Several devices hacked, many dirrefent brands.. - Android Q&A, Help & Troubleshooting

Hi!
It has recently come to my attention that all och my devices somehow has been hacked. Also people in my surrounding, ex. family and friends devices seems to have been compromised! The devices affected includes, but is not limited to, Samsung galaxy s4, s5, s6, s6 edge plus, nexus 6P, Sony Xperia Z1 compact, Apple iphone 6 etc. Some of the devices was rooted, other were completely stock.
The attacker have somehow gained full control of the phones and used them to listen to coversations, download files, track via GPS etc etc..
My question now is How could this happen?
I am fairly concerned about my privacy in normal cases so I am absolutely sure that they haven't had physical access to my phone. And it seems far fetched that they would have gotten access to all of the phones that have been compromised without getting caught even once!
Now all of my devices are newly flashed and formatted, do you think that the malware they use could have survive that?
If you miss some information or need to know anything else, feel free to ask and I will answer as soon as I can!
Thank you!
Re-post due to wrong forum..

Is there no one who knows how this works? Please help us understand?

Related

How can i fake it? (rebranding a phone)

Hi guys,
The company i work in allows only Samsung phones - which is ridiculous since it's all android.
I have Xperia P and i want to use it as a company phone (to have access to email etc) - i do not want to continue using Samsung!
They gave me the S3 mini...
Is there a way so i can make my XP look like it's S3 mini? What would need to be changed? How would i do it?
There is no special software involved for company emails, only Mobile iron & Touchdown apps which are both on the play store.
This would really help me in the long run! Some day i want to upgrade to Xperia Z1 Compact and not use Samsung...
10x
Astral07 said:
Hi guys,
The company i work in allows only Samsung phones - which is ridiculous since it's all android.
I have Xperia P and i want to use it as a company phone (to have access to email etc) - i do not want to continue using Samsung!
They gave me the S3 mini...
Is there a way so i can make my XP look like it's S3 mini? What would need to be changed? How would i do it?
There is no special software involved for company emails, only Mobile iron & Touchdown apps which are both on the play store.
This would really help me in the long run! Some day i want to upgrade to Xperia Z1 Compact and not use Samsung...
10x
Click to expand...
Click to collapse
Unauthorized tampering with company stuff is going to get you fired. Running a rooted phone is probably going to get you fired as well.
Try to talk with someone with authority and ask them to explain why this is in effect and if they can't make exceptions.
That said, you cannot change physical appearence. Hardware won't fit, it never does. The fun fact is that both phones have very similar specs, and they both use a Novathor SoC.
The software is easier to fool. Android reads the phone name and manufacturer from the build.prop in /system/
As long as you change only the name and not the actual hardware settings in that file, it should work ok. Make backups before doing this.
And let me repeat it, if someone with authority catches you using a non-approved phone to do company stuff, you will likely get fired.
Hey, thanks for your answer!
Maybe i did not make myself clear...i was never thinking of changing the appearence of the phone. Only the software.
I'm working in this company for many years...don't worry about me, but thanks for the warnings.
Unfortunately, the official answer is - the software is not compatible. Anyone with some brains can tell that is BS but ok.
It's a big company, nobody will check my phone, but when i connect they will see which brand it is, so that's the only thing i have to change.
I found this so i'll give it a try: http://forum.xda-developers.com/showthread.php?t=1948558
yeah, that guide does what I was talking about in my post.
Changing phone brand and manufacturer affects Play Store as well. (Play store does limit available apps depending on phone model). In your case you probably won't be able to download sony-only apps (which is no big loss if you ask me).
In the past people changed build.prop to disguise random devices as Nexus 7 tablets so they could download all possible apps for their Android version.
Btw, if you manage to sidestep their "security measures" with a build.prop edit, their security department isn't worth a dime.
For their own good, I hope that they did enact a more serious security system to lock out non-company phones.
Well i will still use the company SIM card. We have no access to any of the company systems through the phone, only the emails.
Nobody can install Mobile Iron settings if they don't connect to the correct server and provide a PIN (which i have) to install all neccessary certificates etc.
We'll see what happens, i might just try it to see if it works, then decide if i'll use it or not.
Thanks
Change it in the build.prop, you're modifying your own device not the companies.
The phones are almost the same though anyway:
http://www.gsmarena.com/compare.php3?idPhone1=5033&idPhone2=4436
Why dont you just use the samsung? It has better battery by the way :good:

My rant about At&t and I why I am angry with them about my predicament with my s7.

My rant about At&t and I why I am angry with them about my predicament with my s7.
PLEASE READ DISCLAIMER AT THE BOTTOM AND ALL ASTRICKED ITEMS. READ AT YOUR OWN RISK.
YOU HAVE BEEN WARNED.
I will say how disappointed in at&t I am; it should be illegal to lock phones like this. The last samsung galaxy able to be rooted was the s4 and note 2 (don't quote me on that is was guestimation). But like all the idiots caught up in the buzz of owning the newest device, I got burned by the note 4. Fool me once shame on you, but fool me twice shame on me. I got burned again on the s7, and developers on here have basically given up rooting anything else (since the note 4 crisis there's a large bounty for whomever get the first permaroot) . Maybe if millions of us write to samsung about how at&t is ruining their products, they could do something about this travesty. <b>
Well if could some root required apps to work on my phone I would be much happier. I can't even use the current version of lucky patcher, how stupid is that. <b>
If your phone isn't rooted or have never felt the joy of a rooted phone (it is like endless possibilities all in the palm of your hand), and if you don't know what rooting is, get a clue, (Google it). Beg, barrow, steal one from a guy the next County over, forge one, trade for one, find one, save up for 3 months to buy one on eBay, I don't care how you get a clue, but you need one. The ability to Root our phone should be a fundamental right. (particularly with what went on with Apple and the FBI in California) We buy the phone, pay for it's service, then you treat us like we somehow don't know something has changed. (All the sudden "security updates that happen right after finding root for other devices and then people update their devices and it is gone back to square one.) Who is going to be responsible for all the millions of phones that are going to be trash because of this?
(because now on certain devices it softbricks the phone, sure it roots it, but what good is a rooted phone when you can't use it? (I relate it to something close to ransomware, on a computer, where software hold it (the computer) hostage until you meet the criminal's demands (usually money), so that you can get your computer back, and then sometimes they just leave it in place. (nasty crap fun to get rid of without reinstalling the OS) In this case it holds your phone hostage until you meet at&t's demands of "removing non at&t software", and until such time that the software is removed it remains bricked. If you have this issue, which I have only seen it mentioned a handful of time, and happen to have a Samsung device (with or without warranty) they will fix for free and even pay shipping both ways (now that's how you keep customers happy) I still have this issue as I have not sent my phone in yet and if someone knows how to fix it I would like to know. It goes from the ransom page with the padlock unlocked and warnings from at&t, then it goes to a second page saying that I have a Reactivation Lock in place. I have tried everything stated on the forum about RL, but my case is unique because of my stupid idea of seeing if king root had figured out how to root note 4 at&t sm-N910A version. To answer your question did it work, yes and no. Read the bricking bit above.)
Surely not your loyal customers, surely not the one who actually make and put their name on the phone, no I blame the cell phone companies. They have gotten to big for their own shoes on this one, they stepped in a giant pile of it. How many millions of customers have you lost at&t? Hmmm? Answer that one. Maybe I'll be the next to jump ship, sprint has a great plan, half the price, and they'll pay our way out of the eta( early termination fee(s) ln case you didn't know) up to 600 USD on each line. Sounds good to where do I sign, oh you need to take my piece of it phone and trade it for one the COMES with an unlocked bootloader. Take it I never wanted this piece of it to begin with. Bye At&t, you had a good ride with most of us for longer than a decade, but you done shot yourself in the foot on this one. You should have never changed your name and started in the cell phone business. South Western Bell is dead, and this monstrosity that has been created is nothing more than a shell of its former company, what a bunch of sell outs. I hope you sleep good at night knowing how many people are cursing your name from every roof top and highest building. You don't play with other people's it. It isn't proper nor is it called for. Some customers will be loyal to the end, but I am sick of all the red tape and garbage we have to put up with. Higher rates for the same service? Do you think we are stupid?
DISCLAIMER
*PLEASE NOTE THAT THIS IS MY OWN OPINIONS. IT IS AIMED AT AT&T, AND THEIR INABILITY TO LEAVE A GOOD THING ALONE. IT IS NOT MEANT TO OFFEND US NORMAL FOLK THAT PAY RIDICULOUS PHONE BILLS EVERY MONTH. IF YOU ARE ONE OF THESE PEOPLE AND YOU FIND THIS OFFENSIVE I AM SORRY. I NEVER CUSSED OR SAID ANYTHING OFFENSIVE ABOUT OR TO AN INDIVIDUAL. *
*ANY INSTANCES OF "IT" THAT ARE EXTRAGRAMMATIC ARE A CUSS WORD IN DISGUISE AND IS SELF EXPLANATORY*
PLEASE FEEL FREE TO COMMENT WITH YOUR OWN OPINIONS THIS A JUDGEMENT FREE ZONE, SO PUT SOME FEELING IN IT. OCCASIONAL SWEARING IS TO BE EXPECTED (AS LONG AS IT IS OK WITHIN THE POLICIES OF XDA IF DOUBT DON'T DO IT.).
ANY HELP WITH ABOVE STATED ISSUE PLEASE LINK BELOW SO THE POST ENDS UP IN THE PROPER SECTION (TROUBLESHOOTING AND WHATNOT).
ANYTHING FOUND IN PARENTHESES WAS ADDED FOR CLARIFICATION PURPOSES, AND NOT MEANT TO DEMEAN ANYONE. THERE ARE PEOPLE WHO DO NOT KNOW THE TERM OF KNOWLEDGY.
IF ANYTHING IN THIS RANT HAS BEEN MISREPRESENTED OR IS INCORRECT PLEASE BRING TO MY ATTENTION.
THANK YOU TO ANYONE WHO ACTUALLY READ ALL THIS.
God bless and peace out,
Kelentaria
I switched to AT&T because of direcTV unlimited (saves me 15 bucks a month from what I was paying). I don't really care much about having root access, but I do care about being able to erase the bloat on the phone. Bloat should be optional software, not burned into the OS. Look at Windows for a PC. If you don't want an app that came preloaded, you simply uninstall it. How is that even legal to have software stuck on your phone, which you have no idea what it is doing in the background and also claim you have 32gigs of storage, but you actually only have 19?
I see some of your points, but the whole rooting thing will be an uphill battle. Each company is required by law to patch exploits that allow the system to be compromised. Unless Google makes root access standard (meaning easily unlocked with an app etc) you won't see it again , and if you do, rarely.
I could forgive them for the root issue, but not for the bloat, lack of WiFi calling on android devices, etc.
Your points and opinion is well taken here as a fellow ATT user. We won't even get Samsung to move on rooting and bootloader unlocking since they're path is the business level users. That's mostly to do with all of us modder folks being in the small minority when it comes to purchasing their phones. There should be an option to unlock the bootloader from them directly. Basically them allowing us to either choose to void our warranty to unlock the bootloader which relieves them of the responsibility of folks blaming them for their choice of modding the phone. Similar to the HTC process. But again this is my opinion. ATT on the other hand has been a constant pain with not being consumer friendly for the last 4 years from my guestimation.
psufan5 said:
I switched to AT&T because of direcTV unlimited (saves me 15 bucks a month from what I was paying). I don't really care much about having root access, but I do care about being able to erase the bloat on the phone. Bloat should be optional software, not burned into the OS. Look at Windows for a PC. If you don't want an app that came preloaded, you simply uninstall it. How is that even legal to have software stuck on your phone, which you have no idea what it is doing in the background and also claim you have 32gigs of storage, but you actually only have 19?
I see some of your points, but the whole rooting thing will be an uphill battle. Each company is required by law to patch exploits that allow the system to be compromised. Unless Google makes root access standard (meaning easily unlocked with an app etc) you won't see it again , and if you do, rarely.
I could forgive them for the root issue, but not for the bloat, lack of WiFi calling on android devices, etc.
Click to expand...
Click to collapse
I suggest you try Package Disabler Pro, its a small price to pay but it works perfectly disabling bloat from Samsung devices. It is not root but at the very least it helps make touchwiz bearable.
---------- Post added at 02:58 PM ---------- Previous post was at 02:54 PM ----------
I don't think there is a single ATT user that doesn't share your opinion but nowadays we all know what we are getting into with them. Only the Nexus line remains untouched but with the recent surge in mobile payment use the manufacturers are locking down phones harder than eve, one the plus side it helps maintain security and protect your hard earned money but sadly some sacrifices must be made. My only wish is that Samsung would finally see the light and at the very least give us the option of stock android in their devices, a tall order I know but one that would be met with enthusiasm.
glm0025 said:
I suggest you try Package Disabler Pro, its a small price to pay but it works perfectly disabling bloat from Samsung devices. It is not root but at the very least it helps make touchwiz bearable.
---------- Post added at 02:58 PM ---------- Previous post was at 02:54 PM ----------
I don't think there is a single ATT user that doesn't share your opinion but nowadays we all know what we are getting into with them. Only the Nexus line remains untouched but with the recent surge in mobile payment use the manufacturers are locking down phones harder than eve, one the plus side it helps maintain security and protect your hard earned money but sadly some sacrifices must be made. My only wish is that Samsung would finally see the light and at the very least give us the option of stock android in their devices, a tall order I know but one that would be met with enthusiasm.
Click to expand...
Click to collapse
Ive done that, but the bloat still takes up a huge chunk of space - the APKs are just disabled
there hasn't been a bootloader unlocked at&t galaxy since the S3. The S4 was bootloader locked, but anyone with AMDL firmware (the second OTA) could bypass the bootloader and load ROMs that way. Anyone that updated past that was stuck with bootstrapped ROMs. The S4 was never bootloader unlocked ever.
psufan5 said:
Ive done that, but the bloat still takes up a huge chunk of space - the APKs are just disabled
Click to expand...
Click to collapse
Rooted or not, you wouldn't get that space back. The pre-installed crud is installed on the system partition which is a separate space from where user apps (and all data) are stored. If you rooted and deleted those apps, the space would just go unused. (And really, those apps don't take up much space in storage.)
On the other hand, there are things in the AT&T preload that can't be disabled. Some might be daemons that load before (and outside the scope of) android, and others are embedded deep into the existing modules (such as systemUI.) For example, AT&T still uses a variation of carrier IQ software for analytics.
However, even if you had root, you couldn't easily get rid of those things without completely changing the firmware to something else. Once you did that, you'd also lose AT&T variant specific things such as AT&T's implementation of VoLTE, video calling, etc. (Just because other firmware might support features by the same name, it doesn't mean that they'll work on AT&T's network.)
My biggest complaint these days with AT&T variants is that AT&T blocks important system updates. Even VERIZON has become better about releasing firmware updates and upgrades for android phones when compared to AT&T. (Verizon used to hold the crown of being the absolute LAST carrier to update their phones... but no more. Now AT&T clearly owns it.)
Here's the funny thing: AT&T claims that they are locking down bootloaders and such in order to have a higher level of security for business customers. Yet, by taking MONTHS longer to release firmware updates, AT&T phones are often vulnerable to malicious exploits long after those exploits have been fixed by Samsung/HTC/etc.
garyd9 said:
Rooted or not, you wouldn't get that space back. The pre-installed crud is installed on the system partition which is a separate space from where user apps (and all data) are stored. If you rooted and deleted those apps, the space would just go unused. (And really, those apps don't take up much space in storage.)
On the other hand, there are things in the AT&T preload that can't be disabled. Some might be daemons that load before (and outside the scope of) android, and others are embedded deep into the existing modules (such as systemUI.) For example, AT&T still uses a variation of carrier IQ software for analytics.
However, even if you had root, you couldn't easily get rid of those things without completely changing the firmware to something else. Once you did that, you'd also lose AT&T variant specific things such as AT&T's implementation of VoLTE, video calling, etc. (Just because other firmware might support features by the same name, it doesn't mean that they'll work on AT&T's network.)
My biggest complaint these days with AT&T variants is that AT&T blocks important system updates. Even VERIZON has become better about releasing firmware updates and upgrades for android phones when compared to AT&T. (Verizon used to hold the crown of being the absolute LAST carrier to update their phones... but no more. Now AT&T clearly owns it.)
Here's the funny thing: AT&T claims that they are locking down bootloaders and such in order to have a higher level of security for business customers. Yet, by taking MONTHS longer to release firmware updates, AT&T phones are often vulnerable to malicious exploits long after those exploits have been fixed by Samsung/HTC/etc.
Click to expand...
Click to collapse
Bootloader is locked down for one reason - stop tethering on unlimited plans.
Thats about it.
psufan5 said:
Bootloader is locked down for one reason - stop tethering on unlimited plans.
Thats about it.
Click to expand...
Click to collapse
You are misinformed.
I completely agree that the situation sucks. I know that this will fall over into the Note 6, and that saddens me. That is why I set up camp on the Apple side of the fence. They are always hacking into ios somehow (no fragmentation i guess?), and the OS, while still not as open as Android has matured a little. I do miss Android, but Samsung was my home, and it isn't easy switching to another OEM when their hardware designs are so different (no physical home button).
I happen to work for Sprint (for the time being), and the prices are better, but our systems suck, and our business practices are kind of shady. Hopefully I don't get into any trouble for this, but customers deserve to know the whole story. Example: a gentleman came in to get a new sim card for his S4 Mini. Now with at&t, you just go get a sim card, and all you have to worry about is standard/micro/nano. With Sprint, however, each size sim card has a wide variety of skus (barcodes), and we use a tool to see which ones are compatible with the device in question. In this guy's case, Sprint had discontinued the only sim card that would work with his phone.
To put it plainly, we force ultimatums on our customers; buy another phone, or do without. I'm actually ashamed to work for this company.
What sickens me is that they disable perfectly fine features to replace them with their crapware. I like their network coverage, but I'm really doubtful if I would/should stay with At&t anymore. I personally don't care much about the bootloader, but the fact that they are doing this sort of thing without facing any sort of push-back, is what annoys me.
sireniankyle said:
I completely agree that the situation sucks. I know that this will fall over into the Note 6, and that saddens me. That is why I set up camp on the Apple side of the fence. They are always hacking into ios somehow (no fragmentation i guess?), and the OS, while still not as open as Android has matured a little. I do miss Android, but Samsung was my home, and it isn't easy switching to another OEM when their hardware designs are so different (no physical home button).
I happen to work for Sprint (for the time being), and the prices are better, but our systems suck, and our business practices are kind of shady. Hopefully I don't get into any trouble for this, but customers deserve to know the whole story. Example: a gentleman came in to get a new sim card for his S4 Mini. Now with at&t, you just go get a sim card, and all you have to worry about is standard/micro/nano. With Sprint, however, each size sim card has a wide variety of skus (barcodes), and we use a tool to see which ones are compatible with the device in question. In this guy's case, Sprint had discontinued the only sim card that would work with his phone.
To put it plainly, we force ultimatums on our customers; buy another phone, or do without. I'm actually ashamed to work for this company.
Click to expand...
Click to collapse
I get what you are saying 100% but the only problem for me is that a locked down Android device does more than a jailbreaked iPhone any day of the week.,at the end of the day Android is still more open than IOS. As of right now Marshmallow has proven good enough for me that I'm not missing root or custom roms, that I would root and unlock if I had the chance you better believe it but even 6.0 Touchwiz is bearable right now.
glm0025 said:
I get what you are saying 100% but the only problem for me is that a locked down Android device does more than a jailbreaked iPhone any day of the week.,at the end of the day Android is still more open than IOS. As of right now Marshmallow has proven good enough for me that I'm not missing root or custom roms, that I would root and unlock if I had the chance you better believe it but even 6.0 Touchwiz is bearable right now.
Click to expand...
Click to collapse
It heavily depends on how well you know Cydia. . You can change everything about the layout in an iphone through winterboard or dreamboard. You can customize power options, and assign on screen and button shortcuts no matter where you are on the device (app, home screen, locked). Ad blocker, free spotify premium, a youtube downloader built into youtube, custom carrier logos, system wide night mode, keyboard sub symbols, finger print locked apps, remove the media cap in imessage or text messages, enable zedge ringtone downloads, kill all background apps, pop out video for any app, and custom folder sizes.
I can agree that a few of those are just catching up with Android, but a system wide on or off wifi ad blocker is something that only root can do. There are some things, like the no media cap in messages, that even a rooted android device can't technically do (depends on the carrier I suppose), because they don't go through Apple servers.
This isn't me crapping on Android. I love Android. I just needed a place to hold up until Samsung gets it together. I refuse to buy their locked up garbage anymore. The htc 10 is looking pretty good, too, but I was hoping for something with amoled.
Just so everyone is clear, we dont discuss piracy or fraud or such on XDA.
App developers work hard for their money, trust me it is hard to earn a living at 99cents a pop. Lets support our developers instead of supporting theft.
You're dumb. You're *****ing about a $600 term fee which is impossible for a single line. Buy your phone international or unlocked if this is such an issue for you and stop whining. The ATT model of phones are NOT for power users. Plain and simple. I'm surprised so many people are taking the time to read you *****ing.
This post is so funny...
You are all over the place with your words, your thoughts and your anger.
Why would you purchase the S7 on AT&T if you already knew all of this?
Especially if this has already happened to you with your Note 4?
End of the day, most of the customers who use AT&T have no idea about root. They have no care or concern about these things.
People like us, on XDA, who love to root and customize our phones have to understand that there is a paradigm shift in Android (particularly in regards to Samsung devices) that focuses on security rather than customization. Especially when dealing with Carrier phones. The bloat, the locked bootloader, the restrictions all have their reasons for existing.
Especially when Samsung is amidst a global (albeit slow) roll out of Samsung Pay. Trying to align themselves ever so closely with Apple in terms of quality and brand recognition.
Samsung Pay will NEVER work on a rooted phone, EVER! Doesn't matter if you restore stock firmware etc...
Carriers also have their reasons as well...
There are plenty of reasons why they both do it, most of which I don't want to sit here and write out one by one. Like you said in your post... Google it.
End of the day, if you want to root or customize your device then you should do your research before dropping $700+ on a phone.
Plenty of bloat free, bootloader unlocked, international and non carrier phones available for you to achieve root and enjoy Android.
Coming on here and posting a wall of whine just makes you look silly and childish.
Yes, it sucks... I share your annoyance as I'm sure many other AT&T/XDA members do as well - for years now.
End of the day, these mega corporations don't care about you or what makes you happy. It's a business, their business, deal with it. We all have to... If you want to protest, protest with your wallet.
HNIC215 said:
Samsung Pay will NEVER work on a rooted phone, EVER! Doesn't matter if you restore stock firmware etc...
Click to expand...
Click to collapse
While I tend to agree with the majority of your post, I think this one statement I quoted might be a bit too absolute.
My understanding of SPay is that it relies on the KNOX fuse to determine if a phone is modified. If true, then if an exploit is discovered and implemented which grants root without tripping KNOX, then SPay could possibly work on a rooted device. (Hiding root is doable, and supersu has been playing the cat/mouse game with Android Pay for several months on this...)
The galaxy S6 was rootable without tripping KNOX when it was initially released...
Of course, it's possible that there's something in the samsung firmware that will immediately trip KNOX if root is even detected. If so, it's something new that hasn't been there before. Previously, tripping KNOX required an action at the bootloader level - and usually occurred when an image not signed by samsung was flashed via ODIN.
Moving slightly off topic...
The problem, in my opinion, isn't that root can't be gained. There are plenty of exploits for gaining privileges that either Samsung takes too long to patch, or that the carriers (specifically AT&T) take too long to release the patches for. (AT&T is already 2 months behind on the S7's security patches. Those are patches for security concerns that are now publicly announced and should be easily exploited by reverse engineering the fixes that google publishes.)
The real problem is that people who would develop and publish a root method for hobbyists don't care anymore. Those people aren't going to buy a bootloader locked S7. Either they'll buy a different phone entirely (from a manufacturer that's more dev friendly), or they'll buy a non-carrier model that isn't bootloader locked. (Actually, there's another group, but it's very small: Industry insiders who are constrained by legal agreements (such as NDA's) preventing them from releasing anything they might come up with.)
garyd9 said:
While I tend to agree with the majority of your post, I think this one statement I quoted might be a bit too absolute.
Click to expand...
Click to collapse
That's what a Samsung Rep told me when I had the international Note 5 and wanted to know if I would be able to use Samsung Pay here in the states.
First, they said Samsung Pay would have to be available in the device's country of origin.
Second, they said the device can NEVER be rooted. If the device is rooted, it will NEVER be able to run Samsung Pay on it for the remainder of its life. Regardless if you restore with stock firmware and unroot.
Which makes sense actually when you think about it.
Apple is and has been synonymous with security and safety - in general but especially in regards to Apple Pay.
Samsung has always been considered the "Apple" or "iPhone" of the Android world - this statement holds true now more than ever before.
With Samsung Pay being released globally (slowly but surely)... Samsung will not risk the security of their platform by any means at all.
Letting users gain root access to their devices can potentially expose parts of their secure Samsung Pay platform and risk a major security or privacy incident that would lead to global fallout regardless of where the incident took place.
They will never allow this - especially with the progress they have made over the years to build a premium brand.
With the S7 and S7 Edge - they further that tradition and bring more security than ever.
Don't take my word for it...
Samsung Knox recognised as the strongest mobile security platform
Samsung has received strongest ratings for its mobile security platform Knox in areas including authentication methods, encryption management, jailbreak or root protection and application vetting.
Click to expand...
Click to collapse
The latest version of Knox is currently available for Galaxy S7 and S7 Edge and optimised for Android 6.0 Marshmallow.
Click to expand...
Click to collapse
According to a report, Mobile Device Security: A comparison of Platforms by renowned market analyst firm Gartner, Samsung's latest security platform Knox version 2.6 got the most strong ratings for any mobile security platform. The firm analysed the core OS security features built into a total of 12 mobile device platforms as well as enterprise management capabilities. Samsung also managed to gain leadership in mobile security market though Knox, coupled with Samsung Pay.
Click to expand...
Click to collapse
Source:
http://www.ibtimes.co.uk/samsung-knox-recognised-strongest-mobile-security-platform-1554836
HNIC215 said:
That's what a Samsung Rep told me when I had the international Note 5 and wanted to know if I would be able to use Samsung Pay here in the states.
Click to expand...
Click to collapse
Okay.. I wonder if he's related to one of the "samsung reps" that work in Best Buy stores.... or the ones that come visit AT&T stores on occasion. For the most part, they are really good in reciting the marketing material, but when it comes to details, they are clueless. In fact, at least as bad as Radio Shack sales people.
"KNOX" is a confusing term.
First, there's "KNOX" as a software security suite that is very closely related to what google calls "Android for Work." Both are basically a "secure" and private container/sandbox. The idea is that you take a personal smartphone to work and can run "work" apps that are completely sandboxes from personal apps. This has nothing whatsoever to do with SPay. SPay doesn't make use of this element of KNOX.
KNOX is also the name of a fuse in the device (which is likely a qualcomm "qfuse" in the SD820 S7's) that trips when the bootloader detects an unsigned kernel/recovery. _THIS_ is the KNOX that relates to SPay. Real human beings (not samsung sales or support reps) have confirmed that once the KNOX fuse is tripped, it prevents SPay from working. (It also prevents KNOX, the software suite mentioned above, from working.)
Now I need to express things in strange ways, and I hope you'll forgive the odd phrasing:
As far as devs on XDA and other sites similar to XDA have been able to determine, "root" does not prevent SPay from functioning. In fact, my understanding is that there are people who rooted their Galaxy S6 without tripping the KNOX fuse, later reverted to factory firmware, allowed the phone to OTA to newer firmware that included SPay, and SPay worked fine. However, there are others who have tripped the KNOX fuse while rooted who can no longer use SPay. The key here is that KNOX fuse...
I can say with a very large degree of confidence that SPay will work just fine if you happened to had a device that somehow had a working "su" binary in the path AND KNOX wasn't tripped. That might happen if the bootloader was designed to not trip KNOX... such as someone who developed software for preloads might have on a test device. Based only on information in the public domain, it might also happen if an exploit was found that didn't require flashing a custom kernel, recovery, etc.
It's POSSIBLE, and I actually don't know this, that the firmware released on these devices publicly has code to force tripping the KNOX fuse if root is detected. The galaxy S6 did NOT have this mechanism when towel root (or whatever root method it was) worked on it. I somehow doubt that samsung would have added this to the firmware, as there's too great a chance for a false positive, and tripping that KNOX flag is permanent.
In android user terms, a "rooted" device is merely a device that has a working suid "su" binary in the path owned by the 'root' user. (Later versions of android also require some sepolicy changes, but that's outside the scope of this thread.) That binary might be on /system or it might be in the kernel partition. However, neither is a permanent change to the device, and therefore it can be removed with no trace.
garyd9 said:
Okay.. I wonder if he's related to one of the "samsung reps" that work in Best Buy stores.... or the ones that come visit AT&T stores on occasion. For the most part, they are really good in reciting the marketing material, but when it comes to details, they are clueless. In fact, at least as bad as Radio Shack sales people.
Click to expand...
Click to collapse
No this wasn't in person... Nor was it someone from the states (from what I could tell).
It was with a technician over the phone because the first customer service rep had no idea - so she transferred me to a technician.
Regardless, there is no point in discussing this endlessly.
There are already plenty of folks out there who are trying to solve this issue, only time will tell if they can succeed.
Let's see what happens.

Reposting from Galaxy S5 forum

Heyyo heyyo. "I've got an Android G5 running 7.0 software, it's a LGUS992 and the carrier is under US Celluar.
I know this is going to sound like some tinfoil hat **** and someone who's hearing things, hallucinating, etc but without a doubt. 100 %. someone in my community has access to my phone [and my Chromebook, actually] I'm not very computer savvy but I know there are means through which you /might/ be able to do this kind of thing- stealing wifi, malware or spyware, keylogging, some kind of physical device, etc
I've heard people mention things as specific as individual songs I'm listening to, passwords I've used, things I've typed, etc. Like literally /everything and anything/ I'll do on my phone, I know people have access to and I absolutely need to know how this is being done and how I could stop it, I've been a phone addict for years, use mine for both professional and personal purposes, and since I live out of state from most of my family and friends it's literally the /only/ way I can talk to 99 % of the people I know. My life is already in the dumps, so to lose my main access to a ton of the important people and things in my life is soul crushing and whoever does this doesn't care at all.
It's not just something that could be from my Gmail account being linked through my devices and then hacked. I've heard mention of texts, etc. Phone only, offline stuff. Does this sound like something that could be done and if so, evaded somehow? I even considered that the park I live in might have cameras inside the places but that wouldn't explain why I hear about **** I'm doing no matter where it's done
I've changed my phone password, Gmail password, Skype password, Youtube password, put on a PIN, put on fingerprint access for my phone, blocked off unfamiliar MAC addresses on my router and this has still continued. Someone in the Galaxy S5 forum said I could try "resetting the whole thing - meaning all partitions on it - to stock configuration via a special tool." but like I said, I'm not computer or phone savvy so I wouldn't know how to or if this'd even fix the problem

Serious ways to bypass a screen lock without data loss

Hello all,
In my circle of friends there was a suicide case and I was asked by the family if I would be able to remove a screen lock from a Samsung Galaxy S21. The family can't explain why their son killed himself and would like answers to all their questions. They assume that there is information on the phone or reasons for the suicide.
Are there any serious ways to get around such a block? I don't have much information about the device yet, nor do I currently have it with me. Maybe there are exploits or bruteforce toolkits to bypass the lockscreen. Programs like Tenorshare 4uKey or PassFab Android Unlocker are probably scam or?
I will get the device in the next week and could provide more information then.
Currently the following information is available:
Device Model: Samsung Galaxy S21 5G | Samsung SM-G991B | Android 11 | One UI 3.1
Mobile contract: active
SMS PIN & PUK: available
Google account credentials: available and valid and linked to the device but no backups available in Google Drive
Samsung account credentials: present and valid but not associated with the device so no backups available
Does the approach via Kali Nethunter and a HID keyboard attack work with a current Android Samsung Galaxy S21 bruteforcing or do you always get into the temporally increasing lock?
A data recovery $pecialist might be able to, ask the police for assistance.
Find the password for the lockscreen, or maybe through their Gmail or Samsung accounts, again passwords needed.
I think if they wanted you in the phone they would have unlocked it...
blackhawk said:
A data recovery $pecialist might be able to, ask the police for assistance.
Find the password for the lockscreen, or maybe through their Gmail or Samsung accounts, again passwords needed.
I think if they wanted you in the phone they would have unlocked it...
Click to expand...
Click to collapse
This is not a helpful answer.
The police in this country does not help in such matters if it is assumed that no outside influence was involved.
A data recovery specialist also only executes toolkits or exploits. I am also able to do this if someone gives me a hint which toolkits or exploits would come into question for this model. I work as a sysadmin myself and therefore I am not completely untalented technically. I just lack information about which approach would be the best.
This is a community of people who like to hack their phones, not hack into other people's phones... which is considered unethical.
Are you serious?
You really think it's unethical when a 21 year old boy takes his own life overnight and the family just wants to know why their son did it? Sure, the boy was of age at 21 and can do with his life what he wants. Nevertheless, any clear-thinking person can understand that the family wants to know why the son did that.
I have no bad intentions and I am only trying to help the family. This is not about hacking a stolen cell phone. Then I would just do a factory reset and use the phone normally and not write this post here.
Yes, well... be that as it may.
With a screen lock in place you can't simply factory reset as you still be locked out.
I believe my original response was valid. It's not an easy nut to crack... by design.
Hello, i own a phone repair shop and i'm a relation with a person specialized in unlocking phones. He said me that he can bypass the lock screen and keep data on all samsung phones and he can do it remotly. Being in this business i don't trust him a lot about keeping data. One of my customer's son is dead and his family want to access his phone, they gave me his phone and they are agree to loose data if things dont go good so i'm gonna try with this guy and if you want i will give you a feedback.
Hi sorry to hear that this terrible situation happened around you.
I am in a similar situation. My cousin died suddenly and his sister asked be to recover pictures and videos because he filmed himself before try to end his life and she would like to find if there is any video that could help us understand better.
I'm trying to find ways to do that and so far I haven't but I wanted to share some information in case it could be helpful to someone.
I tried the iMobie Data Extractor. It is supposed to help recover data from "broken phone". I guess it's the closest thing I found that didn't look scammy and could work. After about a month of back and forth with their support person, I managed to replaced the OS using Odin (because the official software left my phone in a non-bootable state) replacing all partitions except User Data. Unfortunately, that didn't remove the lock (PIN). I'm not surprised since I didn't wipe the User Data.
From a security perspective, it is good that it is hard (impossible) to access data of a locked phone, but from a family emotional perspective, it is hard to have to tell my family that I failed.
I wish you good luck and please post here if you find a way.
be safe
Touftaf said:
Hello, i own a phone repair shop and i'm a relation with a person specialized in unlocking phones. He said me that he can bypass the lock screen and keep data on all samsung phones and he can do it remotly. Being in this business i don't trust him a lot about keeping data. One of my customer's son is dead and his family want to access his phone, they gave me his phone and they are agree to loose data if things dont go good so i'm gonna try with this guy and if you want i will give you a feedback.
Click to expand...
Click to collapse
What happened
I don't have easy-to-hear information for you. But I offer these words as a way to think about this situation.
I believe Samsung intentionally builds phones which are extremely hard to break into. This is a conscious design decision they make. Why? Because so many users do things like credit card payments, banking, and social media, where, if you lost your phone and a bad person found it, an easy-to-break-into device would have potentially catastrophic results. Aside from the harm to a user who lost a phone, Samsung themselves would be subjected to great reputational damage, too. It's bad press when it's easy to break into and steal something.
Also, you may not be able to break into the device, even with the help of a commercial vendor. Exploits in Android, when found, are patched regularly. A very smart person might have had a way to crack into a phone last week, last month, or last year. But again, Samsung intends to continually patch the software to keep it secure. They make a point to telling people that Samsung phones are patched for several years, so users will feel confident their data will be secure.
One suspects certain governments have police or security organizations who likely could break in, but they are unlikely to help in a personal situation, as you described.
Although this doesn't seem to apply to you, it's worth saying that Samsung phones are also backed up (by default) to their "cloud." It's possible that a lawyer might be able, with proper documentation of the owner's death, to get access to Samsung's (or Google's) cloud backup(s). I don't think it's easy though. Google, at least in the USA, allows the owner of an account to specify how Google should handle their data if they stop accessing their accounts. (I think Google treats an idle account as "dead" and for reasons like this, if you no longer want to use a vendor like Samsung or Google, you should proactively delete your account, not merely let it go idle.)
Anyone reading this post, might want to consider having what can be an uncomfortable conversation with your friends and family: "How would you like your friends and family handle your electronic, financial, and social accounts in the event of your death?"
Please, forgive me if any of this sounds insensitive. My father worked in insurance and as part of his job he knew all to well that all people eventually die. And how hard it is for those left behind to pick up the pieces, especially when secrets are involved. My family knows where to find my keys.

Pin Locked out of Canadian A10s

Recently had this phone given to me by a friend. Unfortunately, it was her kid's, and her kid cannot remember the pin, or what, if any protection she had on it, i.e. Samsung or Google, though, if any, I would suspect Google would be the one. Unfortunately, the friend is also locked out of her Amazon account right now (even Amazon's massive money still doesn't eliminate mistakes in their system), so getting details direct from Samsung that could help me out, if I had access to the receipt (I'm assuming, here, but reasonably, I think) is, for now, out, which very much sucks, because I'm presently using a dated LG, cannot afford anything at all (hence the donation of the phone), and Samsung is what I know, and am familliar with, and, in my opinion, with cause, as, from my (admittedly limited) experience, they are the most feature rich, and most customizable. What I am wondering is if there is a way to get around this issue with the limited access I have. I know there must be more than one way - it's been awhile (like s5 Neo awhile), but I've installed ROMS and "broken into" phones, before (no, not stolen!) - but I've used the internet in a far more limited way, for the last few years, now, and, since my elder days of tireless research and such, Google has changed dramatically, making it hard to find out anything, anymore, without sifting an ocean of clutter, and I don't know my way around, like I used to; internet and phone technology have both changed very fast, the past few years, and so, here I am. Any info needed, I will do my best to find out. Thanks in advance to anyone who can help!
https://forum.xda-developers.com/t/...-it-and-i-dont-remember-my-password-s.4542379

Categories

Resources