app, remote wipe or something similar?
@steve_77 RAM (at least the RAM we have in phones at the moment) is volatile, meaning it only retains data when powered, therefore there's no need to go to any lengths to wipe it. A reboot will do that. Besides, if any data is being loaded into memory at all in the first place, the NSA probably already have it . Just kidding of course, if you have measure in place already like encryption; I don't think it's possible to retrieve data from memory like that anyway, but I'm no expert.
I understand that the measures mentioned are extreme, but there is already a way to break encryption via reading the keys out of the RAM as outlined in the link provided in the previous post from a German university that was able to do it.
I'm sure this is also not the only type of tools designed to hack into peoples phones and bypass encryption, but if exiting an app does not erase/wipe the RAM allocated to that app, all that data is up for grabs. Sure in this particular case someone would have to physically have your phone, but what if there were some new way, say in the future that could use some sort of exploit to access your data, and what can be done now to mitigate this potential pitfall and make our phones more secure?

[Q] Why Google doesn't allow modifying microSD contents any more on android 4.4.2?

As you all know, modifying files on microSD card feature like allowing to delete rename move files is not more supported by android kit Kat 4.4.2 and later versions of android...
I already know that there's a solution and it's rooting and installing SDfix app from Google play and solve it all,, but duo to my own concerns Oki don't preffer that way...
Please answere as much questions as I have and u can ??????
1. Why Google just disabled this key fearure?
2. Is there any hope that this key feature will come back in later android version if customers do show their remonstrance ??
3. Is there any where I can email Google official operators about this problem and ask them why whom responsible for deleting this key feature in android developement department of Google? - as I searched didn't found any where to chat or ask my problem...
4. Do HTC, Samsung, Sony and other mobile manufactures have the legal rights to add this key feature to there android builds of their own in the contrast of Google android developers way?
And can they include this key feature (or better to say exclude this crazy ban) from their own android roms and just include it in an update for their phones for us to get rid of his ban ??
Salar.m said:
As you all know, modifying files on microSD card feature like allowing to delete rename move files is not more supported by android kit Kat 4.4.2 and later versions of android...
I already know that there's a solution and it's rooting and installing SDfix app from Google play and solve it all,, but duo to my own concerns Oki don't preffer that way...
Please answere as much questions as I have and u can ??????
1. Why Google just disabled this key fearure?
2. Is there any hope that this key feature will come back in later android version if customers do show their remonstrance ??
3. Is there any where I can email Google official operators about this problem and ask them why whom responsible for deleting this key feature in android developement department of Google? - as I searched didn't found any where to chat or ask my problem...
4. Do HTC, Samsung, Sony and other mobile manufactures have the legal rights to add this key feature to there android builds of their own in the contrast of Google android developers way?
And can they include this key feature (or better to say exclude this crazy ban) from their own android roms and just include it in an update for their phones for us to get rid of his ban ??
Click to expand...
Click to collapse
If you are rooted there is a way around this. Its is not that big of a issues unless you can not obtain root
Google, for the most part, doesn't like external storage expansion. They consider it a security flaw. Keeping everything internal keeps all your data more secure. Plug it into a computer, and you can't access anything unless you unlock the phone (PUT A LOCK CODE OR PATTERN ON YOUR PHONE!), but if there's a microSD card with sensitive data (app info, dirty pics, whatever), all you have to do is take out the card.
I can understand Google's position, but I also hate it too. Especially when so many phones without expandable storage have such limited internal space (ie: Nexus devices). Even if you don't have a bunch of music/video on your phone, it only takes a couple of big games like Asphalt or GTA to use up all your space. IMO, Google should figure out how to move certain apps to SD storage, even if they don't allow all. Keep sensitive data on the device, but allow the hefty stuff to be stored on card.
Planterz said:
Google, for the most part, doesn't like external storage expansion. They consider it a security flaw. Keeping everything internal keeps all your data more secure. Plug it into a computer, and you can't access anything unless you unlock the phone (PUT A LOCK CODE OR PATTERN ON YOUR PHONE!), but if there's a microSD card with sensitive data (app info, dirty pics, whatever), all you have to do is take out the card.
I can understand Google's position, but I also hate it too. Especially when so many phones without expandable storage have such limited internal space (ie: Nexus devices). Even if you don't have a bunch of music/video on your phone, it only takes a couple of big games like Asphalt or GTA to use up all your space. IMO, Google should figure out how to move certain apps to SD storage, even if they don't allow all. Keep sensitive data on the device, but allow the hefty stuff to be stored on card.
Click to expand...
Click to collapse
You mean after all of these experiences they had till releasing Android 4.4.2, Couldn't they find out any other solution to that matter but to restrict the permissions on microSD card??
I don't have any special skill in software and computer programing but there has to be some other solutions like adding firewall, or setting an unbreakable master password (while accepting just NTFS formatted sd cards) on devices using a default app from Google for it (like the condition we see WD uses to secure its external HDDs)
lacoursiere18 said:
If you are rooted there is a way around this. Its is not that big of a issues unless you can not obtain root
Click to expand...
Click to collapse
Rooting is not a permanent solution for this matter at last!!!!
It does look like they're (officially!!) forcing their customers to root their device witch they not approve rooting way by not supporting guarantee conditions... And it doesn't make sense...
I'm completely aware that the rooting highway is widely open and rooting is a piece a cake...
But, the company should establish ways that don't put its customers to rooting highway!! ,, cause it doesn't make sense...
Salar.m said:
You mean after all of these experiences they had till releasing Android 4.4.2, Couldn't they find out any other solution to that matter but to restrict the permissions on microSD card??
I don't have any special skill in software and computer programing but there has to be some other solutions like adding firewall, or setting an unbreakable master password (while accepting just NTFS formatted sd cards) on devices using a default app from Google for it (like the condition we see WD uses to secure its external HDDs)
Click to expand...
Click to collapse
I can't speak as to why that couldn't or can't or aren't. I'm not a programmer or developer. I'm merely repeating information that I've read regarding SD cards and security. Rumor is that Android L might open things back up.
Planterz said:
I can't speak as to why that couldn't or can't or aren't. I'm not a programmer or developer. I'm merely repeating information that I've read regarding SD cards and security. Rumor is that Android L might open things back up.
Click to expand...
Click to collapse
Really? I hope so...
If you heard anything else about it, share it with us...
And, BTW, I heard that Z2 doesn't have this problem with its Android 4.4.2 Rom... Is that true? Why?

Detailed Info or even Education about LMK and Virtual Memory

Hi fellas.
Long story short: I seek detailed information about how LMK and especially Virtual Memory works so I can educate myself for teletubbic purposes.
Details:
I'm my old, 1gb Samsung Galaxy S3 device I suffer quite a lot because of poor ram management. Slow insufficient memory for even 1 app ooorr app transitions(multitasking), laggy apps, out of memory reboots drains my will to live.
So time to time I searched internet (especially most of the XDA forums) to find a solution for this, for months(again, time to time). In this process I learned a LOT but unfortunately its not enough since I still haven't found what some virtual memory values and related build prop entries does. Some people made guides but it's not specific and explanatory enough, unfortunately. Just some basic info from surface.
There are a lot of apps and roms that claims to provide better ram management through different ways but as you might guess, none of them completely solved my problems.
Don't get me wrong. I know that at the and, it all comes down to my 1gb device. But through my whole Android experience, I know what this device is capable of. So.. Yeah.
I want specific amounts of apps to stay in memory.
I want my system to kill apps without a second thought in out if memory situations. Fast as if I use "force stop" button in Apps/Settings. (this is important, huh)
I want to set priority to apps about using memory according to app's needs and my use frequency.
To do all of that, instead of crying in forums, I want to educate myself about ram management and do my thing by myself by optimizing system to the end.
Any help, guides, links, courses, piece of info appreciated.
Thanks in advance

Categories

Resources