Hi everyone
Just thought it's good to know these news as this is a serious flaw for those of us that are using encryption in their phones.
http://www.zdnet.com/article/how-to...n-on-millions-of-smartphones/#ftag=RSSbaffb68
What this means is probably that encryption on our Qualcomm based phone will not be fixable, really serious problem I would say. :-/
Related
from http://galaxys2.samsungmobile.com/html/feature.html it looks like it won't be...
On Device Encryption
Play it safe with a security solution that enables the protection of mobile data without the need to sacrifice speed and functionality. The Samsung GALAXY S II is the first Android smartphone to adopt powerful encrypted hardware, minimizing the use of security software and applying encryption technology to the hardware itself, greatly accelerating security protection and achieving superior performance
Click to expand...
Click to collapse
this looks like a bit of a deal-breaker given samsungs poor update schedule.
I really hope they're not talking about an encrypted bootloader, although I seriously doubt they would state that as a feature.
sold my n8 1 month back and waiting for s2 with nokia 6300 and 3120 classic in my hand. so its better to wait buddy
MarkusPO said:
from http://galaxys2.samsungmobile.com/html/feature.html it looks like it won't be...
this looks like a bit of a deal-breaker given samsungs poor update schedule.
Click to expand...
Click to collapse
This is about the functionality targeted at improving security for integrated business applications.
However, The issue as I see it is that if they do not also lock bootloader and ability to install custom root-level stuff out using hardware encryption, then any hardware encryption of user-space stuff is pointless. I predict they either lock it, or if they're clever, to diffuse hackers and modders interest in cracking the encryption they might allow you to unlock it at cost of removing the ability to integrate with business apps. (or other way around or poss with a sandbox of some kind)
crypticc said:
I predict they either lock it, or if they're clever, to diffuse hackers and modders interest in cracking the encryption they might allow you to unlock it at cost of removing the ability to integrate with business apps
Click to expand...
Click to collapse
of those two options, which one offers the fastest turnaround to market, so therefore cheaper to produce and faster to make money from? i wouldn't doubt samsung to completely lock this.
which imo goes against androids openness. you may as well have a custom crappy samsung operating system on it that's semi-compatible with android.
i thought google wanted to clamp down on skins completely? or is that just for tablets?
MarkusPO said:
of those two options, which one offers the fastest turnaround to market, so therefore cheaper to produce and faster to make money from? i wouldn't doubt samsung to completely lock this.
which imo goes against androids openness. you may as well have a custom crappy samsung operating system on it that's semi-compatible with android.
i thought google wanted to clamp down on skins completely? or is that just for tablets?
Click to expand...
Click to collapse
It's true that it's probably cheaper, but at the same time not as many will buy it, so in the end it might be a loss to them.
Of course it will be flashable...theres nothing we cant set free on xda... ..really...dont worry about it.
Sent from my GT-I9000 using XDA Premium App
rixsta said:
Of course it will be flashable...theres nothing we cant set free on xda... ..really...dont worry about it.
Click to expand...
Click to collapse
I'm assuming you don't own a Milestone or a Droid X
Guys could it be possible that s2 might have nand lock plus encrypted bootloader? Any ideas?
If it is the case then it will spell lotz of trouble for us as then even rooting will be a trouble....
And if by encrypted hardware.....does that mean that it will be difficult to find suitable drivers which will make cheating the bootloader difficult and also voids the kexec method employed in bypassing the x10 bootloader?
rixsta said:
Of course it will be flashable...theres nothing we cant set free on xda... ..really...dont worry about it.
Sent from my GT-I9000 using XDA Premium App
Click to expand...
Click to collapse
Or an atrix.......
sent from my nook color
I gave a look at xda threads of those two phones. Everything you can dream of is availlable (last RC4 of cyanogenmod 7, among a lot of other roms).
For what I understood, the only real issue is modified kernels?
If this is the kind of limitation we are talking about, that's fine with me.
qsdf55 said:
I gave a look at xda threads of those two phones. Everything you can dream of is availlable (last RC4 of cyanogenmod 7, among a lot of other roms).
For what I understood, the only real issue is modified kernels?
If this is the kind of limitation we are talking about, that's fine with me.
Click to expand...
Click to collapse
Without kernel voodoo sound, bln, etc are not possible.
qsdf55 said:
I gave a look at xda threads of those two phones. Everything you can dream of is availlable (last RC4 of cyanogenmod 7, among a lot of other roms).
For what I understood, the only real issue is modified kernels?
If this is the kind of limitation we are talking about, that's fine with me.
Click to expand...
Click to collapse
No custom kernels is a HUGE problem. Kernels are written for specific android versions. You can't run Android 2.3 (or even 2.2) on a 2.1 kernel (we had this problem with the motorola milestone). This means you have to wait till the manufacturer starts developing or else you are STUCK. So really, it is a huge limitation. Also, if the manufacturer doesn't support things like a swap partition, you will never be able to get it.
Hello,
my smartphone is a Siswoo Cooper i7, which unfortunately can't be flashed with Cyanogenmod (this would probably really increase security a lot).
Is it realistic to assume that rooting the phone and removing anything related to Google would result in an increased security? [In case you don't want to be watched by 'Google']
Considering all the security issues related to Android OS itself, which I'd describe as a 'security flaw by design', I highly doubt that doing so would make any sense for the mentioned purpose, but still I'm curious what others think about this.
Thanks in advance and kind regards
Hey and first of all: I am not a coder or do know anything about android development.
Treble arrived with Android 8 and it was praised like it would be the holy solution. Essential said it got P running on Ph-1 within a day (weekend...?). When I read all the P GSI threads it seems like nothing has really matured. People still report ****loads of bugs and not working hardware.
Wasn't this the whole achievement with treble? To separate the hardware drivers from the software?
Could someone please explain to me in simple words why it seems (to me) that not much has changed?
thanks!
Wrong section
I guess it's because of few ****ty manufacturers closed sources for specific hardware and not including them in Treble vendor.
Treble only promised compatibility where Vendors comply with VTS. If they make closed source drivers with special cameras or special sensors, bugs are bound to happen.
However if you see the other side, a **** load of ROMs were able to boot without needing any dev assistance like in my case, Xiaomi mi6 was able to boot Android P GSI and other treble compatible GSIs by users WITHOUT any help from devs. This is HUGE.
The minor niggles regarding cameras or sensors or other things is NOT a huge deal. A relatively weak developer can even take up from there and try to fix up things.
Lastly, give treble some time. This was the first time it was tested and it worked. Not completely, but i would say better than expected. In time it will help us get Android 9.1 9.2 etc with minimum fuss.
You would understand if you tried porting roms or building them from source. It NOT easy.
Hi, I read about security issue disclosed in 2016 (CVE-2015-6639 and CVE-2016-2431) when attackers can decrypt FDE by extracting KeyMaster from ARM's TrustZone.
https://thehackernews.com/2016/07/hacking-android-encryption.html
One thing from this article force me to post this question:
Although Beniamini is working with both Qualcomm as well as Google, the core of the issue might not be completely fixable and might even require new hardware changes to fix.
Click to expand...
Click to collapse
So how it looks today? Is that issue fixed? From Google's side it is, but how about Qualcomm? If not, is there any list of vulnerability devices?
Hi everyone,
let me preface this with saying that I have searched for similar threads to avoid redundant threads, and I didn't find anything similar to this. I apologize in case I somehow missed it and am accidentally making a duplicate thread. That said, let's continue.
I recently got a Xiaomi Redmi Note 11S. I really love the hardware - it's pretty good for its price; the battery capacity is high, I like the 90Hz refresh rate and the AMOLED screen, decent storage capacity, and the 33W fast charging is really cool too.
The software, however, is another story. Firstly, there is a lot of bloatware. Various stores, games, etc. that I never asked for. And even worse, secondly, on every corner there is a privacy violation. Every time I clicked on a different app, I needed to accept a different user agreement, privacy policy, or something similar. The camera app literally requires an internet connection and yet another ToS agreement to use. And I've looked into such an agreement to see what they do, and apparently they reserve the right to look at your screen's displayed contents. What. The. F-
I would really like to use this device as it is an upgrade over my current phone, but man, I'm not using it with the default software. For this reason I came here to ask about which custom ROMs are good for my purposes. I would like something that has few invasive features and other spyware, and is also relatively open for customization and such as I like to be in control of the hardware I own.
Thanks in advance for any replies.
I have yet to find a device specific ROM for this phone. Apparently they're hard to develop because the chip manufacturer (Mediatek) doesn't release their source code? You could try a GSI but that's beyond my skillset.
To make me feel a bit better about my privacy I've used Debloater to uninstall the bloat that I don't want on the phone at all. I then use AFWall+ to block the apps that I want to use but don't trust from accessing the internet.
Note that this requires rooting your phone, but that's straightforward these days.
Hi, thanks for the reply.
I'm new to the community. Could you please explain me what a GSI is?
Those things sound like a good idea for the time being. I'll look into them when I have more time. As for rooting, I'm sure there's countless of guides out there. If you know a good one I'd appreciate it, but I'm sure that out of everything, this is the one thing I'll easily manage myself.
Though while this is a good temporary solution, I still feel uneasy about it as it's not necessarily specific apps, but the OS itself that does the spying, so I think I'll wait and see if someone else replies with more suggestions. Perhaps someone in this forum is some kind of custom ROM genius. Despite that, I really appreciate your reply and not getting judged for being new. Have a nice day/evening/morning (depending on your time zone).
A GSI is a Generic System Image - basically it's a ROM that isn't tailored to a specific device, but will broadly work on any device. However this means that it's likely to be a little bit buggy on most devices. I don't know much about GSIs, but I'm sure there are threads on here.
I believe that the only Android 11 GSI that is still maintained is the Google GSI. You'd want the aosp_arm64_ab build for this device I think. I have no idea how well this would work, I don't even know how you'd flash it!
This is my guide for rooting this phone, it's pretty straightforward I think, once you've got the bootloader unlocked.
Root POCO M4 Pro 4G (fleur) using Magisk
Rooting the POCO M4 Pro 4G (fleur) turned out to be quite straightforward. Note, I have a 2201117PG (EEA), you may have a different experience, it's not my fault if you brick your phone etc. Backup before you start as this will wipe your phone...
forum.xda-developers.com
Well, if - as it seems - the device support GSI builds, you can go with \e\ (aka deGoogled-Lineage):
Topics tagged gsi
Topics tagged gsi
community.e.foundation
No custom rom due to mediatek chipset , should have bought snapdragon device
Aj_$tyle$ said:
No custom rom due to mediatek chipset , should have bought snapdragon device
Click to expand...
Click to collapse
BTW Generic System Images works on *any* treble-compatible (= Android 8+) SoC...
forart.eu said:
BTW Generic System Images works on *any* treble-compatible (= Android 8+) SoC...
Click to expand...
Click to collapse
GSI has bugs in poco m4 pro
Aj_$tyle$ said:
GSI has bugs in poco m4 pro
Click to expand...
Click to collapse
What bug?
Aj_$tyle$ said:
GSI has bugs in poco m4 pro
Click to expand...
Click to collapse
Please report @ \e\ community then:
GSI
Find details about the work done and progress made on Generic System Image (GSI) for /e/ in this section.
community.e.foundation
Gliese 832 c said:
Hi everyone,
let me preface this with saying that I have searched for similar threads to avoid redundant threads, and I didn't find anything similar to this. I apologize in case I somehow missed it and am accidentally making a duplicate thread. That said, let's continue.
I recently got a Xiaomi Redmi Note 11S. I really love the hardware - it's pretty good for its price; the battery capacity is high, I like the 90Hz refresh rate and the AMOLED screen, decent storage capacity, and the 33W fast charging is really cool too.
The software, however, is another story. Firstly, there is a lot of bloatware. Various stores, games, etc. that I never asked for. And even worse, secondly, on every corner there is a privacy violation. Every time I clicked on a different app, I needed to accept a different user agreement, privacy policy, or something similar. The camera app literally requires an internet connection and yet another ToS agreement to use. And I've looked into such an agreement to see what they do, and apparently they reserve the right to look at your screen's displayed contents. What. The. F-
I would really like to use this device as it is an upgrade over my current phone, but man, I'm not using it with the default software. For this reason I came here to ask about which custom ROMs are good for my purposes. I would like something that has few invasive features and other spyware, and is also relatively open for customization and such as I like to be in control of the hardware I own.
Thanks in advance for any replies.
Click to expand...
Click to collapse
The most privacy friendly rom is GrapheneOS but it only supports Pixel devices sadly.